search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Data Reduction Proxy Blocking page and resources
[chromium-blink-merge.git] / chrome / renderer / chrome_content_renderer_client.cc
blob5f3b5c47af3f2084d3a1f518656e166a051c6210
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/renderer/chrome_content_renderer_client.h"
6
7 #include "base/command_line.h"
8 #include "base/debug/crash_logging.h"
9 #include "base/logging.h"
10 #include "base/metrics/field_trial.h"
11 #include "base/metrics/histogram.h"
12 #include "base/metrics/user_metrics_action.h"
13 #include "base/strings/string_number_conversions.h"
14 #include "base/strings/string_util.h"
15 #include "base/strings/utf_string_conversions.h"
16 #include "base/values.h"
17 #include "chrome/common/chrome_paths.h"
18 #include "chrome/common/chrome_switches.h"
19 #include "chrome/common/chrome_version_info.h"
20 #include "chrome/common/crash_keys.h"
21 #include "chrome/common/extensions/extension_metrics.h"
22 #include "chrome/common/localized_error.h"
23 #include "chrome/common/pepper_permission_util.h"
24 #include "chrome/common/render_messages.h"
25 #include "chrome/common/url_constants.h"
26 #include "chrome/grit/generated_resources.h"
27 #include "chrome/grit/locale_settings.h"
28 #include "chrome/grit/renderer_resources.h"
29 #include "chrome/renderer/benchmarking_extension.h"
30 #include "chrome/renderer/chrome_render_frame_observer.h"
31 #include "chrome/renderer/chrome_render_process_observer.h"
32 #include "chrome/renderer/chrome_render_view_observer.h"
33 #include "chrome/renderer/content_settings_observer.h"
34 #include "chrome/renderer/external_extension.h"
35 #include "chrome/renderer/loadtimes_extension_bindings.h"
36 #include "chrome/renderer/media/chrome_key_systems.h"
37 #include "chrome/renderer/net/net_error_helper.h"
38 #include "chrome/renderer/net_benchmarking_extension.h"
39 #include "chrome/renderer/page_load_histograms.h"
40 #include "chrome/renderer/pepper/pepper_helper.h"
41 #include "chrome/renderer/playback_extension.h"
42 #include "chrome/renderer/plugins/chrome_plugin_placeholder.h"
43 #include "chrome/renderer/plugins/plugin_preroller.h"
44 #include "chrome/renderer/plugins/plugin_uma.h"
45 #include "chrome/renderer/plugins/shadow_dom_plugin_placeholder.h"
46 #include "chrome/renderer/prefetch_helper.h"
47 #include "chrome/renderer/prerender/prerender_dispatcher.h"
48 #include "chrome/renderer/prerender/prerender_helper.h"
49 #include "chrome/renderer/prerender/prerender_media_load_deferrer.h"
50 #include "chrome/renderer/prerender/prerenderer_client.h"
51 #include "chrome/renderer/principals_extension_bindings.h"
52 #include "chrome/renderer/safe_browsing/malware_dom_details.h"
53 #include "chrome/renderer/safe_browsing/phishing_classifier_delegate.h"
54 #include "chrome/renderer/searchbox/search_bouncer.h"
55 #include "chrome/renderer/searchbox/searchbox.h"
56 #include "chrome/renderer/searchbox/searchbox_extension.h"
57 #include "chrome/renderer/tts_dispatcher.h"
58 #include "chrome/renderer/worker_permission_client_proxy.h"
59 #include "components/autofill/content/renderer/autofill_agent.h"
60 #include "components/autofill/content/renderer/password_autofill_agent.h"
61 #include "components/autofill/content/renderer/password_generation_agent.h"
62 #include "components/content_settings/core/common/content_settings_pattern.h"
63 #include "components/dom_distiller/core/url_constants.h"
64 #include "components/nacl/renderer/ppb_nacl_private.h"
65 #include "components/nacl/renderer/ppb_nacl_private_impl.h"
66 #include "components/network_hints/renderer/prescient_networking_dispatcher.h"
67 #include "components/password_manager/content/renderer/credential_manager_client.h"
68 #include "components/pdf/renderer/ppb_pdf_impl.h"
69 #include "components/plugins/renderer/mobile_youtube_plugin.h"
70 #include "components/signin/core/common/profile_management_switches.h"
71 #include "components/visitedlink/renderer/visitedlink_slave.h"
72 #include "components/web_cache/renderer/web_cache_render_process_observer.h"
73 #include "content/public/common/content_constants.h"
74 #include "content/public/renderer/plugin_instance_throttler.h"
75 #include "content/public/renderer/render_frame.h"
76 #include "content/public/renderer/render_thread.h"
77 #include "content/public/renderer/render_view.h"
78 #include "content/public/renderer/render_view_visitor.h"
79 #include "extensions/common/constants.h"
80 #include "ipc/ipc_sync_channel.h"
81 #include "net/base/net_errors.h"
82 #include "ppapi/c/private/ppb_pdf.h"
83 #include "ppapi/shared_impl/ppapi_switches.h"
84 #include "third_party/WebKit/public/platform/WebURL.h"
85 #include "third_party/WebKit/public/platform/WebURLError.h"
86 #include "third_party/WebKit/public/platform/WebURLRequest.h"
87 #include "third_party/WebKit/public/web/WebCache.h"
88 #include "third_party/WebKit/public/web/WebDataSource.h"
89 #include "third_party/WebKit/public/web/WebDocument.h"
90 #include "third_party/WebKit/public/web/WebElement.h"
91 #include "third_party/WebKit/public/web/WebLocalFrame.h"
92 #include "third_party/WebKit/public/web/WebPluginContainer.h"
93 #include "third_party/WebKit/public/web/WebPluginParams.h"
94 #include "third_party/WebKit/public/web/WebPluginPlaceholder.h"
95 #include "third_party/WebKit/public/web/WebSecurityOrigin.h"
96 #include "third_party/WebKit/public/web/WebSecurityPolicy.h"
97 #include "ui/base/l10n/l10n_util.h"
98 #include "ui/base/layout.h"
99 #include "ui/base/resource/resource_bundle.h"
100 #include "ui/base/webui/jstemplate_builder.h"
101 #include "widevine_cdm_version.h" // In SHARED_INTERMEDIATE_DIR.
