search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Add a FrameHostMsg_BeginNavigation IPC
[chromium-blink-merge.git] / content / browser / frame_host / render_frame_host_impl.cc
blob7e017ee531a34972b3d66a9fe2a053cabe0c95a1
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "content/browser/frame_host/render_frame_host_impl.h"
6
7 #include "base/bind.h"
8 #include "base/containers/hash_tables.h"
9 #include "base/lazy_instance.h"
10 #include "base/metrics/user_metrics_action.h"
11 #include "base/time/time.h"
12 #include "content/browser/child_process_security_policy_impl.h"
13 #include "content/browser/frame_host/cross_process_frame_connector.h"
14 #include "content/browser/frame_host/cross_site_transferring_request.h"
15 #include "content/browser/frame_host/frame_tree.h"
16 #include "content/browser/frame_host/frame_tree_node.h"
17 #include "content/browser/frame_host/navigator.h"
18 #include "content/browser/frame_host/render_frame_host_delegate.h"
19 #include "content/browser/frame_host/render_frame_proxy_host.h"
20 #include "content/browser/renderer_host/input/input_router.h"
21 #include "content/browser/renderer_host/input/timeout_monitor.h"
22 #include "content/browser/renderer_host/render_process_host_impl.h"
23 #include "content/browser/renderer_host/render_view_host_impl.h"
24 #include "content/browser/renderer_host/render_widget_host_impl.h"
25 #include "content/browser/transition_request_manager.h"
26 #include "content/common/desktop_notification_messages.h"
27 #include "content/common/frame_messages.h"
28 #include "content/common/input_messages.h"
29 #include "content/common/inter_process_time_ticks_converter.h"
30 #include "content/common/render_frame_setup.mojom.h"
31 #include "content/common/swapped_out_messages.h"
32 #include "content/public/browser/browser_thread.h"
33 #include "content/public/browser/content_browser_client.h"
34 #include "content/public/browser/desktop_notification_delegate.h"
35 #include "content/public/browser/render_process_host.h"
36 #include "content/public/browser/render_widget_host_view.h"
37 #include "content/public/browser/user_metrics.h"
38 #include "content/public/common/content_constants.h"
39 #include "content/public/common/url_constants.h"
40 #include "content/public/common/url_utils.h"
41 #include "url/gurl.h"
42
43 using base::TimeDelta;
44
45 namespace content {
46
47 namespace {
48
49 // The (process id, routing id) pair that identifies one RenderFrame.
50 typedef std::pair<int32, int32> RenderFrameHostID;
51 typedef base::hash_map<RenderFrameHostID, RenderFrameHostImpl*>
52 RoutingIDFrameMap;
53 base::LazyInstance<RoutingIDFrameMap> g_routing_id_frame_map =
54 LAZY_INSTANCE_INITIALIZER;
55
56 class DesktopNotificationDelegateImpl : public DesktopNotificationDelegate {
57 public:
58 DesktopNotificationDelegateImpl(RenderFrameHost* render_frame_host,
59 int notification_id)
60 : render_process_id_(render_frame_host->GetProcess()->GetID()),
61 render_frame_id_(render_frame_host->GetRoutingID()),
62 notification_id_(notification_id) {}
63
64 virtual ~DesktopNotificationDelegateImpl() {}
65
66 virtual void NotificationDisplayed() OVERRIDE {
67 RenderFrameHost* rfh =
68 RenderFrameHost::FromID(render_process_id_, render_frame_id_);
69 if (!rfh)
70 return;
71
72 rfh->Send(new DesktopNotificationMsg_PostDisplay(
73 rfh->GetRoutingID(), notification_id_));
74 }
75
76 virtual void NotificationError() OVERRIDE {
77 RenderFrameHost* rfh =
78 RenderFrameHost::FromID(render_process_id_, render_frame_id_);
79 if (!rfh)
80 return;
81
82 rfh->Send(new DesktopNotificationMsg_PostError(
83 rfh->GetRoutingID(), notification_id_));
84 delete this;
85 }
86
87 virtual void NotificationClosed(bool by_user) OVERRIDE {
88 RenderFrameHost* rfh =
89 RenderFrameHost::FromID(render_process_id_, render_frame_id_);
90 if (!rfh)
91 return;
92
93 rfh->Send(new DesktopNotificationMsg_PostClose(
94 rfh->GetRoutingID(), notification_id_, by_user));
95 static_cast<RenderFrameHostImpl*>(rfh)->NotificationClosed(
96 notification_id_);
97 delete this;
98 }
99
100 virtual void NotificationClick() OVERRIDE {
101 RenderFrameHost* rfh =
102 RenderFrameHost::FromID(render_process_id_, render_frame_id_);
103 if (!rfh)
104 return;
105
106 rfh->Send(new DesktopNotificationMsg_PostClick(
107 rfh->GetRoutingID(), notification_id_));
108 }
109
110 private:
111 int render_process_id_;
112 int render_frame_id_;
113 int notification_id_;
114 };
115
116 // Translate a WebKit text direction into a base::i18n one.
