Roll src/third_party/WebKit d9c6159:8139f33 (svn 201974:201975)
[chromium-blink-merge.git] / chrome / renderer / chrome_content_renderer_client.cc
blobbcfff7e8962b1d3793eca07e2563ef9649017ab6
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/renderer/chrome_content_renderer_client.h"
7 #include "base/command_line.h"
8 #include "base/debug/crash_logging.h"
9 #include "base/logging.h"
10 #include "base/metrics/field_trial.h"
11 #include "base/metrics/histogram.h"
12 #include "base/metrics/user_metrics_action.h"
13 #include "base/strings/string_number_conversions.h"
14 #include "base/strings/string_util.h"
15 #include "base/strings/utf_string_conversions.h"
16 #include "base/values.h"
17 #include "chrome/common/channel_info.h"
18 #include "chrome/common/chrome_paths.h"
19 #include "chrome/common/chrome_switches.h"
20 #include "chrome/common/crash_keys.h"
21 #include "chrome/common/extensions/extension_metrics.h"
22 #include "chrome/common/localized_error.h"
23 #include "chrome/common/pepper_permission_util.h"
24 #include "chrome/common/render_messages.h"
25 #include "chrome/common/secure_origin_whitelist.h"
26 #include "chrome/common/url_constants.h"
27 #include "chrome/grit/generated_resources.h"
28 #include "chrome/grit/locale_settings.h"
29 #include "chrome/grit/renderer_resources.h"
30 #include "chrome/renderer/banners/app_banner_client.h"
31 #include "chrome/renderer/benchmarking_extension.h"
32 #include "chrome/renderer/chrome_render_frame_observer.h"
33 #include "chrome/renderer/chrome_render_process_observer.h"
34 #include "chrome/renderer/chrome_render_view_observer.h"
35 #include "chrome/renderer/content_settings_observer.h"
36 #include "chrome/renderer/external_extension.h"
37 #include "chrome/renderer/loadtimes_extension_bindings.h"
38 #include "chrome/renderer/media/chrome_key_systems.h"
39 #include "chrome/renderer/net/net_error_helper.h"
40 #include "chrome/renderer/net_benchmarking_extension.h"
41 #include "chrome/renderer/page_load_histograms.h"
42 #include "chrome/renderer/pepper/pepper_helper.h"
43 #include "chrome/renderer/plugins/non_loadable_plugin_placeholder.h"
44 #include "chrome/renderer/plugins/plugin_preroller.h"
45 #include "chrome/renderer/plugins/plugin_uma.h"
46 #include "chrome/renderer/prerender/prerender_dispatcher.h"
47 #include "chrome/renderer/prerender/prerender_helper.h"
48 #include "chrome/renderer/prerender/prerenderer_client.h"
49 #include "chrome/renderer/safe_browsing/malware_dom_details.h"
50 #include "chrome/renderer/safe_browsing/phishing_classifier_delegate.h"
51 #include "chrome/renderer/searchbox/search_bouncer.h"
52 #include "chrome/renderer/searchbox/searchbox.h"
53 #include "chrome/renderer/searchbox/searchbox_extension.h"
54 #include "chrome/renderer/tts_dispatcher.h"
55 #include "chrome/renderer/worker_content_settings_client_proxy.h"
56 #include "components/autofill/content/renderer/autofill_agent.h"
57 #include "components/autofill/content/renderer/password_autofill_agent.h"
58 #include "components/autofill/content/renderer/password_generation_agent.h"
59 #include "components/content_settings/core/common/content_settings_pattern.h"
60 #include "components/data_reduction_proxy/core/common/data_reduction_proxy_headers.h"
61 #include "components/dom_distiller/core/url_constants.h"
62 #include "components/nacl/renderer/ppb_nacl_private.h"
63 #include "components/nacl/renderer/ppb_nacl_private_impl.h"
64 #include "components/network_hints/renderer/prescient_networking_dispatcher.h"
65 #include "components/password_manager/content/renderer/credential_manager_client.h"
66 #include "components/pdf/renderer/pepper_pdf_host.h"
67 #include "components/plugins/renderer/mobile_youtube_plugin.h"
68 #include "components/signin/core/common/profile_management_switches.h"
69 #include "components/version_info/version_info.h"
70 #include "components/visitedlink/renderer/visitedlink_slave.h"
71 #include "components/web_cache/renderer/web_cache_render_process_observer.h"
72 #include "content/public/common/content_constants.h"
73 #include "content/public/renderer/plugin_instance_throttler.h"
74 #include "content/public/renderer/render_frame.h"
75 #include "content/public/renderer/render_thread.h"
76 #include "content/public/renderer/render_view.h"
77 #include "content/public/renderer/render_view_visitor.h"
78 #include "extensions/common/constants.h"
79 #include "ipc/ipc_sync_channel.h"
80 #include "net/base/net_errors.h"
81 #include "ppapi/c/private/ppb_pdf.h"
82 #include "ppapi/shared_impl/ppapi_switches.h"
83 #include "third_party/WebKit/public/platform/WebURL.h"
84 #include "third_party/WebKit/public/platform/WebURLError.h"
85 #include "third_party/WebKit/public/platform/WebURLRequest.h"
86 #include "third_party/WebKit/public/platform/WebURLResponse.h"
87 #include "third_party/WebKit/public/web/WebCache.h"
88 #include "third_party/WebKit/public/web/WebDataSource.h"
89 #include "third_party/WebKit/public/web/WebDocument.h"
90 #include "third_party/WebKit/public/web/WebElement.h"
91 #include "third_party/WebKit/public/web/WebLocalFrame.h"
92 #include "third_party/WebKit/public/web/WebPluginContainer.h"
93 #include "third_party/WebKit/public/web/WebPluginParams.h"
94 #include "third_party/WebKit/public/web/WebSecurityOrigin.h"
95 #include "third_party/WebKit/public/web/WebSecurityPolicy.h"
96 #include "ui/base/l10n/l10n_util.h"
97 #include "ui/base/layout.h"
98 #include "ui/base/resource/resource_bundle.h"
99 #include "ui/base/webui/jstemplate_builder.h"
100 #include "widevine_cdm_version.h" // In SHARED_INTERMEDIATE_DIR.
102 #if !defined(DISABLE_NACL)
103 #include "components/nacl/common/nacl_constants.h"
104 #include "components/nacl/renderer/nacl_helper.h"
105 #endif
107 #if defined(ENABLE_EXTENSIONS)
108 #include "chrome/common/extensions/chrome_extensions_client.h"
109 #include "chrome/common/extensions/extension_process_policy.h"
110 #include "chrome/renderer/extensions/chrome_extensions_dispatcher_delegate.h"
111 #include "chrome/renderer/extensions/chrome_extensions_renderer_client.h"
112 #include "chrome/renderer/extensions/renderer_permissions_policy_delegate.h"
113 #include "chrome/renderer/extensions/resource_request_policy.h"
114 #include "chrome/renderer/media/cast_ipc_dispatcher.h"
115 #include "extensions/common/extension.h"
116 #include "extensions/common/extension_set.h"
117 #include "extensions/common/extension_urls.h"
118 #include "extensions/common/switches.h"
119 #include "extensions/renderer/dispatcher.h"
120 #include "extensions/renderer/extension_frame_helper.h"
121 #include "extensions/renderer/extension_helper.h"
122 #include "extensions/renderer/extensions_render_frame_observer.h"
123 #include "extensions/renderer/guest_view/extensions_guest_view_container.h"
124 #include "extensions/renderer/guest_view/extensions_guest_view_container_dispatcher.h"
125 #include "extensions/renderer/guest_view/mime_handler_view/mime_handler_view_container.h"
126 #include "extensions/renderer/renderer_extension_registry.h"
127 #include "extensions/renderer/script_context.h"
128 #endif
130 #if defined(ENABLE_IPC_FUZZER)
131 #include "chrome/common/external_ipc_dumper.h"
132 #endif
134 #if defined(ENABLE_PLUGINS)
135 #include "chrome/renderer/plugins/chrome_plugin_placeholder.h"
136 #endif
138 #if defined(ENABLE_PRINTING)
139 #include "chrome/renderer/printing/chrome_print_web_view_helper_delegate.h"
140 #include "components/printing/renderer/print_web_view_helper.h"
141 #endif
143 #if defined(ENABLE_PRINT_PREVIEW)
144 #include "chrome/renderer/pepper/chrome_pdf_print_client.h"
145 #endif
147 #if defined(ENABLE_SPELLCHECK)
148 #include "chrome/renderer/spellchecker/spellcheck.h"
149 #include "chrome/renderer/spellchecker/spellcheck_provider.h"
150 #endif
152 #if defined(ENABLE_WEBRTC)
153 #include "chrome/renderer/media/webrtc_logging_message_filter.h"
154 #endif
156 using autofill::AutofillAgent;
157 using autofill::PasswordAutofillAgent;
158 using autofill::PasswordGenerationAgent;
159 using base::ASCIIToUTF16;
160 using base::UserMetricsAction;
161 using content::PluginInstanceThrottler;
162 using content::RenderFrame;
163 using content::RenderThread;
164 using content::WebPluginInfo;
165 using extensions::Extension;
166 using blink::WebCache;
167 using blink::WebConsoleMessage;
168 using blink::WebDataSource;
169 using blink::WebDocument;
170 using blink::WebLocalFrame;
171 using blink::WebPlugin;
172 using blink::WebPluginParams;
173 using blink::WebSecurityOrigin;
174 using blink::WebSecurityPolicy;
175 using blink::WebString;
176 using blink::WebURL;
177 using blink::WebURLError;
178 using blink::WebURLRequest;
179 using blink::WebURLResponse;
180 using blink::WebVector;
182 namespace {
184 ChromeContentRendererClient* g_current_client;
186 // Whitelist PPAPI for Android Runtime for Chromium. (See crbug.com/383937)
187 #if defined(ENABLE_PLUGINS)
188 const char* const kPredefinedAllowedCameraDeviceOrigins[] = {
189 "6EAED1924DB611B6EEF2A664BD077BE7EAD33B8F",
190 "4EB74897CB187C7633357C2FE832E0AD6A44883A"
193 const char* const kPredefinedAllowedCompositorOrigins[] = {
194 "6EAED1924DB611B6EEF2A664BD077BE7EAD33B8F",
195 "4EB74897CB187C7633357C2FE832E0AD6A44883A"
197 #endif
199 #if defined(ENABLE_PLUGINS)
200 void AppendParams(const std::vector<base::string16>& additional_names,
201 const std::vector<base::string16>& additional_values,
202 WebVector<WebString>* existing_names,
203 WebVector<WebString>* existing_values) {
204 DCHECK(additional_names.size() == additional_values.size());
205 DCHECK(existing_names->size() == existing_values->size());
207 size_t existing_size = existing_names->size();
208 size_t total_size = existing_size + additional_names.size();
210 WebVector<WebString> names(total_size);
211 WebVector<WebString> values(total_size);
213 for (size_t i = 0; i < existing_size; ++i) {
214 names[i] = (*existing_names)[i];
215 values[i] = (*existing_values)[i];
218 for (size_t i = 0; i < additional_names.size(); ++i) {
219 names[existing_size + i] = additional_names[i];
220 values[existing_size + i] = additional_values[i];
223 existing_names->swap(names);
224 existing_values->swap(values);
227 // For certain sandboxed Pepper plugins, use the JavaScript Content Settings.