102
103 #if !defined(DISABLE_NACL)
104 #include "components/nacl/common/nacl_constants.h"
105 #include "components/nacl/renderer/nacl_helper.h"
106 #endif
107
108 #if defined(ENABLE_EXTENSIONS)
109 #include "chrome/common/extensions/chrome_extensions_client.h"
110 #include "chrome/common/extensions/extension_process_policy.h"
111 #include "chrome/renderer/extensions/chrome_extensions_dispatcher_delegate.h"
112 #include "chrome/renderer/extensions/chrome_extensions_renderer_client.h"
113 #include "chrome/renderer/extensions/extension_frame_helper.h"
114 #include "chrome/renderer/extensions/renderer_permissions_policy_delegate.h"
115 #include "chrome/renderer/extensions/resource_request_policy.h"
116 #include "chrome/renderer/media/cast_ipc_dispatcher.h"
117 #include "extensions/common/extension.h"
118 #include "extensions/common/extension_set.h"
119 #include "extensions/common/extension_urls.h"
120 #include "extensions/common/switches.h"
121 #include "extensions/renderer/dispatcher.h"
122 #include "extensions/renderer/extension_helper.h"
123 #include "extensions/renderer/extensions_render_frame_observer.h"
124 #include "extensions/renderer/guest_view/extensions_guest_view_container.h"
125 #include "extensions/renderer/guest_view/guest_view_container.h"
126 #include "extensions/renderer/guest_view/mime_handler_view/mime_handler_view_container.h"
127 #include "extensions/renderer/script_context.h"
128 #endif
129
130 #if defined(ENABLE_PRINTING)
131 #include "chrome/renderer/printing/chrome_print_web_view_helper_delegate.h"
132 #include "components/printing/renderer/print_web_view_helper.h"
133 #endif
134
135 #if defined(ENABLE_PRINT_PREVIEW)
136 #include "chrome/renderer/pepper/chrome_pdf_print_client.h"
137 #endif
138
139 #if defined(ENABLE_SPELLCHECK)
140 #include "chrome/renderer/spellchecker/spellcheck.h"
141 #include "chrome/renderer/spellchecker/spellcheck_provider.h"
142 #endif
143
144 #if defined(ENABLE_WEBRTC)
145 #include "chrome/renderer/media/webrtc_logging_message_filter.h"
146 #endif
147
148 #if defined(OS_WIN)
149 #include "chrome_elf/blacklist/blacklist.h"
150 #endif
151
152 using autofill::AutofillAgent;
153 using autofill::PasswordAutofillAgent;
154 using autofill::PasswordGenerationAgent;
155 using base::ASCIIToUTF16;
156 using base::UserMetricsAction;
157 using content::PluginInstanceThrottler;
158 using content::RenderFrame;
159 using content::RenderThread;
160 using content::WebPluginInfo;
161 using extensions::Extension;
162 using blink::WebCache;
163 using blink::WebConsoleMessage;
164 using blink::WebDataSource;
165 using blink::WebDocument;
166 using blink::WebFrame;
167 using blink::WebLocalFrame;
168 using blink::WebPlugin;
169 using blink::WebPluginParams;
170 using blink::WebSecurityOrigin;
171 using blink::WebSecurityPolicy;
172 using blink::WebString;
173 using blink::WebURL;
174 using blink::WebURLError;
175 using blink::WebURLRequest;
176 using blink::WebURLResponse;
177 using blink::WebVector;
178
179 namespace {
180
181 ChromeContentRendererClient* g_current_client;
182
183 #if defined(ENABLE_PLUGINS)
184 const char* const kPredefinedAllowedCompositorOrigins[] = {
185 "6EAED1924DB611B6EEF2A664BD077BE7EAD33B8F", // see crbug.com/383937
186 "4EB74897CB187C7633357C2FE832E0AD6A44883A" // see crbug.com/383937
187 };
188 #endif
189
190 void AppendParams(const std::vector<base::string16>& additional_names,
191 const std::vector<base::string16>& additional_values,
192 WebVector<WebString>* existing_names,
193 WebVector<WebString>* existing_values) {
194 DCHECK(additional_names.size() == additional_values.size());
195 DCHECK(existing_names->size() == existing_values->size());
196
197 size_t existing_size = existing_names->size();
198 size_t total_size = existing_size + additional_names.size();
199
200 WebVector<WebString> names(total_size);
201 WebVector<WebString> values(total_size);
202
203 for (size_t i = 0; i < existing_size; ++i) {
204 names[i] = (*existing_names)[i];
205 values[i] = (*existing_values)[i];
206 }
207
208 for (size_t i = 0; i < additional_names.size(); ++i) {
209 names[existing_size + i] = additional_names[i];
210 values[existing_size + i] = additional_values[i];
211 }
212
213 existing_names->swap(names);
214 existing_values->swap(values);
215 }
216
217 #if defined(ENABLE_SPELLCHECK)
218 class SpellCheckReplacer : public content::RenderViewVisitor {
219 public:
220 explicit SpellCheckReplacer(SpellCheck* spellcheck)
221 : spellcheck_(spellcheck) {}
222 bool Visit(content::RenderView* render_view) override;
223
224 private:
225 SpellCheck* spellcheck_; // New shared spellcheck for all views. Weak Ptr.
226 DISALLOW_COPY_AND_ASSIGN(SpellCheckReplacer);
227 };
228
229 bool SpellCheckReplacer::Visit(content::RenderView* render_view) {
230 SpellCheckProvider* provider = SpellCheckProvider::Get(render_view);
231 DCHECK(provider);
232 provider->set_spellcheck(spellcheck_);
233 return true;
234 }
235 #endif
236
237 // For certain sandboxed Pepper plugins, use the JavaScript Content Settings.
238 bool ShouldUseJavaScriptSettingForPlugin(const WebPluginInfo& plugin) {
239 if (plugin.type != WebPluginInfo::PLUGIN_TYPE_PEPPER_IN_PROCESS &&
240 plugin.type != WebPluginInfo::PLUGIN_TYPE_PEPPER_OUT_OF_PROCESS) {
241 return false;
242 }
243
244 #if !defined(DISABLE_NACL)
245 // Treat Native Client invocations like JavaScript.
246 if (plugin.name == ASCIIToUTF16(nacl::kNaClPluginName))
247 return true;
248 #endif
249
250 #if defined(WIDEVINE_CDM_AVAILABLE) && defined(ENABLE_PEPPER_CDMS)
251 // Treat CDM invocations like JavaScript.
252 if (plugin.name == ASCIIToUTF16(kWidevineCdmDisplayName)) {
253 DCHECK(plugin.type == WebPluginInfo::PLUGIN_TYPE_PEPPER_OUT_OF_PROCESS);
254 return true;
255 }
256 #endif // defined(WIDEVINE_CDM_AVAILABLE) && defined(ENABLE_PEPPER_CDMS)
257
258 return false;
259 }
260
261 #if defined(ENABLE_EXTENSIONS)
262 void IsGuestViewApiAvailableToScriptContext(
263 bool* api_is_available,
264 extensions::ScriptContext* context) {
265 if (context->GetAvailability("guestViewInternal").is_available()) {
266 *api_is_available = true;
267 }
268 }
269 #endif
270
271 #if defined(ENABLE_PLUGINS)
272 GURL GetPluginInstancePosterImage(const blink::WebPluginParams& params,
273 const GURL& page_base_url) {
274 DCHECK_EQ(params.attributeNames.size(), params.attributeValues.size());
275
276 for (size_t i = 0; i < params.attributeNames.size(); ++i) {
277 if (params.attributeNames[i].utf8() == "poster" &&
278 !params.attributeValues[i].isEmpty()) {
279 return page_base_url.Resolve(params.attributeValues[i].utf8());
280 }
281 }
282 return GURL();
283 }
284 #endif
285
286 } // namespace
287
288 ChromeContentRendererClient::ChromeContentRendererClient() {
289 g_current_client = this;
290
291 #if defined(ENABLE_EXTENSIONS)
292 extensions::ExtensionsClient::Set(
293 extensions::ChromeExtensionsClient::GetInstance());
294 extensions::ExtensionsRendererClient::Set(
295 ChromeExtensionsRendererClient::GetInstance());
296 #endif
297 #if defined(ENABLE_PLUGINS)
298 for (size_t i = 0; i < arraysize(kPredefinedAllowedCompositorOrigins); ++i)
299 allowed_compositor_origins_.insert(kPredefinedAllowedCompositorOrigins[i]);
300 #endif
301 }
302
303 ChromeContentRendererClient::~ChromeContentRendererClient() {
304 g_current_client = NULL;
305 }
306
307 void ChromeContentRendererClient::RenderThreadStarted() {
308 RenderThread* thread = RenderThread::Get();
309
310 chrome_observer_.reset(new ChromeRenderProcessObserver(this));
311 web_cache_observer_.reset(new web_cache::WebCacheRenderProcessObserver());
312
313 #if defined(ENABLE_EXTENSIONS)
314 extension_dispatcher_delegate_.reset(
315 new ChromeExtensionsDispatcherDelegate());
316 // ChromeRenderViewTest::SetUp() creates its own ExtensionDispatcher and
317 // injects it using SetExtensionDispatcher(). Don't overwrite it.
