1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CHROME_RENDERER_CONTENT_SETTINGS_OBSERVER_H_
6 #define CHROME_RENDERER_CONTENT_SETTINGS_OBSERVER_H_
11 #include "components/content_settings/core/common/content_settings.h"
12 #include "components/content_settings/core/common/content_settings_types.h"
13 #include "content/public/renderer/render_frame_observer.h"
14 #include "content/public/renderer/render_frame_observer_tracker.h"
15 #include "third_party/WebKit/public/web/WebContentSettingsClient.h"
21 class WebSecurityOrigin
;
25 namespace extensions
{
30 // Handles blocking content per content settings for each RenderFrame.
31 class ContentSettingsObserver
32 : public content::RenderFrameObserver
,
33 public content::RenderFrameObserverTracker
<ContentSettingsObserver
>,
34 public blink::WebContentSettingsClient
{
36 // Set |should_whitelist| to true if |render_frame()| contains content that
37 // should be whitelisted for content settings.
38 ContentSettingsObserver(content::RenderFrame
* render_frame
,
39 extensions::Dispatcher
* extension_dispatcher
,
40 bool should_whitelist
);
41 ~ContentSettingsObserver() override
;
43 // Sets the content setting rules which back |AllowImage()|, |AllowScript()|,
44 // and |AllowScriptFromSource()|. |content_setting_rules| must outlive this
45 // |ContentSettingsObserver|.
46 void SetContentSettingRules(
47 const RendererContentSettingRules
* content_setting_rules
);
49 bool IsPluginTemporarilyAllowed(const std::string
& identifier
);
51 // Sends an IPC notification that the specified content type was blocked.
52 void DidBlockContentType(ContentSettingsType settings_type
);
54 // Sends an IPC notification that the specified content type was blocked
55 // with additional metadata.
56 void DidBlockContentType(ContentSettingsType settings_type
,
57 const base::string16
& details
);
59 // blink::WebContentSettingsClient implementation.
60 virtual bool allowDatabase(const blink::WebString
& name
,
61 const blink::WebString
& display_name
,
62 unsigned long estimated_size
) override
;
63 virtual void requestFileSystemAccessAsync(
64 const blink::WebPermissionCallbacks
& callbacks
) override
;
65 virtual bool allowImage(bool enabled_per_settings
,
66 const blink::WebURL
& image_url
) override
;
67 virtual bool allowIndexedDB(const blink::WebString
& name
,
68 const blink::WebSecurityOrigin
& origin
) override
;
69 virtual bool allowPlugins(bool enabled_per_settings
) override
;
70 virtual bool allowScript(bool enabled_per_settings
) override
;
71 virtual bool allowScriptFromSource(bool enabled_per_settings
,
72 const blink::WebURL
& script_url
) override
;
73 virtual bool allowStorage(bool local
) override
;
74 virtual bool allowReadFromClipboard(bool default_value
) override
;
75 virtual bool allowWriteToClipboard(bool default_value
) override
;
76 virtual bool allowMutationEvents(bool default_value
) override
;
77 virtual void didNotAllowPlugins() override
;
78 virtual void didNotAllowScript() override
;
79 virtual bool allowDisplayingInsecureContent(
80 bool allowed_per_settings
,
81 const blink::WebSecurityOrigin
& context
,
82 const blink::WebURL
& url
) override
;
83 virtual bool allowRunningInsecureContent(
84 bool allowed_per_settings
,
85 const blink::WebSecurityOrigin
& context
,
86 const blink::WebURL
& url
) override
;
88 // This is used for cases when the NPAPI plugins malfunction if used.
89 bool AreNPAPIPluginsBlocked() const;
92 FRIEND_TEST_ALL_PREFIXES(ContentSettingsObserverTest
, WhitelistedSchemes
);
93 FRIEND_TEST_ALL_PREFIXES(ChromeRenderViewTest
,
94 ContentSettingsInterstitialPages
);
95 FRIEND_TEST_ALL_PREFIXES(ChromeRenderViewTest
, PluginsTemporarilyAllowed
);
97 // RenderFrameObserver implementation.
98 bool OnMessageReceived(const IPC::Message
& message
) override
;
99 void DidCommitProvisionalLoad(bool is_new_navigation
,
100 bool is_same_page_navigation
) override
;
103 void OnLoadBlockedPlugins(const std::string
& identifier
);
104 void OnSetAsInterstitial();
105 void OnNPAPINotSupported();
106 void OnSetAllowDisplayingInsecureContent(bool allow
);
107 void OnSetAllowRunningInsecureContent(bool allow
);
108 void OnReloadFrame();
109 void OnRequestFileSystemAccessAsyncResponse(int request_id
, bool allowed
);
111 // Resets the |content_blocked_| array.
112 void ClearBlockedContentSettings();
114 // Whether the observed RenderFrame is for a platform app.
115 bool IsPlatformApp();
117 #if defined(ENABLE_EXTENSIONS)
118 // If |origin| corresponds to an installed extension, returns that extension.
119 // Otherwise returns NULL.
120 const extensions::Extension
* GetExtension(
121 const blink::WebSecurityOrigin
& origin
) const;
125 // True if |render_frame()| contains content that is white-listed for content
127 bool IsWhitelistedForContentSettings() const;
128 static bool IsWhitelistedForContentSettings(
129 const blink::WebSecurityOrigin
& origin
,
130 const GURL
& document_url
);
132 #if defined(ENABLE_EXTENSIONS)
133 // Owned by ChromeContentRendererClient and outlive us.
134 extensions::Dispatcher
* extension_dispatcher_
;
137 // Insecure content may be permitted for the duration of this render view.
138 bool allow_displaying_insecure_content_
;
139 bool allow_running_insecure_content_
;
141 // A pointer to content setting rules stored by the renderer. Normally, the
142 // |RendererContentSettingRules| object is owned by
143 // |ChromeRenderProcessObserver|. In the tests it is owned by the caller of
144 // |SetContentSettingRules|.
145 const RendererContentSettingRules
* content_setting_rules_
;
147 // Stores if images, scripts, and plugins have actually been blocked.
148 bool content_blocked_
[CONTENT_SETTINGS_NUM_TYPES
];
150 // Caches the result of AllowStorage.
151 typedef std::pair
<GURL
, bool> StoragePermissionsKey
;
152 std::map
<StoragePermissionsKey
, bool> cached_storage_permissions_
;
154 // Caches the result of |AllowScript|.
155 std::map
<blink::WebFrame
*, bool> cached_script_permissions_
;
157 std::set
<std::string
> temporarily_allowed_plugins_
;
158 bool is_interstitial_page_
;
159 bool npapi_plugins_blocked_
;
161 int current_request_id_
;
162 typedef std::map
<int, blink::WebPermissionCallbacks
> PermissionRequestMap
;
163 PermissionRequestMap permission_requests_
;
165 // If true, IsWhitelistedForContentSettings will always return true.
166 const bool should_whitelist_
;
168 DISALLOW_COPY_AND_ASSIGN(ContentSettingsObserver
);
171 #endif // CHROME_RENDERER_CONTENT_SETTINGS_OBSERVER_H_