228 bool ShouldUseJavaScriptSettingForPlugin(const WebPluginInfo& plugin) {
229 if (plugin.type != WebPluginInfo::PLUGIN_TYPE_PEPPER_IN_PROCESS &&
230 plugin.type != WebPluginInfo::PLUGIN_TYPE_PEPPER_OUT_OF_PROCESS) {
231 return false;
234 #if !defined(DISABLE_NACL)
235 // Treat Native Client invocations like JavaScript.
236 if (plugin.name == ASCIIToUTF16(nacl::kNaClPluginName))
237 return true;
238 #endif
240 #if defined(WIDEVINE_CDM_AVAILABLE) && defined(ENABLE_PEPPER_CDMS)
241 // Treat CDM invocations like JavaScript.
242 if (plugin.name == ASCIIToUTF16(kWidevineCdmDisplayName)) {
243 DCHECK(plugin.type == WebPluginInfo::PLUGIN_TYPE_PEPPER_OUT_OF_PROCESS);
244 return true;
246 #endif // defined(WIDEVINE_CDM_AVAILABLE) && defined(ENABLE_PEPPER_CDMS)
248 return false;
250 #endif // defined(ENABLE_PLUGINS)
252 #if defined(ENABLE_SPELLCHECK)
253 class SpellCheckReplacer : public content::RenderViewVisitor {
254 public:
255 explicit SpellCheckReplacer(SpellCheck* spellcheck)
256 : spellcheck_(spellcheck) {}
257 bool Visit(content::RenderView* render_view) override;
259 private:
260 SpellCheck* spellcheck_; // New shared spellcheck for all views. Weak Ptr.
261 DISALLOW_COPY_AND_ASSIGN(SpellCheckReplacer);
264 bool SpellCheckReplacer::Visit(content::RenderView* render_view) {
265 SpellCheckProvider* provider = SpellCheckProvider::Get(render_view);
266 DCHECK(provider);
267 provider->set_spellcheck(spellcheck_);
268 return true;
270 #endif
272 #if defined(ENABLE_EXTENSIONS)
273 void IsGuestViewApiAvailableToScriptContext(
274 bool* api_is_available,
275 extensions::ScriptContext* context) {
276 if (context->GetAvailability("guestViewInternal").is_available()) {
277 *api_is_available = true;
280 #endif
282 #if defined(ENABLE_PLUGINS)
283 // Presence of the poster param within plugin object tags.
284 // These numeric values are used in UMA logs; do not change them.
285 enum PosterParamPresence {
286 POSTER_PRESENCE_NO_PARAM_PPS_DISABLED = 0,
287 POSTER_PRESENCE_NO_PARAM_PPS_ENABLED = 1,
288 POSTER_PRESENCE_PARAM_EXISTS_PPS_DISABLED = 2,
289 POSTER_PRESENCE_PARAM_EXISTS_PPS_ENABLED = 3,
290 POSTER_PRESENCE_NUM_ITEMS
293 const char kPluginPowerSaverPosterParamPresenceHistogram[] =
294 "Plugin.PowerSaver.PosterParamPresence";
296 void RecordPosterParamPresence(PosterParamPresence presence) {
297 UMA_HISTOGRAM_ENUMERATION(kPluginPowerSaverPosterParamPresenceHistogram,
298 presence, POSTER_PRESENCE_NUM_ITEMS);
301 void TrackPosterParamPresence(const blink::WebPluginParams& params,
302 bool power_saver_enabled) {
303 DCHECK_EQ(params.attributeNames.size(), params.attributeValues.size());
305 for (size_t i = 0; i < params.attributeNames.size(); ++i) {
306 if (params.attributeNames[i].utf8() == "poster") {
307 if (power_saver_enabled)
308 RecordPosterParamPresence(POSTER_PRESENCE_PARAM_EXISTS_PPS_ENABLED);
309 else
310 RecordPosterParamPresence(POSTER_PRESENCE_PARAM_EXISTS_PPS_DISABLED);
312 return;
316 if (power_saver_enabled)
317 RecordPosterParamPresence(POSTER_PRESENCE_NO_PARAM_PPS_ENABLED);
318 else
319 RecordPosterParamPresence(POSTER_PRESENCE_NO_PARAM_PPS_DISABLED);
322 std::string GetPluginInstancePosterAttribute(
323 const blink::WebPluginParams& params) {
324 DCHECK_EQ(params.attributeNames.size(), params.attributeValues.size());
326 for (size_t i = 0; i < params.attributeNames.size(); ++i) {
327 if (params.attributeNames[i].utf8() == "poster" &&
328 !params.attributeValues[i].isEmpty()) {
329 return params.attributeValues[i].utf8();
332 return std::string();
334 #endif
336 #if defined(ENABLE_EXTENSIONS)
337 bool IsStandaloneExtensionProcess() {
338 return base::CommandLine::ForCurrentProcess()->HasSwitch(
339 extensions::switches::kExtensionProcess);
341 #endif
343 // Defers media player loading in background pages until they're visible.
344 // TODO(dalecurtis): Include an idle listener too. http://crbug.com/509135
345 class MediaLoadDeferrer : public content::RenderFrameObserver {
346 public:
347 MediaLoadDeferrer(content::RenderFrame* render_frame,
348 const base::Closure& continue_loading_cb)
349 : content::RenderFrameObserver(render_frame),
350 continue_loading_cb_(continue_loading_cb) {}
351 ~MediaLoadDeferrer() override {}
353 private:
354 // content::RenderFrameObserver implementation:
355 void WasShown() override {
356 continue_loading_cb_.Run();
357 delete this;
360 const base::Closure continue_loading_cb_;
362 DISALLOW_COPY_AND_ASSIGN(MediaLoadDeferrer);
365 } // namespace
367 ChromeContentRendererClient::ChromeContentRendererClient() {
368 g_current_client = this;
370 #if defined(ENABLE_EXTENSIONS)
371 extensions::ExtensionsClient::Set(
372 extensions::ChromeExtensionsClient::GetInstance());
373 extensions::ExtensionsRendererClient::Set(
374 ChromeExtensionsRendererClient::GetInstance());
375 #endif
376 #if defined(ENABLE_PLUGINS)
377 for (size_t i = 0; i < arraysize(kPredefinedAllowedCameraDeviceOrigins); ++i)
378 allowed_camera_device_origins_.insert(
379 kPredefinedAllowedCameraDeviceOrigins[i]);
380 for (size_t i = 0; i < arraysize(kPredefinedAllowedCompositorOrigins); ++i)
381 allowed_compositor_origins_.insert(kPredefinedAllowedCompositorOrigins[i]);
382 #endif
385 ChromeContentRendererClient::~ChromeContentRendererClient() {
386 g_current_client = NULL;
389 void ChromeContentRendererClient::RenderThreadStarted() {
390 RenderThread* thread = RenderThread::Get();
392 chrome_observer_.reset(new ChromeRenderProcessObserver());
393 web_cache_observer_.reset(new web_cache::WebCacheRenderProcessObserver());
395 #if defined(ENABLE_EXTENSIONS)
396 extension_dispatcher_delegate_.reset(
397 new ChromeExtensionsDispatcherDelegate());
398 // ChromeRenderViewTest::SetUp() creates its own ExtensionDispatcher and
399 // injects it using SetExtensionDispatcher(). Don't overwrite it.