318 if (!extension_dispatcher_) {
319 extension_dispatcher_.reset(
320 new extensions::Dispatcher(extension_dispatcher_delegate_.get()));
321 }
322 permissions_policy_delegate_.reset(
323 new extensions::RendererPermissionsPolicyDelegate(
324 extension_dispatcher_.get()));
325 #endif
326
327 prescient_networking_dispatcher_.reset(
328 new network_hints::PrescientNetworkingDispatcher());
329 #if defined(ENABLE_SPELLCHECK)
330 // ChromeRenderViewTest::SetUp() creates a Spellcheck and injects it using
331 // SetSpellcheck(). Don't overwrite it.
332 if (!spellcheck_) {
333 spellcheck_.reset(new SpellCheck());
334 thread->AddObserver(spellcheck_.get());
335 }
336 #endif
337 visited_link_slave_.reset(new visitedlink::VisitedLinkSlave());
338 #if defined(FULL_SAFE_BROWSING)
339 phishing_classifier_.reset(safe_browsing::PhishingClassifierFilter::Create());
340 #endif
341 prerender_dispatcher_.reset(new prerender::PrerenderDispatcher());
342 #if defined(ENABLE_WEBRTC)
343 webrtc_logging_message_filter_ = new WebRtcLoggingMessageFilter(
344 RenderThread::Get()->GetIOMessageLoopProxy());
345 #endif
346 search_bouncer_.reset(new SearchBouncer());
347
348 thread->AddObserver(chrome_observer_.get());
349 thread->AddObserver(web_cache_observer_.get());
350 #if defined(ENABLE_EXTENSIONS)
351 thread->AddObserver(extension_dispatcher_.get());
352 #endif
353 #if defined(FULL_SAFE_BROWSING)
354 thread->AddObserver(phishing_classifier_.get());
355 #endif
356 thread->AddObserver(visited_link_slave_.get());
357 thread->AddObserver(prerender_dispatcher_.get());
358 thread->AddObserver(search_bouncer_.get());
359
360 #if defined(ENABLE_WEBRTC)
361 thread->AddFilter(webrtc_logging_message_filter_.get());
362 #endif
363 #if defined(ENABLE_EXTENSIONS)
364 thread->AddFilter(new CastIPCDispatcher(
365 RenderThread::Get()->GetIOMessageLoopProxy()));
366 #endif
367
368 thread->RegisterExtension(extensions_v8::ExternalExtension::Get());
369 thread->RegisterExtension(extensions_v8::LoadTimesExtension::Get());
370
371 base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
372 if (command_line->HasSwitch(switches::kEnableBenchmarking))
373 thread->RegisterExtension(extensions_v8::BenchmarkingExtension::Get());
374 if (command_line->HasSwitch(switches::kEnableNetBenchmarking))
375 thread->RegisterExtension(extensions_v8::NetBenchmarkingExtension::Get());
376 if (command_line->HasSwitch(switches::kInstantProcess))
377 thread->RegisterExtension(extensions_v8::SearchBoxExtension::Get());
378
379 if (command_line->HasSwitch(switches::kPlaybackMode) ||
380 command_line->HasSwitch(switches::kRecordMode)) {
381 thread->RegisterExtension(extensions_v8::PlaybackExtension::Get());
382 }
383
384 // TODO(guohui): needs to forward the new-profile-management switch to
385 // renderer processes.
386 if (switches::IsEnableAccountConsistency())
387 thread->RegisterExtension(extensions_v8::PrincipalsExtension::Get());
388
389 // chrome:, chrome-search:, chrome-devtools:, and chrome-distiller: pages
390 // should not be accessible by normal content, and should also be unable to
391 // script anything but themselves (to help limit the damage that a corrupt
392 // page could cause).
393 WebString chrome_ui_scheme(ASCIIToUTF16(content::kChromeUIScheme));
394 WebSecurityPolicy::registerURLSchemeAsDisplayIsolated(chrome_ui_scheme);
395
396 WebString chrome_search_scheme(ASCIIToUTF16(chrome::kChromeSearchScheme));
397 // The Instant process can only display the content but not read it. Other
398 // processes can't display it or read it.
399 if (!command_line->HasSwitch(switches::kInstantProcess))
400 WebSecurityPolicy::registerURLSchemeAsDisplayIsolated(chrome_search_scheme);
401
402 WebString dev_tools_scheme(ASCIIToUTF16(content::kChromeDevToolsScheme));
403 WebSecurityPolicy::registerURLSchemeAsDisplayIsolated(dev_tools_scheme);
404
405 WebString dom_distiller_scheme(
406 ASCIIToUTF16(dom_distiller::kDomDistillerScheme));
407 // TODO(nyquist): Add test to ensure this happens when the flag is set.
408 WebSecurityPolicy::registerURLSchemeAsDisplayIsolated(dom_distiller_scheme);
409
410 #if defined(OS_CHROMEOS)
411 WebString external_file_scheme(ASCIIToUTF16(content::kExternalFileScheme));
412 WebSecurityPolicy::registerURLSchemeAsLocal(external_file_scheme);
413 #endif
414
415 // chrome: and chrome-search: pages should not be accessible by bookmarklets
416 // or javascript: URLs typed in the omnibox.
417 WebSecurityPolicy::registerURLSchemeAsNotAllowingJavascriptURLs(
418 chrome_ui_scheme);
419 WebSecurityPolicy::registerURLSchemeAsNotAllowingJavascriptURLs(
420 chrome_search_scheme);
421
422 // chrome:, chrome-search:, chrome-extension:, and chrome-extension-resource:
423 // resources shouldn't trigger insecure content warnings.
424 WebSecurityPolicy::registerURLSchemeAsSecure(chrome_ui_scheme);
425 WebSecurityPolicy::registerURLSchemeAsSecure(chrome_search_scheme);
426
427 WebString extension_scheme(ASCIIToUTF16(extensions::kExtensionScheme));
428 WebSecurityPolicy::registerURLSchemeAsSecure(extension_scheme);
429
430 WebString extension_resource_scheme(
431 ASCIIToUTF16(extensions::kExtensionResourceScheme));
432 WebSecurityPolicy::registerURLSchemeAsSecure(extension_resource_scheme);
433
434 // chrome:, chrome-extension:, chrome-extension-resource: resources should be
435 // allowed to receive CORS requests.
436 WebSecurityPolicy::registerURLSchemeAsCORSEnabled(chrome_ui_scheme);
437 WebSecurityPolicy::registerURLSchemeAsCORSEnabled(extension_scheme);
438 WebSecurityPolicy::registerURLSchemeAsCORSEnabled(extension_resource_scheme);
439
440 // chrome-extension: resources should bypass Content Security Policy checks
441 // when included in protected resources.
