search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Disable view source for Developer Tools.
[chromium-blink-merge.git] / chrome / browser / chrome_content_browser_client.cc
blob83026ed3ce6842214ef186c65e50f4c0f73b8ea4
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/browser/chrome_content_browser_client.h"
6
7 #include <set>
8 #include <utility>
9 #include <vector>
10
11 #include "base/bind.h"
12 #include "base/command_line.h"
13 #include "base/lazy_instance.h"
14 #include "base/path_service.h"
15 #include "base/prefs/pref_service.h"
16 #include "base/prefs/scoped_user_pref_update.h"
17 #include "base/strings/string_number_conversions.h"
18 #include "base/strings/utf_string_conversions.h"
19 #include "base/threading/sequenced_worker_pool.h"
20 #include "chrome/browser/app_mode/app_mode_utils.h"
21 #include "chrome/browser/browser_about_handler.h"
22 #include "chrome/browser/browser_process.h"
23 #include "chrome/browser/browser_shutdown.h"
24 #include "chrome/browser/browsing_data/browsing_data_helper.h"
25 #include "chrome/browser/browsing_data/browsing_data_remover.h"
26 #include "chrome/browser/character_encoding.h"
27 #include "chrome/browser/chrome_net_benchmarking_message_filter.h"
28 #include "chrome/browser/chrome_quota_permission_context.h"
29 #include "chrome/browser/content_settings/content_settings_utils.h"
30 #include "chrome/browser/content_settings/cookie_settings.h"
31 #include "chrome/browser/content_settings/host_content_settings_map.h"
32 #include "chrome/browser/content_settings/tab_specific_content_settings.h"
33 #include "chrome/browser/defaults.h"
34 #include "chrome/browser/download/download_prefs.h"
35 #include "chrome/browser/extensions/api/web_request/web_request_api.h"
36 #include "chrome/browser/extensions/browser_permissions_policy_delegate.h"
37 #include "chrome/browser/extensions/extension_host.h"
38 #include "chrome/browser/extensions/extension_service.h"
39 #include "chrome/browser/extensions/extension_system.h"
40 #include "chrome/browser/extensions/extension_web_ui.h"
41 #include "chrome/browser/extensions/extension_webkit_preferences.h"
42 #include "chrome/browser/extensions/suggest_permission_util.h"
43 #include "chrome/browser/geolocation/chrome_access_token_store.h"
44 #include "chrome/browser/google/google_util.h"
45 #include "chrome/browser/guestview/adview/adview_guest.h"
46 #include "chrome/browser/guestview/guestview.h"
47 #include "chrome/browser/guestview/guestview_constants.h"
48 #include "chrome/browser/guestview/webview/webview_guest.h"
49 #include "chrome/browser/local_discovery/storage/privet_filesystem_backend.h"
50 #include "chrome/browser/media/media_capture_devices_dispatcher.h"
51 #include "chrome/browser/metrics/chrome_browser_main_extra_parts_metrics.h"
52 #include "chrome/browser/nacl_host/nacl_browser_delegate_impl.h"
53 #include "chrome/browser/net/chrome_net_log.h"
54 #include "chrome/browser/notifications/desktop_notification_service.h"
55 #include "chrome/browser/notifications/desktop_notification_service_factory.h"
56 #include "chrome/browser/platform_util.h"
57 #include "chrome/browser/plugins/plugin_info_message_filter.h"
58 #include "chrome/browser/prerender/prerender_final_status.h"
59 #include "chrome/browser/prerender/prerender_manager.h"
60 #include "chrome/browser/prerender/prerender_manager_factory.h"
61 #include "chrome/browser/prerender/prerender_message_filter.h"
62 #include "chrome/browser/prerender/prerender_tracker.h"
63 #include "chrome/browser/printing/printing_message_filter.h"
64 #include "chrome/browser/profiles/chrome_browser_main_extra_parts_profiles.h"
65 #include "chrome/browser/profiles/profile.h"
66 #include "chrome/browser/profiles/profile_io_data.h"
67 #include "chrome/browser/profiles/profile_manager.h"
68 #include "chrome/browser/renderer_host/chrome_render_message_filter.h"
69 #include "chrome/browser/renderer_host/pepper/chrome_browser_pepper_host_factory.h"
70 #include "chrome/browser/search/instant_service.h"
71 #include "chrome/browser/search/instant_service_factory.h"
72 #include "chrome/browser/search/search.h"
73 #include "chrome/browser/search_engines/search_provider_install_state_message_filter.h"
74 #include "chrome/browser/signin/principals_message_filter.h"
75 #include "chrome/browser/speech/chrome_speech_recognition_manager_delegate.h"
76 #include "chrome/browser/speech/tts_message_filter.h"
77 #include "chrome/browser/ssl/ssl_add_certificate.h"
78 #include "chrome/browser/ssl/ssl_blocking_page.h"
79 #include "chrome/browser/ssl/ssl_tab_helper.h"
80 #include "chrome/browser/sync_file_system/local/sync_file_system_backend.h"
81 #include "chrome/browser/tab_contents/tab_util.h"
82 #include "chrome/browser/ui/blocked_content/blocked_window_params.h"
83 #include "chrome/browser/ui/blocked_content/popup_blocker_tab_helper.h"
84 #include "chrome/browser/ui/chrome_select_file_policy.h"
85 #include "chrome/browser/ui/sync/sync_promo_ui.h"
86 #include "chrome/browser/ui/tab_contents/chrome_web_contents_view_delegate.h"
87 #include "chrome/browser/ui/webui/chrome_web_ui_controller_factory.h"
88 #include "chrome/common/chrome_constants.h"
89 #include "chrome/common/chrome_paths.h"
90 #include "chrome/common/chrome_switches.h"
91 #include "chrome/common/chrome_version_info.h"
92 #include "chrome/common/env_vars.h"
93 #include "chrome/common/extensions/extension_process_policy.h"
94 #include "chrome/common/extensions/manifest_handlers/app_isolation_info.h"
95 #include "chrome/common/extensions/permissions/socket_permission.h"
96 #include "chrome/common/logging_chrome.h"
97 #include "chrome/common/pepper_permission_util.h"
98 #include "chrome/common/pref_names.h"
99 #include "chrome/common/profile_management_switches.h"
100 #include "chrome/common/render_messages.h"
101 #include "chrome/common/url_constants.h"
102 #include "chrome/installer/util/google_update_settings.h"
103 #include "chromeos/chromeos_constants.h"
104 #include "components/nacl/browser/nacl_browser.h"
105 #include "components/nacl/browser/nacl_host_message_filter.h"
106 #include "components/nacl/browser/nacl_process_host.h"
107 #include "components/nacl/common/nacl_process_type.h"
108 #include "components/translate/core/common/translate_switches.h"
109 #include "components/user_prefs/pref_registry_syncable.h"
110 #include "content/public/browser/browser_child_process_host.h"
111 #include "content/public/browser/browser_main_parts.h"
112 #include "content/public/browser/browser_ppapi_host.h"
113 #include "content/public/browser/browser_thread.h"
114 #include "content/public/browser/browser_url_handler.h"
115 #include "content/public/browser/child_process_data.h"
116 #include "content/public/browser/child_process_security_policy.h"
117 #include "content/public/browser/render_frame_host.h"
118 #include "content/public/browser/render_process_host.h"
119 #include "content/public/browser/render_view_host.h"
120 #include "content/public/browser/resource_context.h"
121 #include "content/public/browser/site_instance.h"
122 #include "content/public/browser/web_contents.h"
123 #include "content/public/browser/web_contents_view.h"
124 #include "content/public/common/child_process_host.h"
125 #include "content/public/common/content_descriptors.h"
126 #include "content/public/common/url_utils.h"
127 #include "extensions/browser/info_map.h"
128 #include "extensions/browser/process_manager.h"
129 #include "extensions/browser/process_map.h"
130 #include "extensions/browser/view_type_utils.h"
131 #include "extensions/common/constants.h"
132 #include "extensions/common/extension.h"
133 #include "extensions/common/extension_set.h"
134 #include "extensions/common/manifest_handlers/background_info.h"
135 #include "extensions/common/manifest_handlers/shared_module_info.h"
136 #include "extensions/common/manifest_handlers/web_accessible_resources_info.h"
137 #include "extensions/common/permissions/permissions_data.h"
138 #include "extensions/common/switches.h"
139 #include "grit/generated_resources.h"
140 #include "grit/ui_resources.h"
141 #include "net/base/mime_util.h"
142 #include "net/cookies/canonical_cookie.h"
143 #include "net/cookies/cookie_options.h"
144 #include "net/ssl/ssl_cert_request_info.h"
145 #include "ppapi/host/ppapi_host.h"
146 #include "ppapi/shared_impl/ppapi_switches.h"
147 #include "ui/base/l10n/l10n_util.h"
148 #include "ui/base/resource/resource_bundle.h"
149 #include "ui/message_center/message_center_util.h"
150 #include "webkit/browser/fileapi/external_mount_points.h"
151 #include "webkit/common/webpreferences.h"
152
153 #if defined(OS_WIN)
154 #include "chrome/browser/chrome_browser_main_win.h"
155 #include "sandbox/win/src/sandbox_policy.h"
156 #elif defined(OS_MACOSX)
157 #include "chrome/browser/chrome_browser_main_mac.h"
158 #include "chrome/browser/spellchecker/spellcheck_message_filter_mac.h"
159 #include "components/breakpad/app/breakpad_mac.h"
160 #elif defined(OS_CHROMEOS)
161 #include "chrome/browser/chromeos/chrome_browser_main_chromeos.h"
162 #include "chrome/browser/chromeos/drive/file_system_backend_delegate.h"
163 #include "chrome/browser/chromeos/fileapi/file_system_backend.h"
164 #include "chrome/browser/chromeos/login/startup_utils.h"
165 #include "chrome/browser/chromeos/login/user_manager.h"
166 #include "chrome/browser/chromeos/system/input_device_settings.h"
167 #include "chromeos/chromeos_switches.h"
168 #elif defined(OS_LINUX)
169 #include "chrome/browser/chrome_browser_main_linux.h"
170 #elif defined(OS_ANDROID)
171 #include "chrome/browser/android/webapps/single_tab_mode_tab_helper.h"
172 #include "chrome/browser/chrome_browser_main_android.h"
173 #include "chrome/browser/media/encrypted_media_message_filter_android.h"
174 #include "chrome/common/descriptors_android.h"
175 #include "components/breakpad/browser/crash_dump_manager_android.h"
176 #elif defined(OS_POSIX)
177 #include "chrome/browser/chrome_browser_main_posix.h"
178 #endif
179
180 #if defined(OS_POSIX) && !defined(OS_MACOSX)
181 #include "base/debug/leak_annotations.h"
182 #include "base/linux_util.h"
183 #include "components/breakpad/app/breakpad_linux.h"
184 #include "components/breakpad/browser/crash_handler_host_linux.h"
185 #endif
186
187 #if defined(ENABLE_CAPTIVE_PORTAL_DETECTION)
188 #include "chrome/browser/captive_portal/captive_portal_tab_helper.h"
189 #endif
190
191 #if defined(OS_ANDROID)
192 #include "ui/base/ui_base_paths.h"
193 #include "ui/gfx/android/device_display_info.h"
194 #endif
195
196 #if !defined(OS_CHROMEOS)
197 #include "chrome/browser/signin/signin_manager.h"
198 #include "chrome/browser/signin/signin_manager_factory.h"
199 #endif
200
201 #if !defined(OS_ANDROID)
202 #include "chrome/browser/media_galleries/fileapi/media_file_system_backend.h"
203 #endif
204
205 #if defined(ENABLE_WEBRTC)
206 #include "chrome/browser/media/webrtc_logging_handler_host.h"
207 #endif
208
209 #if defined(ENABLE_INPUT_SPEECH)
210 #include "chrome/browser/speech/chrome_speech_recognition_manager_delegate_bubble_ui.h"
211 #endif
212
213 #if defined(FILE_MANAGER_EXTENSION)
214 #include "chrome/browser/chromeos/file_manager/app_id.h"
215 #endif
216
217 #if defined(TOOLKIT_GTK)
218 #include "chrome/browser/ui/gtk/chrome_browser_main_extra_parts_gtk.h"
219 #endif
220
221 #if defined(TOOLKIT_VIEWS)
222 #include "chrome/browser/ui/views/chrome_browser_main_extra_parts_views.h"
223 #endif
224
225 #if defined(USE_ASH)
226 #include "chrome/browser/ui/views/ash/chrome_browser_main_extra_parts_ash.h"
227 #endif
228
229 #if defined(USE_AURA)
230 #include "chrome/browser/ui/aura/chrome_browser_main_extra_parts_aura.h"
231 #endif
232
233 #if defined(USE_X11)
234 #include "chrome/browser/chrome_browser_main_extra_parts_x11.h"
235 #endif
236
237 #if defined(ENABLE_SPELLCHECK)
238 #include "chrome/browser/spellchecker/spellcheck_message_filter.h"
239 #endif
240
241 using blink::WebWindowFeatures;
242 using base::FileDescriptor;
243 using content::AccessTokenStore;
244 using content::BrowserChildProcessHostIterator;
245 using content::BrowserThread;
246 using content::BrowserURLHandler;
247 using content::ChildProcessSecurityPolicy;
248 using content::FileDescriptorInfo;
249 using content::QuotaPermissionContext;
250 using content::RenderViewHost;
251 using content::SiteInstance;
252 using content::WebContents;
253 using extensions::APIPermission;
254 using extensions::Extension;
255 using extensions::InfoMap;
256 using extensions::Manifest;
257 using message_center::NotifierId;
258
259 namespace {
260
261 // Cached version of the locale so we can return the locale on the I/O
262 // thread.