400 if (!extension_dispatcher_) {
401 extension_dispatcher_.reset(
402 new extensions::Dispatcher(extension_dispatcher_delegate_.get()));
404 permissions_policy_delegate_.reset(
405 new extensions::RendererPermissionsPolicyDelegate(
406 extension_dispatcher_.get()));
407 guest_view_container_dispatcher_.reset(
408 new extensions::ExtensionsGuestViewContainerDispatcher());
409 #endif
411 prescient_networking_dispatcher_.reset(
412 new network_hints::PrescientNetworkingDispatcher());
413 #if defined(ENABLE_SPELLCHECK)
414 // ChromeRenderViewTest::SetUp() creates a Spellcheck and injects it using
415 // SetSpellcheck(). Don't overwrite it.
416 if (!spellcheck_) {
417 spellcheck_.reset(new SpellCheck());
418 thread->AddObserver(spellcheck_.get());
420 #endif
421 visited_link_slave_.reset(new visitedlink::VisitedLinkSlave());
422 #if defined(FULL_SAFE_BROWSING)
423 phishing_classifier_.reset(safe_browsing::PhishingClassifierFilter::Create());
424 #endif
425 prerender_dispatcher_.reset(new prerender::PrerenderDispatcher());
426 #if defined(ENABLE_WEBRTC)
427 webrtc_logging_message_filter_ = new WebRtcLoggingMessageFilter(
428 RenderThread::Get()->GetIOMessageLoopProxy());
429 #endif
431 thread->AddObserver(chrome_observer_.get());
432 thread->AddObserver(web_cache_observer_.get());
433 #if defined(ENABLE_EXTENSIONS)
434 thread->AddObserver(extension_dispatcher_.get());
435 thread->AddObserver(guest_view_container_dispatcher_.get());
436 #endif
437 #if defined(FULL_SAFE_BROWSING)
438 thread->AddObserver(phishing_classifier_.get());
439 #endif
440 thread->AddObserver(visited_link_slave_.get());
441 thread->AddObserver(prerender_dispatcher_.get());
442 thread->AddObserver(SearchBouncer::GetInstance());
444 #if defined(ENABLE_WEBRTC)
445 thread->AddFilter(webrtc_logging_message_filter_.get());
446 #endif
447 #if defined(ENABLE_EXTENSIONS)
448 thread->AddFilter(new CastIPCDispatcher(
449 RenderThread::Get()->GetIOMessageLoopProxy()));
450 #endif
452 thread->RegisterExtension(extensions_v8::ExternalExtension::Get());
453 thread->RegisterExtension(extensions_v8::LoadTimesExtension::Get());
455 base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
456 if (command_line->HasSwitch(switches::kEnableBenchmarking))
457 thread->RegisterExtension(extensions_v8::BenchmarkingExtension::Get());
458 if (command_line->HasSwitch(switches::kEnableNetBenchmarking))
459 thread->RegisterExtension(extensions_v8::NetBenchmarkingExtension::Get());
460 if (command_line->HasSwitch(switches::kInstantProcess))
461 thread->RegisterExtension(extensions_v8::SearchBoxExtension::Get());
463 // chrome-search: and chrome-distiller: pages should not be accessible by
464 // normal content, and should also be unable to script anything but themselves
465 // (to help limit the damage that a corrupt page could cause).
466 WebString chrome_search_scheme(ASCIIToUTF16(chrome::kChromeSearchScheme));
468 // The Instant process can only display the content but not read it. Other
469 // processes can't display it or read it.
470 if (!command_line->HasSwitch(switches::kInstantProcess))
471 WebSecurityPolicy::registerURLSchemeAsDisplayIsolated(chrome_search_scheme);
473 WebString dom_distiller_scheme(
474 ASCIIToUTF16(dom_distiller::kDomDistillerScheme));
475 // TODO(nyquist): Add test to ensure this happens when the flag is set.
476 WebSecurityPolicy::registerURLSchemeAsDisplayIsolated(dom_distiller_scheme);
478 #if defined(OS_CHROMEOS)
479 WebString external_file_scheme(ASCIIToUTF16(content::kExternalFileScheme));
480 WebSecurityPolicy::registerURLSchemeAsLocal(external_file_scheme);
481 #endif
483 #if defined(ENABLE_IPC_FUZZER)
484 if (command_line->HasSwitch(switches::kIpcDumpDirectory)) {
485 base::FilePath dump_directory =
486 command_line->GetSwitchValuePath(switches::kIpcDumpDirectory);
487 IPC::ChannelProxy::OutgoingMessageFilter* filter =
488 LoadExternalIPCDumper(dump_directory);
489 thread->GetChannel()->set_outgoing_message_filter(filter);
491 #endif
493 // chrome-search: pages should not be accessible by bookmarklets
494 // or javascript: URLs typed in the omnibox.
495 WebSecurityPolicy::registerURLSchemeAsNotAllowingJavascriptURLs(
496 chrome_search_scheme);
498 // chrome-search: resources shouldn't trigger insecure content warnings. Note
499 // that chrome-extension: and chrome-extension-resource: schemes are taken
500 // care of in extensions::Dispatcher.
501 WebSecurityPolicy::registerURLSchemeAsSecure(chrome_search_scheme);
503 #if defined(ENABLE_PRINT_PREVIEW)
504 pdf_print_client_.reset(new ChromePDFPrintClient());
505 pdf::PepperPDFHost::SetPrintClient(pdf_print_client_.get());
506 #endif
508 std::set<GURL> origins;
509 GetSecureOriginWhitelist(&origins);
510 for (const GURL& origin : origins) {
511 WebSecurityPolicy::addOriginTrustworthyWhiteList(
512 WebSecurityOrigin::create(origin));
516 void ChromeContentRendererClient::RenderFrameCreated(
517 content::RenderFrame* render_frame) {
518 new ChromeRenderFrameObserver(render_frame);
520 bool should_whitelist_for_content_settings =
521 base::CommandLine::ForCurrentProcess()->HasSwitch(
522 switches::kInstantProcess);
523 extensions::Dispatcher* ext_dispatcher = NULL;
524 #if defined(ENABLE_EXTENSIONS)
525 ext_dispatcher = extension_dispatcher_.get();
526 #endif
527 ContentSettingsObserver* content_settings = new ContentSettingsObserver(
528 render_frame, ext_dispatcher, should_whitelist_for_content_settings);
529 if (chrome_observer_.get()) {
530 content_settings->SetContentSettingRules(
531 chrome_observer_->content_setting_rules());
534 #if defined(ENABLE_EXTENSIONS)
535 new extensions::ExtensionsRenderFrameObserver(render_frame);
536 new extensions::ExtensionFrameHelper(render_frame, ext_dispatcher);
537 ext_dispatcher->OnRenderFrameCreated(render_frame);
538 #endif
540 #if defined(ENABLE_PLUGINS)
541 new PepperHelper(render_frame);
542 #endif
544 #if !defined(DISABLE_NACL)
545 new nacl::NaClHelper(render_frame);
546 #endif
548 // TODO(jam): when the frame tree moves into content and parent() works at
549 // RenderFrame construction, simplify this by just checking parent().
550 if (render_frame->GetRenderView()->GetMainRenderFrame() != render_frame) {
551 // Avoid any race conditions from having the browser tell subframes that
552 // they're prerendering.
553 if (prerender::PrerenderHelper::IsPrerendering(
554 render_frame->GetRenderView()->GetMainRenderFrame())) {
555 new prerender::PrerenderHelper(render_frame);
559 if (render_frame->GetRenderView()->GetMainRenderFrame() == render_frame) {
560 // Only attach NetErrorHelper to the main frame, since only the main frame
561 // should get error pages.
562 new NetErrorHelper(render_frame);
565 PasswordAutofillAgent* password_autofill_agent =
566 new PasswordAutofillAgent(render_frame);
567 PasswordGenerationAgent* password_generation_agent =
568 new PasswordGenerationAgent(render_frame, password_autofill_agent);
569 new AutofillAgent(render_frame, password_autofill_agent,
570 password_generation_agent);
573 void ChromeContentRendererClient::RenderViewCreated(
574 content::RenderView* render_view) {
576 #if defined(ENABLE_EXTENSIONS)
577 new extensions::ExtensionHelper(render_view, extension_dispatcher_.get());
578 #endif
579 new PageLoadHistograms(render_view);
580 #if defined(ENABLE_PRINTING)
581 new printing::PrintWebViewHelper(
582 render_view,
583 scoped_ptr<printing::PrintWebViewHelper::Delegate>(
584 new ChromePrintWebViewHelperDelegate()));
585 #endif
586 #if defined(ENABLE_SPELLCHECK)
587 new SpellCheckProvider(render_view, spellcheck_.get());
588 #endif
589 new prerender::PrerendererClient(render_view);
590 #if defined(FULL_SAFE_BROWSING)
591 safe_browsing::MalwareDOMDetails::Create(render_view);
592 #endif
594 base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
595 if (command_line->HasSwitch(switches::kInstantProcess))
596 new SearchBox(render_view);
598 new ChromeRenderViewObserver(render_view, web_cache_observer_.get());
600 new password_manager::CredentialManagerClient(render_view);
604 SkBitmap* ChromeContentRendererClient::GetSadPluginBitmap() {
605 return const_cast<SkBitmap*>(ResourceBundle::GetSharedInstance().