442 WebSecurityPolicy::registerURLSchemeAsBypassingContentSecurityPolicy(
443 extension_scheme);
444 WebSecurityPolicy::registerURLSchemeAsBypassingContentSecurityPolicy(
445 extension_resource_scheme);
446
447 #if defined(OS_WIN)
448 // Report if the renderer process has been patched by chrome_elf.
449 // TODO(csharp): Remove once the renderer is no longer getting
450 // patched this way.
451 if (blacklist::IsBlacklistInitialized())
452 UMA_HISTOGRAM_BOOLEAN("Blacklist.PatchedInRenderer", true);
453 #endif
454 #if defined(ENABLE_PRINT_PREVIEW)
455 pdf_print_client_.reset(new ChromePDFPrintClient());
456 pdf::PPB_PDF_Impl::SetPrintClient(pdf_print_client_.get());
457 #endif
458 }
459
460 void ChromeContentRendererClient::RenderFrameCreated(
461 content::RenderFrame* render_frame) {
462 new ChromeRenderFrameObserver(render_frame);
463
464 bool should_whitelist_for_content_settings =
465 base::CommandLine::ForCurrentProcess()->HasSwitch(
466 switches::kInstantProcess);
467 extensions::Dispatcher* ext_dispatcher = NULL;
468 #if defined(ENABLE_EXTENSIONS)
469 ext_dispatcher = extension_dispatcher_.get();
470 #endif
471 ContentSettingsObserver* content_settings = new ContentSettingsObserver(
472 render_frame, ext_dispatcher, should_whitelist_for_content_settings);
473 if (chrome_observer_.get()) {
474 content_settings->SetContentSettingRules(
475 chrome_observer_->content_setting_rules());
476 }
477
478 #if defined(ENABLE_EXTENSIONS)
479 new extensions::ExtensionsRenderFrameObserver(render_frame);
480 new extensions::ExtensionFrameHelper(render_frame, ext_dispatcher);
481 #endif
482
483 #if defined(ENABLE_PLUGINS)
484 new PepperHelper(render_frame);
485 #endif
486
487 #if !defined(DISABLE_NACL)
488 new nacl::NaClHelper(render_frame);
489 #endif
490
491 // TODO(jam): when the frame tree moves into content and parent() works at
492 // RenderFrame construction, simplify this by just checking parent().
493 if (render_frame->GetRenderView()->GetMainRenderFrame() != render_frame) {
494 // Avoid any race conditions from having the browser tell subframes that
495 // they're prerendering.
496 if (prerender::PrerenderHelper::IsPrerendering(
497 render_frame->GetRenderView()->GetMainRenderFrame())) {
498 new prerender::PrerenderHelper(render_frame);
499 }
500 }
501
502 if (render_frame->GetRenderView()->GetMainRenderFrame() == render_frame) {
503 // Only attach NetErrorHelper to the main frame, since only the main frame
504 // should get error pages.
505 // PrefetchHelper is also needed only for main frames.
506 new NetErrorHelper(render_frame);
507 new prefetch::PrefetchHelper(render_frame);
508 }
509
510 PasswordGenerationAgent* password_generation_agent =
511 new PasswordGenerationAgent(render_frame);
512 PasswordAutofillAgent* password_autofill_agent =
513 new PasswordAutofillAgent(render_frame);
514 new AutofillAgent(render_frame, password_autofill_agent,
515 password_generation_agent);
516 }
517
518 void ChromeContentRendererClient::RenderViewCreated(
519 content::RenderView* render_view) {
520
521 #if defined(ENABLE_EXTENSIONS)
522 new extensions::ExtensionHelper(render_view, extension_dispatcher_.get());
523 extension_dispatcher_->OnRenderViewCreated(render_view);
524 #endif
525 new PageLoadHistograms(render_view);
526 #if defined(ENABLE_PRINTING)
527 new printing::PrintWebViewHelper(
528 render_view,
529 scoped_ptr<printing::PrintWebViewHelper::Delegate>(
530 new ChromePrintWebViewHelperDelegate()));
531 #endif
532 #if defined(ENABLE_SPELLCHECK)
533 new SpellCheckProvider(render_view, spellcheck_.get());
534 #endif
535 new prerender::PrerendererClient(render_view);
536 #if defined(FULL_SAFE_BROWSING)
537 safe_browsing::MalwareDOMDetails::Create(render_view);
538 #endif
539
540 base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
541 if (command_line->HasSwitch(switches::kInstantProcess))
542 new SearchBox(render_view);
543
544 new ChromeRenderViewObserver(render_view, web_cache_observer_.get());
545
546 new password_manager::CredentialManagerClient(render_view);
547 }
548
549
550 SkBitmap* ChromeContentRendererClient::GetSadPluginBitmap() {
551 return const_cast<SkBitmap*>(ResourceBundle::GetSharedInstance().
552 GetImageNamed(IDR_SAD_PLUGIN).ToSkBitmap());
553 }
554
555 SkBitmap* ChromeContentRendererClient::GetSadWebViewBitmap() {
556 return const_cast<SkBitmap*>(ResourceBundle::GetSharedInstance().
557 GetImageNamed(IDR_SAD_WEBVIEW).ToSkBitmap());
558 }
559
560 #if defined(ENABLE_EXTENSIONS)
561 const Extension* ChromeContentRendererClient::GetExtensionByOrigin(
562 const WebSecurityOrigin& origin) const {
563 if (!EqualsASCII(origin.protocol(), extensions::kExtensionScheme))
564 return NULL;
565
566 const std::string extension_id = origin.host().utf8().data();
567 return extension_dispatcher_->extensions()->GetByID(extension_id);
568 }
569 #endif
570
571 scoped_ptr<blink::WebPluginPlaceholder>
572 ChromeContentRendererClient::CreatePluginPlaceholder(
573 content::RenderFrame* render_frame,
574 blink::WebLocalFrame* frame,
575 const blink::WebPluginParams& orig_params) {
576 return CreateShadowDOMPlaceholderForPluginInfo(
577 render_frame, frame, orig_params);
578 }
579
580 bool ChromeContentRendererClient::OverrideCreatePlugin(
581 content::RenderFrame* render_frame,
582 WebLocalFrame* frame,
583 const WebPluginParams& params,
584 WebPlugin** plugin) {
585 std::string orig_mime_type = params.mimeType.utf8();
586 #if defined(ENABLE_EXTENSIONS)
587 if (orig_mime_type == content::kBrowserPluginMimeType) {
588 bool guest_view_api_available = false;
589 extension_dispatcher_->script_context_set().ForEach(
590 render_frame->GetRenderView(),
591 base::Bind(&IsGuestViewApiAvailableToScriptContext,
592 &guest_view_api_available));
593 if (guest_view_api_available)
594 return false;
595 }
596 #endif
597
598 ChromeViewHostMsg_GetPluginInfo_Output output;
599 #if defined(ENABLE_PLUGINS)
600 render_frame->Send(new ChromeViewHostMsg_GetPluginInfo(
601 render_frame->GetRoutingID(), GURL(params.url),
602 frame->top()->document().url(), orig_mime_type, &output));
603
604 if (output.plugin.type == content::WebPluginInfo::PLUGIN_TYPE_BROWSER_PLUGIN)
605 return false;
606 #else
607 output.status.value = ChromeViewHostMsg_GetPluginInfo_Status::kNotFound;
608 #endif
609 *plugin = CreatePlugin(render_frame, frame, params, output);
610 return true;
611 }
612
613 WebPlugin* ChromeContentRendererClient::CreatePluginReplacement(
614 content::RenderFrame* render_frame,
615 const base::FilePath& plugin_path) {
616 ChromePluginPlaceholder* placeholder =
617 ChromePluginPlaceholder::CreateErrorPlugin(render_frame, plugin_path);
618 return placeholder->plugin();
619 }
620
621 void ChromeContentRendererClient::DeferMediaLoad(
622 content::RenderFrame* render_frame,
623 const base::Closure& closure) {
624 #if defined(OS_ANDROID)
625 // Chromium for Android doesn't support prerender yet.