117 base::i18n::TextDirection WebTextDirectionToChromeTextDirection(
118 blink::WebTextDirection dir) {
119 switch (dir) {
120 case blink::WebTextDirectionLeftToRight:
121 return base::i18n::LEFT_TO_RIGHT;
122 case blink::WebTextDirectionRightToLeft:
123 return base::i18n::RIGHT_TO_LEFT;
124 default:
125 NOTREACHED();
126 return base::i18n::UNKNOWN_DIRECTION;
127 }
128 }
129
130 } // namespace
131
132 RenderFrameHost* RenderFrameHost::FromID(int render_process_id,
133 int render_frame_id) {
134 return RenderFrameHostImpl::FromID(render_process_id, render_frame_id);
135 }
136
137 // static
138 RenderFrameHostImpl* RenderFrameHostImpl::FromID(
139 int process_id, int routing_id) {
140 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
141 RoutingIDFrameMap* frames = g_routing_id_frame_map.Pointer();
142 RoutingIDFrameMap::iterator it = frames->find(
143 RenderFrameHostID(process_id, routing_id));
144 return it == frames->end() ? NULL : it->second;
145 }
146
147 RenderFrameHostImpl::RenderFrameHostImpl(
148 RenderViewHostImpl* render_view_host,
149 RenderFrameHostDelegate* delegate,
150 FrameTree* frame_tree,
151 FrameTreeNode* frame_tree_node,
152 int routing_id,
153 bool is_swapped_out)
154 : render_view_host_(render_view_host),
155 delegate_(delegate),
156 cross_process_frame_connector_(NULL),
157 render_frame_proxy_host_(NULL),
158 frame_tree_(frame_tree),
159 frame_tree_node_(frame_tree_node),
160 routing_id_(routing_id),
161 is_swapped_out_(is_swapped_out),
162 weak_ptr_factory_(this) {
163 frame_tree_->RegisterRenderFrameHost(this);
164 GetProcess()->AddRoute(routing_id_, this);
165 g_routing_id_frame_map.Get().insert(std::make_pair(
166 RenderFrameHostID(GetProcess()->GetID(), routing_id_),
167 this));
168
169 if (GetProcess()->GetServiceRegistry()) {
170 RenderFrameSetupPtr setup;
171 GetProcess()->GetServiceRegistry()->ConnectToRemoteService(&setup);
172 mojo::ServiceProviderPtr service_provider;
173 setup->GetServiceProviderForFrame(routing_id_,
174 mojo::Get(&service_provider));
175 service_registry_.BindRemoteServiceProvider(
176 service_provider.PassMessagePipe());
177 }
178 }
179
180 RenderFrameHostImpl::~RenderFrameHostImpl() {
181 GetProcess()->RemoveRoute(routing_id_);
182 g_routing_id_frame_map.Get().erase(
183 RenderFrameHostID(GetProcess()->GetID(), routing_id_));
184 if (delegate_)
185 delegate_->RenderFrameDeleted(this);
186
187 // Notify the FrameTree that this RFH is going away, allowing it to shut down
188 // the corresponding RenderViewHost if it is no longer needed.
189 frame_tree_->UnregisterRenderFrameHost(this);
190 }
191
192 int RenderFrameHostImpl::GetRoutingID() {
193 return routing_id_;
194 }
195
196 SiteInstance* RenderFrameHostImpl::GetSiteInstance() {
197 return render_view_host_->GetSiteInstance();
198 }
199
200 RenderProcessHost* RenderFrameHostImpl::GetProcess() {
201 // TODO(nasko): This should return its own process, once we have working
202 // cross-process navigation for subframes.
203 return render_view_host_->GetProcess();
204 }
205
206 RenderFrameHost* RenderFrameHostImpl::GetParent() {
207 FrameTreeNode* parent_node = frame_tree_node_->parent();
208 if (!parent_node)
209 return NULL;
210 return parent_node->current_frame_host();
211 }
212
213 const std::string& RenderFrameHostImpl::GetFrameName() {
214 return frame_tree_node_->frame_name();
215 }
216
217 bool RenderFrameHostImpl::IsCrossProcessSubframe() {
218 FrameTreeNode* parent_node = frame_tree_node_->parent();
219 if (!parent_node)
220 return false;
221 return GetSiteInstance() !=
222 parent_node->current_frame_host()->GetSiteInstance();
223 }
224
225 GURL RenderFrameHostImpl::GetLastCommittedURL() {
226 return frame_tree_node_->current_url();
227 }
228
229 gfx::NativeView RenderFrameHostImpl::GetNativeView() {
230 RenderWidgetHostView* view = render_view_host_->GetView();
231 if (!view)
232 return NULL;
233 return view->GetNativeView();
234 }
235
236 void RenderFrameHostImpl::ExecuteJavaScript(
237 const base::string16& javascript) {
238 Send(new FrameMsg_JavaScriptExecuteRequest(routing_id_,
239 javascript,
240 0, false));
241 }
242
243 void RenderFrameHostImpl::ExecuteJavaScript(
244 const base::string16& javascript,
245 const JavaScriptResultCallback& callback) {
246 static int next_id = 1;
247 int key = next_id++;
248 Send(new FrameMsg_JavaScriptExecuteRequest(routing_id_,
249 javascript,
250 key, true));
251 javascript_callbacks_.insert(std::make_pair(key, callback));
252 }
253
254 RenderViewHost* RenderFrameHostImpl::GetRenderViewHost() {
255 return render_view_host_;
256 }
257
258 ServiceRegistry* RenderFrameHostImpl::GetServiceRegistry() {
259 static_cast<RenderProcessHostImpl*>(GetProcess())->EnsureMojoActivated();
260 return &service_registry_;
261 }
262
263 bool RenderFrameHostImpl::Send(IPC::Message* message) {
264 if (IPC_MESSAGE_ID_CLASS(message->type()) == InputMsgStart) {
265 return render_view_host_->input_router()->SendInput(
266 make_scoped_ptr(message));
267 }
268
269 if (render_view_host_->IsSwappedOut()) {
270 DCHECK(render_frame_proxy_host_);
271 return render_frame_proxy_host_->Send(message);
272 }
273
274 return GetProcess()->Send(message);
275 }
276
277 bool RenderFrameHostImpl::OnMessageReceived(const IPC::Message &msg) {
278 // Filter out most IPC messages if this renderer is swapped out.