606 GetImageNamed(IDR_SAD_PLUGIN).ToSkBitmap());
609 SkBitmap* ChromeContentRendererClient::GetSadWebViewBitmap() {
610 return const_cast<SkBitmap*>(ResourceBundle::GetSharedInstance().
611 GetImageNamed(IDR_SAD_WEBVIEW).ToSkBitmap());
614 #if defined(ENABLE_EXTENSIONS)
615 const Extension* ChromeContentRendererClient::GetExtensionByOrigin(
616 const WebSecurityOrigin& origin) const {
617 if (!base::EqualsASCII(base::StringPiece16(origin.protocol()),
618 extensions::kExtensionScheme))
619 return NULL;
621 const std::string extension_id = origin.host().utf8().data();
622 return extensions::RendererExtensionRegistry::Get()->GetByID(extension_id);
624 #endif
626 bool ChromeContentRendererClient::OverrideCreatePlugin(
627 content::RenderFrame* render_frame,
628 blink::WebLocalFrame* frame,
629 const WebPluginParams& params,
630 WebPlugin** plugin) {
631 std::string orig_mime_type = params.mimeType.utf8();
632 #if defined(ENABLE_EXTENSIONS)
633 if (orig_mime_type == content::kBrowserPluginMimeType) {
634 bool guest_view_api_available = false;
635 extension_dispatcher_->script_context_set().ForEach(
636 render_frame, base::Bind(&IsGuestViewApiAvailableToScriptContext,
637 &guest_view_api_available));
638 if (guest_view_api_available)
639 return false;
641 #endif
643 GURL url(params.url);
644 #if defined(ENABLE_PLUGINS)
645 ChromeViewHostMsg_GetPluginInfo_Output output;
646 WebString top_origin = frame->top()->securityOrigin().toString();
647 render_frame->Send(new ChromeViewHostMsg_GetPluginInfo(
648 render_frame->GetRoutingID(), url, GURL(top_origin), orig_mime_type,
649 &output));
650 *plugin = CreatePlugin(render_frame, frame, params, output);
651 #else // !defined(ENABLE_PLUGINS)
653 #if defined(OS_ANDROID)
654 if (plugins::MobileYouTubePlugin::IsYouTubeURL(url, orig_mime_type)) {
655 base::StringPiece template_html(
656 ResourceBundle::GetSharedInstance().GetRawDataResource(
657 IDR_MOBILE_YOUTUBE_PLUGIN_HTML));
658 *plugin = (new plugins::MobileYouTubePlugin(render_frame, frame, params,
659 template_html))->plugin();
660 return true;
662 #endif // defined(OS_ANDROID)
664 PluginUMAReporter::GetInstance()->ReportPluginMissing(orig_mime_type, url);
665 *plugin = NonLoadablePluginPlaceholder::CreateNotSupportedPlugin(
666 render_frame, frame, params)->plugin();
668 #endif // defined(ENABLE_PLUGINS)
669 return true;
672 WebPlugin* ChromeContentRendererClient::CreatePluginReplacement(
673 content::RenderFrame* render_frame,
674 const base::FilePath& plugin_path) {
675 return NonLoadablePluginPlaceholder::CreateErrorPlugin(render_frame,
676 plugin_path)->plugin();
679 void ChromeContentRendererClient::DeferMediaLoad(
680 content::RenderFrame* render_frame,
681 bool has_played_media_before,
682 const base::Closure& closure) {
683 // Don't allow autoplay/autoload of media resources in a RenderFrame that is
684 // hidden and has never played any media before. We want to allow future
685 // loads even when hidden to allow playlist-like functionality.
687 // NOTE: This is also used to defer media loading for prerender.
689 // TODO(dalecurtis): Include an idle check too. http://crbug.com/509135
690 if (render_frame->IsHidden() && !has_played_media_before) {
691 // Lifetime is tied to |render_frame| via content::RenderFrameObserver.
692 new MediaLoadDeferrer(render_frame, closure);
693 return;
696 closure.Run();
699 #if defined(ENABLE_PLUGINS)
700 WebPlugin* ChromeContentRendererClient::CreatePlugin(
701 content::RenderFrame* render_frame,
702 blink::WebLocalFrame* frame,
703 const WebPluginParams& original_params,
704 const ChromeViewHostMsg_GetPluginInfo_Output& output) {
705 const WebPluginInfo& info = output.plugin;
706 const std::string& actual_mime_type = output.actual_mime_type;
707 const base::string16& group_name = output.group_name;
708 const std::string& identifier = output.group_identifier;
709 ChromeViewHostMsg_GetPluginInfo_Status status = output.status;
710 GURL url(original_params.url);
711 std::string orig_mime_type = original_params.mimeType.utf8();
712 ChromePluginPlaceholder* placeholder = NULL;
714 // If the browser plugin is to be enabled, this should be handled by the
715 // renderer, so the code won't reach here due to the early exit in
716 // OverrideCreatePlugin.
717 if (status == ChromeViewHostMsg_GetPluginInfo_Status::kNotFound ||
718 orig_mime_type == content::kBrowserPluginMimeType) {
719 PluginUMAReporter::GetInstance()->ReportPluginMissing(orig_mime_type, url);
720 placeholder = ChromePluginPlaceholder::CreateLoadableMissingPlugin(
721 render_frame, frame, original_params);
722 } else {
723 // TODO(bauerb): This should be in content/.
724 WebPluginParams params(original_params);
725 for (size_t i = 0; i < info.mime_types.size(); ++i) {
726 if (info.mime_types[i].mime_type == actual_mime_type) {
727 AppendParams(info.mime_types[i].additional_param_names,
728 info.mime_types[i].additional_param_values,
729 &params.attributeNames, &params.attributeValues);
730 break;
733 if (params.mimeType.isNull() && (actual_mime_type.size() > 0)) {
734 // Webkit might say that mime type is null while we already know the
735 // actual mime type via ChromeViewHostMsg_GetPluginInfo. In that case
736 // we should use what we know since WebpluginDelegateProxy does some
737 // specific initializations based on this information.
738 params.mimeType = WebString::fromUTF8(actual_mime_type.c_str());
741 ContentSettingsObserver* observer =
742 ContentSettingsObserver::Get(render_frame);
744 const ContentSettingsType content_type =
745 ShouldUseJavaScriptSettingForPlugin(info)
746 ? CONTENT_SETTINGS_TYPE_JAVASCRIPT
747 : CONTENT_SETTINGS_TYPE_PLUGINS;
749 if ((status == ChromeViewHostMsg_GetPluginInfo_Status::kUnauthorized ||
750 status == ChromeViewHostMsg_GetPluginInfo_Status::kBlocked) &&
751 observer->IsPluginTemporarilyAllowed(identifier)) {
752 status = ChromeViewHostMsg_GetPluginInfo_Status::kAllowed;
755 #if defined(OS_WIN)
756 // In Windows we need to check if we can load NPAPI plugins.
757 // For example, if the render view is in the Ash desktop, we should not.
758 // If user is on ALLOW or DETECT setting, loading needs to be blocked here.
759 if ((status == ChromeViewHostMsg_GetPluginInfo_Status::kAllowed ||
760 status ==
761 ChromeViewHostMsg_GetPluginInfo_Status::kPlayImportantContent) &&
762 info.type == content::WebPluginInfo::PLUGIN_TYPE_NPAPI) {
763 if (observer->AreNPAPIPluginsBlocked())
764 status = ChromeViewHostMsg_GetPluginInfo_Status::kNPAPINotSupported;
766 #endif
768 auto create_blocked_plugin =
769 [&render_frame, &frame, &params, &info, &identifier, &group_name](
770 int template_id, const base::string16& message) {
771 return ChromePluginPlaceholder::CreateBlockedPlugin(
772 render_frame, frame, params, info, identifier, group_name,
773 template_id, message, PlaceholderPosterInfo());
775 switch (status) {
776 case ChromeViewHostMsg_GetPluginInfo_Status::kNotFound: {
777 NOTREACHED();
778 break;
780 case ChromeViewHostMsg_GetPluginInfo_Status::kAllowed:
781 case ChromeViewHostMsg_GetPluginInfo_Status::kPlayImportantContent: {
782 #if !defined(DISABLE_NACL) && defined(ENABLE_EXTENSIONS)
783 const bool is_nacl_plugin =
784 info.name == ASCIIToUTF16(nacl::kNaClPluginName);
785 const bool is_nacl_mime_type =
786 actual_mime_type == nacl::kNaClPluginMimeType;
787 const bool is_pnacl_mime_type =
788 actual_mime_type == nacl::kPnaclPluginMimeType;
789 if (is_nacl_plugin || is_nacl_mime_type || is_pnacl_mime_type) {
790 bool is_nacl_unrestricted = false;
791 if (is_nacl_mime_type) {
792 is_nacl_unrestricted =
793 base::CommandLine::ForCurrentProcess()->HasSwitch(
794 switches::kEnableNaCl);
795 } else if (is_pnacl_mime_type) {
796 is_nacl_unrestricted = true;
798 GURL manifest_url;
799 GURL app_url;
800 if (is_nacl_mime_type || is_pnacl_mime_type) {
801 // Normal NaCl/PNaCl embed. The app URL is the page URL.
802 manifest_url = url;
803 app_url = frame->top()->document().url();
804 } else {
805 // NaCl is being invoked as a content handler. Look up the NaCl
806 // module using the MIME type. The app URL is the manifest URL.
