1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef EXTENSIONS_RENDERER_SCRIPT_CONTEXT_H_
6 #define EXTENSIONS_RENDERER_SCRIPT_CONTEXT_H_
11 #include "base/basictypes.h"
12 #include "base/callback.h"
13 #include "base/compiler_specific.h"
14 #include "extensions/common/features/feature.h"
15 #include "extensions/common/permissions/api_permission_set.h"
16 #include "extensions/renderer/module_system.h"
17 #include "extensions/renderer/request_sender.h"
18 #include "extensions/renderer/safe_builtins.h"
19 #include "gin/runner.h"
21 #include "v8/include/v8.h"
32 namespace extensions
{
36 // Extensions wrapper for a v8 context.
37 class ScriptContext
: public RequestSender::Source
{
39 ScriptContext(const v8::Local
<v8::Context
>& context
,
40 blink::WebLocalFrame
* frame
,
41 const Extension
* extension
,
42 Feature::Context context_type
,
43 const Extension
* effective_extension
,
44 Feature::Context effective_context_type
);
45 ~ScriptContext() override
;
47 // Returns whether |url| from any Extension in |extension_set| is sandboxed,
48 // as declared in each Extension's manifest.
49 // TODO(kalman): Delete this when crbug.com/466373 is fixed.
50 // See comment in HasAccessOrThrowError.
51 static bool IsSandboxedPage(const ExtensionSet
& extension_set
,
54 // Clears the WebFrame for this contexts and invalidates the associated
58 // Registers |observer| to be run when this context is invalidated. Closures
59 // are run immediately when Invalidate() is called, not in a message loop.
60 void AddInvalidationObserver(const base::Closure
& observer
);
62 // Returns true if this context is still valid, false if it isn't.
63 // A context becomes invalid via Invalidate().
64 bool is_valid() const { return is_valid_
; }
66 v8::Local
<v8::Context
> v8_context() const {
67 return v8::Local
<v8::Context
>::New(isolate_
, v8_context_
);
70 const Extension
* extension() const { return extension_
.get(); }
72 const Extension
* effective_extension() const {
73 return effective_extension_
.get();
76 blink::WebLocalFrame
* web_frame() const { return web_frame_
; }
78 Feature::Context
context_type() const { return context_type_
; }
80 Feature::Context
effective_context_type() const {
81 return effective_context_type_
;
84 void set_module_system(scoped_ptr
<ModuleSystem
> module_system
) {
85 module_system_
= module_system
.Pass();
88 ModuleSystem
* module_system() { return module_system_
.get(); }
90 SafeBuiltins
* safe_builtins() { return &safe_builtins_
; }
92 const SafeBuiltins
* safe_builtins() const { return &safe_builtins_
; }
94 // Returns the ID of the extension associated with this context, or empty
95 // string if there is no such extension.
96 const std::string
& GetExtensionID() const;
98 // Returns the RenderFrame associated with this context. Can return NULL if
99 // the context is in the process of being destroyed.
100 content::RenderFrame
* GetRenderFrame() const;
102 // Runs |function| with appropriate scopes. Doesn't catch exceptions, callers
103 // must do that if they want.
105 // USE THIS METHOD RATHER THAN v8::Function::Call WHEREVER POSSIBLE.
106 v8::Local
<v8::Value
> CallFunction(const v8::Local
<v8::Function
>& function
,
108 v8::Local
<v8::Value
> argv
[]) const;
109 v8::Local
<v8::Value
> CallFunction(
110 const v8::Local
<v8::Function
>& function
) const;
112 void DispatchEvent(const char* event_name
, v8::Local
<v8::Array
> args
) const;
114 // Fires the onunload event on the unload_event module.
115 void DispatchOnUnloadEvent();
117 // Returns the availability of the API |api_name|.
118 Feature::Availability
GetAvailability(const std::string
& api_name
);
120 // Returns a string description of the type of context this is.
121 std::string
GetContextTypeDescription() const;
123 // Returns a string description of the effective type of context this is.