279 // We still want to handle certain ACKs to keep our state consistent.
280 // TODO(nasko): Only check RenderViewHost state, as this object's own state
281 // isn't yet properly updated. Transition this check once the swapped out
282 // state is correct in RenderFrameHost itself.
283 if (render_view_host_->IsSwappedOut()) {
284 if (!SwappedOutMessages::CanHandleWhileSwappedOut(msg)) {
285 // If this is a synchronous message and we decided not to handle it,
286 // we must send an error reply, or else the renderer will be stuck
287 // and won't respond to future requests.
288 if (msg.is_sync()) {
289 IPC::Message* reply = IPC::SyncMessage::GenerateReply(&msg);
290 reply->set_reply_error();
291 Send(reply);
292 }
293 // Don't continue looking for someone to handle it.
294 return true;
295 }
296 }
297
298 if (delegate_->OnMessageReceived(this, msg))
299 return true;
300
301 RenderFrameProxyHost* proxy =
302 frame_tree_node_->render_manager()->GetProxyToParent();
303 if (proxy && proxy->cross_process_frame_connector() &&
304 proxy->cross_process_frame_connector()->OnMessageReceived(msg))
305 return true;
306
307 bool handled = true;
308 IPC_BEGIN_MESSAGE_MAP(RenderFrameHostImpl, msg)
309 IPC_MESSAGE_HANDLER(FrameHostMsg_AddMessageToConsole, OnAddMessageToConsole)
310 IPC_MESSAGE_HANDLER(FrameHostMsg_Detach, OnDetach)
311 IPC_MESSAGE_HANDLER(FrameHostMsg_FrameFocused, OnFrameFocused)
312 IPC_MESSAGE_HANDLER(FrameHostMsg_DidStartProvisionalLoadForFrame,
313 OnDidStartProvisionalLoadForFrame)
314 IPC_MESSAGE_HANDLER(FrameHostMsg_DidFailProvisionalLoadWithError,
315 OnDidFailProvisionalLoadWithError)
316 IPC_MESSAGE_HANDLER(FrameHostMsg_DidRedirectProvisionalLoad,
317 OnDidRedirectProvisionalLoad)
318 IPC_MESSAGE_HANDLER(FrameHostMsg_DidFailLoadWithError,
319 OnDidFailLoadWithError)
320 IPC_MESSAGE_HANDLER_GENERIC(FrameHostMsg_DidCommitProvisionalLoad,
321 OnNavigate(msg))
322 IPC_MESSAGE_HANDLER(FrameHostMsg_OpenURL, OnOpenURL)
323 IPC_MESSAGE_HANDLER(FrameHostMsg_DocumentOnLoadCompleted,
324 OnDocumentOnLoadCompleted)
325 IPC_MESSAGE_HANDLER(FrameHostMsg_BeforeUnload_ACK, OnBeforeUnloadACK)
326 IPC_MESSAGE_HANDLER(FrameHostMsg_SwapOut_ACK, OnSwapOutACK)
327 IPC_MESSAGE_HANDLER(FrameHostMsg_ContextMenu, OnContextMenu)
328 IPC_MESSAGE_HANDLER(FrameHostMsg_JavaScriptExecuteResponse,
329 OnJavaScriptExecuteResponse)
330 IPC_MESSAGE_HANDLER_DELAY_REPLY(FrameHostMsg_RunJavaScriptMessage,
331 OnRunJavaScriptMessage)
332 IPC_MESSAGE_HANDLER_DELAY_REPLY(FrameHostMsg_RunBeforeUnloadConfirm,
333 OnRunBeforeUnloadConfirm)
334 IPC_MESSAGE_HANDLER(FrameHostMsg_DidAccessInitialDocument,
335 OnDidAccessInitialDocument)
336 IPC_MESSAGE_HANDLER(FrameHostMsg_DidDisownOpener, OnDidDisownOpener)
337 IPC_MESSAGE_HANDLER(FrameHostMsg_UpdateTitle, OnUpdateTitle)
338 IPC_MESSAGE_HANDLER(FrameHostMsg_UpdateEncoding, OnUpdateEncoding)
339 IPC_MESSAGE_HANDLER(FrameHostMsg_BeginNavigation,
340 OnBeginNavigation)
341 IPC_MESSAGE_HANDLER(DesktopNotificationHostMsg_RequestPermission,
342 OnRequestDesktopNotificationPermission)
343 IPC_MESSAGE_HANDLER(DesktopNotificationHostMsg_Show,
344 OnShowDesktopNotification)
345 IPC_MESSAGE_HANDLER(DesktopNotificationHostMsg_Cancel,
346 OnCancelDesktopNotification)
347 IPC_MESSAGE_HANDLER(FrameHostMsg_TextSurroundingSelectionResponse,
348 OnTextSurroundingSelectionResponse)
349 IPC_END_MESSAGE_MAP()
350
351 return handled;
352 }
353
354 void RenderFrameHostImpl::Init() {
355 GetProcess()->ResumeRequestsForView(routing_id_);
356 }
357
358 void RenderFrameHostImpl::OnAddMessageToConsole(
359 int32 level,
360 const base::string16& message,
361 int32 line_no,
362 const base::string16& source_id) {
363 if (delegate_->AddMessageToConsole(level, message, line_no, source_id))
364 return;
365
366 // Pass through log level only on WebUI pages to limit console spew.