807 manifest_url = GetNaClContentHandlerURL(actual_mime_type, info);
808 app_url = manifest_url;
810 const Extension* extension =
811 extensions::RendererExtensionRegistry::Get()
812 ->GetExtensionOrAppByURL(manifest_url);
813 if (!IsNaClAllowed(manifest_url,
814 app_url,
815 is_nacl_unrestricted,
816 extension,
817 &params)) {
818 WebString error_message;
819 if (is_nacl_mime_type) {
820 error_message =
821 "Only unpacked extensions and apps installed from the Chrome "
822 "Web Store can load NaCl modules without enabling Native "
823 "Client in about:flags.";
824 } else if (is_pnacl_mime_type) {
825 error_message =
826 "Portable Native Client must not be disabled in about:flags.";
828 frame->addMessageToConsole(
829 WebConsoleMessage(WebConsoleMessage::LevelError,
830 error_message));
831 placeholder = create_blocked_plugin(
832 IDR_BLOCKED_PLUGIN_HTML,
833 #if defined(OS_CHROMEOS)
834 l10n_util::GetStringUTF16(IDS_NACL_PLUGIN_BLOCKED));
835 #else
836 l10n_util::GetStringFUTF16(IDS_PLUGIN_BLOCKED, group_name));
837 #endif
838 break;
841 #endif // !defined(DISABLE_NACL) && defined(ENABLE_EXTENSIONS)
843 // Delay loading plugins if prerendering.
844 // TODO(mmenke): In the case of prerendering, feed into
845 // ChromeContentRendererClient::CreatePlugin instead, to
846 // reduce the chance of future regressions.
847 bool is_prerendering =
848 prerender::PrerenderHelper::IsPrerendering(render_frame);
849 bool power_saver_enabled =
850 status ==
851 ChromeViewHostMsg_GetPluginInfo_Status::kPlayImportantContent;
852 bool blocked_for_background_tab =
853 render_frame->IsHidden() && power_saver_enabled;
855 if (info.name == ASCIIToUTF16(content::kFlashPluginName))
856 TrackPosterParamPresence(params, power_saver_enabled);
858 PlaceholderPosterInfo poster_info;
859 if (power_saver_enabled) {
860 poster_info.poster_attribute =
861 GetPluginInstancePosterAttribute(params);
862 poster_info.base_url = frame->document().url();
865 if (blocked_for_background_tab || is_prerendering ||
866 !poster_info.poster_attribute.empty()) {
867 placeholder = ChromePluginPlaceholder::CreateBlockedPlugin(
868 render_frame, frame, params, info, identifier, group_name,
869 poster_info.poster_attribute.empty() ? IDR_BLOCKED_PLUGIN_HTML
870 : IDR_PLUGIN_POSTER_HTML,
871 l10n_util::GetStringFUTF16(IDS_PLUGIN_BLOCKED, group_name),
872 poster_info);
873 placeholder->set_blocked_for_background_tab(
874 blocked_for_background_tab);
875 placeholder->set_blocked_for_prerendering(is_prerendering);
876 placeholder->set_power_saver_enabled(power_saver_enabled);
877 placeholder->AllowLoading();
878 break;
881 scoped_ptr<content::PluginInstanceThrottler> throttler;
882 if (power_saver_enabled) {
883 throttler = PluginInstanceThrottler::Create();
884 // PluginPreroller manages its own lifetime.
885 new PluginPreroller(
886 render_frame, frame, params, info, identifier, group_name,
887 l10n_util::GetStringFUTF16(IDS_PLUGIN_BLOCKED, group_name),
888 throttler.get());
891 return render_frame->CreatePlugin(frame, info, params,
892 throttler.Pass());
894 case ChromeViewHostMsg_GetPluginInfo_Status::kNPAPINotSupported: {
895 RenderThread::Get()->RecordAction(
896 UserMetricsAction("Plugin_NPAPINotSupported"));
897 placeholder = create_blocked_plugin(
898 IDR_BLOCKED_PLUGIN_HTML,
899 l10n_util::GetStringUTF16(IDS_PLUGIN_NOT_SUPPORTED_METRO));
900 render_frame->Send(new ChromeViewHostMsg_NPAPINotSupported(
901 render_frame->GetRoutingID(), identifier));
902 break;
904 case ChromeViewHostMsg_GetPluginInfo_Status::kDisabled: {
905 PluginUMAReporter::GetInstance()->ReportPluginDisabled(orig_mime_type,
906 url);
907 placeholder = create_blocked_plugin(
908 IDR_DISABLED_PLUGIN_HTML,
909 l10n_util::GetStringFUTF16(IDS_PLUGIN_DISABLED, group_name));
910 break;
912 case ChromeViewHostMsg_GetPluginInfo_Status::kOutdatedBlocked: {
913 #if defined(ENABLE_PLUGIN_INSTALLATION)
914 placeholder = create_blocked_plugin(
915 IDR_BLOCKED_PLUGIN_HTML,
916 l10n_util::GetStringFUTF16(IDS_PLUGIN_OUTDATED, group_name));
917 placeholder->AllowLoading();
918 render_frame->Send(new ChromeViewHostMsg_BlockedOutdatedPlugin(
919 render_frame->GetRoutingID(), placeholder->CreateRoutingId(),
920 identifier));
921 #else
922 NOTREACHED();
923 #endif
924 break;
926 case ChromeViewHostMsg_GetPluginInfo_Status::kOutdatedDisallowed: {
927 placeholder = create_blocked_plugin(
928 IDR_BLOCKED_PLUGIN_HTML,
929 l10n_util::GetStringFUTF16(IDS_PLUGIN_OUTDATED, group_name));
930 break;
932 case ChromeViewHostMsg_GetPluginInfo_Status::kUnauthorized: {
933 placeholder = create_blocked_plugin(
934 IDR_BLOCKED_PLUGIN_HTML,
935 l10n_util::GetStringFUTF16(IDS_PLUGIN_NOT_AUTHORIZED, group_name));
936 placeholder->AllowLoading();
937 if (info.type != content::WebPluginInfo::PLUGIN_TYPE_NPAPI) {
938 render_frame->Send(new ChromeViewHostMsg_BlockedUnauthorizedPlugin(
939 render_frame->GetRoutingID(),
940 group_name,
941 identifier));
943 observer->DidBlockContentType(content_type, group_name);
944 break;
946 case ChromeViewHostMsg_GetPluginInfo_Status::kBlocked: {
947 placeholder = create_blocked_plugin(
948 IDR_BLOCKED_PLUGIN_HTML,
949 l10n_util::GetStringFUTF16(IDS_PLUGIN_BLOCKED, group_name));
950 placeholder->AllowLoading();
951 RenderThread::Get()->RecordAction(UserMetricsAction("Plugin_Blocked"));
952 observer->DidBlockContentType(content_type, group_name);
953 break;
955 case ChromeViewHostMsg_GetPluginInfo_Status::kBlockedByPolicy: {
956 placeholder = create_blocked_plugin(
957 IDR_BLOCKED_PLUGIN_HTML,
958 l10n_util::GetStringFUTF16(IDS_PLUGIN_BLOCKED_BY_POLICY,
959 group_name));
960 RenderThread::Get()->RecordAction(
961 UserMetricsAction("Plugin_BlockedByPolicy"));
962 observer->DidBlockContentType(content_type, group_name);
963 break;
967 placeholder->SetStatus(status);
968 return placeholder->plugin();
970 #endif // defined(ENABLE_PLUGINS)
972 // For NaCl content handling plugins, the NaCl manifest is stored in an
973 // additonal 'nacl' param associated with the MIME type.
974 // static
975 GURL ChromeContentRendererClient::GetNaClContentHandlerURL(
976 const std::string& actual_mime_type,
977 const content::WebPluginInfo& plugin) {
978 // Look for the manifest URL among the MIME type's additonal parameters.
979 const char kNaClPluginManifestAttribute[] = "nacl";
980 base::string16 nacl_attr = ASCIIToUTF16(kNaClPluginManifestAttribute);
981 for (size_t i = 0; i < plugin.mime_types.size(); ++i) {
982 if (plugin.mime_types[i].mime_type == actual_mime_type) {
983 const content::WebPluginMimeType& content_type = plugin.mime_types[i];
984 for (size_t i = 0; i < content_type.additional_param_names.size(); ++i) {
985 if (content_type.additional_param_names[i] == nacl_attr)
986 return GURL(content_type.additional_param_values[i]);
988 break;
991 return GURL();
994 #if !defined(DISABLE_NACL)
995 // static
996 bool ChromeContentRendererClient::IsNaClAllowed(
997 const GURL& manifest_url,
998 const GURL& app_url,
999 bool is_nacl_unrestricted,
1000 const Extension* extension,
1001 WebPluginParams* params) {
1002 // Temporarily allow these whitelisted apps and WebUIs to use NaCl.
1003 std::string app_url_host = app_url.host();
1004 std::string manifest_url_path = manifest_url.path();
1006 bool is_whitelisted_web_ui =
1007 app_url.spec() == chrome::kChromeUIAppListStartPageURL;
1009 bool is_photo_app =
1010 // Whitelisted apps must be served over https.