263 base::LazyInstance<std::string> g_io_thread_application_locale;
264
265 #if defined(ENABLE_PLUGINS)
266 const char* kPredefinedAllowedFileHandleOrigins[] = {
267 "6EAED1924DB611B6EEF2A664BD077BE7EAD33B8F", // see crbug.com/234789
268 "4EB74897CB187C7633357C2FE832E0AD6A44883A" // see crbug.com/234789
269 };
270
271 const char* kPredefinedAllowedSocketOrigins[] = {
272 "okddffdblfhhnmhodogpojmfkjmhinfp", // Test SSH Client
273 "pnhechapfaindjhompbnflcldabbghjo", // HTerm App (SSH Client)
274 "bglhmjfplikpjnfoegeomebmfnkjomhe", // see crbug.com/122126
275 "gbchcmhmhahfdphkhkmpfmihenigjmpp", // Chrome Remote Desktop
276 "kgngmbheleoaphbjbaiobfdepmghbfah", // Pre-release Chrome Remote Desktop
277 "odkaodonbgfohohmklejpjiejmcipmib", // Dogfood Chrome Remote Desktop
278 "ojoimpklfciegopdfgeenehpalipignm", // Chromoting canary
279 "cbkkbcmdlboombapidmoeolnmdacpkch", // see crbug.com/129089
280 "hhnbmknkdabfoieppbbljkhkfjcmcbjh", // see crbug.com/134099
281 "mablfbjkhmhkmefkjjacnbaikjkipphg", // see crbug.com/134099
282 "pdeelgamlgannhelgoegilelnnojegoh", // see crbug.com/134099
283 "cabapfdbkniadpollkckdnedaanlciaj", // see crbug.com/134099
284 "mapljbgnjledlpdmlchihnmeclmefbba", // see crbug.com/134099
285 "ghbfeebgmiidnnmeobbbaiamklmpbpii", // see crbug.com/134099
286 "jdfhpkjeckflbbleddjlpimecpbjdeep", // see crbug.com/142514
287 "iabmpiboiopbgfabjmgeedhcmjenhbla", // see crbug.com/165080
288 "B7CF8A292249681AF81771650BA4CEEAF19A4560", // see crbug.com/165080
289 "6EAED1924DB611B6EEF2A664BD077BE7EAD33B8F", // see crbug.com/234789
290 "4EB74897CB187C7633357C2FE832E0AD6A44883A", // see crbug.com/234789
291 "7525AF4F66763A70A883C4700529F647B470E4D2", // see crbug.com/238084
292 "0B549507088E1564D672F7942EB87CA4DAD73972", // see crbug.com/238084
293 "864288364E239573E777D3E0E36864E590E95C74" // see crbug.com/238084
294 };
295 #endif
296
297 // Returns a copy of the given url with its host set to given host and path set
298 // to given path. Other parts of the url will be the same.
299 GURL ReplaceURLHostAndPath(const GURL& url,
300 const std::string& host,
301 const std::string& path) {
302 url_canon::Replacements<char> replacements;
303 replacements.SetHost(host.c_str(),
304 url_parse::Component(0, host.length()));
305 replacements.SetPath(path.c_str(),
306 url_parse::Component(0, path.length()));
307 return url.ReplaceComponents(replacements);
308 }
309
310 // Maps "foo://bar/baz/" to "foo://chrome/bar/baz/".
311 GURL AddUberHost(const GURL& url) {
312 const std::string uber_host = chrome::kChromeUIUberHost;
313 const std::string new_path = url.host() + url.path();
314
315 return ReplaceURLHostAndPath(url, uber_host, new_path);
316 }
317
318 // If url->host() is "chrome" and url->path() has characters other than the
319 // first slash, changes the url from "foo://chrome/bar/" to "foo://bar/" and
320 // returns true. Otherwise returns false.
321 bool RemoveUberHost(GURL* url) {
322 if (url->host() != chrome::kChromeUIUberHost)
323 return false;
324
325 if (url->path().empty() || url->path() == "/")
326 return false;
327
328 const std::string old_path = url->path();
329
330 const std::string::size_type separator = old_path.find('/', 1);
331 std::string new_host;
332 std::string new_path;
333 if (separator == std::string::npos) {
334 new_host = old_path.substr(1);
335 } else {
336 new_host = old_path.substr(1, separator - 1);
337 new_path = old_path.substr(separator);
338 }
339
340 // Do not allow URLs with paths empty before the first slash since we can't
341 // have an empty host. (e.g "foo://chrome//")
342 if (new_host.empty())
343 return false;
344
345 *url = ReplaceURLHostAndPath(*url, new_host, new_path);
346
347 DCHECK(url->is_valid());
348
349 return true;
350 }
351
352 // Handles rewriting Web UI URLs.
353 bool HandleWebUI(GURL* url, content::BrowserContext* browser_context) {
354 // Do not handle special URLs such as "about:foo"
355 if (!url->host().empty()) {
356 const GURL chrome_url = AddUberHost(*url);
357
358 // Handle valid "chrome://chrome/foo" URLs so the reverse handler will
359 // be called.
360 if (ChromeWebUIControllerFactory::GetInstance()->UseWebUIForURL(
361 browser_context, chrome_url))
362 return true;
363 }
364
365 if (!ChromeWebUIControllerFactory::GetInstance()->UseWebUIForURL(
366 browser_context, *url))
367 return false;
368
369 #if defined(OS_CHROMEOS)
370 // Special case : in ChromeOS in Guest mode bookmarks and history are
371 // disabled for security reasons. New tab page explains the reasons, so
372 // we redirect user to new tab page.
373 if (chromeos::UserManager::Get()->IsLoggedInAsGuest()) {
374 if (url->SchemeIs(chrome::kChromeUIScheme) &&
375 (url->DomainIs(chrome::kChromeUIBookmarksHost) ||
376 #if defined(ENABLE_ENHANCED_BOOKMARKS)
377 url->DomainIs(chrome::kChromeUIEnhancedBookmarksHost) ||
378 #endif
379 url->DomainIs(chrome::kChromeUIHistoryHost))) {
380 // Rewrite with new tab URL
381 *url = GURL(chrome::kChromeUINewTabURL);
382 }
383 }
384 #endif
385
386 return true;
387 }
388
389 // Reverse URL handler for Web UI. Maps "chrome://chrome/foo/" to
390 // "chrome://foo/".
391 bool HandleWebUIReverse(GURL* url, content::BrowserContext* browser_context) {
392 if (!url->is_valid() || !url->SchemeIs(chrome::kChromeUIScheme))
393 return false;
394
395 return RemoveUberHost(url);
396 }
397
398 // Used by the GetPrivilegeRequiredByUrl() and GetProcessPrivilege() functions
399 // below. Extension, and isolated apps require different privileges to be
400 // granted to their RenderProcessHosts. This classification allows us to make
401 // sure URLs are served by hosts with the right set of privileges.
402 enum RenderProcessHostPrivilege {
403 PRIV_NORMAL,
404 PRIV_HOSTED,
405 PRIV_ISOLATED,
406 PRIV_EXTENSION,
407 };
408
409 RenderProcessHostPrivilege GetPrivilegeRequiredByUrl(
410 const GURL& url,
411 ExtensionService* service) {
412 // Default to a normal renderer cause it is lower privileged. This should only
413 // occur if the URL on a site instance is either malformed, or uninitialized.
414 // If it is malformed, then there is no need for better privileges anyways.
415 // If it is uninitialized, but eventually settles on being an a scheme other
416 // than normal webrenderer, the navigation logic will correct us out of band
417 // anyways.
418 if (!url.is_valid())
419 return PRIV_NORMAL;
420
421 if (url.SchemeIs(extensions::kExtensionScheme)) {
422 const Extension* extension =
423 service->extensions()->GetByID(url.host());
424 if (extension &&
425 extensions::AppIsolationInfo::HasIsolatedStorage(extension))
426 return PRIV_ISOLATED;
427 if (extension && extension->is_hosted_app())
428 return PRIV_HOSTED;
429
430 return PRIV_EXTENSION;
431 }
432
433 return PRIV_NORMAL;
434 }
435
436 RenderProcessHostPrivilege GetProcessPrivilege(
437 content::RenderProcessHost* process_host,
438 extensions::ProcessMap* process_map,
439 ExtensionService* service) {
440 std::set<std::string> extension_ids =
441 process_map->GetExtensionsInProcess(process_host->GetID());
442 if (extension_ids.empty())
443 return PRIV_NORMAL;
444
445 for (std::set<std::string>::iterator iter = extension_ids.begin();
446 iter != extension_ids.end(); ++iter) {
447 const Extension* extension = service->GetExtensionById(*iter, false);
448 if (extension &&
449 extensions::AppIsolationInfo::HasIsolatedStorage(extension))
450 return PRIV_ISOLATED;
451 if (extension && extension->is_hosted_app())
452 return PRIV_HOSTED;
453 }
454
455 return PRIV_EXTENSION;
456 }
457
458 bool CertMatchesFilter(const net::X509Certificate& cert,
459 const base::DictionaryValue& filter) {
460 // TODO(markusheintz): This is the minimal required filter implementation.
461 // Implement a better matcher.
462
463 // An empty filter matches any client certificate since no requirements are
464 // specified at all.
465 if (filter.empty())
466 return true;
467
468 std::string common_name;
469 if (filter.GetString("ISSUER.CN", &common_name) &&
470 (cert.issuer().common_name == common_name)) {
471 return true;
472 }
473 return false;
474 }
475
476 #if !defined(OS_ANDROID)
477 // Fills |map| with the per-script font prefs under path |map_name|.
478 void FillFontFamilyMap(const PrefService* prefs,
479 const char* map_name,
480 webkit_glue::ScriptFontFamilyMap* map) {
481 // TODO: Get rid of the brute-force scan over possible (font family / script)
482 // combinations - see http://crbug.com/308095.
483 for (size_t i = 0; i < prefs::kWebKitScriptsForFontFamilyMapsLength; ++i) {
484 const char* script = prefs::kWebKitScriptsForFontFamilyMaps[i];
485 std::string pref_name = base::StringPrintf("%s.%s", map_name, script);
486 std::string font_family = prefs->GetString(pref_name.c_str());
487 if (!font_family.empty())
488 (*map)[script] = base::UTF8ToUTF16(font_family);
489 }
490 }
491
492 #if defined(OS_POSIX) && !defined(OS_MACOSX)
493 breakpad::CrashHandlerHostLinux* CreateCrashHandlerHost(
494 const std::string& process_type) {
495 base::FilePath dumps_path;
496 PathService::Get(chrome::DIR_CRASH_DUMPS, &dumps_path);
497 {
498 ANNOTATE_SCOPED_MEMORY_LEAK;
499 breakpad::CrashHandlerHostLinux* crash_handler =
500 new breakpad::CrashHandlerHostLinux(
501 process_type, dumps_path, getenv(env_vars::kHeadless) == NULL);
502 crash_handler->StartUploaderThread();
503 return crash_handler;
504 }
505 }
506
507 int GetCrashSignalFD(const CommandLine& command_line) {
508 if (command_line.HasSwitch(extensions::switches::kExtensionProcess)) {
509 static breakpad::CrashHandlerHostLinux* crash_handler = NULL;
510 if (!crash_handler)
511 crash_handler = CreateCrashHandlerHost("extension");
512 return crash_handler->GetDeathSignalSocket();
513 }
514
515 std::string process_type =
516 command_line.GetSwitchValueASCII(switches::kProcessType);
517
518 if (process_type == switches::kRendererProcess) {
519 static breakpad::CrashHandlerHostLinux* crash_handler = NULL;
520 if (!crash_handler)
521 crash_handler = CreateCrashHandlerHost(process_type);
522 return crash_handler->GetDeathSignalSocket();
523 }
524
525 if (process_type == switches::kPluginProcess) {
526 static breakpad::CrashHandlerHostLinux* crash_handler = NULL;
527 if (!crash_handler)
528 crash_handler = CreateCrashHandlerHost(process_type);
529 return crash_handler->GetDeathSignalSocket();
530 }
531
532 if (process_type == switches::kPpapiPluginProcess) {
533 static breakpad::CrashHandlerHostLinux* crash_handler = NULL;
534 if (!crash_handler)
535 crash_handler = CreateCrashHandlerHost(process_type);
536 return crash_handler->GetDeathSignalSocket();
537 }
538
539 if (process_type == switches::kGpuProcess) {
540 static breakpad::CrashHandlerHostLinux* crash_handler = NULL;
541 if (!crash_handler)
542 crash_handler = CreateCrashHandlerHost(process_type);
543 return crash_handler->GetDeathSignalSocket();
544 }
545
546 return -1;
547 }
548 #endif // defined(OS_POSIX) && !defined(OS_MACOSX)
549 #endif // !defined(OS_ANDROID)
550
551 #if !defined(OS_CHROMEOS)
552 GURL GetEffectiveURLForSignin(const GURL& url) {
553 CHECK(SigninManager::IsWebBasedSigninFlowURL(url));
554
555 GURL effective_url(SigninManager::kChromeSigninEffectiveSite);
556 // Copy the path because the argument to SetPathStr must outlive
557 // the Replacements object.
558 const std::string path_copy(url.path());
559 GURL::Replacements replacements;
560 replacements.SetPathStr(path_copy);
561 effective_url = effective_url.ReplaceComponents(replacements);
562 return effective_url;
563 }
564 #endif
565
566 void SetApplicationLocaleOnIOThread(const std::string& locale) {
567 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
568 g_io_thread_application_locale.Get() = locale;
569 }
570
571 void HandleBlockedPopupOnUIThread(const BlockedWindowParams& params) {
572 WebContents* tab = tab_util::GetWebContentsByID(params.render_process_id(),
573 params.opener_id());
574 if (!tab)
575 return;
576
577 prerender::PrerenderContents* prerender_contents =
578 prerender::PrerenderContents::FromWebContents(tab);
579 if (prerender_contents) {
580 prerender_contents->Destroy(prerender::FINAL_STATUS_CREATE_NEW_WINDOW);
581 return;
582 }
583
584 PopupBlockerTabHelper* popup_helper =
585 PopupBlockerTabHelper::FromWebContents(tab);
586 if (!popup_helper)
587 return;
588 popup_helper->AddBlockedPopup(params);
589 }
590
591 #if defined(OS_ANDROID)
592
593 void HandleSingleTabModeBlockOnUIThread(const BlockedWindowParams& params) {
594 WebContents* web_contents =
595 tab_util::GetWebContentsByID(params.render_process_id(),
596 params.opener_id());
597 if (!web_contents)
598 return;
599
600 SingleTabModeTabHelper::FromWebContents(web_contents)->HandleOpenUrl(params);
601 }
602
603 float GetDeviceScaleAdjustment() {
604 static const float kMinFSM = 1.05f;
605 static const int kWidthForMinFSM = 320;
606 static const float kMaxFSM = 1.3f;
607 static const int kWidthForMaxFSM = 800;
608
609 gfx::DeviceDisplayInfo info;
610 int minWidth = info.GetSmallestDIPWidth();
611
612 if (minWidth <= kWidthForMinFSM)
613 return kMinFSM;
614 if (minWidth >= kWidthForMaxFSM)
615 return kMaxFSM;
616
617 // The font scale multiplier varies linearly between kMinFSM and kMaxFSM.