626 closure.Run();
627 return;
628 #else
629 if (!prerender::PrerenderHelper::IsPrerendering(render_frame)) {
630 closure.Run();
631 return;
632 }
633
634 // Lifetime is tied to |render_frame| via content::RenderFrameObserver.
635 new prerender::PrerenderMediaLoadDeferrer(render_frame, closure);
636 #endif
637 }
638
639 WebPlugin* ChromeContentRendererClient::CreatePlugin(
640 content::RenderFrame* render_frame,
641 WebLocalFrame* frame,
642 const WebPluginParams& original_params,
643 const ChromeViewHostMsg_GetPluginInfo_Output& output) {
644 const ChromeViewHostMsg_GetPluginInfo_Status& status = output.status;
645 const WebPluginInfo& info = output.plugin;
646 const std::string& actual_mime_type = output.actual_mime_type;
647 const base::string16& group_name = output.group_name;
648 const std::string& identifier = output.group_identifier;
649 ChromeViewHostMsg_GetPluginInfo_Status::Value status_value = status.value;
650 GURL url(original_params.url);
651 std::string orig_mime_type = original_params.mimeType.utf8();
652 ChromePluginPlaceholder* placeholder = NULL;
653
654 // If the browser plugin is to be enabled, this should be handled by the
655 // renderer, so the code won't reach here due to the early exit in
656 // OverrideCreatePlugin.
657 if (status_value == ChromeViewHostMsg_GetPluginInfo_Status::kNotFound ||
658 orig_mime_type == content::kBrowserPluginMimeType) {
659 #if defined(OS_ANDROID)
660 if (plugins::MobileYouTubePlugin::IsYouTubeURL(url, orig_mime_type)) {
661 base::StringPiece template_html(
662 ResourceBundle::GetSharedInstance().GetRawDataResource(
663 IDR_MOBILE_YOUTUBE_PLUGIN_HTML));
664 return (new plugins::MobileYouTubePlugin(
665 render_frame,
666 frame,
667 original_params,
668 template_html,
669 GURL(ChromePluginPlaceholder::kPluginPlaceholderDataURL)))
670 ->plugin();
671 }
672 #endif
673 PluginUMAReporter::GetInstance()->ReportPluginMissing(orig_mime_type, url);
674 placeholder = ChromePluginPlaceholder::CreateMissingPlugin(
675 render_frame, frame, original_params);
676 } else {
677 // TODO(bauerb): This should be in content/.
678 WebPluginParams params(original_params);
679 for (size_t i = 0; i < info.mime_types.size(); ++i) {
680 if (info.mime_types[i].mime_type == actual_mime_type) {
681 AppendParams(info.mime_types[i].additional_param_names,
682 info.mime_types[i].additional_param_values,
683 &params.attributeNames, &params.attributeValues);
684 break;
685 }
686 }
687 if (params.mimeType.isNull() && (actual_mime_type.size() > 0)) {
688 // Webkit might say that mime type is null while we already know the
689 // actual mime type via ChromeViewHostMsg_GetPluginInfo. In that case
690 // we should use what we know since WebpluginDelegateProxy does some
691 // specific initializations based on this information.
692 params.mimeType = WebString::fromUTF8(actual_mime_type.c_str());
693 }
694
695 ContentSettingsObserver* observer =
696 ContentSettingsObserver::Get(render_frame);
697
698 const ContentSettingsType content_type =
699 ShouldUseJavaScriptSettingForPlugin(info)
700 ? CONTENT_SETTINGS_TYPE_JAVASCRIPT
701 : CONTENT_SETTINGS_TYPE_PLUGINS;
702
703 if ((status_value ==
704 ChromeViewHostMsg_GetPluginInfo_Status::kUnauthorized ||
705 status_value == ChromeViewHostMsg_GetPluginInfo_Status::kBlocked) &&
706 observer->IsPluginTemporarilyAllowed(identifier)) {
707 status_value = ChromeViewHostMsg_GetPluginInfo_Status::kAllowed;
708 }
709
710 #if defined(ENABLE_PLUGINS)
711 if (status_value == ChromeViewHostMsg_GetPluginInfo_Status::kAllowed &&
712 base::CommandLine::ForCurrentProcess()->HasSwitch(
713 switches::kEnablePluginPowerSaver)) {
714 status_value =
715 ChromeViewHostMsg_GetPluginInfo_Status::kPlayImportantContent;
716 }
717 #endif
718
719 #if defined(OS_WIN)
720 // In Windows we need to check if we can load NPAPI plugins.
721 // For example, if the render view is in the Ash desktop, we should not.
722 if (status_value == ChromeViewHostMsg_GetPluginInfo_Status::kAllowed &&
723 info.type == content::WebPluginInfo::PLUGIN_TYPE_NPAPI) {
724 if (observer->AreNPAPIPluginsBlocked())
725 status_value =
726 ChromeViewHostMsg_GetPluginInfo_Status::kNPAPINotSupported;
727 }
728 #endif
729
730 auto create_blocked_plugin =
731 [&render_frame, &frame, &params, &info, &identifier, &group_name](
732 int template_id, const base::string16& message) {
733 return ChromePluginPlaceholder::CreateBlockedPlugin(
734 render_frame, frame, params, info, identifier, group_name,
735 template_id, message, GURL());
736 };
737 switch (status_value) {
738 case ChromeViewHostMsg_GetPluginInfo_Status::kNotFound: {
739 NOTREACHED();
740 break;
741 }
742 case ChromeViewHostMsg_GetPluginInfo_Status::kAllowed:
743 case ChromeViewHostMsg_GetPluginInfo_Status::kPlayImportantContent: {
744 #if !defined(DISABLE_NACL) && defined(ENABLE_EXTENSIONS)
745 const bool is_nacl_plugin =
746 info.name == ASCIIToUTF16(nacl::kNaClPluginName);
747 const bool is_nacl_mime_type =
748 actual_mime_type == nacl::kNaClPluginMimeType;
749 const bool is_pnacl_mime_type =
750 actual_mime_type == nacl::kPnaclPluginMimeType;
751 if (is_nacl_plugin || is_nacl_mime_type || is_pnacl_mime_type) {
752 bool is_nacl_unrestricted = false;
753 if (is_nacl_mime_type) {
754 is_nacl_unrestricted =
755 base::CommandLine::ForCurrentProcess()->HasSwitch(
756 switches::kEnableNaCl);
757 } else if (is_pnacl_mime_type) {
758 is_nacl_unrestricted = true;
759 }
760 GURL manifest_url;
761 GURL app_url;
762 if (is_nacl_mime_type || is_pnacl_mime_type) {
763 // Normal NaCl/PNaCl embed. The app URL is the page URL.
764 manifest_url = url;
765 app_url = frame->top()->document().url();
766 } else {
767 // NaCl is being invoked as a content handler. Look up the NaCl
768 // module using the MIME type. The app URL is the manifest URL.