1011 app_url.SchemeIsCryptographic() && manifest_url.SchemeIsCryptographic() &&
1012 (base::EndsWith(app_url_host, "plus.google.com",
1013 base::CompareCase::INSENSITIVE_ASCII) ||
1014 base::EndsWith(app_url_host, "plus.sandbox.google.com",
1015 base::CompareCase::INSENSITIVE_ASCII)) &&
1016 manifest_url.DomainIs("ssl.gstatic.com") &&
1017 (manifest_url_path.find("s2/oz/nacl/") == 1 ||
1018 manifest_url_path.find("photos/nacl/") == 1);
1020 std::string manifest_fs_host;
1021 if (manifest_url.SchemeIsFileSystem() && manifest_url.inner_url()) {
1022 manifest_fs_host = manifest_url.inner_url()->host();
1024 bool is_hangouts_app =
1025 // Whitelisted apps must be served over secure scheme.
1026 app_url.SchemeIsCryptographic() && manifest_url.SchemeIsFileSystem() &&
1027 manifest_url.inner_url()->SchemeIsCryptographic() &&
1028 (base::EndsWith(app_url_host, "talkgadget.google.com",
1029 base::CompareCase::INSENSITIVE_ASCII) ||
1030 base::EndsWith(app_url_host, "plus.google.com",
1031 base::CompareCase::INSENSITIVE_ASCII) ||
1032 base::EndsWith(app_url_host, "plus.sandbox.google.com",
1033 base::CompareCase::INSENSITIVE_ASCII)) &&
1034 // The manifest must be loaded from the host's FileSystem.
1035 (manifest_fs_host == app_url_host);
1037 bool is_whitelisted_app = is_photo_app || is_hangouts_app;
1039 bool is_invoked_by_webstore_installed_extension = false;
1040 bool is_extension_unrestricted = false;
1041 bool is_extension_force_installed = false;
1042 #if defined(ENABLE_EXTENSIONS)
1043 bool is_extension_from_webstore = extension && extension->from_webstore();
1045 bool is_invoked_by_extension = app_url.SchemeIs("chrome-extension");
1046 bool is_invoked_by_hosted_app = extension &&
1047 extension->is_hosted_app() &&
1048 extension->web_extent().MatchesURL(app_url);
1050 is_invoked_by_webstore_installed_extension = is_extension_from_webstore &&
1051 (is_invoked_by_extension || is_invoked_by_hosted_app);
1053 // Allow built-in extensions and developer mode extensions.
1054 is_extension_unrestricted = extension &&
1055 (extensions::Manifest::IsUnpackedLocation(extension->location()) ||
1056 extensions::Manifest::IsComponentLocation(extension->location()));
1057 // Allow extensions force installed by admin policy.
1058 is_extension_force_installed = extension &&
1059 extensions::Manifest::IsPolicyLocation(extension->location());
1060 #endif // defined(ENABLE_EXTENSIONS)
1062 // Allow NaCl under any of the following circumstances:
1063 // 1) An app or URL is explictly whitelisted above.
1064 // 2) An extension is loaded unpacked or built-in (component) to Chrome.
1065 // 3) An extension is force installed by policy.
1066 // 4) An extension is installed from the webstore, and invoked in that
1067 // context (hosted app URL or chrome-extension:// scheme).
1068 // 5) --enable-nacl is set.
1069 bool is_nacl_allowed_by_location =
1070 is_whitelisted_web_ui ||
1071 is_whitelisted_app ||
1072 is_extension_unrestricted ||
1073 is_extension_force_installed ||
1074 is_invoked_by_webstore_installed_extension;
1075 bool is_nacl_allowed = is_nacl_allowed_by_location || is_nacl_unrestricted;
1076 if (is_nacl_allowed) {
1077 // Make sure that PPAPI 'dev' interfaces are only available for unpacked
1078 // and component extensions. Also allow dev interfaces when --enable-nacl
1079 // is set, but do not allow --enable-nacl to provide dev interfaces to
1080 // webstore installed and other normally allowed URLs.
1081 WebString dev_attribute = WebString::fromUTF8("@dev");
1082 if (is_extension_unrestricted ||
1083 (is_nacl_unrestricted && !is_nacl_allowed_by_location)) {
1084 // Add the special '@dev' attribute.
1085 std::vector<base::string16> param_names;
1086 std::vector<base::string16> param_values;
1087 param_names.push_back(dev_attribute);
1088 param_values.push_back(WebString());
1089 AppendParams(
1090 param_names,
1091 param_values,
1092 &params->attributeNames,
1093 &params->attributeValues);
1094 } else {
1095 // If the params somehow contain '@dev', remove it.
1096 size_t attribute_count = params->attributeNames.size();
1097 for (size_t i = 0; i < attribute_count; ++i) {
1098 if (params->attributeNames[i].equals(dev_attribute))
1099 params->attributeNames[i] = WebString();
1103 return is_nacl_allowed;
1105 #endif // defined(DISABLE_NACL)
1107 bool ChromeContentRendererClient::HasErrorPage(int http_status_code,
1108 std::string* error_domain) {
1109 // Use an internal error page, if we have one for the status code.
1110 if (!LocalizedError::HasStrings(LocalizedError::kHttpErrorDomain,
1111 http_status_code)) {
1112 return false;
1115 *error_domain = LocalizedError::kHttpErrorDomain;
1116 return true;
1119 bool ChromeContentRendererClient::ShouldSuppressErrorPage(
1120 content::RenderFrame* render_frame,
1121 const GURL& url) {
1122 // Unit tests for ChromeContentRendererClient pass a NULL RenderFrame here.
1123 // Unfortunately it's very difficult to construct a mock RenderView, so skip
1124 // this functionality in this case.
1125 if (render_frame) {
1126 content::RenderView* render_view = render_frame->GetRenderView();
1127 content::RenderFrame* main_render_frame = render_view->GetMainRenderFrame();
1128 blink::WebFrame* web_frame = render_frame->GetWebFrame();
1129 NetErrorHelper* net_error_helper = NetErrorHelper::Get(main_render_frame);
1130 if (net_error_helper->ShouldSuppressErrorPage(web_frame, url))
1131 return true;
1133 // Do not flash an error page if the Instant new tab page fails to load.
1134 return SearchBouncer::GetInstance()->IsNewTabPage(url);
1137 void ChromeContentRendererClient::GetNavigationErrorStrings(
1138 content::RenderView* render_view,
1139 blink::WebFrame* frame,
1140 const blink::WebURLRequest& failed_request,
1141 const blink::WebURLError& error,
1142 std::string* error_html,
1143 base::string16* error_description) {
1144 const GURL failed_url = error.unreachableURL;
1146 bool is_post = base::EqualsASCII(
1147 base::StringPiece16(failed_request.httpMethod()), "POST");
1149 if (error_html) {
1150 // TODO(ellyjones): change GetNavigationErrorStrings to take a RenderFrame
1151 // instead of a RenderView, then pass that in.
1152 // This is safe for now because we only install the NetErrorHelper on the
1153 // main render frame anyway; see the TODO(ellyjones) in
1154 // RenderFrameCreated.
1155 content::RenderFrame* main_render_frame = render_view->GetMainRenderFrame();
1156 NetErrorHelper* helper = NetErrorHelper::Get(main_render_frame);
1157 helper->GetErrorHTML(frame, error, is_post, error_html);
1160 if (error_description)
1161 *error_description = LocalizedError::GetErrorDetails(error, is_post);
1164 bool ChromeContentRendererClient::RunIdleHandlerWhenWidgetsHidden() {
1165 #if defined(ENABLE_EXTENSIONS)
1166 return !IsStandaloneExtensionProcess();
1167 #else
1168 return true;
1169 #endif
1172 bool ChromeContentRendererClient::
1173 AllowTimerSuspensionWhenProcessBackgrounded() {
1174 #if defined(OS_ANDROID)
1175 return true;
1176 #else
1177 return false;
1178 #endif
1181 bool ChromeContentRendererClient::AllowPopup() {
1182 #if defined(ENABLE_EXTENSIONS)
1183 extensions::ScriptContext* current_context =
1184 extension_dispatcher_->script_context_set().GetCurrent();
1185 if (!current_context || !current_context->extension())
1186 return false;
1187 // See http://crbug.com/117446 for the subtlety of this check.
1188 switch (current_context->context_type()) {
1189 case extensions::Feature::UNSPECIFIED_CONTEXT:
1190 case extensions::Feature::WEB_PAGE_CONTEXT:
1191 case extensions::Feature::UNBLESSED_EXTENSION_CONTEXT:
1192 case extensions::Feature::WEBUI_CONTEXT:
1193 case extensions::Feature::SERVICE_WORKER_CONTEXT:
1194 return false;
1195 case extensions::Feature::BLESSED_EXTENSION_CONTEXT:
1196 case extensions::Feature::CONTENT_SCRIPT_CONTEXT:
1197 return true;
1198 case extensions::Feature::BLESSED_WEB_PAGE_CONTEXT:
1199 return !current_context->web_frame()->parent();
1201 NOTREACHED();
1202 #endif
1203 return false;
1206 bool ChromeContentRendererClient::ShouldFork(blink::WebLocalFrame* frame,
1207 const GURL& url,
1208 const std::string& http_method,
1209 bool is_initial_navigation,
1210 bool is_server_redirect,
1211 bool* send_referrer) {
1212 DCHECK(!frame->parent());
1214 // If this is the Instant process, fork all navigations originating from the
1215 // renderer. The destination page will then be bucketed back to this Instant
1216 // process if it is an Instant url, or to another process if not. Conversely,
1217 // fork if this is a non-Instant process navigating to an Instant url, so that
1218 // such navigations can also be bucketed into an Instant renderer.