367 int32 resolved_level =
368 HasWebUIScheme(delegate_->GetMainFrameLastCommittedURL()) ? level : 0;
369
370 if (resolved_level >= ::logging::GetMinLogLevel()) {
371 logging::LogMessage("CONSOLE", line_no, resolved_level).stream() << "\"" <<
372 message << "\", source: " << source_id << " (" << line_no << ")";
373 }
374 }
375
376 void RenderFrameHostImpl::OnCreateChildFrame(int new_routing_id,
377 const std::string& frame_name) {
378 RenderFrameHostImpl* new_frame = frame_tree_->AddFrame(
379 frame_tree_node_, new_routing_id, frame_name);
380 if (delegate_)
381 delegate_->RenderFrameCreated(new_frame);
382 }
383
384 void RenderFrameHostImpl::OnDetach() {
385 frame_tree_->RemoveFrame(frame_tree_node_);
386 }
387
388 void RenderFrameHostImpl::OnFrameFocused() {
389 frame_tree_->SetFocusedFrame(frame_tree_node_);
390 }
391
392 void RenderFrameHostImpl::OnOpenURL(
393 const FrameHostMsg_OpenURL_Params& params) {
394 GURL validated_url(params.url);
395 GetProcess()->FilterURL(false, &validated_url);
396
397 frame_tree_node_->navigator()->RequestOpenURL(
398 this, validated_url, params.referrer, params.disposition,
399 params.should_replace_current_entry, params.user_gesture);
400 }
401
402 void RenderFrameHostImpl::OnDocumentOnLoadCompleted() {
403 // This message is only sent for top-level frames. TODO(avi): when frame tree
404 // mirroring works correctly, add a check here to enforce it.
405 delegate_->DocumentOnLoadCompleted(this);
406 }
407
408 void RenderFrameHostImpl::OnDidStartProvisionalLoadForFrame(
409 const GURL& url) {
410 frame_tree_node_->navigator()->DidStartProvisionalLoad(this, url);
411 }
412
413 void RenderFrameHostImpl::OnDidFailProvisionalLoadWithError(
414 const FrameHostMsg_DidFailProvisionalLoadWithError_Params& params) {
415 frame_tree_node_->navigator()->DidFailProvisionalLoadWithError(this, params);
416 }
417
418 void RenderFrameHostImpl::OnDidFailLoadWithError(
419 const GURL& url,
420 int error_code,
421 const base::string16& error_description) {
422 GURL validated_url(url);
423 GetProcess()->FilterURL(false, &validated_url);
424
425 frame_tree_node_->navigator()->DidFailLoadWithError(
426 this, validated_url, error_code, error_description);
427 }
428
429 void RenderFrameHostImpl::OnDidRedirectProvisionalLoad(
430 int32 page_id,
431 const GURL& source_url,
432 const GURL& target_url) {
433 frame_tree_node_->navigator()->DidRedirectProvisionalLoad(
434 this, page_id, source_url, target_url);
435 }
436
437 // Called when the renderer navigates. For every frame loaded, we'll get this
438 // notification containing parameters identifying the navigation.
439 //
440 // Subframes are identified by the page transition type. For subframes loaded
441 // as part of a wider page load, the page_id will be the same as for the top
442 // level frame. If the user explicitly requests a subframe navigation, we will
443 // get a new page_id because we need to create a new navigation entry for that
444 // action.
445 void RenderFrameHostImpl::OnNavigate(const IPC::Message& msg) {
446 // Read the parameters out of the IPC message directly to avoid making another
447 // copy when we filter the URLs.
448 PickleIterator iter(msg);
449 FrameHostMsg_DidCommitProvisionalLoad_Params validated_params;
450 if (!IPC::ParamTraits<FrameHostMsg_DidCommitProvisionalLoad_Params>::
451 Read(&msg, &iter, &validated_params))
452 return;
453
454 // If we're waiting for a cross-site beforeunload ack from this renderer and
455 // we receive a Navigate message from the main frame, then the renderer was
456 // navigating already and sent it before hearing the ViewMsg_Stop message.
457 // We do not want to cancel the pending navigation in this case, since the
458 // old page will soon be stopped. Instead, treat this as a beforeunload ack
459 // to allow the pending navigation to continue.
460 if (render_view_host_->is_waiting_for_beforeunload_ack_ &&
461 render_view_host_->unload_ack_is_for_cross_site_transition_ &&
462 PageTransitionIsMainFrame(validated_params.transition)) {
463 OnBeforeUnloadACK(true, send_before_unload_start_time_,
464 base::TimeTicks::Now());
465 return;
466 }
467
468 // If we're waiting for an unload ack from this renderer and we receive a
469 // Navigate message, then the renderer was navigating before it received the
470 // unload request. It will either respond to the unload request soon or our
471 // timer will expire. Either way, we should ignore this message, because we
472 // have already committed to closing this renderer.
473 if (render_view_host_->IsWaitingForUnloadACK())
474 return;
475
476 RenderProcessHost* process = GetProcess();
477
478 // Attempts to commit certain off-limits URL should be caught more strictly
479 // than our FilterURL checks below. If a renderer violates this policy, it
480 // should be killed.