618 float ratio = static_cast<float>(minWidth - kWidthForMinFSM) /
619 (kWidthForMaxFSM - kWidthForMinFSM);
620 return ratio * (kMaxFSM - kMinFSM) + kMinFSM;
621 }
622
623 #endif // defined(OS_ANDROID)
624
625 } // namespace
626
627 namespace chrome {
628
629 ChromeContentBrowserClient::ChromeContentBrowserClient() {
630 #if defined(ENABLE_PLUGINS)
631 for (size_t i = 0; i < arraysize(kPredefinedAllowedFileHandleOrigins); ++i)
632 allowed_file_handle_origins_.insert(kPredefinedAllowedFileHandleOrigins[i]);
633 for (size_t i = 0; i < arraysize(kPredefinedAllowedSocketOrigins); ++i)
634 allowed_socket_origins_.insert(kPredefinedAllowedSocketOrigins[i]);
635 #endif
636
637 permissions_policy_delegate_.reset(
638 new extensions::BrowserPermissionsPolicyDelegate());
639 }
640
641 ChromeContentBrowserClient::~ChromeContentBrowserClient() {
642 }
643
644 // static
645 void ChromeContentBrowserClient::RegisterProfilePrefs(
646 user_prefs::PrefRegistrySyncable* registry) {
647 registry->RegisterBooleanPref(
648 prefs::kDisable3DAPIs,
649 false,
650 user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF);
651 registry->RegisterBooleanPref(
652 prefs::kEnableHyperlinkAuditing,
653 true,
654 user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF);
655 registry->RegisterBooleanPref(
656 prefs::kEnableMemoryInfo,
657 false,
658 user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF);
659 }
660
661 // static
662 void ChromeContentBrowserClient::SetApplicationLocale(
663 const std::string& locale) {
664 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
665
666 // This object is guaranteed to outlive all threads so we don't have to
667 // worry about the lack of refcounting and can just post as Unretained.
668 //
669 // The common case is that this function is called early in Chrome startup
670 // before any threads are created (it will also be called later if the user
671 // changes the pref). In this case, there will be no threads created and
672 // posting will fail. When there are no threads, we can just set the string
673 // without worrying about threadsafety.
674 if (!BrowserThread::PostTask(BrowserThread::IO, FROM_HERE,
675 base::Bind(&SetApplicationLocaleOnIOThread, locale))) {
676 g_io_thread_application_locale.Get() = locale;
677 }
678 }
679
680 content::BrowserMainParts* ChromeContentBrowserClient::CreateBrowserMainParts(
681 const content::MainFunctionParams& parameters) {
682 ChromeBrowserMainParts* main_parts;
683 // Construct the Main browser parts based on the OS type.
684 #if defined(OS_WIN)
685 main_parts = new ChromeBrowserMainPartsWin(parameters);
686 #elif defined(OS_MACOSX)
687 main_parts = new ChromeBrowserMainPartsMac(parameters);
688 #elif defined(OS_CHROMEOS)
689 main_parts = new chromeos::ChromeBrowserMainPartsChromeos(parameters);
690 #elif defined(OS_LINUX)
691 main_parts = new ChromeBrowserMainPartsLinux(parameters);
692 #elif defined(OS_ANDROID)
693 main_parts = new ChromeBrowserMainPartsAndroid(parameters);
694 #elif defined(OS_POSIX)
695 main_parts = new ChromeBrowserMainPartsPosix(parameters);
696 #else
697 NOTREACHED();
698 main_parts = new ChromeBrowserMainParts(parameters);
699 #endif
700
701 chrome::AddProfilesExtraParts(main_parts);
702
703 // Construct additional browser parts. Stages are called in the order in
704 // which they are added.
705 #if defined(TOOLKIT_GTK)
706 main_parts->AddParts(new ChromeBrowserMainExtraPartsGtk());
707 #endif
708
709 #if defined(TOOLKIT_VIEWS)
710 main_parts->AddParts(new ChromeBrowserMainExtraPartsViews());
711 #endif
712
713 #if defined(USE_ASH)
714 main_parts->AddParts(new ChromeBrowserMainExtraPartsAsh());
715 #endif
716
717 #if defined(USE_AURA)
718 main_parts->AddParts(new ChromeBrowserMainExtraPartsAura());
719 #endif
720
721 #if defined(USE_X11)
722 main_parts->AddParts(new ChromeBrowserMainExtraPartsX11());
723 #endif
724
725 chrome::AddMetricsExtraParts(main_parts);
726
727 return main_parts;
728 }
729
730 std::string ChromeContentBrowserClient::GetStoragePartitionIdForSite(
731 content::BrowserContext* browser_context,
732 const GURL& site) {
733 std::string partition_id;
734
735 // The partition ID for webview guest processes is the string value of its
736 // SiteInstance URL - "chrome-guest://app_id/persist?partition".
737 if (site.SchemeIs(content::kGuestScheme))
738 partition_id = site.spec();
739
740 DCHECK(IsValidStoragePartitionId(browser_context, partition_id));
741 return partition_id;
742 }
743
744 bool ChromeContentBrowserClient::IsValidStoragePartitionId(
745 content::BrowserContext* browser_context,
746 const std::string& partition_id) {
747 // The default ID is empty and is always valid.
748 if (partition_id.empty())
749 return true;
750
751 return GURL(partition_id).is_valid();
752 }
753
754 void ChromeContentBrowserClient::GetStoragePartitionConfigForSite(
755 content::BrowserContext* browser_context,
756 const GURL& site,
757 bool can_be_default,
758 std::string* partition_domain,
759 std::string* partition_name,
760 bool* in_memory) {
761 // Default to the browser-wide storage partition and override based on |site|
762 // below.
763 partition_domain->clear();
764 partition_name->clear();
765 *in_memory = false;
766
767 bool success = GuestView::GetGuestPartitionConfigForSite(
768 site, partition_domain, partition_name, in_memory);
769
770 if (!success && site.SchemeIs(extensions::kExtensionScheme)) {
771 // If |can_be_default| is false, the caller is stating that the |site|
772 // should be parsed as if it had isolated storage. In particular it is
773 // important to NOT check ExtensionService for the is_storage_isolated()
774 // attribute because this code path is run during Extension uninstall
775 // to do cleanup after the Extension has already been unloaded from the
776 // ExtensionService.
777 bool is_isolated = !can_be_default;
778 if (can_be_default) {
779 const Extension* extension = NULL;
780 Profile* profile = Profile::FromBrowserContext(browser_context);
781 ExtensionService* extension_service =
782 extensions::ExtensionSystem::Get(profile)->extension_service();
783 if (extension_service) {
784 extension =
785 extension_service->extensions()->GetExtensionOrAppByURL(site);
786 if (extension &&
787 extensions::AppIsolationInfo::HasIsolatedStorage(extension)) {
788 is_isolated = true;
789 }
790 }
791 }
792
793 if (is_isolated) {
794 CHECK(site.has_host());
795 // For extensions with isolated storage, the the host of the |site| is
796 // the |partition_domain|. The |in_memory| and |partition_name| are only
797 // used in guest schemes so they are cleared here.
798 *partition_domain = site.host();
799 *in_memory = false;
800 partition_name->clear();
801 }
802 }
803
804 // Assert that if |can_be_default| is false, the code above must have found a
805 // non-default partition. If this fails, the caller has a serious logic
806 // error about which StoragePartition they expect to be in and it is not
807 // safe to continue.
808 CHECK(can_be_default || !partition_domain->empty());
809 }
810
811 content::WebContentsViewDelegate*
812 ChromeContentBrowserClient::GetWebContentsViewDelegate(
813 content::WebContents* web_contents) {
814 return chrome::CreateWebContentsViewDelegate(web_contents);
815 }
816
817 void ChromeContentBrowserClient::GuestWebContentsCreated(
818 SiteInstance* guest_site_instance,
819 WebContents* guest_web_contents,
820 WebContents* opener_web_contents,
821 content::BrowserPluginGuestDelegate** guest_delegate,
822 scoped_ptr<base::DictionaryValue> extra_params) {
823 if (!guest_site_instance) {
824 NOTREACHED();
825 return;
826 }
827 GURL guest_site_url = guest_site_instance->GetSiteURL();
828 const std::string& extension_id = guest_site_url.host();
829
830 Profile* profile = Profile::FromBrowserContext(
831 guest_web_contents->GetBrowserContext());
832 ExtensionService* service =
833 extensions::ExtensionSystem::Get(profile)->extension_service();
834 if (!service) {
835 NOTREACHED();
836 return;
837 }
838
839 /// TODO(fsamuel): In the future, certain types of GuestViews won't require
840 // extension bindings. At that point, we should clear |extension_id| instead
841 // of exiting early.
842 if (!service->GetExtensionById(extension_id, false) &&
843 !CommandLine::ForCurrentProcess()->HasSwitch(
844 switches::kEnableBrowserPluginForAllViewTypes)) {
845 NOTREACHED();
846 return;
847 }
848
849 if (opener_web_contents) {
850 GuestView* guest = GuestView::FromWebContents(opener_web_contents);
851 if (!guest) {
852 NOTREACHED();
853 return;
854 }
855
856 // Create a new GuestView of the same type as the opener.
857 *guest_delegate =
858 GuestView::Create(guest_web_contents,
859 extension_id,
860 guest->GetViewType());
861 return;
862 }
863
864 if (!extra_params) {
865 NOTREACHED();
866 return;
867 }
868 std::string api_type;
869 extra_params->GetString(guestview::kParameterApi, &api_type);
870
871 if (api_type.empty())
872 return;
873
874 *guest_delegate =
875 GuestView::Create(guest_web_contents,
876 extension_id,
877 GuestView::GetViewTypeFromString(api_type));
878 }
879
880 void ChromeContentBrowserClient::GuestWebContentsAttached(
881 WebContents* guest_web_contents,
882 WebContents* embedder_web_contents,
883 const base::DictionaryValue& extra_params) {
884
885 GuestView* guest = GuestView::FromWebContents(guest_web_contents);
886 if (!guest) {
887 // It's ok to return here, since we could be running a browser plugin
888 // outside an extension, and don't need to attach a
889 // BrowserPluginGuestDelegate in that case;
890 // e.g. running with flag --enable-browser-plugin-for-all-view-types.
891 return;
892 }
893 guest->Attach(embedder_web_contents, extra_params);
894 }
895
896 void ChromeContentBrowserClient::RenderProcessWillLaunch(
897 content::RenderProcessHost* host) {
898 int id = host->GetID();
899 Profile* profile = Profile::FromBrowserContext(host->GetBrowserContext());
900 net::URLRequestContextGetter* context =
901 profile->GetRequestContextForRenderProcess(id);
902
903 host->AddFilter(new ChromeRenderMessageFilter(id, profile, context));
904 #if defined(ENABLE_PLUGINS)
905 host->AddFilter(new PluginInfoMessageFilter(id, profile));
906 #endif
907 #if defined(ENABLE_PRINTING)
908 host->AddFilter(new PrintingMessageFilter(id, profile));
909 #endif
910 host->AddFilter(new SearchProviderInstallStateMessageFilter(id, profile));
911 #if defined(ENABLE_SPELLCHECK)
912 host->AddFilter(new SpellCheckMessageFilter(id));
913 #endif
914 #if defined(OS_MACOSX)
915 host->AddFilter(new SpellCheckMessageFilterMac(id));
916 #endif
917 host->AddFilter(new ChromeNetBenchmarkingMessageFilter(
918 id, profile, context));
919 host->AddFilter(new prerender::PrerenderMessageFilter(id, profile));
920 host->AddFilter(new TtsMessageFilter(id, profile));
921 #if defined(ENABLE_WEBRTC)
922 WebRtcLoggingHandlerHost* webrtc_logging_handler_host =
923 new WebRtcLoggingHandlerHost(profile);
924 host->AddFilter(webrtc_logging_handler_host);
925 host->SetUserData(host, new base::UserDataAdapter<WebRtcLoggingHandlerHost>(
926 webrtc_logging_handler_host));
927 #endif
928 #if !defined(DISABLE_NACL)
929 host->AddFilter(new nacl::NaClHostMessageFilter(
930 id, profile->IsOffTheRecord(),
931 profile->GetPath(),
932 context));
933 #endif
934 #if defined(OS_ANDROID)
935 host->AddFilter(new EncryptedMediaMessageFilterAndroid());
936 #endif
937 if (switches::IsNewProfileManagement())
938 host->AddFilter(new PrincipalsMessageFilter(id));
939
940 host->Send(new ChromeViewMsg_SetIsIncognitoProcess(
941 profile->IsOffTheRecord()));
942
943 SendExtensionWebRequestStatusToHost(host);
944
945 RendererContentSettingRules rules;
946 if (host->IsGuest()) {
947 GuestView::GetDefaultContentSettingRules(&rules, profile->IsOffTheRecord());
948 } else {
949 GetRendererContentSettingRules(
950 profile->GetHostContentSettingsMap(), &rules);
951 }
952 host->Send(new ChromeViewMsg_SetContentSettingRules(rules));
953 }
954
955 GURL ChromeContentBrowserClient::GetEffectiveURL(
956 content::BrowserContext* browser_context, const GURL& url) {
957 Profile* profile = Profile::FromBrowserContext(browser_context);
958 if (!profile)
959 return url;
960
961 // If the input |url| should be assigned to the Instant renderer, make its
962 // effective URL distinct from other URLs on the search provider's domain.
963 if (chrome::ShouldAssignURLToInstantRenderer(url, profile))
964 return chrome::GetEffectiveURLForInstant(url, profile);
965
966 #if !defined(OS_CHROMEOS)
967 // If the input |url| should be assigned to the Signin renderer, make its
968 // effective URL distinct from other URLs on the signin service's domain.
969 // Note that the signin renderer will be allowed to sign the user in to
970 // Chrome.
971 if (SigninManager::IsWebBasedSigninFlowURL(url))
972 return GetEffectiveURLForSignin(url);
973 #endif
974
975 // If the input |url| is part of an installed app, the effective URL is an
976 // extension URL with the ID of that extension as the host. This has the
977 // effect of grouping apps together in a common SiteInstance.
978 ExtensionService* extension_service =
979 extensions::ExtensionSystem::Get(profile)->extension_service();
980 if (!extension_service)
981 return url;
982
983 const Extension* extension = extension_service->extensions()->
984 GetHostedAppByURL(url);
985 if (!extension)
986 return url;
987
988 // Bookmark apps do not use the hosted app process model, and should be
989 // treated as normal URLs.
990 if (extension->from_bookmark())
991 return url;
992
993 // If the URL is part of an extension's web extent, convert it to an
994 // extension URL.
995 return extension->GetResourceURL(url.path());
996 }
997
998 bool ChromeContentBrowserClient::ShouldUseProcessPerSite(
999 content::BrowserContext* browser_context, const GURL& effective_url) {
1000 // Non-extension, non-Instant URLs should generally use
1001 // process-per-site-instance. Because we expect to use the effective URL,
1002 // URLs for hosted apps (apart from bookmark apps) should have an extension
1003 // scheme by now.
