1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CHROME_RENDERER_CONTENT_SETTINGS_OBSERVER_H_
6 #define CHROME_RENDERER_CONTENT_SETTINGS_OBSERVER_H_
11 #include "chrome/common/content_settings.h"
12 #include "content/public/renderer/render_frame_observer.h"
13 #include "content/public/renderer/render_frame_observer_tracker.h"
14 #include "extensions/common/permissions/api_permission.h"
15 #include "third_party/WebKit/public/web/WebPermissionClient.h"
21 class WebSecurityOrigin
;
25 namespace extensions
{
30 // Handles blocking content per content settings for each RenderFrame.
31 class ContentSettingsObserver
32 : public content::RenderFrameObserver
,
33 public content::RenderFrameObserverTracker
<ContentSettingsObserver
>,
34 public blink::WebPermissionClient
{
36 ContentSettingsObserver(content::RenderFrame
* render_frame
,
37 extensions::Dispatcher
* extension_dispatcher
);
38 virtual ~ContentSettingsObserver();
40 // Sets the content setting rules which back |AllowImage()|, |AllowScript()|,
41 // and |AllowScriptFromSource()|. |content_setting_rules| must outlive this
42 // |ContentSettingsObserver|.
43 void SetContentSettingRules(
44 const RendererContentSettingRules
* content_setting_rules
);
46 bool IsPluginTemporarilyAllowed(const std::string
& identifier
);
48 // Sends an IPC notification that the specified content type was blocked.
49 void DidBlockContentType(ContentSettingsType settings_type
);
51 // blink::WebPermissionClient implementation.
52 virtual bool allowDatabase(const blink::WebString
& name
,
53 const blink::WebString
& display_name
,
54 unsigned long estimated_size
) OVERRIDE
;
55 virtual void requestFileSystemAccessAsync(
56 const blink::WebPermissionCallbacks
& callbacks
) OVERRIDE
;
57 virtual bool allowImage(bool enabled_per_settings
,
58 const blink::WebURL
& image_url
) OVERRIDE
;
59 virtual bool allowIndexedDB(const blink::WebString
& name
,
60 const blink::WebSecurityOrigin
& origin
) OVERRIDE
;
61 virtual bool allowPlugins(bool enabled_per_settings
) OVERRIDE
;
62 virtual bool allowScript(bool enabled_per_settings
) OVERRIDE
;
63 virtual bool allowScriptFromSource(bool enabled_per_settings
,
64 const blink::WebURL
& script_url
) OVERRIDE
;
65 virtual bool allowStorage(bool local
) OVERRIDE
;
66 virtual bool allowReadFromClipboard(bool default_value
) OVERRIDE
;
67 virtual bool allowWriteToClipboard(bool default_value
) OVERRIDE
;
68 virtual bool allowWebComponents(bool default_value
) OVERRIDE
;
69 virtual bool allowMutationEvents(bool default_value
) OVERRIDE
;
70 virtual bool allowPushState() OVERRIDE
;
71 virtual void didNotAllowPlugins() OVERRIDE
;
72 virtual void didNotAllowScript() OVERRIDE
;
73 virtual bool allowDisplayingInsecureContent(
74 bool allowed_per_settings
,
75 const blink::WebSecurityOrigin
& context
,
76 const blink::WebURL
& url
) OVERRIDE
;
77 virtual bool allowRunningInsecureContent(
78 bool allowed_per_settings
,
79 const blink::WebSecurityOrigin
& context
,
80 const blink::WebURL
& url
) OVERRIDE
;
82 // This is used for cases when the NPAPI plugins malfunction if used.
83 bool AreNPAPIPluginsBlocked() const;
86 FRIEND_TEST_ALL_PREFIXES(ContentSettingsObserverTest
, WhitelistedSchemes
);
87 FRIEND_TEST_ALL_PREFIXES(ChromeRenderViewTest
,
88 ContentSettingsInterstitialPages
);
89 FRIEND_TEST_ALL_PREFIXES(ChromeRenderViewTest
, PluginsTemporarilyAllowed
);
91 // RenderFrameObserver implementation.
92 virtual bool OnMessageReceived(const IPC::Message
& message
) OVERRIDE
;
93 virtual void DidCommitProvisionalLoad(bool is_new_navigation
) OVERRIDE
;
96 void OnLoadBlockedPlugins(const std::string
& identifier
);
97 void OnSetAsInterstitial();
98 void OnNPAPINotSupported();
99 void OnSetAllowDisplayingInsecureContent(bool allow
);
100 void OnSetAllowRunningInsecureContent(bool allow
);
101 void OnReloadFrame();
102 void OnRequestFileSystemAccessAsyncResponse(int request_id
, bool allowed
);
104 // Resets the |content_blocked_| array.
105 void ClearBlockedContentSettings();
107 // If |origin| corresponds to an installed extension, returns that extension.
108 // Otherwise returns NULL.
109 const extensions::Extension
* GetExtension(
110 const blink::WebSecurityOrigin
& origin
) const;
113 // True if |frame| contains content that is white-listed for content settings.
114 static bool IsWhitelistedForContentSettings(blink::WebFrame
* frame
);
115 static bool IsWhitelistedForContentSettings(
116 const blink::WebSecurityOrigin
& origin
,
117 const GURL
& document_url
);
119 // Owned by ChromeContentRendererClient and outlive us.
120 extensions::Dispatcher
* extension_dispatcher_
;
122 // Insecure content may be permitted for the duration of this render view.
123 bool allow_displaying_insecure_content_
;
124 bool allow_running_insecure_content_
;
126 // A pointer to content setting rules stored by the renderer. Normally, the
127 // |RendererContentSettingRules| object is owned by
128 // |ChromeRenderProcessObserver|. In the tests it is owned by the caller of
129 // |SetContentSettingRules|.
130 const RendererContentSettingRules
* content_setting_rules_
;
132 // Stores if images, scripts, and plugins have actually been blocked.
133 bool content_blocked_
[CONTENT_SETTINGS_NUM_TYPES
];
135 // Caches the result of AllowStorage.
136 typedef std::pair
<GURL
, bool> StoragePermissionsKey
;
137 std::map
<StoragePermissionsKey
, bool> cached_storage_permissions_
;
139 // Caches the result of |AllowScript|.
140 std::map
<blink::WebFrame
*, bool> cached_script_permissions_
;
142 std::set
<std::string
> temporarily_allowed_plugins_
;
143 bool is_interstitial_page_
;
144 bool npapi_plugins_blocked_
;
146 int current_request_id_
;
147 typedef std::map
<int, blink::WebPermissionCallbacks
> PermissionRequestMap
;
148 PermissionRequestMap permission_requests_
;
150 DISALLOW_COPY_AND_ASSIGN(ContentSettingsObserver
);
153 #endif // CHROME_RENDERER_CONTENT_SETTINGS_OBSERVER_H_