481 if (!CanCommitURL(validated_params.url)) {
482 VLOG(1) << "Blocked URL " << validated_params.url.spec();
483 validated_params.url = GURL(url::kAboutBlankURL);
484 RecordAction(base::UserMetricsAction("CanCommitURL_BlockedAndKilled"));
485 // Kills the process.
486 process->ReceivedBadMessage();
487 }
488
489 // Without this check, an evil renderer can trick the browser into creating
490 // a navigation entry for a banned URL. If the user clicks the back button
491 // followed by the forward button (or clicks reload, or round-trips through
492 // session restore, etc), we'll think that the browser commanded the
493 // renderer to load the URL and grant the renderer the privileges to request
494 // the URL. To prevent this attack, we block the renderer from inserting
495 // banned URLs into the navigation controller in the first place.
496 process->FilterURL(false, &validated_params.url);
497 process->FilterURL(true, &validated_params.referrer.url);
498 for (std::vector<GURL>::iterator it(validated_params.redirects.begin());
499 it != validated_params.redirects.end(); ++it) {
500 process->FilterURL(false, &(*it));
501 }
502 process->FilterURL(true, &validated_params.searchable_form_url);
503
504 // Without this check, the renderer can trick the browser into using
505 // filenames it can't access in a future session restore.
506 if (!render_view_host_->CanAccessFilesOfPageState(
507 validated_params.page_state)) {
508 GetProcess()->ReceivedBadMessage();
509 return;
510 }
511
512 frame_tree_node()->navigator()->DidNavigate(this, validated_params);
513 }
514
515 RenderWidgetHostImpl* RenderFrameHostImpl::GetRenderWidgetHost() {
516 return static_cast<RenderWidgetHostImpl*>(render_view_host_);
517 }
518
519 int RenderFrameHostImpl::GetEnabledBindings() {
520 return render_view_host_->GetEnabledBindings();
521 }
522
523 void RenderFrameHostImpl::OnCrossSiteResponse(
524 const GlobalRequestID& global_request_id,
525 scoped_ptr<CrossSiteTransferringRequest> cross_site_transferring_request,
526 const std::vector<GURL>& transfer_url_chain,
527 const Referrer& referrer,
528 PageTransition page_transition,
529 bool should_replace_current_entry) {
530 frame_tree_node_->render_manager()->OnCrossSiteResponse(
531 this, global_request_id, cross_site_transferring_request.Pass(),
532 transfer_url_chain, referrer, page_transition,
533 should_replace_current_entry);
534 }
535
536 void RenderFrameHostImpl::OnDeferredAfterResponseStarted(
537 const GlobalRequestID& global_request_id) {
538 frame_tree_node_->render_manager()->OnDeferredAfterResponseStarted(
539 global_request_id, this);
540
541 if (GetParent() || !delegate_->WillHandleDeferAfterResponseStarted())
542 frame_tree_node_->render_manager()->ResumeResponseDeferredAtStart();
543 else
544 delegate_->DidDeferAfterResponseStarted();
545 }
546
547 void RenderFrameHostImpl::SwapOut(RenderFrameProxyHost* proxy) {
548 // TODO(creis): Move swapped out state to RFH. Until then, only update it
549 // when swapping out the main frame.
550 if (!GetParent()) {
551 // If this RenderViewHost is not in the default state, it must have already
552 // gone through this, therefore just return.
553 if (render_view_host_->rvh_state_ != RenderViewHostImpl::STATE_DEFAULT)
554 return;
555
556 render_view_host_->SetState(
557 RenderViewHostImpl::STATE_WAITING_FOR_UNLOAD_ACK);
558 render_view_host_->unload_event_monitor_timeout_->Start(
559 base::TimeDelta::FromMilliseconds(
560 RenderViewHostImpl::kUnloadTimeoutMS));
561 }
562
563 set_render_frame_proxy_host(proxy);
564
565 if (render_view_host_->IsRenderViewLive())
566 Send(new FrameMsg_SwapOut(routing_id_, proxy->GetRoutingID()));
567
568 if (!GetParent())
569 delegate_->SwappedOut(this);
570
571 // Allow the navigation to proceed.
572 frame_tree_node_->render_manager()->SwappedOut(this);
573 }
574
575 void RenderFrameHostImpl::OnBeforeUnloadACK(
576 bool proceed,
577 const base::TimeTicks& renderer_before_unload_start_time,
578 const base::TimeTicks& renderer_before_unload_end_time) {
579 // TODO(creis): Support properly beforeunload on subframes. For now just
580 // pretend that the handler ran and allowed the navigation to proceed.
581 if (GetParent()) {
582 render_view_host_->is_waiting_for_beforeunload_ack_ = false;
583 frame_tree_node_->render_manager()->OnBeforeUnloadACK(
584 render_view_host_->unload_ack_is_for_cross_site_transition_, proceed,
585 renderer_before_unload_end_time);
586 return;
587 }
588
589 render_view_host_->decrement_in_flight_event_count();
590 render_view_host_->StopHangMonitorTimeout();
591 // If this renderer navigated while the beforeunload request was in flight, we
592 // may have cleared this state in OnNavigate, in which case we can ignore
593 // this message.
594 // However renderer might also be swapped out but we still want to proceed
595 // with navigation, otherwise it would block future navigations. This can
596 // happen when pending cross-site navigation is canceled by a second one just
597 // before OnNavigate while current RVH is waiting for commit but second
598 // navigation is started from the beginning.