1004
1005 Profile* profile = Profile::FromBrowserContext(browser_context);
1006 if (!profile)
1007 return false;
1008
1009 if (chrome::ShouldUseProcessPerSiteForInstantURL(effective_url, profile))
1010 return true;
1011
1012 #if !defined(OS_CHROMEOS)
1013 if (SigninManager::IsWebBasedSigninFlowURL(effective_url))
1014 return true;
1015 #endif
1016
1017 if (!effective_url.SchemeIs(extensions::kExtensionScheme))
1018 return false;
1019
1020 ExtensionService* extension_service =
1021 extensions::ExtensionSystem::Get(profile)->extension_service();
1022 if (!extension_service)
1023 return false;
1024
1025 const Extension* extension =
1026 extension_service->extensions()->GetExtensionOrAppByURL(effective_url);
1027 if (!extension)
1028 return false;
1029
1030 // If the URL is part of a hosted app that does not have the background
1031 // permission, or that does not allow JavaScript access to the background
1032 // page, we want to give each instance its own process to improve
1033 // responsiveness.
1034 if (extension->GetType() == Manifest::TYPE_HOSTED_APP) {
1035 if (!extension->HasAPIPermission(APIPermission::kBackground) ||
1036 !extensions::BackgroundInfo::AllowJSAccess(extension)) {
1037 return false;
1038 }
1039 }
1040
1041 // Hosted apps that have script access to their background page must use
1042 // process per site, since all instances can make synchronous calls to the
1043 // background window. Other extensions should use process per site as well.
1044 return true;
1045 }
1046
1047 // These are treated as WebUI schemes but do not get WebUI bindings.
1048 void ChromeContentBrowserClient::GetAdditionalWebUISchemes(
1049 std::vector<std::string>* additional_schemes) {
1050 additional_schemes->push_back(chrome::kChromeSearchScheme);
1051 }
1052
1053 net::URLRequestContextGetter*
1054 ChromeContentBrowserClient::CreateRequestContext(
1055 content::BrowserContext* browser_context,
1056 content::ProtocolHandlerMap* protocol_handlers) {
1057 Profile* profile = Profile::FromBrowserContext(browser_context);
1058 return profile->CreateRequestContext(protocol_handlers);
1059 }
1060
1061 net::URLRequestContextGetter*
1062 ChromeContentBrowserClient::CreateRequestContextForStoragePartition(
1063 content::BrowserContext* browser_context,
1064 const base::FilePath& partition_path,
1065 bool in_memory,
1066 content::ProtocolHandlerMap* protocol_handlers) {
1067 Profile* profile = Profile::FromBrowserContext(browser_context);
1068 return profile->CreateRequestContextForStoragePartition(
1069 partition_path, in_memory, protocol_handlers);
1070 }
1071
1072 bool ChromeContentBrowserClient::IsHandledURL(const GURL& url) {
1073 return ProfileIOData::IsHandledURL(url);
1074 }
1075
1076 bool ChromeContentBrowserClient::CanCommitURL(
1077 content::RenderProcessHost* process_host,
1078 const GURL& url) {
1079 // We need to let most extension URLs commit in any process, since this can
1080 // be allowed due to web_accessible_resources. Most hosted app URLs may also
1081 // load in any process (e.g., in an iframe). However, the Chrome Web Store
1082 // cannot be loaded in iframes and should never be requested outside its
1083 // process.
1084 Profile* profile =
1085 Profile::FromBrowserContext(process_host->GetBrowserContext());
1086 ExtensionService* service =
1087 extensions::ExtensionSystem::Get(profile)->extension_service();
1088 if (!service)
1089 return true;
1090 const Extension* new_extension =
1091 service->extensions()->GetExtensionOrAppByURL(url);
1092 if (new_extension &&
1093 new_extension->is_hosted_app() &&
1094 new_extension->id() == extension_misc::kWebStoreAppId &&
1095 !extensions::ProcessMap::Get(profile)->
1096 Contains(new_extension->id(), process_host->GetID())) {
1097 return false;
1098 }
1099
1100 return true;
1101 }
1102
1103 bool ChromeContentBrowserClient::ShouldAllowOpenURL(
1104 content::SiteInstance* site_instance, const GURL& url) {
1105 GURL from_url = site_instance->GetSiteURL();
1106 // Do not allow pages from the web or other extensions navigate to
1107 // non-web-accessible extension resources.
1108 if (url.SchemeIs(extensions::kExtensionScheme) &&
1109 (from_url.SchemeIsHTTPOrHTTPS() ||
1110 from_url.SchemeIs(extensions::kExtensionScheme))) {
1111 Profile* profile = Profile::FromBrowserContext(
1112 site_instance->GetProcess()->GetBrowserContext());
1113 ExtensionService* service =
1114 extensions::ExtensionSystem::Get(profile)->extension_service();
1115 if (!service)
1116 return true;
1117 const Extension* extension =
1118 service->extensions()->GetExtensionOrAppByURL(url);
1119 if (!extension)
1120 return true;
1121 const Extension* from_extension =
1122 service->extensions()->GetExtensionOrAppByURL(
1123 site_instance->GetSiteURL());
1124 if (from_extension && from_extension->id() == extension->id())
1125 return true;
1126
1127 if (!extensions::WebAccessibleResourcesInfo::IsResourceWebAccessible(
1128 extension, url.path()))
1129 return false;
1130 }
1131 return true;
1132 }
1133
1134 bool ChromeContentBrowserClient::IsSuitableHost(
1135 content::RenderProcessHost* process_host,
1136 const GURL& site_url) {
1137 Profile* profile =
1138 Profile::FromBrowserContext(process_host->GetBrowserContext());
1139 // This may be NULL during tests. In that case, just assume any site can
1140 // share any host.
1141 if (!profile)
1142 return true;
1143
1144 // Instant URLs should only be in the instant process and instant process
1145 // should only have Instant URLs.
1146 InstantService* instant_service =
1147 InstantServiceFactory::GetForProfile(profile);
1148 if (instant_service) {
1149 bool is_instant_process = instant_service->IsInstantProcess(
1150 process_host->GetID());
1151 bool should_be_in_instant_process =
1152 chrome::ShouldAssignURLToInstantRenderer(site_url, profile);
1153 if (is_instant_process || should_be_in_instant_process)
1154 return is_instant_process && should_be_in_instant_process;
1155 }
1156
1157 #if !defined(OS_CHROMEOS)
1158 SigninManager* signin_manager = SigninManagerFactory::GetForProfile(profile);
1159 if (signin_manager && signin_manager->IsSigninProcess(process_host->GetID()))
1160 return SigninManager::IsWebBasedSigninFlowURL(site_url);
1161 #endif
1162
1163 ExtensionService* service =
1164 extensions::ExtensionSystem::Get(profile)->extension_service();
1165 extensions::ProcessMap* process_map = extensions::ProcessMap::Get(profile);
1166
1167 // Don't allow the Task Manager to share a process with anything else.
1168 // Otherwise it can affect the renderers it is observing.
1169 // Note: we could create another RenderProcessHostPrivilege bucket for
1170 // this to allow multiple chrome://tasks instances to share, but that's
1171 // a very unlikely case without serious consequences.
1172 if (site_url.GetOrigin() == GURL(chrome::kChromeUITaskManagerURL).GetOrigin())
1173 return false;
1174
1175 // These may be NULL during tests. In that case, just assume any site can
1176 // share any host.
1177 if (!service || !process_map)
1178 return true;
1179
1180 // Otherwise, just make sure the process privilege matches the privilege
1181 // required by the site.
1182 RenderProcessHostPrivilege privilege_required =
1183 GetPrivilegeRequiredByUrl(site_url, service);
1184 return GetProcessPrivilege(process_host, process_map, service) ==
1185 privilege_required;
1186 }
1187
1188 // This function is trying to limit the amount of processes used by extensions
1189 // with background pages. It uses a globally set percentage of processes to
1190 // run such extensions and if the limit is exceeded, it returns true, to
1191 // indicate to the content module to group extensions together.
1192 bool ChromeContentBrowserClient::ShouldTryToUseExistingProcessHost(
1193 content::BrowserContext* browser_context, const GURL& url) {
1194 // It has to be a valid URL for us to check for an extension.
1195 if (!url.is_valid())
1196 return false;
1197
1198 Profile* profile = Profile::FromBrowserContext(browser_context);
1199 ExtensionService* service = !profile ? NULL :
1200 extensions::ExtensionSystem::Get(profile)->extension_service();
1201 if (!service)
1202 return false;
1203
1204 // We have to have a valid extension with background page to proceed.
1205 const Extension* extension =
1206 service->extensions()->GetExtensionOrAppByURL(url);
1207 if (!extension)
1208 return false;
1209 if (!extensions::BackgroundInfo::HasBackgroundPage(extension))
1210 return false;
1211
1212 std::set<int> process_ids;
1213 size_t max_process_count =
1214 content::RenderProcessHost::GetMaxRendererProcessCount();
1215
1216 // Go through all profiles to ensure we have total count of extension
1217 // processes containing background pages, otherwise one profile can
1218 // starve the other.
1219 std::vector<Profile*> profiles = g_browser_process->profile_manager()->
1220 GetLoadedProfiles();
1221 for (size_t i = 0; i < profiles.size(); ++i) {
1222 extensions::ProcessManager* epm =
1223 extensions::ExtensionSystem::Get(profiles[i])->process_manager();
1224 for (extensions::ProcessManager::const_iterator iter =
1225 epm->background_hosts().begin();
1226 iter != epm->background_hosts().end(); ++iter) {
1227 const extensions::ExtensionHost* host = *iter;
1228 process_ids.insert(host->render_process_host()->GetID());
1229 }
1230 }
1231
1232 if (process_ids.size() >
1233 (max_process_count * chrome::kMaxShareOfExtensionProcesses)) {
1234 return true;
1235 }
1236
1237 return false;
1238 }
1239
1240 void ChromeContentBrowserClient::SiteInstanceGotProcess(
1241 SiteInstance* site_instance) {
1242 CHECK(site_instance->HasProcess());
1243
1244 Profile* profile = Profile::FromBrowserContext(
1245 site_instance->GetBrowserContext());
1246 if (!profile)
1247 return;
1248
1249 // Remember the ID of the Instant process to signal the renderer process
1250 // on startup in |AppendExtraCommandLineSwitches| below.
1251 if (chrome::ShouldAssignURLToInstantRenderer(
1252 site_instance->GetSiteURL(), profile)) {
1253 InstantService* instant_service =
1254 InstantServiceFactory::GetForProfile(profile);
1255 if (instant_service)
1256 instant_service->AddInstantProcess(site_instance->GetProcess()->GetID());
1257 }
1258
1259 #if !defined(OS_CHROMEOS)
1260 // We only expect there to be one signin process as we use process-per-site
1261 // for signin URLs. The signin process will be cleared from SigninManager
1262 // when the renderer is destroyed.
1263 if (SigninManager::IsWebBasedSigninFlowURL(site_instance->GetSiteURL())) {
1264 SigninManager* signin_manager =
1265 SigninManagerFactory::GetForProfile(profile);
1266 if (signin_manager)
1267 signin_manager->SetSigninProcess(site_instance->GetProcess()->GetID());
1268 BrowserThread::PostTask(
1269 BrowserThread::IO,
1270 FROM_HERE,
1271 base::Bind(&InfoMap::SetSigninProcess,
1272 extensions::ExtensionSystem::Get(profile)->info_map(),
1273 site_instance->GetProcess()->GetID()));
1274 }
1275 #endif
1276
1277 ExtensionService* service =
1278 extensions::ExtensionSystem::Get(profile)->extension_service();
1279 if (!service)
1280 return;
1281
1282 const Extension* extension = service->extensions()->GetExtensionOrAppByURL(
1283 site_instance->GetSiteURL());
1284 if (!extension)
1285 return;
1286
1287 extensions::ProcessMap::Get(profile)
1288 ->Insert(extension->id(),
1289 site_instance->GetProcess()->GetID(),
1290 site_instance->GetId());
1291
1292 BrowserThread::PostTask(
1293 BrowserThread::IO,
1294 FROM_HERE,
1295 base::Bind(&InfoMap::RegisterExtensionProcess,
1296 extensions::ExtensionSystem::Get(profile)->info_map(),
1297 extension->id(),
1298 site_instance->GetProcess()->GetID(),
1299 site_instance->GetId()));
1300 }
1301
1302 void ChromeContentBrowserClient::SiteInstanceDeleting(
1303 SiteInstance* site_instance) {
1304 if (!site_instance->HasProcess())
1305 return;
1306
1307 Profile* profile = Profile::FromBrowserContext(
1308 site_instance->GetBrowserContext());
1309 ExtensionService* service =
1310 extensions::ExtensionSystem::Get(profile)->extension_service();
1311 if (!service)
1312 return;
1313
1314 const Extension* extension = service->extensions()->GetExtensionOrAppByURL(
1315 site_instance->GetSiteURL());
1316 if (!extension)
1317 return;
1318
1319 extensions::ProcessMap::Get(profile)
1320 ->Remove(extension->id(),
1321 site_instance->GetProcess()->GetID(),
1322 site_instance->GetId());
1323
1324 BrowserThread::PostTask(
1325 BrowserThread::IO,
1326 FROM_HERE,
1327 base::Bind(&InfoMap::UnregisterExtensionProcess,
1328 extensions::ExtensionSystem::Get(profile)->info_map(),
1329 extension->id(),
1330 site_instance->GetProcess()->GetID(),
1331 site_instance->GetId()));
1332 }
1333
1334 bool ChromeContentBrowserClient::ShouldSwapBrowsingInstancesForNavigation(
1335 SiteInstance* site_instance,
1336 const GURL& current_url,
1337 const GURL& new_url) {
1338 // If we don't have an ExtensionService, then rely on the SiteInstance logic
1339 // in RenderFrameHostManager to decide when to swap.
1340 Profile* profile =
1341 Profile::FromBrowserContext(site_instance->GetBrowserContext());
1342 ExtensionService* service =
1343 extensions::ExtensionSystem::Get(profile)->extension_service();
1344 if (!service)
1345 return false;
1346
1347 // We must use a new BrowsingInstance (forcing a process swap and disabling
1348 // scripting by existing tabs) if one of the URLs is an extension and the
1349 // other is not the exact same extension.
1350 //
1351 // We ignore hosted apps here so that other tabs in their BrowsingInstance can
1352 // use postMessage with them. (The exception is the Chrome Web Store, which
1353 // is a hosted app that requires its own BrowsingInstance.) Navigations
1354 // to/from a hosted app will still trigger a SiteInstance swap in
1355 // RenderFrameHostManager.
1356 const Extension* current_extension =
1357 service->extensions()->GetExtensionOrAppByURL(current_url);
1358 if (current_extension &&
1359 current_extension->is_hosted_app() &&
1360 current_extension->id() != extension_misc::kWebStoreAppId)
1361 current_extension = NULL;
1362
1363 const Extension* new_extension =
1364 service->extensions()->GetExtensionOrAppByURL(new_url);
1365 if (new_extension &&
1366 new_extension->is_hosted_app() &&
1367 new_extension->id() != extension_misc::kWebStoreAppId)
1368 new_extension = NULL;
1369
1370 // First do a process check. We should force a BrowsingInstance swap if the
1371 // current process doesn't know about new_extension, even if current_extension
1372 // is somehow the same as new_extension.