124 std::string
GetEffectiveContextTypeDescription() const;
126 v8::Isolate
* isolate() const { return isolate_
; }
128 // Get the URL of this context's web frame.
130 // TODO(kalman): Remove this and replace with a GetOrigin() call which reads
131 // of WebDocument::securityOrigin():
132 // - The URL can change (e.g. pushState) but the origin cannot. Luckily it
133 // appears as though callers don't make security decisions based on the
134 // result of GetURL() so it's not a problem... yet.
135 // - Origin is the correct check to be making.
136 // - It might let us remove the about:blank resolving?
139 // Returns whether the API |api| or any part of the API could be
140 // available in this context without taking into account the context's
142 bool IsAnyFeatureAvailableToContext(const extensions::Feature
& api
);
144 // Utility to get the URL we will match against for a frame. If the frame has
145 // committed, this is the commited URL. Otherwise it is the provisional URL.
146 // The returned URL may be invalid.
147 static GURL
GetDataSourceURLForFrame(const blink::WebFrame
* frame
);
149 // Returns the first non-about:-URL in the document hierarchy above and
150 // including |frame|. The document hierarchy is only traversed if
151 // |document_url| is an about:-URL and if |match_about_blank| is true.
152 static GURL
GetEffectiveDocumentURL(const blink::WebFrame
* frame
,
153 const GURL
& document_url
,
154 bool match_about_blank
);
156 // RequestSender::Source implementation.
157 ScriptContext
* GetContext() override
;
158 void OnResponseReceived(const std::string
& name
,
161 const base::ListValue
& response
,
162 const std::string
& error
) override
;
164 // Grants a set of content capabilities to this context.
165 void SetContentCapabilities(const APIPermissionSet
& permissions
);
167 // Indicates if this context has an effective API permission either by being
168 // a context for an extension which has that permission, or by being a web
169 // context which has been granted the corresponding capability by an
171 bool HasAPIPermission(APIPermission::ID permission
) const;
173 // Throws an Error in this context's JavaScript context, if this context does
174 // not have access to |name|. Returns true if this context has access (i.e.
175 // no exception thrown), false if it does not (i.e. an exception was thrown).
176 bool HasAccessOrThrowError(const std::string
& name
);
178 // Returns a string representation of this ScriptContext, for debugging.
179 std::string
GetDebugString() const;
184 // Whether this context is valid.
187 // The v8 context the bindings are accessible to.
188 v8::Global
<v8::Context
> v8_context_
;
190 // The WebLocalFrame associated with this context. This can be NULL because
191 // this object can outlive is destroyed asynchronously.
192 blink::WebLocalFrame
* web_frame_
;
194 // The extension associated with this context, or NULL if there is none. This
195 // might be a hosted app in the case that this context is hosting a web URL.
196 scoped_refptr
<const Extension
> extension_
;
198 // The type of context.
199 Feature::Context context_type_
;
201 // The effective extension associated with this context, or NULL if there is
202 // none. This is different from the above extension if this context is in an
203 // about:blank iframe for example.
204 scoped_refptr
<const Extension
> effective_extension_
;
206 // The type of context.
207 Feature::Context effective_context_type_
;
209 // Owns and structures the JS that is injected to set up extension bindings.
210 scoped_ptr
<ModuleSystem
> module_system_
;
212 // Contains safe copies of builtin objects like Function.prototype.
213 SafeBuiltins safe_builtins_
;
215 // The set of capabilities granted to this context by extensions.
216 APIPermissionSet content_capabilities_
;
218 // A list of base::Closure instances as an observer interface for
220 std::vector
<base::Closure
> invalidate_observers_
;
222 v8::Isolate
* isolate_
;
226 scoped_ptr
<Runner
> runner_
;
228 DISALLOW_COPY_AND_ASSIGN(ScriptContext
);
231 } // namespace extensions
233 #endif // EXTENSIONS_RENDERER_SCRIPT_CONTEXT_H_