599 if (!render_view_host_->is_waiting_for_beforeunload_ack_) {
600 return;
601 }
602
603 render_view_host_->is_waiting_for_beforeunload_ack_ = false;
604
605 base::TimeTicks before_unload_end_time;
606 if (!send_before_unload_start_time_.is_null() &&
607 !renderer_before_unload_start_time.is_null() &&
608 !renderer_before_unload_end_time.is_null()) {
609 // When passing TimeTicks across process boundaries, we need to compensate
610 // for any skew between the processes. Here we are converting the
611 // renderer's notion of before_unload_end_time to TimeTicks in the browser
612 // process. See comments in inter_process_time_ticks_converter.h for more.
613 InterProcessTimeTicksConverter converter(
614 LocalTimeTicks::FromTimeTicks(send_before_unload_start_time_),
615 LocalTimeTicks::FromTimeTicks(base::TimeTicks::Now()),
616 RemoteTimeTicks::FromTimeTicks(renderer_before_unload_start_time),
617 RemoteTimeTicks::FromTimeTicks(renderer_before_unload_end_time));
618 LocalTimeTicks browser_before_unload_end_time =
619 converter.ToLocalTimeTicks(
620 RemoteTimeTicks::FromTimeTicks(renderer_before_unload_end_time));
621 before_unload_end_time = browser_before_unload_end_time.ToTimeTicks();
622 }
623 frame_tree_node_->render_manager()->OnBeforeUnloadACK(
624 render_view_host_->unload_ack_is_for_cross_site_transition_, proceed,
625 before_unload_end_time);
626
627 // If canceled, notify the delegate to cancel its pending navigation entry.
628 if (!proceed)
629 render_view_host_->GetDelegate()->DidCancelLoading();
630 }
631
632 void RenderFrameHostImpl::OnSwapOutACK() {
633 OnSwappedOut(false);
634 }
635
636 void RenderFrameHostImpl::OnSwappedOut(bool timed_out) {
637 // For now, we only need to update the RVH state machine for top-level swaps.
638 // Subframe swaps (in --site-per-process) can just continue via RFHM.
639 if (!GetParent())
640 render_view_host_->OnSwappedOut(timed_out);
641 else
642 frame_tree_node_->render_manager()->SwappedOut(this);
643 }
644
645 void RenderFrameHostImpl::OnContextMenu(const ContextMenuParams& params) {
646 // Validate the URLs in |params|. If the renderer can't request the URLs
647 // directly, don't show them in the context menu.
648 ContextMenuParams validated_params(params);
649 RenderProcessHost* process = GetProcess();
650
651 // We don't validate |unfiltered_link_url| so that this field can be used
652 // when users want to copy the original link URL.
653 process->FilterURL(true, &validated_params.link_url);
654 process->FilterURL(true, &validated_params.src_url);
655 process->FilterURL(false, &validated_params.page_url);
656 process->FilterURL(true, &validated_params.frame_url);
657
658 delegate_->ShowContextMenu(this, validated_params);
659 }
660
661 void RenderFrameHostImpl::OnJavaScriptExecuteResponse(
662 int id, const base::ListValue& result) {
663 const base::Value* result_value;
664 if (!result.Get(0, &result_value)) {
665 // Programming error or rogue renderer.
666 NOTREACHED() << "Got bad arguments for OnJavaScriptExecuteResponse";
667 return;
668 }
669
670 std::map<int, JavaScriptResultCallback>::iterator it =
671 javascript_callbacks_.find(id);
672 if (it != javascript_callbacks_.end()) {
673 it->second.Run(result_value);
674 javascript_callbacks_.erase(it);
675 } else {
676 NOTREACHED() << "Received script response for unknown request";
677 }
678 }
679
680 void RenderFrameHostImpl::OnRunJavaScriptMessage(
681 const base::string16& message,
682 const base::string16& default_prompt,
683 const GURL& frame_url,
684 JavaScriptMessageType type,
685 IPC::Message* reply_msg) {
686 // While a JS message dialog is showing, tabs in the same process shouldn't
687 // process input events.
688 GetProcess()->SetIgnoreInputEvents(true);
689 render_view_host_->StopHangMonitorTimeout();
690 delegate_->RunJavaScriptMessage(this, message, default_prompt,
691 frame_url, type, reply_msg);
692 }
693
694 void RenderFrameHostImpl::OnRunBeforeUnloadConfirm(
695 const GURL& frame_url,
696 const base::string16& message,
697 bool is_reload,
698 IPC::Message* reply_msg) {
699 // While a JS before unload dialog is showing, tabs in the same process
700 // shouldn't process input events.
