chrome/renderer/content_settings_observer.h

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef CHROME_RENDERER_CONTENT_SETTINGS_OBSERVER_H_
   6 #define CHROME_RENDERER_CONTENT_SETTINGS_OBSERVER_H_
   7
   8 #include <map>
   9 #include <set>
  10
  11 #include "chrome/common/content_settings.h"
  12 #include "content/public/renderer/render_frame_observer.h"
  13 #include "content/public/renderer/render_frame_observer_tracker.h"
  14 #include "extensions/common/permissions/api_permission.h"
  15 #include "third_party/WebKit/public/web/WebPermissionClient.h"
  16
  17 class GURL;
  18
  19 namespace blink {
  20 class WebFrame;
  21 class WebSecurityOrigin;
  22 class WebURL;
  23 }
  24
  25 namespace extensions {
  26 class Dispatcher;
  27 class Extension;
  28 }
  29
  30 // Handles blocking content per content settings for each RenderFrame.
  31 class ContentSettingsObserver
  32     : public content::RenderFrameObserver,
  33       public content::RenderFrameObserverTracker<ContentSettingsObserver>,
  34       public blink::WebPermissionClient {
  35  public:
  36   ContentSettingsObserver(content::RenderFrame* render_frame,
  37                           extensions::Dispatcher* extension_dispatcher);
  38   virtual ~ContentSettingsObserver();
  39
  40   // Sets the content setting rules which back |AllowImage()|, |AllowScript()|,
  41   // and |AllowScriptFromSource()|. |content_setting_rules| must outlive this
  42   // |ContentSettingsObserver|.
  43   void SetContentSettingRules(
  44       const RendererContentSettingRules* content_setting_rules);
  45
  46   bool IsPluginTemporarilyAllowed(const std::string& identifier);
  47
  48   // Sends an IPC notification that the specified content type was blocked.
  49   void DidBlockContentType(ContentSettingsType settings_type);
  50
  51   // blink::WebPermissionClient implementation.
  52   virtual bool allowDatabase(blink::WebFrame* frame,
  53                              const blink::WebString& name,
  54                              const blink::WebString& display_name,
  55                              unsigned long estimated_size);
  56   virtual bool allowFileSystem(blink::WebFrame* frame);
  57   virtual bool allowImage(blink::WebFrame* frame,
  58                           bool enabled_per_settings,
  59                           const blink::WebURL& image_url);
  60   virtual bool allowIndexedDB(blink::WebFrame* frame,
  61                               const blink::WebString& name,
  62                               const blink::WebSecurityOrigin& origin);
  63   virtual bool allowPlugins(blink::WebFrame* frame,
  64                             bool enabled_per_settings);
  65   virtual bool allowScript(blink::WebFrame* frame,
  66                            bool enabled_per_settings);
  67   virtual bool allowScriptFromSource(blink::WebFrame* frame,
  68                                      bool enabled_per_settings,
  69                                      const blink::WebURL& script_url);
  70   virtual bool allowStorage(blink::WebFrame* frame, bool local);
  71   virtual bool allowReadFromClipboard(blink::WebFrame* frame,
  72                                       bool default_value);
  73   virtual bool allowWriteToClipboard(blink::WebFrame* frame,
  74                                      bool default_value);
  75   virtual bool allowWebComponents(blink::WebFrame* frame, bool);
  76   virtual bool allowMutationEvents(blink::WebFrame* frame,
  77                                    bool default_value);
  78   virtual bool allowPushState(blink::WebFrame* frame);
  79   virtual bool allowWebGLDebugRendererInfo(blink::WebFrame* frame);
  80   virtual void didNotAllowPlugins(blink::WebFrame* frame);
  81   virtual void didNotAllowScript(blink::WebFrame* frame);
  82   virtual bool allowDisplayingInsecureContent(
  83       blink::WebFrame* frame,
  84       bool allowed_per_settings,
  85       const blink::WebSecurityOrigin& context,
  86       const blink::WebURL& url);
  87   virtual bool allowRunningInsecureContent(
  88       blink::WebFrame* frame,
  89       bool allowed_per_settings,
  90       const blink::WebSecurityOrigin& context,
  91       const blink::WebURL& url);
  92
  93   // This is used for cases when the NPAPI plugins malfunction if used.
  94   bool AreNPAPIPluginsBlocked() const;
  95
  96  private:
  97   FRIEND_TEST_ALL_PREFIXES(ContentSettingsObserverTest, WhitelistedSchemes);
  98   FRIEND_TEST_ALL_PREFIXES(ChromeRenderViewTest,
  99                            ContentSettingsInterstitialPages);
 100   FRIEND_TEST_ALL_PREFIXES(ChromeRenderViewTest, PluginsTemporarilyAllowed);
 101
 102   // RenderFrameObserver implementation.
 103   virtual bool OnMessageReceived(const IPC::Message& message) OVERRIDE;
 104   virtual void DidCommitProvisionalLoad(blink::WebFrame* frame,
 105                                         bool is_new_navigation) OVERRIDE;
 106
 107   // Message handlers.
 108   void OnLoadBlockedPlugins(const std::string& identifier);
 109   void OnSetAsInterstitial();
 110   void OnNPAPINotSupported();
 111   void OnSetAllowDisplayingInsecureContent(bool allow);
 112   void OnSetAllowRunningInsecureContent(bool allow);
 113   void OnReloadFrame();
 114
 115   // Resets the |content_blocked_| array.
 116   void ClearBlockedContentSettings();
 117
 118   // If |origin| corresponds to an installed extension, returns that extension.
 119   // Otherwise returns NULL.
 120   const extensions::Extension* GetExtension(
 121       const blink::WebSecurityOrigin& origin) const;
 122
 123   // Helpers.
 124   // True if |frame| contains content that is white-listed for content settings.
 125   static bool IsWhitelistedForContentSettings(blink::WebFrame* frame);
 126   static bool IsWhitelistedForContentSettings(
 127       const blink::WebSecurityOrigin& origin,
 128       const GURL& document_url);
 129
 130   // Owned by ChromeContentRendererClient and outlive us.
 131   extensions::Dispatcher* extension_dispatcher_;
 132
 133   // Insecure content may be permitted for the duration of this render view.
 134   bool allow_displaying_insecure_content_;
 135   bool allow_running_insecure_content_;
 136
 137   // A pointer to content setting rules stored by the renderer. Normally, the
 138   // |RendererContentSettingRules| object is owned by
 139   // |ChromeRenderProcessObserver|. In the tests it is owned by the caller of
 140   // |SetContentSettingRules|.
 141   const RendererContentSettingRules* content_setting_rules_;
 142
 143   // Stores if images, scripts, and plugins have actually been blocked.
 144   bool content_blocked_[CONTENT_SETTINGS_NUM_TYPES];
 145
 146   // Caches the result of AllowStorage.
 147   typedef std::pair<GURL, bool> StoragePermissionsKey;
 148   std::map<StoragePermissionsKey, bool> cached_storage_permissions_;
 149
 150   // Caches the result of |AllowScript|.
 151   std::map<blink::WebFrame*, bool> cached_script_permissions_;
 152
 153   std::set<std::string> temporarily_allowed_plugins_;
 154   bool is_interstitial_page_;
 155   bool npapi_plugins_blocked_;
 156
 157   DISALLOW_COPY_AND_ASSIGN(ContentSettingsObserver);
 158 };
 159
 160 #endif  // CHROME_RENDERER_CONTENT_SETTINGS_OBSERVER_H_