1373 extensions::ProcessMap* process_map = extensions::ProcessMap::Get(profile);
1374 if (new_extension &&
1375 site_instance->HasProcess() &&
1376 !process_map->Contains(
1377 new_extension->id(), site_instance->GetProcess()->GetID()))
1378 return true;
1379
1380 // Otherwise, swap BrowsingInstances if current_extension and new_extension
1381 // differ.
1382 return current_extension != new_extension;
1383 }
1384
1385 bool ChromeContentBrowserClient::ShouldSwapProcessesForRedirect(
1386 content::ResourceContext* resource_context, const GURL& current_url,
1387 const GURL& new_url) {
1388 ProfileIOData* io_data = ProfileIOData::FromResourceContext(resource_context);
1389 return extensions::CrossesExtensionProcessBoundary(
1390 io_data->GetExtensionInfoMap()->extensions(),
1391 current_url, new_url, false);
1392 }
1393
1394 bool ChromeContentBrowserClient::ShouldAssignSiteForURL(const GURL& url) {
1395 return !url.SchemeIs(chrome::kChromeNativeScheme);
1396 }
1397
1398 std::string ChromeContentBrowserClient::GetCanonicalEncodingNameByAliasName(
1399 const std::string& alias_name) {
1400 return CharacterEncoding::GetCanonicalEncodingNameByAliasName(alias_name);
1401 }
1402
1403 void ChromeContentBrowserClient::AppendExtraCommandLineSwitches(
1404 CommandLine* command_line, int child_process_id) {
1405 #if defined(OS_POSIX)
1406 if (breakpad::IsCrashReporterEnabled()) {
1407 std::string enable_crash_reporter;
1408 GoogleUpdateSettings::GetMetricsId(&enable_crash_reporter);
1409 #if !defined(OS_MACOSX)
1410 enable_crash_reporter += "," + base::GetLinuxDistro();
1411 #endif
1412 command_line->AppendSwitchASCII(switches::kEnableCrashReporter,
1413 enable_crash_reporter);
1414 }
1415 #endif // OS_POSIX
1416
1417 if (logging::DialogsAreSuppressed())
1418 command_line->AppendSwitch(switches::kNoErrorDialogs);
1419
1420 std::string process_type =
1421 command_line->GetSwitchValueASCII(switches::kProcessType);
1422 const CommandLine& browser_command_line = *CommandLine::ForCurrentProcess();
1423
1424 static const char* const kCommonSwitchNames[] = {
1425 switches::kUserDataDir, // Make logs go to the right file.
1426 };
1427 command_line->CopySwitchesFrom(browser_command_line, kCommonSwitchNames,
1428 arraysize(kCommonSwitchNames));
1429
1430 #if defined(ENABLE_IPC_FUZZER)
1431 static const char* const kIpcFuzzerSwitches[] = {
1432 switches::kIpcFuzzerTestcase,
1433 };
1434 command_line->CopySwitchesFrom(browser_command_line, kIpcFuzzerSwitches,
1435 arraysize(kIpcFuzzerSwitches));
1436 #endif
1437
1438 if (process_type == switches::kRendererProcess) {
1439 #if defined(OS_CHROMEOS)
1440 const std::string& login_profile =
1441 browser_command_line.GetSwitchValueASCII(
1442 chromeos::switches::kLoginProfile);
1443 if (!login_profile.empty())
1444 command_line->AppendSwitchASCII(
1445 chromeos::switches::kLoginProfile, login_profile);
1446 #endif
1447
1448 #if defined(ENABLE_WEBRTC)
1449 if (VersionInfo::GetChannel() <= VersionInfo::CHANNEL_DEV) {
1450 static const char* const kWebRtcDevSwitchNames[] = {
1451 switches::kDisableWebRtcEncryption,
1452 };
1453 command_line->CopySwitchesFrom(browser_command_line,
1454 kWebRtcDevSwitchNames,
1455 arraysize(kWebRtcDevSwitchNames));
1456 }
1457 #endif
1458
1459 content::RenderProcessHost* process =
1460 content::RenderProcessHost::FromID(child_process_id);
1461 if (process) {
1462 Profile* profile = Profile::FromBrowserContext(
1463 process->GetBrowserContext());
1464
1465 if (extensions::ProcessMap::Get(profile)->Contains(process->GetID()))
1466 command_line->AppendSwitch(extensions::switches::kExtensionProcess);
1467
1468 PrefService* prefs = profile->GetPrefs();
1469 // Currently this pref is only registered if applied via a policy.
1470 if (prefs->HasPrefPath(prefs::kDisable3DAPIs) &&
1471 prefs->GetBoolean(prefs::kDisable3DAPIs)) {
1472 // Turn this policy into a command line switch.
1473 command_line->AppendSwitch(switches::kDisable3DAPIs);
1474 }
1475
1476 // Disable client-side phishing detection in the renderer if it is
1477 // disabled in the Profile preferences or the browser process.
1478 if (!prefs->GetBoolean(prefs::kSafeBrowsingEnabled) ||
1479 !g_browser_process->safe_browsing_detection_service()) {
1480 command_line->AppendSwitch(
1481 switches::kDisableClientSidePhishingDetection);
1482 }
1483
1484 if (!prefs->GetBoolean(prefs::kPrintPreviewDisabled))
1485 command_line->AppendSwitch(switches::kRendererPrintPreview);
1486
1487 InstantService* instant_service =
1488 InstantServiceFactory::GetForProfile(profile);
1489 if (instant_service &&
1490 instant_service->IsInstantProcess(process->GetID()))
1491 command_line->AppendSwitch(switches::kInstantProcess);
1492
1493 #if !defined(OS_CHROMEOS)
1494 SigninManager* signin_manager =
1495 SigninManagerFactory::GetForProfile(profile);
1496 if (signin_manager && signin_manager->IsSigninProcess(process->GetID()))
1497 command_line->AppendSwitch(switches::kSigninProcess);
1498 #endif
1499 }
1500
1501 // Please keep this in alphabetical order.
1502 static const char* const kSwitchNames[] = {
1503 autofill::switches::kDisableInteractiveAutocomplete,
1504 autofill::switches::kDisablePasswordGeneration,
1505 autofill::switches::kEnableIgnoreAutocompleteOff,
1506 autofill::switches::kEnableInteractiveAutocomplete,
1507 autofill::switches::kEnablePasswordGeneration,
1508 autofill::switches::kNoAutofillNecessaryForPasswordGeneration,
1509 extensions::switches::kAllowHTTPBackgroundPage,
1510 extensions::switches::kAllowLegacyExtensionManifests,
1511 extensions::switches::kAllowScriptingGallery,
1512 extensions::switches::kEnableExperimentalExtensionApis,
1513 extensions::switches::kExtensionsOnChromeURLs,
1514 // TODO(victorhsieh): remove the following flag once we move PPAPI FileIO
1515 // to browser.
1516 switches::kAllowNaClFileHandleAPI,
1517 switches::kAppsCheckoutURL,
1518 switches::kAppsGalleryURL,
1519 switches::kCloudPrintServiceURL,
1520 switches::kDebugPrint,
1521 switches::kDisableBundledPpapiFlash,
1522 switches::kDisableExtensionsResourceWhitelist,
1523 switches::kDisablePnacl,
1524 switches::kDisableScriptedPrintThrottling,
1525 switches::kEnableAdview,
1526 switches::kEnableAdviewSrcAttribute,
1527 switches::kEnableAppWindowControls,
1528 switches::kEnableBenchmarking,
1529 switches::kEnableNaCl,
1530 switches::kEnableNetBenchmarking,
1531 switches::kEnableStreamlinedHostedApps,
1532 switches::kEnableWatchdog,
1533 switches::kMemoryProfiling,
1534 switches::kMessageLoopHistogrammer,
1535 switches::kNoJsRandomness,
1536 switches::kOutOfProcessPdf,
1537 switches::kPlaybackMode,
1538 switches::kPpapiFlashArgs,
1539 switches::kPpapiFlashInProcess,
1540 switches::kPpapiFlashPath,
1541 switches::kPpapiFlashVersion,
1542 switches::kProfilingAtStart,
1543 switches::kProfilingFile,
1544 switches::kProfilingFlush,
1545 switches::kRecordMode,
1546 switches::kSilentDumpOnDCHECK,
1547 switches::kWhitelistedExtensionID,
1548 translate::switches::kTranslateSecurityOrigin,
1549 };
1550
1551 command_line->CopySwitchesFrom(browser_command_line, kSwitchNames,
1552 arraysize(kSwitchNames));
1553 } else if (process_type == switches::kUtilityProcess) {
1554 static const char* const kSwitchNames[] = {
1555 extensions::switches::kAllowHTTPBackgroundPage,
1556 extensions::switches::kEnableExperimentalExtensionApis,
1557 extensions::switches::kExtensionsOnChromeURLs,
1558 switches::kWhitelistedExtensionID,
1559 };
1560
1561 command_line->CopySwitchesFrom(browser_command_line, kSwitchNames,
1562 arraysize(kSwitchNames));
1563 } else if (process_type == switches::kPluginProcess) {
1564 static const char* const kSwitchNames[] = {
1565 #if defined(OS_CHROMEOS)
1566 chromeos::switches::kLoginProfile,
1567 #endif
1568 switches::kMemoryProfiling,
1569 switches::kSilentDumpOnDCHECK,
1570 };
1571
1572 command_line->CopySwitchesFrom(browser_command_line, kSwitchNames,
1573 arraysize(kSwitchNames));
1574 } else if (process_type == switches::kZygoteProcess) {
1575 static const char* const kSwitchNames[] = {
1576 // Load (in-process) Pepper plugins in-process in the zygote pre-sandbox.
1577 switches::kDisableBundledPpapiFlash,
1578 switches::kPpapiFlashInProcess,
1579 switches::kPpapiFlashPath,
1580 switches::kPpapiFlashVersion,
1581 };
1582
1583 command_line->CopySwitchesFrom(browser_command_line, kSwitchNames,
1584 arraysize(kSwitchNames));
1585 } else if (process_type == switches::kGpuProcess) {
1586 // If --ignore-gpu-blacklist is passed in, don't send in crash reports
1587 // because GPU is expected to be unreliable.
1588 if (browser_command_line.HasSwitch(switches::kIgnoreGpuBlacklist) &&
1589 !command_line->HasSwitch(switches::kDisableBreakpad))
1590 command_line->AppendSwitch(switches::kDisableBreakpad);
1591 }
1592
1593 // The command line switch kEnableBenchmarking needs to be specified along
1594 // with the kEnableStatsTable switch to ensure that the stats table global
1595 // is initialized correctly.
1596 if (command_line->HasSwitch(switches::kEnableBenchmarking))
1597 DCHECK(command_line->HasSwitch(switches::kEnableStatsTable));
1598 }
1599
1600 std::string ChromeContentBrowserClient::GetApplicationLocale() {
1601 if (BrowserThread::CurrentlyOn(BrowserThread::IO))
1602 return g_io_thread_application_locale.Get();
1603 return g_browser_process->GetApplicationLocale();
1604 }
1605
1606 std::string ChromeContentBrowserClient::GetAcceptLangs(
1607 content::BrowserContext* context) {
1608 Profile* profile = Profile::FromBrowserContext(context);
1609 return profile->GetPrefs()->GetString(prefs::kAcceptLanguages);
1610 }
1611
1612 gfx::ImageSkia* ChromeContentBrowserClient::GetDefaultFavicon() {
1613 ResourceBundle& rb = ResourceBundle::GetSharedInstance();
1614 return rb.GetImageSkiaNamed(IDR_DEFAULT_FAVICON);
1615 }
1616
1617 bool ChromeContentBrowserClient::AllowAppCache(
1618 const GURL& manifest_url,
1619 const GURL& first_party,
1620 content::ResourceContext* context) {
1621 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
1622 ProfileIOData* io_data = ProfileIOData::FromResourceContext(context);
1623 return io_data->GetCookieSettings()->
1624 IsSettingCookieAllowed(manifest_url, first_party);
1625 }
1626
1627 bool ChromeContentBrowserClient::AllowGetCookie(
1628 const GURL& url,
1629 const GURL& first_party,
1630 const net::CookieList& cookie_list,
1631 content::ResourceContext* context,
1632 int render_process_id,
1633 int render_frame_id) {
1634 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
1635 ProfileIOData* io_data = ProfileIOData::FromResourceContext(context);
1636 bool allow = io_data->GetCookieSettings()->
1637 IsReadingCookieAllowed(url, first_party);
1638
1639 BrowserThread::PostTask(
1640 BrowserThread::UI, FROM_HERE,
1641 base::Bind(&TabSpecificContentSettings::CookiesRead, render_process_id,
1642 render_frame_id, url, first_party, cookie_list, !allow));
1643 return allow;
1644 }
1645
1646 bool ChromeContentBrowserClient::AllowSetCookie(
1647 const GURL& url,
1648 const GURL& first_party,
1649 const std::string& cookie_line,
1650 content::ResourceContext* context,
1651 int render_process_id,
1652 int render_frame_id,
1653 net::CookieOptions* options) {
1654 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
1655 ProfileIOData* io_data = ProfileIOData::FromResourceContext(context);
1656 CookieSettings* cookie_settings = io_data->GetCookieSettings();
1657 bool allow = cookie_settings->IsSettingCookieAllowed(url, first_party);
1658
1659 BrowserThread::PostTask(
1660 BrowserThread::UI, FROM_HERE,
1661 base::Bind(&TabSpecificContentSettings::CookieChanged, render_process_id,
1662 render_frame_id, url, first_party, cookie_line, *options,
1663 !allow));
1664 return allow;
1665 }
1666
1667 bool ChromeContentBrowserClient::AllowSaveLocalState(
1668 content::ResourceContext* context) {
1669 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
1670 ProfileIOData* io_data = ProfileIOData::FromResourceContext(context);
1671 CookieSettings* cookie_settings = io_data->GetCookieSettings();
1672 ContentSetting setting = cookie_settings->GetDefaultCookieSetting(NULL);
1673
1674 // TODO(bauerb): Should we also disallow local state if the default is BLOCK?
1675 // Could we even support per-origin settings?
1676 return setting != CONTENT_SETTING_SESSION_ONLY;
1677 }
1678
1679 bool ChromeContentBrowserClient::AllowWorkerDatabase(
1680 const GURL& url,
1681 const base::string16& name,
1682 const base::string16& display_name,
1683 unsigned long estimated_size,
1684 content::ResourceContext* context,
1685 const std::vector<std::pair<int, int> >& render_frames) {
1686 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
1687 ProfileIOData* io_data = ProfileIOData::FromResourceContext(context);
1688 CookieSettings* cookie_settings = io_data->GetCookieSettings();
1689 bool allow = cookie_settings->IsSettingCookieAllowed(url, url);
1690
1691 // Record access to database for potential display in UI.