1219 if (base::CommandLine::ForCurrentProcess()->HasSwitch(
1220 switches::kInstantProcess) ||
1221 SearchBouncer::GetInstance()->ShouldFork(url)) {
1222 *send_referrer = true;
1223 return true;
1226 // For now, we skip the rest for POST submissions. This is because
1227 // http://crbug.com/101395 is more likely to cause compatibility issues
1228 // with hosted apps and extensions than WebUI pages. We will remove this
1229 // check when cross-process POST submissions are supported.
1230 if (http_method != "GET")
1231 return false;
1233 // If |url| matches one of the prerendered URLs, stop this navigation and try
1234 // to swap in the prerendered page on the browser process. If the prerendered
1235 // page no longer exists by the time the OpenURL IPC is handled, a normal
1236 // navigation is attempted.
1237 if (prerender_dispatcher_.get() &&
1238 prerender_dispatcher_->IsPrerenderURL(url)) {
1239 *send_referrer = true;
1240 return true;
1243 #if defined(ENABLE_EXTENSIONS)
1244 const extensions::RendererExtensionRegistry* extension_registry =
1245 extensions::RendererExtensionRegistry::Get();
1247 // Determine if the new URL is an extension (excluding bookmark apps).
1248 const Extension* new_url_extension = extensions::GetNonBookmarkAppExtension(
1249 *extension_registry->GetMainThreadExtensionSet(), url);
1250 bool is_extension_url = !!new_url_extension;
1252 // If the navigation would cross an app extent boundary, we also need
1253 // to defer to the browser to ensure process isolation. This is not necessary
1254 // for server redirects, which will be transferred to a new process by the
1255 // browser process when they are ready to commit. It is necessary for client
1256 // redirects, which won't be transferred in the same way.
1257 if (!is_server_redirect &&
1258 CrossesExtensionExtents(frame, url, is_extension_url,
1259 is_initial_navigation)) {
1260 // Include the referrer in this case since we're going from a hosted web
1261 // page. (the packaged case is handled previously by the extension
1262 // navigation test)
1263 *send_referrer = true;
1265 const Extension* extension =
1266 extension_registry->GetExtensionOrAppByURL(url);
1267 if (extension && extension->is_app()) {
1268 extensions::RecordAppLaunchType(
1269 extension_misc::APP_LAUNCH_CONTENT_NAVIGATION, extension->GetType());
1271 return true;
1274 // If this is a reload, check whether it has the wrong process type. We
1275 // should send it to the browser if it's an extension URL (e.g., hosted app)
1276 // in a normal process, or if it's a process for an extension that has been
1277 // uninstalled. Without --site-per-process mode, we never fork processes for
1278 // subframes, so this check only makes sense for top-level frames.
1279 // TODO(alexmos,nasko): Figure out how this check should work when reloading
1280 // subframes in --site-per-process mode.
1281 if (!frame->parent() && frame->document().url() == url) {
1282 if (is_extension_url != IsStandaloneExtensionProcess())
1283 return true;
1285 #endif // defined(ENABLE_EXTENSIONS)
1287 return false;
1290 bool ChromeContentRendererClient::WillSendRequest(
1291 blink::WebFrame* frame,
1292 ui::PageTransition transition_type,
1293 const GURL& url,
1294 const GURL& first_party_for_cookies,
1295 GURL* new_url) {
1296 // Check whether the request should be allowed. If not allowed, we reset the
1297 // URL to something invalid to prevent the request and cause an error.
1298 #if defined(ENABLE_EXTENSIONS)
1299 if (url.SchemeIs(extensions::kExtensionScheme) &&
1300 !extensions::ResourceRequestPolicy::CanRequestResource(url, frame,
1301 transition_type)) {
1302 *new_url = GURL(chrome::kExtensionInvalidRequestURL);
1303 return true;
1306 if (url.SchemeIs(extensions::kExtensionResourceScheme) &&
1307 !extensions::ResourceRequestPolicy::CanRequestExtensionResourceScheme(
1308 url,
1309 frame)) {
1310 *new_url = GURL(chrome::kExtensionResourceInvalidRequestURL);
1311 return true;
1313 #endif
1315 const content::RenderView* render_view =
1316 content::RenderView::FromWebView(frame->view());
1317 SearchBox* search_box = SearchBox::Get(render_view);
1318 if (search_box && url.SchemeIs(chrome::kChromeSearchScheme)) {
1319 SearchBox::ImageSourceType type = SearchBox::NONE;
1320 if (url.host() == chrome::kChromeUIFaviconHost)
1321 type = SearchBox::FAVICON;
1322 else if (url.host() == chrome::kChromeUILargeIconHost)
1323 type = SearchBox::LARGE_ICON;
1324 else if (url.host() == chrome::kChromeUIFallbackIconHost)
1325 type = SearchBox::FALLBACK_ICON;
1326 else if (url.host() == chrome::kChromeUIThumbnailHost)
1327 type = SearchBox::THUMB;
1328 if (type != SearchBox::NONE)
1329 return search_box->GenerateImageURLFromTransientURL(url, type, new_url);
1332 return false;
1335 unsigned long long ChromeContentRendererClient::VisitedLinkHash(
1336 const char* canonical_url, size_t length) {
1337 return visited_link_slave_->ComputeURLFingerprint(canonical_url, length);
1340 bool ChromeContentRendererClient::IsLinkVisited(unsigned long long link_hash) {
1341 return visited_link_slave_->IsVisited(link_hash);
1344 blink::WebPrescientNetworking*
1345 ChromeContentRendererClient::GetPrescientNetworking() {
1346 return prescient_networking_dispatcher_.get();
1349 bool ChromeContentRendererClient::ShouldOverridePageVisibilityState(
1350 const content::RenderFrame* render_frame,
1351 blink::WebPageVisibilityState* override_state) {
1352 if (!prerender::PrerenderHelper::IsPrerendering(render_frame))
1353 return false;
1355 *override_state = blink::WebPageVisibilityStatePrerender;
1356 return true;
1359 #if defined(ENABLE_EXTENSIONS)
1360 void ChromeContentRendererClient::SetExtensionDispatcherForTest(
1361 extensions::Dispatcher* extension_dispatcher) {
1362 extension_dispatcher_.reset(extension_dispatcher);
1363 permissions_policy_delegate_.reset(
1364 new extensions::RendererPermissionsPolicyDelegate(
1365 extension_dispatcher_.get()));
1366 RenderThread::Get()->RegisterExtension(
1367 extensions::SafeBuiltins::CreateV8Extension());
1370 extensions::Dispatcher*
1371 ChromeContentRendererClient::GetExtensionDispatcherForTest() {
1372 return extension_dispatcher_.get();
1375 bool ChromeContentRendererClient::CrossesExtensionExtents(
1376 blink::WebLocalFrame* frame,
1377 const GURL& new_url,
1378 bool is_extension_url,
1379 bool is_initial_navigation) {
1380 DCHECK(!frame->parent());
1381 GURL old_url(frame->document().url());
1383 extensions::RendererExtensionRegistry* extension_registry =
1384 extensions::RendererExtensionRegistry::Get();
1386 // If old_url is still empty and this is an initial navigation, then this is
1387 // a window.open operation. We should look at the opener URL. Note that the
1388 // opener is a local frame in this case.
1389 if (is_initial_navigation && old_url.is_empty() && frame->opener()) {
1390 WebLocalFrame* opener_frame = frame->opener()->toWebLocalFrame();
1392 // If we're about to open a normal web page from a same-origin opener stuck
1393 // in an extension process, we want to keep it in process to allow the
1394 // opener to script it.
1395 WebDocument opener_document = opener_frame->document();
1396 WebSecurityOrigin opener_origin = opener_document.securityOrigin();
1397 bool opener_is_extension_url = !opener_origin.isUnique() &&
1398 extension_registry->GetExtensionOrAppByURL(
1399 opener_document.url()) != NULL;
1400 if (!is_extension_url &&
1401 !opener_is_extension_url &&
1402 IsStandaloneExtensionProcess() &&
1403 opener_origin.canRequest(WebURL(new_url)))
1404 return false;
1406 // In all other cases, we want to compare against the URL that determines
1407 // the type of process. In default Chrome, that's the URL of the opener's
1408 // top frame and not the opener frame itself. In --site-per-process, we
1409 // can use the opener frame itself.
1410 // TODO(nick): Either wire this up to SiteIsolationPolicy, or to state on
1411 // |opener_frame|/its ancestors.
1412 if (base::CommandLine::ForCurrentProcess()->HasSwitch(
1413 switches::kSitePerProcess))
1414 old_url = opener_frame->document().url();
1415 else
1416 old_url = opener_frame->top()->document().url();
1419 // Only consider keeping non-app URLs in an app process if this window
1420 // has an opener (in which case it might be an OAuth popup that tries to
1421 // script an iframe within the app).