701 GetProcess()->SetIgnoreInputEvents(true);
702 render_view_host_->StopHangMonitorTimeout();
703 delegate_->RunBeforeUnloadConfirm(this, message, is_reload, reply_msg);
704 }
705
706 void RenderFrameHostImpl::OnRequestDesktopNotificationPermission(
707 const GURL& source_origin, int callback_context) {
708 base::Closure done_callback = base::Bind(
709 &RenderFrameHostImpl::DesktopNotificationPermissionRequestDone,
710 weak_ptr_factory_.GetWeakPtr(), callback_context);
711 GetContentClient()->browser()->RequestDesktopNotificationPermission(
712 source_origin, this, done_callback);
713 }
714
715 void RenderFrameHostImpl::OnShowDesktopNotification(
716 int notification_id,
717 const ShowDesktopNotificationHostMsgParams& params) {
718 base::Closure cancel_callback;
719 GetContentClient()->browser()->ShowDesktopNotification(
720 params, this,
721 new DesktopNotificationDelegateImpl(this, notification_id),
722 &cancel_callback);
723 cancel_notification_callbacks_[notification_id] = cancel_callback;
724 }
725
726 void RenderFrameHostImpl::OnCancelDesktopNotification(int notification_id) {
727 if (!cancel_notification_callbacks_.count(notification_id)) {
728 NOTREACHED();
729 return;
730 }
731 cancel_notification_callbacks_[notification_id].Run();
732 cancel_notification_callbacks_.erase(notification_id);
733 }
734
735 void RenderFrameHostImpl::OnTextSurroundingSelectionResponse(
736 const base::string16& content,
737 size_t start_offset,
738 size_t end_offset) {
739 render_view_host_->OnTextSurroundingSelectionResponse(
740 content, start_offset, end_offset);
741 }
742
743 void RenderFrameHostImpl::OnDidAccessInitialDocument() {
744 delegate_->DidAccessInitialDocument();
745 }
746
747 void RenderFrameHostImpl::OnDidDisownOpener() {
748 // This message is only sent for top-level frames. TODO(avi): when frame tree
749 // mirroring works correctly, add a check here to enforce it.
750 delegate_->DidDisownOpener(this);
751 }
752
753 void RenderFrameHostImpl::OnUpdateTitle(
754 int32 page_id,
755 const base::string16& title,
756 blink::WebTextDirection title_direction) {
757 // This message is only sent for top-level frames. TODO(avi): when frame tree
758 // mirroring works correctly, add a check here to enforce it.
759 if (title.length() > kMaxTitleChars) {
760 NOTREACHED() << "Renderer sent too many characters in title.";
761 return;
762 }
763
764 delegate_->UpdateTitle(this, page_id, title,
765 WebTextDirectionToChromeTextDirection(
766 title_direction));
767 }
768
769 void RenderFrameHostImpl::OnUpdateEncoding(const std::string& encoding_name) {
770 // This message is only sent for top-level frames. TODO(avi): when frame tree
771 // mirroring works correctly, add a check here to enforce it.
772 delegate_->UpdateEncoding(this, encoding_name);
773 }
774
775 void RenderFrameHostImpl::OnBeginNavigation(
776 const FrameHostMsg_BeginNavigation_Params& params) {
777 #if defined(USE_BROWSER_SIDE_NAVIGATION)
778 frame_tree_node()->render_manager()->OnBeginNavigation(params);
779 #endif
780 }
781
782 void RenderFrameHostImpl::SetPendingShutdown(const base::Closure& on_swap_out) {
783 render_view_host_->SetPendingShutdown(on_swap_out);
784 }
785
786 bool RenderFrameHostImpl::CanCommitURL(const GURL& url) {
787 // TODO(creis): We should also check for WebUI pages here. Also, when the
788 // out-of-process iframes implementation is ready, we should check for
789 // cross-site URLs that are not allowed to commit in this process.
790
791 // Give the client a chance to disallow URLs from committing.
792 return GetContentClient()->browser()->CanCommitURL(GetProcess(), url);
793 }
794
795 void RenderFrameHostImpl::Navigate(const FrameMsg_Navigate_Params& params) {
796 TRACE_EVENT0("frame_host", "RenderFrameHostImpl::Navigate");
797 // Browser plugin guests are not allowed to navigate outside web-safe schemes,
798 // so do not grant them the ability to request additional URLs.
799 if (!GetProcess()->IsIsolatedGuest()) {
800 ChildProcessSecurityPolicyImpl::GetInstance()->GrantRequestURL(
801 GetProcess()->GetID(), params.url);
802 if (params.url.SchemeIs(url::kDataScheme) &&
803 params.base_url_for_data_url.SchemeIs(url::kFileScheme)) {
804 // If 'data:' is used, and we have a 'file:' base url, grant access to
805 // local files.
806 ChildProcessSecurityPolicyImpl::GetInstance()->GrantRequestURL(
807 GetProcess()->GetID(), params.base_url_for_data_url);
808 }
809 }
810
811 // Only send the message if we aren't suspended at the start of a cross-site
812 // request.
813 if (render_view_host_->navigations_suspended_) {
814 // Shouldn't be possible to have a second navigation while suspended, since
815 // navigations will only be suspended during a cross-site request. If a
816 // second navigation occurs, RenderFrameHostManager will cancel this pending
817 // RFH and create a new pending RFH.
818 DCHECK(!render_view_host_->suspended_nav_params_.get());
819 render_view_host_->suspended_nav_params_.reset(
820 new FrameMsg_Navigate_Params(params));
821 } else {
822 // Get back to a clean state, in case we start a new navigation without
823 // completing a RVH swap or unload handler.
824 render_view_host_->SetState(RenderViewHostImpl::STATE_DEFAULT);
825
826 Send(new FrameMsg_Navigate(routing_id_, params));
827 }
828
829 // Force the throbber to start. We do this because Blink's "started
830 // loading" message will be received asynchronously from the UI of the
831 // browser. But we want to keep the throbber in sync with what's happening
832 // in the UI. For example, we want to start throbbing immediately when the
833 // user naivgates even if the renderer is delayed. There is also an issue
834 // with the throbber starting because the WebUI (which controls whether the
835 // favicon is displayed) happens synchronously. If the start loading
836 // messages was asynchronous, then the default favicon would flash in.
837 //
838 // Blink doesn't send throb notifications for JavaScript URLs, so we
839 // don't want to either.