1692 std::vector<std::pair<int, int> >::const_iterator i;
1693 for (i = render_frames.begin(); i != render_frames.end(); ++i) {
1694 BrowserThread::PostTask(
1695 BrowserThread::UI, FROM_HERE,
1696 base::Bind(&TabSpecificContentSettings::WebDatabaseAccessed,
1697 i->first, i->second, url, name, display_name, !allow));
1698 }
1699
1700 return allow;
1701 }
1702
1703 bool ChromeContentBrowserClient::AllowWorkerFileSystem(
1704 const GURL& url,
1705 content::ResourceContext* context,
1706 const std::vector<std::pair<int, int> >& render_frames) {
1707 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
1708 ProfileIOData* io_data = ProfileIOData::FromResourceContext(context);
1709 CookieSettings* cookie_settings = io_data->GetCookieSettings();
1710 bool allow = cookie_settings->IsSettingCookieAllowed(url, url);
1711
1712 // Record access to file system for potential display in UI.
1713 std::vector<std::pair<int, int> >::const_iterator i;
1714 for (i = render_frames.begin(); i != render_frames.end(); ++i) {
1715 BrowserThread::PostTask(
1716 BrowserThread::UI, FROM_HERE,
1717 base::Bind(&TabSpecificContentSettings::FileSystemAccessed,
1718 i->first, i->second, url, !allow));
1719 }
1720
1721 return allow;
1722 }
1723
1724 bool ChromeContentBrowserClient::AllowWorkerIndexedDB(
1725 const GURL& url,
1726 const base::string16& name,
1727 content::ResourceContext* context,
1728 const std::vector<std::pair<int, int> >& render_frames) {
1729 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
1730 ProfileIOData* io_data = ProfileIOData::FromResourceContext(context);
1731 CookieSettings* cookie_settings = io_data->GetCookieSettings();
1732 bool allow = cookie_settings->IsSettingCookieAllowed(url, url);
1733
1734 // Record access to IndexedDB for potential display in UI.
1735 std::vector<std::pair<int, int> >::const_iterator i;
1736 for (i = render_frames.begin(); i != render_frames.end(); ++i) {
1737 BrowserThread::PostTask(
1738 BrowserThread::UI, FROM_HERE,
1739 base::Bind(&TabSpecificContentSettings::IndexedDBAccessed,
1740 i->first, i->second, url, name, !allow));
1741 }
1742
1743 return allow;
1744 }
1745
1746 net::URLRequestContext*
1747 ChromeContentBrowserClient::OverrideRequestContextForURL(
1748 const GURL& url, content::ResourceContext* context) {
1749 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
1750 if (url.SchemeIs(extensions::kExtensionScheme)) {
1751 ProfileIOData* io_data = ProfileIOData::FromResourceContext(context);
1752 return io_data->extensions_request_context();
1753 }
1754
1755 return NULL;
1756 }
1757
1758 QuotaPermissionContext*
1759 ChromeContentBrowserClient::CreateQuotaPermissionContext() {
1760 return new ChromeQuotaPermissionContext();
1761 }
1762
1763 void ChromeContentBrowserClient::AllowCertificateError(
1764 int render_process_id,
1765 int render_frame_id,
1766 int cert_error,
1767 const net::SSLInfo& ssl_info,
1768 const GURL& request_url,
1769 ResourceType::Type resource_type,
1770 bool overridable,
1771 bool strict_enforcement,
1772 const base::Callback<void(bool)>& callback,
1773 content::CertificateRequestResultType* result) {
1774 if (resource_type != ResourceType::MAIN_FRAME) {
1775 // A sub-resource has a certificate error. The user doesn't really
1776 // have a context for making the right decision, so block the
1777 // request hard, without an info bar to allow showing the insecure
1778 // content.
1779 *result = content::CERTIFICATE_REQUEST_RESULT_TYPE_DENY;
1780 return;
1781 }
1782
1783 // If the tab is being prerendered, cancel the prerender and the request.
1784 content::RenderFrameHost* render_frame_host =
1785 content::RenderFrameHost::FromID(render_process_id, render_frame_id);
1786 if (!render_frame_host) {
1787 NOTREACHED();
1788 return;
1789 }
1790 WebContents* tab = WebContents::FromRenderFrameHost(render_frame_host);
1791 if (!tab) {
1792 NOTREACHED();
1793 return;
1794 }
1795
1796 prerender::PrerenderContents* prerender_contents =
1797 prerender::PrerenderContents::FromWebContents(tab);
1798 if (prerender_contents) {
1799 prerender_contents->Destroy(prerender::FINAL_STATUS_SSL_ERROR);
1800 *result = content::CERTIFICATE_REQUEST_RESULT_TYPE_CANCEL;
1801 return;
1802 }
1803
1804 #if defined(ENABLE_CAPTIVE_PORTAL_DETECTION)
1805 captive_portal::CaptivePortalTabHelper* captive_portal_tab_helper =
1806 captive_portal::CaptivePortalTabHelper::FromWebContents(tab);
1807 if (captive_portal_tab_helper)
1808 captive_portal_tab_helper->OnSSLCertError(ssl_info);
1809 #endif
1810
1811 // Otherwise, display an SSL blocking page.
1812 new SSLBlockingPage(tab, cert_error, ssl_info, request_url, overridable,
1813 strict_enforcement, callback);
1814 }
1815
1816 void ChromeContentBrowserClient::SelectClientCertificate(
1817 int render_process_id,
1818 int render_frame_id,
1819 const net::HttpNetworkSession* network_session,
1820 net::SSLCertRequestInfo* cert_request_info,
1821 const base::Callback<void(net::X509Certificate*)>& callback) {
1822 content::RenderFrameHost* rfh = content::RenderFrameHost::FromID(
1823 render_process_id, render_frame_id);
1824 WebContents* tab = WebContents::FromRenderFrameHost(rfh);
1825 if (!tab) {
1826 NOTREACHED();
1827 return;
1828 }
1829
1830 prerender::PrerenderContents* prerender_contents =
1831 prerender::PrerenderContents::FromWebContents(tab);
1832 if (prerender_contents) {
1833 prerender_contents->Destroy(
1834 prerender::FINAL_STATUS_SSL_CLIENT_CERTIFICATE_REQUESTED);
1835 return;
1836 }
1837
1838 GURL requesting_url("https://" + cert_request_info->host_and_port.ToString());
1839 DCHECK(requesting_url.is_valid())
1840 << "Invalid URL string: https://"
1841 << cert_request_info->host_and_port.ToString();
1842
1843 Profile* profile = Profile::FromBrowserContext(tab->GetBrowserContext());
1844 scoped_ptr<base::Value> filter(
1845 profile->GetHostContentSettingsMap()->GetWebsiteSetting(
1846 requesting_url,
1847 requesting_url,
1848 CONTENT_SETTINGS_TYPE_AUTO_SELECT_CERTIFICATE,
1849 std::string(), NULL));
1850
1851 if (filter.get()) {
1852 // Try to automatically select a client certificate.
1853 if (filter->IsType(base::Value::TYPE_DICTIONARY)) {
1854 base::DictionaryValue* filter_dict =
1855 static_cast<base::DictionaryValue*>(filter.get());
1856
1857 const std::vector<scoped_refptr<net::X509Certificate> >&
1858 all_client_certs = cert_request_info->client_certs;
1859 for (size_t i = 0; i < all_client_certs.size(); ++i) {
1860 if (CertMatchesFilter(*all_client_certs[i].get(), *filter_dict)) {
1861 // Use the first certificate that is matched by the filter.
1862 callback.Run(all_client_certs[i].get());
1863 return;
1864 }
1865 }
1866 } else {
1867 NOTREACHED();
1868 }
1869 }
1870
1871 SSLTabHelper* ssl_tab_helper = SSLTabHelper::FromWebContents(tab);
1872 if (!ssl_tab_helper) {
1873 // If there is no SSLTabHelper for the given WebContents then we can't
1874 // show the user a dialog to select a client certificate. So we simply
1875 // proceed with no client certificate.
1876 callback.Run(NULL);
1877 return;
1878 }
1879 ssl_tab_helper->ShowClientCertificateRequestDialog(
1880 network_session, cert_request_info, callback);
1881 }
1882
1883 void ChromeContentBrowserClient::AddCertificate(
1884 net::URLRequest* request,
1885 net::CertificateMimeType cert_type,
1886 const void* cert_data,
1887 size_t cert_size,
1888 int render_process_id,
1889 int render_view_id) {
1890 chrome::SSLAddCertificate(request, cert_type, cert_data, cert_size,
1891 render_process_id, render_view_id);
1892 }
1893
1894 content::MediaObserver* ChromeContentBrowserClient::GetMediaObserver() {
1895 return MediaCaptureDevicesDispatcher::GetInstance();
1896 }
1897
1898 void ChromeContentBrowserClient::RequestDesktopNotificationPermission(
1899 const GURL& source_origin,
1900 int callback_context,
1901 int render_process_id,
1902 int render_view_id) {
1903 #if defined(ENABLE_NOTIFICATIONS)
1904 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
1905 WebContents* contents =
1906 tab_util::GetWebContentsByID(render_process_id, render_view_id);
1907 if (!contents) {
1908 NOTREACHED();
1909 return;
1910 }
1911
1912 // Skip showing the infobar if the request comes from an extension, and that
1913 // extension has the 'notify' permission. (If the extension does not have the
1914 // permission, the user will still be prompted.)
1915 Profile* profile = Profile::FromBrowserContext(contents->GetBrowserContext());
1916 InfoMap* extension_info_map =
1917 extensions::ExtensionSystem::Get(profile)->info_map();
1918 DesktopNotificationService* notification_service =
1919 DesktopNotificationServiceFactory::GetForProfile(profile);
1920 const Extension* extension = NULL;
1921 if (extension_info_map) {
1922 extensions::ExtensionSet extensions;
1923 extension_info_map->GetExtensionsWithAPIPermissionForSecurityOrigin(
1924 source_origin, render_process_id,
1925 extensions::APIPermission::kNotification, &extensions);
1926 for (extensions::ExtensionSet::const_iterator iter = extensions.begin();
1927 iter != extensions.end(); ++iter) {
1928 if (notification_service->IsNotifierEnabled(NotifierId(
1929 NotifierId::APPLICATION, (*iter)->id()))) {
1930 extension = iter->get();
1931 break;
1932 }
1933 }
1934 }
1935 RenderViewHost* rvh =
1936 RenderViewHost::FromID(render_process_id, render_view_id);
1937 if (IsExtensionWithPermissionOrSuggestInConsole(
1938 APIPermission::kNotification, extension, rvh)) {
1939 if (rvh)
1940 rvh->DesktopNotificationPermissionRequestDone(callback_context);
1941 return;
1942 }
1943
1944 notification_service->RequestPermission(source_origin, render_process_id,
1945 render_view_id, callback_context, contents);
1946 #else
1947 NOTIMPLEMENTED();
1948 #endif
1949 }
1950
1951 blink::WebNotificationPresenter::Permission
1952 ChromeContentBrowserClient::CheckDesktopNotificationPermission(
1953 const GURL& source_origin,
1954 content::ResourceContext* context,
1955 int render_process_id) {
1956 #if defined(ENABLE_NOTIFICATIONS)
1957 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
1958
1959 ProfileIOData* io_data = ProfileIOData::FromResourceContext(context);
1960 InfoMap* extension_info_map = io_data->GetExtensionInfoMap();
1961
1962 // We want to see if there is an extension that hasn't been manually disabled
1963 // that has the notifications permission and applies to this security origin.
1964 // First, get the list of extensions with permission for the origin.
1965 extensions::ExtensionSet extensions;
1966 extension_info_map->GetExtensionsWithAPIPermissionForSecurityOrigin(
1967 source_origin, render_process_id,
1968 extensions::APIPermission::kNotification, &extensions);
1969 for (extensions::ExtensionSet::const_iterator iter = extensions.begin();
1970 iter != extensions.end(); ++iter) {
1971 // Then, check to see if it's been disabled by the user.
1972 if (!extension_info_map->AreNotificationsDisabled((*iter)->id()))
1973 return blink::WebNotificationPresenter::PermissionAllowed;
1974 }
1975
1976 // No enabled extensions exist, so check the normal host content settings.
1977 HostContentSettingsMap* host_content_settings_map =
1978 io_data->GetHostContentSettingsMap();
1979 ContentSetting setting = host_content_settings_map->GetContentSetting(
1980 source_origin,
1981 source_origin,
1982 CONTENT_SETTINGS_TYPE_NOTIFICATIONS,
1983 NO_RESOURCE_IDENTIFIER);
1984
1985 if (setting == CONTENT_SETTING_ALLOW)
1986 return blink::WebNotificationPresenter::PermissionAllowed;
1987 if (setting == CONTENT_SETTING_BLOCK)
1988 return blink::WebNotificationPresenter::PermissionDenied;
1989 return blink::WebNotificationPresenter::PermissionNotAllowed;
1990 #else
1991 return blink::WebNotificationPresenter::PermissionAllowed;
1992 #endif
1993 }
1994
1995 void ChromeContentBrowserClient::ShowDesktopNotification(
1996 const content::ShowDesktopNotificationHostMsgParams& params,
1997 int render_process_id,
1998 int render_view_id,
1999 bool worker) {
2000 #if defined(ENABLE_NOTIFICATIONS)
2001 RenderViewHost* rvh = RenderViewHost::FromID(
2002 render_process_id, render_view_id);
2003 if (!rvh) {
2004 NOTREACHED();
2005 return;
2006 }
2007
2008 content::RenderProcessHost* process = rvh->GetProcess();
2009 Profile* profile = Profile::FromBrowserContext(process->GetBrowserContext());
2010 DesktopNotificationService* service =
2011 DesktopNotificationServiceFactory::GetForProfile(profile);
2012 service->ShowDesktopNotification(
2013 params, render_process_id, render_view_id,
2014 worker ? DesktopNotificationService::WorkerNotification :
2015 DesktopNotificationService::PageNotification);
2016 #else
2017 NOTIMPLEMENTED();
2018 #endif
2019 }
2020
2021 void ChromeContentBrowserClient::CancelDesktopNotification(
2022 int render_process_id,
2023 int render_view_id,
2024 int notification_id) {
2025 #if defined(ENABLE_NOTIFICATIONS)
2026 RenderViewHost* rvh = RenderViewHost::FromID(
2027 render_process_id, render_view_id);
2028 if (!rvh) {
2029 NOTREACHED();
2030 return;
2031 }
2032
2033 content::RenderProcessHost* process = rvh->GetProcess();
2034 Profile* profile = Profile::FromBrowserContext(process->GetBrowserContext());
2035 DesktopNotificationService* service =
2036 DesktopNotificationServiceFactory::GetForProfile(profile);
2037 service->CancelDesktopNotification(
2038 render_process_id, render_view_id, notification_id);
2039 #else
2040 NOTIMPLEMENTED();
2041 #endif
2042 }
2043
2044 bool ChromeContentBrowserClient::CanCreateWindow(
2045 const GURL& opener_url,
2046 const GURL& opener_top_level_frame_url,
2047 const GURL& source_origin,
2048 WindowContainerType container_type,
2049 const GURL& target_url,
2050 const content::Referrer& referrer,
2051 WindowOpenDisposition disposition,
2052 const WebWindowFeatures& features,
2053 bool user_gesture,
2054 bool opener_suppressed,
2055 content::ResourceContext* context,
2056 int render_process_id,
2057 bool is_guest,
2058 int opener_id,
2059 bool* no_javascript_access) {
2060 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
2061
2062 *no_javascript_access = false;
2063
2064 ProfileIOData* io_data = ProfileIOData::FromResourceContext(context);
2065 InfoMap* map = io_data->GetExtensionInfoMap();
2066
2067 // If the opener is trying to create a background window but doesn't have
2068 // the appropriate permission, fail the attempt.