1422 bool should_consider_workaround = !!frame->opener();
1424 return extensions::CrossesExtensionProcessBoundary(
1425 *extension_registry->GetMainThreadExtensionSet(), old_url, new_url,
1426 should_consider_workaround);
1428 #endif // defined(ENABLE_EXTENSIONS)
1430 #if defined(ENABLE_SPELLCHECK)
1431 void ChromeContentRendererClient::SetSpellcheck(SpellCheck* spellcheck) {
1432 RenderThread* thread = RenderThread::Get();
1433 if (spellcheck_.get() && thread)
1434 thread->RemoveObserver(spellcheck_.get());
1435 spellcheck_.reset(spellcheck);
1436 SpellCheckReplacer replacer(spellcheck_.get());
1437 content::RenderView::ForEach(&replacer);
1438 if (thread)
1439 thread->AddObserver(spellcheck_.get());
1441 #endif
1443 // static
1444 bool ChromeContentRendererClient::WasWebRequestUsedBySomeExtensions() {
1445 #if defined(ENABLE_EXTENSIONS)
1446 return g_current_client->extension_dispatcher_
1447 ->WasWebRequestUsedBySomeExtensions();
1448 #else
1449 return false;
1450 #endif
1453 const void* ChromeContentRendererClient::CreatePPAPIInterface(
1454 const std::string& interface_name) {
1455 #if defined(ENABLE_PLUGINS) && !defined(DISABLE_NACL)
1456 if (interface_name == PPB_NACL_PRIVATE_INTERFACE)
1457 return nacl::GetNaClPrivateInterface();
1458 #endif
1459 return NULL;
1462 bool ChromeContentRendererClient::IsExternalPepperPlugin(
1463 const std::string& module_name) {
1464 // TODO(bbudge) remove this when the trusted NaCl plugin has been removed.
1465 // We must defer certain plugin events for NaCl instances since we switch
1466 // from the in-process to the out-of-process proxy after instantiating them.
1467 return module_name == "Native Client";
1470 #if defined(ENABLE_PLUGINS) && defined(ENABLE_EXTENSIONS)
1471 bool ChromeContentRendererClient::IsExtensionOrSharedModuleWhitelisted(
1472 const GURL& url, const std::set<std::string>& whitelist) {
1473 const extensions::ExtensionSet* extension_set =
1474 extensions::RendererExtensionRegistry::Get()->GetMainThreadExtensionSet();
1475 return chrome::IsExtensionOrSharedModuleWhitelisted(url, extension_set,
1476 whitelist);
1478 #endif
1480 blink::WebSpeechSynthesizer*
1481 ChromeContentRendererClient::OverrideSpeechSynthesizer(
1482 blink::WebSpeechSynthesizerClient* client) {
1483 return new TtsDispatcher(client);
1486 bool ChromeContentRendererClient::AllowPepperMediaStreamAPI(
1487 const GURL& url) {
1488 #if !defined(OS_ANDROID)
1489 // Allow only the Hangouts app to use the MediaStream APIs. It's OK to check
1490 // the whitelist in the renderer, since we're only preventing access until
1491 // these APIs are public and stable.
1492 std::string url_host = url.host();
1493 if (url.SchemeIs("https") &&
1494 (base::EndsWith(url_host, "talkgadget.google.com",
1495 base::CompareCase::INSENSITIVE_ASCII) ||
1496 base::EndsWith(url_host, "plus.google.com",
1497 base::CompareCase::INSENSITIVE_ASCII) ||
1498 base::EndsWith(url_host, "plus.sandbox.google.com",
1499 base::CompareCase::INSENSITIVE_ASCII)) &&
1500 base::StartsWith(url.path(), "/hangouts/",
1501 base::CompareCase::INSENSITIVE_ASCII)) {
1502 return true;
1504 // Allow access for tests.
1505 if (base::CommandLine::ForCurrentProcess()->HasSwitch(
1506 switches::kEnablePepperTesting)) {
1507 return true;
1509 #endif // !defined(OS_ANDROID)
1510 return false;
1513 void ChromeContentRendererClient::AddKeySystems(
1514 std::vector<media::KeySystemInfo>* key_systems) {
1515 AddChromeKeySystems(key_systems);
1518 bool ChromeContentRendererClient::ShouldReportDetailedMessageForSource(
1519 const base::string16& source) const {
1520 #if defined(ENABLE_EXTENSIONS)
1521 return extensions::IsSourceFromAnExtension(source);
1522 #else
1523 return false;
1524 #endif
1527 bool ChromeContentRendererClient::ShouldGatherSiteIsolationStats() const {
1528 // Site isolation stats are gathered currently for non-extension renderer
1529 // processes running a normal web page from the Internet.
1530 // TODO(nick): https://crbug.com/268640 Gather stats for extension processes
1531 // too; we would need to check the extension's manifest to know which sites
1532 // it's allowed to access.
1533 #if defined(ENABLE_EXTENSIONS)
1534 base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
1535 return !command_line->HasSwitch(extensions::switches::kExtensionProcess);
1536 #else
1537 return true;
1538 #endif
1541 blink::WebWorkerContentSettingsClientProxy*
1542 ChromeContentRendererClient::CreateWorkerContentSettingsClientProxy(
1543 content::RenderFrame* render_frame,
1544 blink::WebFrame* frame) {
1545 return new WorkerContentSettingsClientProxy(render_frame, frame);
1548 bool ChromeContentRendererClient::IsPluginAllowedToUseDevChannelAPIs() {
1549 #if defined(ENABLE_PLUGINS)
1550 // Allow access for tests.
1551 if (base::CommandLine::ForCurrentProcess()->HasSwitch(
1552 switches::kEnablePepperTesting)) {
1553 return true;
1556 version_info::Channel channel = chrome::GetChannel();
1557 // Allow dev channel APIs to be used on "Canary", "Dev", and "Unknown"
1558 // releases of Chrome. Permitting "Unknown" allows these APIs to be used on
1559 // Chromium builds as well.
1560 return channel <= version_info::Channel::DEV;
1561 #else
1562 return false;
1563 #endif
1566 bool ChromeContentRendererClient::IsPluginAllowedToUseCameraDeviceAPI(
1567 const GURL& url) {
1568 #if defined(ENABLE_PLUGINS) && defined(ENABLE_EXTENSIONS)
1569 if (base::CommandLine::ForCurrentProcess()->HasSwitch(
1570 switches::kEnablePepperTesting))
1571 return true;
1573 if (IsExtensionOrSharedModuleWhitelisted(url, allowed_camera_device_origins_))
1574 return true;
1575 #endif
1577 return false;
1580 bool ChromeContentRendererClient::IsPluginAllowedToUseCompositorAPI(
1581 const GURL& url) {
1582 #if defined(ENABLE_PLUGINS) && defined(ENABLE_EXTENSIONS)
1583 if (base::CommandLine::ForCurrentProcess()->HasSwitch(
1584 switches::kEnablePepperTesting))
1585 return true;
1586 if (IsExtensionOrSharedModuleWhitelisted(url, allowed_compositor_origins_))
1587 return true;
1589 version_info::Channel channel = chrome::GetChannel();
1590 return channel <= version_info::Channel::DEV;
1591 #else
1592 return false;
1593 #endif
1596 content::BrowserPluginDelegate*
1597 ChromeContentRendererClient::CreateBrowserPluginDelegate(
1598 content::RenderFrame* render_frame,
1599 const std::string& mime_type,
1600 const GURL& original_url) {
1601 #if defined(ENABLE_EXTENSIONS)
1602 if (mime_type == content::kBrowserPluginMimeType) {
1603 return new extensions::ExtensionsGuestViewContainer(render_frame);
1604 } else {
1605 return new extensions::MimeHandlerViewContainer(
1606 render_frame, mime_type, original_url);
1608 #else
1609 return NULL;
1610 #endif
1613 void ChromeContentRendererClient::RecordRappor(const std::string& metric,
1614 const std::string& sample) {
1615 RenderThread::Get()->Send(new ChromeViewHostMsg_RecordRappor(metric, sample));
1618 void ChromeContentRendererClient::RecordRapporURL(const std::string& metric,
1619 const GURL& url) {
1620 RenderThread::Get()->Send(new ChromeViewHostMsg_RecordRapporURL(metric, url));
1623 scoped_ptr<blink::WebAppBannerClient>
1624 ChromeContentRendererClient::CreateAppBannerClient(
1625 content::RenderFrame* render_frame) {
1626 return scoped_ptr<blink::WebAppBannerClient>(
1627 new AppBannerClient(render_frame));
1630 void ChromeContentRendererClient::AddImageContextMenuProperties(
1631 const blink::WebURLResponse& response,
1632 std::map<std::string, std::string>* properties) {
1633 DCHECK(properties);
1634 WebString header_key(ASCIIToUTF16(
1635 data_reduction_proxy::chrome_proxy_header()));
1636 if (!response.httpHeaderField(header_key).isNull() &&
1637 response.httpHeaderField(header_key).utf8().find(
1638 data_reduction_proxy::chrome_proxy_lo_fi_directive()) !=
1639 std::string::npos) {
1640 (*properties)[data_reduction_proxy::chrome_proxy_header()] =
1641 data_reduction_proxy::chrome_proxy_lo_fi_directive();
1645 void
1646 ChromeContentRendererClient::DidInitializeServiceWorkerContextOnWorkerThread(
1647 v8::Local<v8::Context> context,
1648 const GURL& url) {
1649 #if defined(ENABLE_EXTENSIONS)
1650 extensions::Dispatcher::DidInitializeServiceWorkerContextOnWorkerThread(
1651 context, url);
1652 #endif
1655 void ChromeContentRendererClient::WillDestroyServiceWorkerContextOnWorkerThread(
1656 const GURL& url) {
1657 #if defined(ENABLE_EXTENSIONS)
1658 extensions::Dispatcher::WillDestroyServiceWorkerContextOnWorkerThread(url);
1659 #endif