769 manifest_url = GetNaClContentHandlerURL(actual_mime_type, info);
770 app_url = manifest_url;
771 }
772 const Extension* extension =
773 g_current_client->extension_dispatcher_->extensions()->
774 GetExtensionOrAppByURL(manifest_url);
775 if (!IsNaClAllowed(manifest_url,
776 app_url,
777 is_nacl_unrestricted,
778 extension,
779 &params)) {
780 WebString error_message;
781 if (is_nacl_mime_type) {
782 error_message =
783 "Only unpacked extensions and apps installed from the Chrome "
784 "Web Store can load NaCl modules without enabling Native "
785 "Client in about:flags.";
786 } else if (is_pnacl_mime_type) {
787 error_message =
788 "Portable Native Client must not be disabled in about:flags.";
789 }
790 frame->addMessageToConsole(
791 WebConsoleMessage(WebConsoleMessage::LevelError,
792 error_message));
793 placeholder = create_blocked_plugin(
794 IDR_BLOCKED_PLUGIN_HTML,
795 #if defined(OS_CHROMEOS)
796 l10n_util::GetStringUTF16(IDS_NACL_PLUGIN_BLOCKED));
797 #else
798 l10n_util::GetStringFUTF16(IDS_PLUGIN_BLOCKED, group_name));
799 #endif
800 break;
801 }
802 }
803 #endif // !defined(DISABLE_NACL) && defined(ENABLE_EXTENSIONS)
804
805 #if defined(ENABLE_PLUGINS)
806 bool power_saver_enabled =
807 status_value ==
808 ChromeViewHostMsg_GetPluginInfo_Status::kPlayImportantContent;
809 bool blocked_for_background_tab =
810 render_frame->IsHidden() && power_saver_enabled;
811
812 GURL poster_url;
813 if (power_saver_enabled) {
814 poster_url =
815 GetPluginInstancePosterImage(params, frame->document().url());
816 }
817
818 // Delay loading plugins if prerendering.
819 // TODO(mmenke): In the case of prerendering, feed into
820 // ChromeContentRendererClient::CreatePlugin instead, to
821 // reduce the chance of future regressions.
822 bool is_prerendering =
823 prerender::PrerenderHelper::IsPrerendering(render_frame);
824 if (blocked_for_background_tab || is_prerendering ||
825 poster_url.is_valid()) {
826 placeholder = ChromePluginPlaceholder::CreateBlockedPlugin(
827 render_frame, frame, params, info, identifier, group_name,
828 poster_url.is_valid() ? IDR_PLUGIN_POSTER_HTML
829 : IDR_BLOCKED_PLUGIN_HTML,
830 l10n_util::GetStringFUTF16(IDS_PLUGIN_BLOCKED, group_name),
831 poster_url);
832 placeholder->set_blocked_for_background_tab(
833 blocked_for_background_tab);
834 placeholder->set_blocked_for_prerendering(is_prerendering);
835 placeholder->set_power_saver_enabled(power_saver_enabled);
836 placeholder->set_allow_loading(true);
837 break;
838 }
839
840 scoped_ptr<content::PluginInstanceThrottler> throttler =
841 PluginInstanceThrottler::Create(power_saver_enabled);
842 content::PluginInstanceThrottler* throttler_raw = throttler.get();
843 blink::WebPlugin* plugin =
844 render_frame->CreatePlugin(frame, info, params, throttler.Pass());
845
846 if (power_saver_enabled) {
847 // PluginPreroller manages its own lifetime.
848 new PluginPreroller(
849 render_frame, frame, params, info, identifier, group_name,
850 l10n_util::GetStringFUTF16(IDS_PLUGIN_BLOCKED, group_name),
851 plugin, throttler_raw);
852 }
853
854 return plugin;
855 #else // !defined(ENABLE_PLUGINS)
856 return render_frame->CreatePlugin(frame, info, params, nullptr);
857 #endif // defined(ENABLE_PLUGINS)
858 }
859 case ChromeViewHostMsg_GetPluginInfo_Status::kNPAPINotSupported: {
860 RenderThread::Get()->RecordAction(
861 UserMetricsAction("Plugin_NPAPINotSupported"));
862 placeholder = create_blocked_plugin(
863 IDR_BLOCKED_PLUGIN_HTML,
864 l10n_util::GetStringUTF16(IDS_PLUGIN_NOT_SUPPORTED_METRO));
865 render_frame->Send(new ChromeViewHostMsg_NPAPINotSupported(
866 render_frame->GetRoutingID(), identifier));
867 break;
868 }
869 case ChromeViewHostMsg_GetPluginInfo_Status::kDisabled: {
870 PluginUMAReporter::GetInstance()->ReportPluginDisabled(orig_mime_type,
871 url);
872 placeholder = create_blocked_plugin(
873 IDR_DISABLED_PLUGIN_HTML,
874 l10n_util::GetStringFUTF16(IDS_PLUGIN_DISABLED, group_name));
875 break;
876 }
877 case ChromeViewHostMsg_GetPluginInfo_Status::kOutdatedBlocked: {
878 #if defined(ENABLE_PLUGIN_INSTALLATION)
879 placeholder = create_blocked_plugin(
880 IDR_BLOCKED_PLUGIN_HTML,
881 l10n_util::GetStringFUTF16(IDS_PLUGIN_OUTDATED, group_name));
882 placeholder->set_allow_loading(true);
883 render_frame->Send(new ChromeViewHostMsg_BlockedOutdatedPlugin(
884 render_frame->GetRoutingID(), placeholder->CreateRoutingId(),
885 identifier));
886 #else
887 NOTREACHED();
888 #endif
889 break;
890 }
891 case ChromeViewHostMsg_GetPluginInfo_Status::kOutdatedDisallowed: {
892 placeholder = create_blocked_plugin(
893 IDR_BLOCKED_PLUGIN_HTML,
894 l10n_util::GetStringFUTF16(IDS_PLUGIN_OUTDATED, group_name));
895 break;
896 }
897 case ChromeViewHostMsg_GetPluginInfo_Status::kUnauthorized: {
898 placeholder = create_blocked_plugin(
899 IDR_BLOCKED_PLUGIN_HTML,
900 l10n_util::GetStringFUTF16(IDS_PLUGIN_NOT_AUTHORIZED, group_name));
901 placeholder->set_allow_loading(true);
902 if (info.type != content::WebPluginInfo::PLUGIN_TYPE_NPAPI) {
903 render_frame->Send(new ChromeViewHostMsg_BlockedUnauthorizedPlugin(
904 render_frame->GetRoutingID(),
905 group_name,
906 identifier));
907 }
908 observer->DidBlockContentType(content_type, group_name);
909 break;
910 }
911 case ChromeViewHostMsg_GetPluginInfo_Status::kBlocked: {
912 placeholder = create_blocked_plugin(
913 IDR_BLOCKED_PLUGIN_HTML,
914 l10n_util::GetStringFUTF16(IDS_PLUGIN_BLOCKED, group_name));
915 placeholder->set_allow_loading(true);
916 RenderThread::Get()->RecordAction(UserMetricsAction("Plugin_Blocked"));
917 observer->DidBlockContentType(content_type, group_name);
918 break;
919 }
920 case ChromeViewHostMsg_GetPluginInfo_Status::kBlockedByPolicy: {
921 placeholder = create_blocked_plugin(
922 IDR_BLOCKED_PLUGIN_HTML,
923 l10n_util::GetStringFUTF16(IDS_PLUGIN_BLOCKED, group_name));
924 placeholder->set_allow_loading(false);
925 RenderThread::Get()->RecordAction(
926 UserMetricsAction("Plugin_BlockedByPolicy"));
927 observer->DidBlockContentType(content_type, group_name);
928 break;
929 }
930 }
931 }
932 placeholder->SetStatus(status);
933 return placeholder->plugin();
934 }
935
936 // For NaCl content handling plugins, the NaCl manifest is stored in an
937 // additonal 'nacl' param associated with the MIME type.