2069 if (container_type == WINDOW_CONTAINER_TYPE_BACKGROUND) {
2070 if (!map->SecurityOriginHasAPIPermission(
2071 source_origin,
2072 render_process_id,
2073 APIPermission::kBackground)) {
2074 return false;
2075 }
2076
2077 // Note: this use of GetExtensionOrAppByURL is safe but imperfect. It may
2078 // return a recently installed Extension even if this CanCreateWindow call
2079 // was made by an old copy of the page in a normal web process. That's ok,
2080 // because the permission check above would have caused an early return
2081 // already. We must use the full URL to find hosted apps, though, and not
2082 // just the origin.
2083 const Extension* extension =
2084 map->extensions().GetExtensionOrAppByURL(opener_url);
2085 if (extension && !extensions::BackgroundInfo::AllowJSAccess(extension))
2086 *no_javascript_access = true;
2087
2088 return true;
2089 }
2090
2091 // No new browser window (popup or tab) in app mode.
2092 if (container_type == WINDOW_CONTAINER_TYPE_NORMAL &&
2093 chrome::IsRunningInForcedAppMode()) {
2094 return false;
2095 }
2096
2097 if (is_guest)
2098 return true;
2099
2100 HostContentSettingsMap* content_settings =
2101 ProfileIOData::FromResourceContext(context)->GetHostContentSettingsMap();
2102 BlockedWindowParams blocked_params(target_url,
2103 referrer,
2104 disposition,
2105 features,
2106 user_gesture,
2107 opener_suppressed,
2108 render_process_id,
2109 opener_id);
2110
2111 if (!user_gesture && !CommandLine::ForCurrentProcess()->HasSwitch(
2112 switches::kDisablePopupBlocking)) {
2113 if (content_settings->GetContentSetting(opener_top_level_frame_url,
2114 opener_top_level_frame_url,
2115 CONTENT_SETTINGS_TYPE_POPUPS,
2116 std::string()) !=
2117 CONTENT_SETTING_ALLOW) {
2118 BrowserThread::PostTask(BrowserThread::UI,
2119 FROM_HERE,
2120 base::Bind(&HandleBlockedPopupOnUIThread,
2121 blocked_params));
2122 return false;
2123 }
2124 }
2125
2126 #if defined(OS_ANDROID)
2127 if (SingleTabModeTabHelper::IsRegistered(render_process_id, opener_id)) {
2128 BrowserThread::PostTask(BrowserThread::UI,
2129 FROM_HERE,
2130 base::Bind(&HandleSingleTabModeBlockOnUIThread,
2131 blocked_params));
2132 return false;
2133 }
2134 #endif
2135
2136 return true;
2137 }
2138
2139 std::string ChromeContentBrowserClient::GetWorkerProcessTitle(
2140 const GURL& url, content::ResourceContext* context) {
2141 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
2142 // Check if it's an extension-created worker, in which case we want to use
2143 // the name of the extension.
2144 ProfileIOData* io_data = ProfileIOData::FromResourceContext(context);
2145 const Extension* extension =
2146 io_data->GetExtensionInfoMap()->extensions().GetByID(url.host());
2147 return extension ? extension->name() : std::string();
2148 }
2149
2150 void ChromeContentBrowserClient::ResourceDispatcherHostCreated() {
2151 return g_browser_process->ResourceDispatcherHostCreated();
2152 }
2153
2154 // TODO(tommi): Rename from Get to Create.
2155 content::SpeechRecognitionManagerDelegate*
2156 ChromeContentBrowserClient::GetSpeechRecognitionManagerDelegate() {
2157 #if defined(ENABLE_INPUT_SPEECH)
2158 return new speech::ChromeSpeechRecognitionManagerDelegateBubbleUI();
2159 #else
2160 // Platforms who don't implement x-webkit-speech (a.k.a INPUT_SPEECH) just
2161 // need the base delegate without the bubble UI.
2162 return new speech::ChromeSpeechRecognitionManagerDelegate();
2163 #endif
2164 }
2165
2166 net::NetLog* ChromeContentBrowserClient::GetNetLog() {
2167 return g_browser_process->net_log();
2168 }
2169
2170 AccessTokenStore* ChromeContentBrowserClient::CreateAccessTokenStore() {
2171 return new ChromeAccessTokenStore();
2172 }
2173
2174 bool ChromeContentBrowserClient::IsFastShutdownPossible() {
2175 return true;
2176 }
2177
2178 void ChromeContentBrowserClient::OverrideWebkitPrefs(
2179 RenderViewHost* rvh, const GURL& url, WebPreferences* web_prefs) {
2180 Profile* profile = Profile::FromBrowserContext(
2181 rvh->GetProcess()->GetBrowserContext());
2182 PrefService* prefs = profile->GetPrefs();
2183
2184 // Fill per-script font preferences. These are not registered on Android
2185 // - http://crbug.com/308033.
2186 #if !defined(OS_ANDROID)
2187 FillFontFamilyMap(prefs, prefs::kWebKitStandardFontFamilyMap,
2188 &web_prefs->standard_font_family_map);
2189 FillFontFamilyMap(prefs, prefs::kWebKitFixedFontFamilyMap,
2190 &web_prefs->fixed_font_family_map);
2191 FillFontFamilyMap(prefs, prefs::kWebKitSerifFontFamilyMap,
2192 &web_prefs->serif_font_family_map);
2193 FillFontFamilyMap(prefs, prefs::kWebKitSansSerifFontFamilyMap,
2194 &web_prefs->sans_serif_font_family_map);
2195 FillFontFamilyMap(prefs, prefs::kWebKitCursiveFontFamilyMap,
2196 &web_prefs->cursive_font_family_map);
2197 FillFontFamilyMap(prefs, prefs::kWebKitFantasyFontFamilyMap,
2198 &web_prefs->fantasy_font_family_map);
2199 FillFontFamilyMap(prefs, prefs::kWebKitPictographFontFamilyMap,
2200 &web_prefs->pictograph_font_family_map);
2201 #endif
2202
2203 web_prefs->default_font_size =
2204 prefs->GetInteger(prefs::kWebKitDefaultFontSize);
2205 web_prefs->default_fixed_font_size =
2206 prefs->GetInteger(prefs::kWebKitDefaultFixedFontSize);
2207 web_prefs->minimum_font_size =
2208 prefs->GetInteger(prefs::kWebKitMinimumFontSize);
2209 web_prefs->minimum_logical_font_size =
2210 prefs->GetInteger(prefs::kWebKitMinimumLogicalFontSize);
2211
2212 web_prefs->default_encoding = prefs->GetString(prefs::kDefaultCharset);
2213
2214 web_prefs->javascript_can_open_windows_automatically =
2215 prefs->GetBoolean(prefs::kWebKitJavascriptCanOpenWindowsAutomatically);
2216 web_prefs->dom_paste_enabled =
2217 prefs->GetBoolean(prefs::kWebKitDomPasteEnabled);
2218 web_prefs->shrinks_standalone_images_to_fit =
2219 prefs->GetBoolean(prefs::kWebKitShrinksStandaloneImagesToFit);
2220 const base::DictionaryValue* inspector_settings =
2221 prefs->GetDictionary(prefs::kWebKitInspectorSettings);
2222 if (inspector_settings) {
2223 for (base::DictionaryValue::Iterator iter(*inspector_settings);
2224 !iter.IsAtEnd();
2225 iter.Advance()) {
2226 std::string value;
2227 if (iter.value().GetAsString(&value)) {
2228 web_prefs->inspector_settings.push_back(
2229 std::make_pair(iter.key(), value));
2230 }
2231 }
2232 }
2233 web_prefs->tabs_to_links = prefs->GetBoolean(prefs::kWebkitTabsToLinks);
2234
2235 if (!prefs->GetBoolean(prefs::kWebKitJavascriptEnabled))
2236 web_prefs->javascript_enabled = false;
2237 if (!prefs->GetBoolean(prefs::kWebKitWebSecurityEnabled))
2238 web_prefs->web_security_enabled = false;
2239 if (!prefs->GetBoolean(prefs::kWebKitPluginsEnabled))
2240 web_prefs->plugins_enabled = false;
2241 if (!prefs->GetBoolean(prefs::kWebKitJavaEnabled))
2242 web_prefs->java_enabled = false;
2243 web_prefs->loads_images_automatically =
2244 prefs->GetBoolean(prefs::kWebKitLoadsImagesAutomatically);
2245
2246 if (prefs->GetBoolean(prefs::kDisable3DAPIs))
2247 web_prefs->experimental_webgl_enabled = false;
2248
2249 web_prefs->memory_info_enabled =
2250 prefs->GetBoolean(prefs::kEnableMemoryInfo);
2251 web_prefs->allow_displaying_insecure_content =
2252 prefs->GetBoolean(prefs::kWebKitAllowDisplayingInsecureContent);
2253 web_prefs->allow_running_insecure_content =
2254 prefs->GetBoolean(prefs::kWebKitAllowRunningInsecureContent);
2255 #if defined(OS_ANDROID)
2256 web_prefs->font_scale_factor =
2257 static_cast<float>(prefs->GetDouble(prefs::kWebKitFontScaleFactor));
2258 web_prefs->device_scale_adjustment = GetDeviceScaleAdjustment();
2259 web_prefs->force_enable_zoom =
2260 prefs->GetBoolean(prefs::kWebKitForceEnableZoom);
2261 #endif
2262
2263 #if defined(OS_ANDROID)
2264 web_prefs->password_echo_enabled =
2265 prefs->GetBoolean(prefs::kWebKitPasswordEchoEnabled);
2266 #else
2267 web_prefs->password_echo_enabled = browser_defaults::kPasswordEchoEnabled;
2268 #endif
2269
2270 web_prefs->asynchronous_spell_checking_enabled = true;
2271 web_prefs->unified_textchecker_enabled = true;
2272
2273 web_prefs->uses_universal_detector =
2274 prefs->GetBoolean(prefs::kWebKitUsesUniversalDetector);
2275 web_prefs->text_areas_are_resizable =
2276 prefs->GetBoolean(prefs::kWebKitTextAreasAreResizable);
2277 web_prefs->hyperlink_auditing_enabled =
2278 prefs->GetBoolean(prefs::kEnableHyperlinkAuditing);
2279
2280 // Make sure we will set the default_encoding with canonical encoding name.
2281 web_prefs->default_encoding =
2282 CharacterEncoding::GetCanonicalEncodingNameByAliasName(
2283 web_prefs->default_encoding);
2284 if (web_prefs->default_encoding.empty()) {
2285 prefs->ClearPref(prefs::kDefaultCharset);
2286 web_prefs->default_encoding = prefs->GetString(prefs::kDefaultCharset);
2287 }
2288 DCHECK(!web_prefs->default_encoding.empty());
2289
2290 WebContents* web_contents = WebContents::FromRenderViewHost(rvh);
2291 extensions::ViewType view_type = extensions::GetViewType(web_contents);
2292 ExtensionService* service =
2293 extensions::ExtensionSystem::Get(profile)->extension_service();
2294 if (service) {
2295 const GURL& site_url = rvh->GetSiteInstance()->GetSiteURL();
2296 const Extension* extension =
2297 service->extensions()->GetByID(site_url.host());
2298 // Ensure that we are only granting extension preferences to URLs with
2299 // the correct scheme. Without this check, chrome-guest:// schemes used by
2300 // webview tags as well as hosts that happen to match the id of an
2301 // installed extension would get the wrong preferences.
2302 if (site_url.SchemeIs(extensions::kExtensionScheme)) {
2303 extension_webkit_preferences::SetPreferences(
2304 extension, view_type, web_prefs);
2305 }
2306 }
2307
2308 if (view_type == extensions::VIEW_TYPE_NOTIFICATION) {
2309 web_prefs->allow_scripts_to_close_windows = true;
2310 } else if (view_type == extensions::VIEW_TYPE_BACKGROUND_CONTENTS) {
2311 // Disable all kinds of acceleration for background pages.
2312 // See http://crbug.com/96005 and http://crbug.com/96006
2313 web_prefs->force_compositing_mode = false;
2314 web_prefs->accelerated_compositing_enabled = false;
2315 }
2316
2317 #if defined(FILE_MANAGER_EXTENSION)
2318 // Override the default of suppressing HW compositing for WebUI pages for the
2319 // file manager, which is implemented using WebUI but wants HW acceleration
2320 // for video decode & render.
2321 if (url.SchemeIs(extensions::kExtensionScheme) &&
2322 url.host() == file_manager::kFileManagerAppId) {
2323 web_prefs->accelerated_compositing_enabled = true;
2324 web_prefs->accelerated_2d_canvas_enabled = true;
2325 }
2326 #endif
2327 }
2328
2329 void ChromeContentBrowserClient::UpdateInspectorSetting(
2330 RenderViewHost* rvh, const std::string& key, const std::string& value) {
2331 content::BrowserContext* browser_context =
2332 rvh->GetProcess()->GetBrowserContext();
2333 DictionaryPrefUpdate update(
2334 Profile::FromBrowserContext(browser_context)->GetPrefs(),
2335 prefs::kWebKitInspectorSettings);
2336 base::DictionaryValue* inspector_settings = update.Get();
2337 inspector_settings->SetWithoutPathExpansion(
2338 key, base::Value::CreateStringValue(value));
2339 }
2340
2341 void ChromeContentBrowserClient::BrowserURLHandlerCreated(
2342 BrowserURLHandler* handler) {
2343 // Add the default URL handlers.
2344 handler->AddHandlerPair(&ExtensionWebUI::HandleChromeURLOverride,
2345 BrowserURLHandler::null_handler());
2346 handler->AddHandlerPair(BrowserURLHandler::null_handler(),
2347 &ExtensionWebUI::HandleChromeURLOverrideReverse);
2348
2349 // about: handler. Must come before chrome: handler, since it will
2350 // rewrite about: urls to chrome: URLs and then expect chrome: to
2351 // actually handle them.