840 if (!params.url.SchemeIs(url::kJavaScriptScheme))
841 delegate_->DidStartLoading(this, true);
842 }
843
844 void RenderFrameHostImpl::NavigateToURL(const GURL& url) {
845 FrameMsg_Navigate_Params params;
846 params.page_id = -1;
847 params.pending_history_list_offset = -1;
848 params.current_history_list_offset = -1;
849 params.current_history_list_length = 0;
850 params.url = url;
851 params.transition = PAGE_TRANSITION_LINK;
852 params.navigation_type = FrameMsg_Navigate_Type::NORMAL;
853 params.browser_navigation_start = base::TimeTicks::Now();
854 Navigate(params);
855 }
856
857 void RenderFrameHostImpl::DispatchBeforeUnload(bool for_cross_site_transition) {
858 // TODO(creis): Support subframes.
859 if (!render_view_host_->IsRenderViewLive() || GetParent()) {
860 // We don't have a live renderer, so just skip running beforeunload.
861 render_view_host_->is_waiting_for_beforeunload_ack_ = true;
862 render_view_host_->unload_ack_is_for_cross_site_transition_ =
863 for_cross_site_transition;
864 base::TimeTicks now = base::TimeTicks::Now();
865 OnBeforeUnloadACK(true, now, now);
866 return;
867 }
868
869 // This may be called more than once (if the user clicks the tab close button
870 // several times, or if she clicks the tab close button then the browser close
871 // button), and we only send the message once.
872 if (render_view_host_->is_waiting_for_beforeunload_ack_) {
873 // Some of our close messages could be for the tab, others for cross-site
874 // transitions. We always want to think it's for closing the tab if any
875 // of the messages were, since otherwise it might be impossible to close
876 // (if there was a cross-site "close" request pending when the user clicked
877 // the close button). We want to keep the "for cross site" flag only if
878 // both the old and the new ones are also for cross site.
879 render_view_host_->unload_ack_is_for_cross_site_transition_ =
880 render_view_host_->unload_ack_is_for_cross_site_transition_ &&
881 for_cross_site_transition;
882 } else {
883 // Start the hang monitor in case the renderer hangs in the beforeunload
884 // handler.
885 render_view_host_->is_waiting_for_beforeunload_ack_ = true;
886 render_view_host_->unload_ack_is_for_cross_site_transition_ =
887 for_cross_site_transition;
888 // Increment the in-flight event count, to ensure that input events won't
889 // cancel the timeout timer.
890 render_view_host_->increment_in_flight_event_count();
891 render_view_host_->StartHangMonitorTimeout(
892 TimeDelta::FromMilliseconds(RenderViewHostImpl::kUnloadTimeoutMS));
893 send_before_unload_start_time_ = base::TimeTicks::Now();
894 Send(new FrameMsg_BeforeUnload(routing_id_));
895 }
896 }
897
898 void RenderFrameHostImpl::ExtendSelectionAndDelete(size_t before,
899 size_t after) {
900 Send(new InputMsg_ExtendSelectionAndDelete(routing_id_, before, after));
901 }
902
903 void RenderFrameHostImpl::JavaScriptDialogClosed(
904 IPC::Message* reply_msg,
905 bool success,
906 const base::string16& user_input,
907 bool dialog_was_suppressed) {
908 GetProcess()->SetIgnoreInputEvents(false);
909 bool is_waiting = render_view_host_->is_waiting_for_beforeunload_ack() ||
910 render_view_host_->IsWaitingForUnloadACK();
911
912 // If we are executing as part of (before)unload event handling, we don't
913 // want to use the regular hung_renderer_delay_ms_ if the user has agreed to
914 // leave the current page. In this case, use the regular timeout value used
915 // during the (before)unload handling.
916 if (is_waiting) {
917 render_view_host_->StartHangMonitorTimeout(TimeDelta::FromMilliseconds(
918 success ? RenderViewHostImpl::kUnloadTimeoutMS
919 : render_view_host_->hung_renderer_delay_ms_));
920 }
921
922 FrameHostMsg_RunJavaScriptMessage::WriteReplyParams(reply_msg,
923 success, user_input);
924 Send(reply_msg);
925
926 // If we are waiting for an unload or beforeunload ack and the user has
927 // suppressed messages, kill the tab immediately; a page that's spamming
928 // alerts in onbeforeunload is presumably malicious, so there's no point in
929 // continuing to run its script and dragging out the process.
930 // This must be done after sending the reply since RenderView can't close
931 // correctly while waiting for a response.
932 if (is_waiting && dialog_was_suppressed)
933 render_view_host_->delegate_->RendererUnresponsive(
934 render_view_host_,
935 render_view_host_->is_waiting_for_beforeunload_ack(),
936 render_view_host_->IsWaitingForUnloadACK());
937 }
938
939 void RenderFrameHostImpl::NotificationClosed(int notification_id) {
940 cancel_notification_callbacks_.erase(notification_id);
941 }
942
943 void RenderFrameHostImpl::DesktopNotificationPermissionRequestDone(
944 int callback_context) {
945 Send(new DesktopNotificationMsg_PermissionRequestDone(
946 routing_id_, callback_context));
947 }
948
949 void RenderFrameHostImpl::SetHasPendingTransitionRequest(
950 bool has_pending_request) {
951 BrowserThread::PostTask(
952 BrowserThread::IO,
953 FROM_HERE,
954 base::Bind(
955 &TransitionRequestManager::SetHasPendingTransitionRequest,
956 base::Unretained(TransitionRequestManager::GetInstance()),
957 GetProcess()->GetID(),
958 routing_id_,
959 has_pending_request));
960 }
961
962 } // namespace content