938 // static
939 GURL ChromeContentRendererClient::GetNaClContentHandlerURL(
940 const std::string& actual_mime_type,
941 const content::WebPluginInfo& plugin) {
942 // Look for the manifest URL among the MIME type's additonal parameters.
943 const char kNaClPluginManifestAttribute[] = "nacl";
944 base::string16 nacl_attr = ASCIIToUTF16(kNaClPluginManifestAttribute);
945 for (size_t i = 0; i < plugin.mime_types.size(); ++i) {
946 if (plugin.mime_types[i].mime_type == actual_mime_type) {
947 const content::WebPluginMimeType& content_type = plugin.mime_types[i];
948 for (size_t i = 0; i < content_type.additional_param_names.size(); ++i) {
949 if (content_type.additional_param_names[i] == nacl_attr)
950 return GURL(content_type.additional_param_values[i]);
951 }
952 break;
953 }
954 }
955 return GURL();
956 }
957
958 #if !defined(DISABLE_NACL)
959 // static
960 bool ChromeContentRendererClient::IsNaClAllowed(
961 const GURL& manifest_url,
962 const GURL& app_url,
963 bool is_nacl_unrestricted,
964 const Extension* extension,
965 WebPluginParams* params) {
966 // Temporarily allow these whitelisted apps and WebUIs to use NaCl.
967 std::string app_url_host = app_url.host();
968 std::string manifest_url_path = manifest_url.path();
969
970 bool is_whitelisted_web_ui =
971 app_url.spec() == chrome::kChromeUIAppListStartPageURL;
972
973 bool is_photo_app =
974 // Whitelisted apps must be served over https.
975 app_url.SchemeIs("https") &&
976 manifest_url.SchemeIs("https") &&
977 (EndsWith(app_url_host, "plus.google.com", false) ||
978 EndsWith(app_url_host, "plus.sandbox.google.com", false)) &&
979 manifest_url.DomainIs("ssl.gstatic.com") &&
980 (manifest_url_path.find("s2/oz/nacl/") == 1 ||
981 manifest_url_path.find("photos/nacl/") == 1);
982
983 std::string manifest_fs_host;
984 if (manifest_url.SchemeIsFileSystem() && manifest_url.inner_url()) {
985 manifest_fs_host = manifest_url.inner_url()->host();
986 }
987 bool is_hangouts_app =
988 // Whitelisted apps must be served over secure scheme.
989 app_url.SchemeIs("https") &&
990 manifest_url.SchemeIsSecure() &&
991 manifest_url.SchemeIsFileSystem() &&
992 (EndsWith(app_url_host, "talkgadget.google.com", false) ||
993 EndsWith(app_url_host, "plus.google.com", false) ||
994 EndsWith(app_url_host, "plus.sandbox.google.com", false)) &&
995 // The manifest must be loaded from the host's FileSystem.
996 (manifest_fs_host == app_url_host);
997
998 bool is_whitelisted_app = is_photo_app || is_hangouts_app;
999
1000 bool is_extension_from_webstore = false;
1001 bool is_invoked_by_hosted_app = false;
1002 bool is_extension_unrestricted = false;
1003 #if defined(ENABLE_EXTENSIONS)
1004 is_extension_from_webstore = extension && extension->from_webstore();
1005
1006 is_invoked_by_hosted_app = extension &&
1007 extension->is_hosted_app() &&
1008 extension->web_extent().MatchesURL(app_url);
1009
1010 // Allow built-in extensions and extensions under development.
1011 is_extension_unrestricted = extension &&
1012 (extension->location() == extensions::Manifest::COMPONENT ||
1013 extensions::Manifest::IsUnpackedLocation(extension->location()));
1014 #endif // defined(ENABLE_EXTENSIONS)
1015
1016 bool is_invoked_by_extension = app_url.SchemeIs("chrome-extension");
1017
1018 // The NaCl PDF viewer is always allowed and can use 'Dev' interfaces.
1019 bool is_nacl_pdf_viewer =
1020 (is_extension_from_webstore &&
1021 manifest_url.SchemeIs("chrome-extension") &&
1022 manifest_url.host() == "acadkphlmlegjaadjagenfimbpphcgnh");
1023
1024 // Allow Chrome Web Store extensions, built-in extensions and extensions
1025 // under development if the invocation comes from a URL with an extension
1026 // scheme. Also allow invocations if they are from whitelisted URLs or
1027 // if --enable-nacl is set.
1028 bool is_nacl_allowed = is_nacl_unrestricted ||
1029 is_whitelisted_web_ui ||
1030 is_whitelisted_app ||
1031 is_nacl_pdf_viewer ||
1032 is_invoked_by_hosted_app ||
1033 (is_invoked_by_extension &&
1034 (is_extension_from_webstore ||
1035 is_extension_unrestricted));
1036 if (is_nacl_allowed) {
1037 bool app_can_use_dev_interfaces = is_nacl_pdf_viewer;
1038 // Make sure that PPAPI 'dev' interfaces aren't available for production
1039 // apps unless they're whitelisted.
1040 WebString dev_attribute = WebString::fromUTF8("@dev");
1041 if ((!is_whitelisted_app && !is_extension_from_webstore) ||
1042 app_can_use_dev_interfaces) {
1043 // Add the special '@dev' attribute.
1044 std::vector<base::string16> param_names;
1045 std::vector<base::string16> param_values;
1046 param_names.push_back(dev_attribute);
1047 param_values.push_back(WebString());
1048 AppendParams(
1049 param_names,
1050 param_values,
1051 &params->attributeNames,
1052 &params->attributeValues);
1053 } else {
1054 // If the params somehow contain '@dev', remove it.
1055 size_t attribute_count = params->attributeNames.size();
1056 for (size_t i = 0; i < attribute_count; ++i) {
1057 if (params->attributeNames[i].equals(dev_attribute))
1058 params->attributeNames[i] = WebString();
1059 }
1060 }
1061 }
1062 return is_nacl_allowed;
1063 }
1064 #endif // defined(DISABLE_NACL)
1065
1066 bool ChromeContentRendererClient::HasErrorPage(int http_status_code,
1067 std::string* error_domain) {
1068 // Use an internal error page, if we have one for the status code.
1069 if (!LocalizedError::HasStrings(LocalizedError::kHttpErrorDomain,
1070 http_status_code)) {
1071 return false;
1072 }
1073
1074 *error_domain = LocalizedError::kHttpErrorDomain;
1075 return true;
1076 }
1077
1078 bool ChromeContentRendererClient::ShouldSuppressErrorPage(
1079 content::RenderFrame* render_frame,
1080 const GURL& url) {
1081 // Unit tests for ChromeContentRendererClient pass a NULL RenderFrame here.
1082 // Unfortunately it's very difficult to construct a mock RenderView, so skip
1083 // this functionality in this case.