2352 handler->AddHandlerPair(&WillHandleBrowserAboutURL,
2353 BrowserURLHandler::null_handler());
2354
2355 // Handler to rewrite chrome://newtab for InstantExtended.
2356 handler->AddHandlerPair(&chrome::HandleNewTabURLRewrite,
2357 &chrome::HandleNewTabURLReverseRewrite);
2358
2359 // chrome: & friends.
2360 handler->AddHandlerPair(&HandleWebUI, &HandleWebUIReverse);
2361 }
2362
2363 void ChromeContentBrowserClient::ClearCache(RenderViewHost* rvh) {
2364 Profile* profile = Profile::FromBrowserContext(
2365 rvh->GetSiteInstance()->GetProcess()->GetBrowserContext());
2366 BrowsingDataRemover* remover =
2367 BrowsingDataRemover::CreateForUnboundedRange(profile);
2368 remover->Remove(BrowsingDataRemover::REMOVE_CACHE,
2369 BrowsingDataHelper::UNPROTECTED_WEB);
2370 // BrowsingDataRemover takes care of deleting itself when done.
2371 }
2372
2373 void ChromeContentBrowserClient::ClearCookies(RenderViewHost* rvh) {
2374 Profile* profile = Profile::FromBrowserContext(
2375 rvh->GetSiteInstance()->GetProcess()->GetBrowserContext());
2376 BrowsingDataRemover* remover =
2377 BrowsingDataRemover::CreateForUnboundedRange(profile);
2378 int remove_mask = BrowsingDataRemover::REMOVE_SITE_DATA;
2379 remover->Remove(remove_mask, BrowsingDataHelper::UNPROTECTED_WEB);
2380 // BrowsingDataRemover takes care of deleting itself when done.
2381 }
2382
2383 base::FilePath ChromeContentBrowserClient::GetDefaultDownloadDirectory() {
2384 return DownloadPrefs::GetDefaultDownloadDirectory();
2385 }
2386
2387 std::string ChromeContentBrowserClient::GetDefaultDownloadName() {
2388 return l10n_util::GetStringUTF8(IDS_DEFAULT_DOWNLOAD_FILENAME);
2389 }
2390
2391 void ChromeContentBrowserClient::DidCreatePpapiPlugin(
2392 content::BrowserPpapiHost* browser_host) {
2393 #if defined(ENABLE_PLUGINS)
2394 browser_host->GetPpapiHost()->AddHostFactoryFilter(
2395 scoped_ptr<ppapi::host::HostFactory>(
2396 new ChromeBrowserPepperHostFactory(browser_host)));
2397 #endif
2398 }
2399
2400 content::BrowserPpapiHost*
2401 ChromeContentBrowserClient::GetExternalBrowserPpapiHost(
2402 int plugin_process_id) {
2403 BrowserChildProcessHostIterator iter(PROCESS_TYPE_NACL_LOADER);
2404 while (!iter.Done()) {
2405 nacl::NaClProcessHost* host = static_cast<nacl::NaClProcessHost*>(
2406 iter.GetDelegate());
2407 if (host->process() &&
2408 host->process()->GetData().id == plugin_process_id) {
2409 // Found the plugin.
2410 return host->browser_ppapi_host();
2411 }
2412 ++iter;
2413 }
2414 return NULL;
2415 }
2416
2417 bool ChromeContentBrowserClient::SupportsBrowserPlugin(
2418 content::BrowserContext* browser_context, const GURL& site_url) {
2419 if (CommandLine::ForCurrentProcess()->HasSwitch(
2420 switches::kEnableBrowserPluginForAllViewTypes))
2421 return true;
2422
2423 if (content::HasWebUIScheme(site_url))
2424 return true;
2425
2426 Profile* profile = Profile::FromBrowserContext(browser_context);
2427 ExtensionService* service =
2428 extensions::ExtensionSystem::Get(profile)->extension_service();
2429 if (!service)
2430 return false;
2431
2432 const Extension* extension =
2433 service->extensions()->GetExtensionOrAppByURL(site_url);
2434 if (!extension)
2435 return false;
2436
2437 return extension->HasAPIPermission(APIPermission::kWebView) ||
2438 extension->HasAPIPermission(APIPermission::kAdView);
2439 }
2440
2441 bool ChromeContentBrowserClient::AllowPepperSocketAPI(
2442 content::BrowserContext* browser_context,
2443 const GURL& url,
2444 bool private_api,
2445 const content::SocketPermissionRequest* params) {
2446 #if defined(ENABLE_PLUGINS)
2447 Profile* profile = Profile::FromBrowserContext(browser_context);
2448 const extensions::ExtensionSet* extension_set = NULL;
2449 if (profile) {
2450 extension_set = extensions::ExtensionSystem::Get(profile)->
2451 extension_service()->extensions();
2452 }
2453
2454 if (private_api) {
2455 // Access to private socket APIs is controlled by the whitelist.
2456 if (IsExtensionOrSharedModuleWhitelisted(url, extension_set,
2457 allowed_socket_origins_)) {
2458 return true;
2459 }
2460 } else {
2461 // Access to public socket APIs is controlled by extension permissions.
2462 if (url.is_valid() && url.SchemeIs(extensions::kExtensionScheme) &&
2463 extension_set) {
2464 const Extension* extension = extension_set->GetByID(url.host());
2465 if (extension) {
2466 if (params) {
2467 extensions::SocketPermission::CheckParam check_params(
2468 params->type, params->host, params->port);
2469 if (extensions::PermissionsData::CheckAPIPermissionWithParam(
2470 extension, extensions::APIPermission::kSocket,
2471 &check_params)) {
2472 return true;
2473 }
2474 } else {
2475 if (extensions::PermissionsData::HasAPIPermission(
2476 extension, extensions::APIPermission::kSocket)) {
2477 return true;
2478 }
2479 }
2480 }
2481 }
2482 }
2483
2484 // Allow both public and private APIs if the command line says so.
2485 return IsHostAllowedByCommandLine(url, extension_set,
2486 switches::kAllowNaClSocketAPI);
2487 #else
2488 return false;
2489 #endif
2490 }
2491
2492 ui::SelectFilePolicy* ChromeContentBrowserClient::CreateSelectFilePolicy(
2493 WebContents* web_contents) {
2494 return new ChromeSelectFilePolicy(web_contents);
2495 }
2496
2497 void ChromeContentBrowserClient::GetAdditionalAllowedSchemesForFileSystem(
2498 std::vector<std::string>* additional_allowed_schemes) {
2499 ContentBrowserClient::GetAdditionalAllowedSchemesForFileSystem(
2500 additional_allowed_schemes);
2501 additional_allowed_schemes->push_back(kChromeDevToolsScheme);
2502 additional_allowed_schemes->push_back(kChromeUIScheme);
2503 additional_allowed_schemes->push_back(extensions::kExtensionScheme);
2504 }
2505
2506 void ChromeContentBrowserClient::GetAdditionalFileSystemBackends(
2507 content::BrowserContext* browser_context,
2508 const base::FilePath& storage_partition_path,
2509 ScopedVector<fileapi::FileSystemBackend>* additional_backends) {
2510 #if !defined(OS_ANDROID)
2511 base::SequencedWorkerPool* pool = content::BrowserThread::GetBlockingPool();
2512 additional_backends->push_back(new MediaFileSystemBackend(
2513 storage_partition_path,
2514 pool->GetSequencedTaskRunner(pool->GetNamedSequenceToken(
2515 MediaFileSystemBackend::kMediaTaskRunnerName)).get()));
2516 #endif
2517 #if defined(OS_CHROMEOS)
2518 fileapi::ExternalMountPoints* external_mount_points =
2519 content::BrowserContext::GetMountPoints(browser_context);
2520 DCHECK(external_mount_points);
2521 chromeos::FileSystemBackend* backend =
2522 new chromeos::FileSystemBackend(
2523 new drive::FileSystemBackendDelegate(browser_context),
2524 browser_context->GetSpecialStoragePolicy(),
2525 external_mount_points,
2526 fileapi::ExternalMountPoints::GetSystemInstance());
2527 backend->AddSystemMountPoints();
2528 DCHECK(backend->CanHandleType(fileapi::kFileSystemTypeExternal));
2529 additional_backends->push_back(backend);
2530 #endif
2531
2532 additional_backends->push_back(
2533 new sync_file_system::SyncFileSystemBackend(
2534 Profile::FromBrowserContext(browser_context)));
2535
2536 if (CommandLine::ForCurrentProcess()->HasSwitch(
2537 switches::kEnablePrivetStorage)) {
2538 additional_backends->push_back(
2539 new local_discovery::PrivetFileSystemBackend(
2540 fileapi::ExternalMountPoints::GetSystemInstance()));
2541 }
2542 }
2543
2544 #if defined(OS_POSIX) && !defined(OS_MACOSX)
2545 void ChromeContentBrowserClient::GetAdditionalMappedFilesForChildProcess(
2546 const CommandLine& command_line,
2547 int child_process_id,
2548 std::vector<FileDescriptorInfo>* mappings) {
2549 #if defined(OS_ANDROID)
2550 base::FilePath data_path;
2551 PathService::Get(ui::DIR_RESOURCE_PAKS_ANDROID, &data_path);
2552 DCHECK(!data_path.empty());
2553
2554 int flags = base::PLATFORM_FILE_OPEN | base::PLATFORM_FILE_READ;
2555 base::FilePath chrome_resources_pak =
2556 data_path.AppendASCII("chrome_100_percent.pak");
2557 base::PlatformFile f =
2558 base::CreatePlatformFile(chrome_resources_pak, flags, NULL, NULL);
2559 DCHECK(f != base::kInvalidPlatformFileValue);
2560 mappings->push_back(FileDescriptorInfo(kAndroidChrome100PercentPakDescriptor,
2561 FileDescriptor(f, true)));
2562
2563 const std::string locale = GetApplicationLocale();
2564 base::FilePath locale_pak = ResourceBundle::GetSharedInstance().
2565 GetLocaleFilePath(locale, false);
2566 f = base::CreatePlatformFile(locale_pak, flags, NULL, NULL);
2567 DCHECK(f != base::kInvalidPlatformFileValue);
2568 mappings->push_back(FileDescriptorInfo(kAndroidLocalePakDescriptor,
2569 FileDescriptor(f, true)));
2570
2571 base::FilePath resources_pack_path;
2572 PathService::Get(chrome::FILE_RESOURCES_PACK, &resources_pack_path);
2573 f = base::CreatePlatformFile(resources_pack_path, flags, NULL, NULL);
2574 DCHECK(f != base::kInvalidPlatformFileValue);
2575 mappings->push_back(FileDescriptorInfo(kAndroidUIResourcesPakDescriptor,
2576 FileDescriptor(f, true)));
2577
2578 if (breakpad::IsCrashReporterEnabled()) {
2579 f = breakpad::CrashDumpManager::GetInstance()->CreateMinidumpFile(
2580 child_process_id);
2581 if (f == base::kInvalidPlatformFileValue) {
2582 LOG(ERROR) << "Failed to create file for minidump, crash reporting will "
2583 "be disabled for this process.";
2584 } else {
2585 mappings->push_back(FileDescriptorInfo(kAndroidMinidumpDescriptor,
2586 FileDescriptor(f, true)));
2587 }
2588 }
2589
2590 #else
2591 int crash_signal_fd = GetCrashSignalFD(command_line);
2592 if (crash_signal_fd >= 0) {
2593 mappings->push_back(FileDescriptorInfo(kCrashDumpSignal,
2594 FileDescriptor(crash_signal_fd,
2595 false)));
2596 }
2597 #endif // defined(OS_ANDROID)
2598 }
2599 #endif // defined(OS_POSIX) && !defined(OS_MACOSX)
2600
2601 #if defined(OS_WIN)
2602 const wchar_t* ChromeContentBrowserClient::GetResourceDllName() {
2603 return chrome::kBrowserResourcesDll;
2604 }
2605
2606 void ChromeContentBrowserClient::PreSpawnRenderer(
2607 sandbox::TargetPolicy* policy,
2608 bool* success) {
2609 // This code is duplicated in nacl_exe_win_64.cc.
2610 // Allow the server side of a pipe restricted to the "chrome.nacl."
2611 // namespace so that it cannot impersonate other system or other chrome
2612 // service pipes.
2613 sandbox::ResultCode result = policy->AddRule(
2614 sandbox::TargetPolicy::SUBSYS_NAMED_PIPES,
2615 sandbox::TargetPolicy::NAMEDPIPES_ALLOW_ANY,
2616 L"\\\\.\\pipe\\chrome.nacl.*");
2617 if (result != sandbox::SBOX_ALL_OK) {
2618 *success = false;
2619 return;
2620 }
2621
2622 // Renderers need to send named pipe handles and shared memory
2623 // segment handles to NaCl loader processes.
2624 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_HANDLES,
2625 sandbox::TargetPolicy::HANDLES_DUP_ANY,
2626 L"File");
2627 if (result != sandbox::SBOX_ALL_OK) {
2628 *success = false;
2629 return;
2630 }
2631 }
2632 #endif
2633
2634 bool ChromeContentBrowserClient::IsPluginAllowedToCallRequestOSFileHandle(
2635 content::BrowserContext* browser_context,
2636 const GURL& url) {
2637 #if defined(ENABLE_PLUGINS)
2638 Profile* profile = Profile::FromBrowserContext(browser_context);
2639 const extensions::ExtensionSet* extension_set = NULL;
2640 if (profile) {
2641 extension_set = extensions::ExtensionSystem::Get(profile)->
2642 extension_service()->extensions();
2643 }
2644 // TODO(teravest): Populate allowed_file_handle_origins_ when FileIO is moved
2645 // from the renderer to the browser.
2646 return IsExtensionOrSharedModuleWhitelisted(url, extension_set,
2647 allowed_file_handle_origins_) ||
2648 IsHostAllowedByCommandLine(url, extension_set,
2649 switches::kAllowNaClFileHandleAPI);
2650 #else
2651 return false;
2652 #endif
2653 }
2654
2655 bool ChromeContentBrowserClient::IsPluginAllowedToUseDevChannelAPIs() {
2656 #if defined(ENABLE_PLUGINS)
2657 // Allow access for tests.
2658 if (CommandLine::ForCurrentProcess()->HasSwitch(
2659 switches::kEnablePepperTesting)) {
2660 return true;
2661 }
2662
2663 chrome::VersionInfo::Channel channel = chrome::VersionInfo::GetChannel();
2664 // Allow dev channel APIs to be used on "Canary", "Dev", and "Unknown"
2665 // releases of Chrome. Permitting "Unknown" allows these APIs to be used on
2666 // Chromium builds as well.
2667 return channel <= chrome::VersionInfo::CHANNEL_DEV;
2668 #else
2669 return false;
2670 #endif
2671 }
2672
2673
2674 } // namespace chrome