1084 if (render_frame) {
1085 content::RenderView* render_view = render_frame->GetRenderView();
1086 content::RenderFrame* main_render_frame = render_view->GetMainRenderFrame();
1087 blink::WebFrame* web_frame = render_frame->GetWebFrame();
1088 NetErrorHelper* net_error_helper = NetErrorHelper::Get(main_render_frame);
1089 if (net_error_helper->ShouldSuppressErrorPage(web_frame, url))
1090 return true;
1091 }
1092 // Do not flash an error page if the Instant new tab page fails to load.
1093 return search_bouncer_.get() && search_bouncer_->IsNewTabPage(url);
1094 }
1095
1096 void ChromeContentRendererClient::GetNavigationErrorStrings(
1097 content::RenderView* render_view,
1098 blink::WebFrame* frame,
1099 const blink::WebURLRequest& failed_request,
1100 const blink::WebURLError& error,
1101 std::string* error_html,
1102 base::string16* error_description) {
1103 const GURL failed_url = error.unreachableURL;
1104 const Extension* extension = NULL;
1105
1106 #if defined(ENABLE_EXTENSIONS)
1107 if (failed_url.is_valid() &&
1108 !failed_url.SchemeIs(extensions::kExtensionScheme)) {
1109 extension = extension_dispatcher_->extensions()->GetExtensionOrAppByURL(
1110 failed_url);
1111 }
1112 #endif
1113
1114 bool is_post = EqualsASCII(failed_request.httpMethod(), "POST");
1115
1116 if (error_html) {
1117 bool extension_but_not_bookmark_app = false;
1118 #if defined(ENABLE_EXTENSIONS)
1119 extension_but_not_bookmark_app = extension && !extension->from_bookmark();
1120 #endif
1121 // Use a local error page.
1122 if (extension_but_not_bookmark_app) {
1123 #if defined(ENABLE_EXTENSIONS)
1124 // TODO(erikkay): Should we use a different template for different
1125 // error messages?
1126 int resource_id = IDR_ERROR_APP_HTML;
1127 const base::StringPiece template_html(
1128 ResourceBundle::GetSharedInstance().GetRawDataResource(
1129 resource_id));
1130 if (template_html.empty()) {
1131 NOTREACHED() << "unable to load template. ID: " << resource_id;
1132 } else {
1133 base::DictionaryValue error_strings;
1134 const std::string locale = RenderThread::Get()->GetLocale();
1135 LocalizedError::GetAppErrorStrings(failed_url, extension, locale,
1136 &error_strings);
1137 // "t" is the id of the template's root node.
1138 *error_html = webui::GetTemplatesHtml(template_html, &error_strings,
1139 "t");
1140 }
1141 #endif
1142 } else {
1143 // TODO(ellyjones): change GetNavigationErrorStrings to take a RenderFrame
1144 // instead of a RenderView, then pass that in.
1145 // This is safe for now because we only install the NetErrorHelper on the
1146 // main render frame anyway; see the TODO(ellyjones) in
1147 // RenderFrameCreated.
1148 content::RenderFrame* main_render_frame =
1149 render_view->GetMainRenderFrame();
1150 NetErrorHelper* helper = NetErrorHelper::Get(main_render_frame);
1151 helper->GetErrorHTML(frame, error, is_post, error_html);
1152 }
1153 }
1154
1155 if (error_description) {
1156 if (!extension)
1157 *error_description = LocalizedError::GetErrorDetails(error, is_post);
1158 }
1159 }
1160
1161 bool ChromeContentRendererClient::RunIdleHandlerWhenWidgetsHidden() {
1162 #if defined(ENABLE_EXTENSIONS)
1163 return !extension_dispatcher_->is_extension_process();
1164 #else
1165 return true;
1166 #endif
1167 }
1168
1169 bool ChromeContentRendererClient::AllowPopup() {
1170 #if defined(ENABLE_EXTENSIONS)
1171 extensions::ScriptContext* current_context =
1172 extension_dispatcher_->script_context_set().GetCurrent();
1173 if (!current_context || !current_context->extension())
1174 return false;
1175 // See http://crbug.com/117446 for the subtlety of this check.
1176 switch (current_context->context_type()) {
1177 case extensions::Feature::UNSPECIFIED_CONTEXT:
1178 case extensions::Feature::WEB_PAGE_CONTEXT:
1179 case extensions::Feature::UNBLESSED_EXTENSION_CONTEXT:
1180 case extensions::Feature::WEBUI_CONTEXT:
1181 return false;
1182 case extensions::Feature::BLESSED_EXTENSION_CONTEXT:
1183 case extensions::Feature::CONTENT_SCRIPT_CONTEXT:
1184 return true;
1185 case extensions::Feature::BLESSED_WEB_PAGE_CONTEXT:
1186 return !current_context->web_frame()->parent();
1187 }
1188 NOTREACHED();
1189 #endif
1190 return false;
1191 }
1192
1193 bool ChromeContentRendererClient::ShouldFork(WebFrame* frame,
1194 const GURL& url,
1195 const std::string& http_method,
1196 bool is_initial_navigation,
1197 bool is_server_redirect,
1198 bool* send_referrer) {
1199 DCHECK(!frame->parent());
1200
1201 // If this is the Instant process, fork all navigations originating from the
1202 // renderer. The destination page will then be bucketed back to this Instant
1203 // process if it is an Instant url, or to another process if not. Conversely,
1204 // fork if this is a non-Instant process navigating to an Instant url, so that
1205 // such navigations can also be bucketed into an Instant renderer.
1206 if (base::CommandLine::ForCurrentProcess()->HasSwitch(
1207 switches::kInstantProcess) ||
1208 (search_bouncer_.get() && search_bouncer_->ShouldFork(url))) {
1209 *send_referrer = true;
1210 return true;
1211 }
1212
1213 // For now, we skip the rest for POST submissions. This is because
1214 // http://crbug.com/101395 is more likely to cause compatibility issues
1215 // with hosted apps and extensions than WebUI pages. We will remove this
1216 // check when cross-process POST submissions are supported.
1217 if (http_method != "GET")
1218 return false;
1219
1220 // If this is the Signin process, fork all navigations originating from the
1221 // renderer. The destination page will then be bucketed back to this Signin
1222 // process if it is a Signin url, or to another process if not.
1223 if (base::CommandLine::ForCurrentProcess()->HasSwitch(
1224 switches::kSigninProcess)) {
1225 // We never want to allow non-signin pages to fork-on-POST to a
1226 // signin-related action URL. We'll need to handle this carefully once
1227 // http://crbug.com/101395 is fixed. The CHECK ensures we don't forget.
1228 CHECK_NE(http_method, "POST");
1229 return true;
1230 }
1231
1232 // If |url| matches one of the prerendered URLs, stop this navigation and try
1233 // to swap in the prerendered page on the browser process. If the prerendered
1234 // page no longer exists by the time the OpenURL IPC is handled, a normal
1235 // navigation is attempted.
1236 if (prerender_dispatcher_.get() &&
1237 prerender_dispatcher_->IsPrerenderURL(url)) {
1238 *send_referrer = true;
1239 return true;
1240 }
1241
1242 #if defined(ENABLE_EXTENSIONS)
1243 const extensions::ExtensionSet* extensions =
1244 extension_dispatcher_->extensions();
1245
1246 // Determine if the new URL is an extension (excluding bookmark apps).
1247 const Extension* new_url_extension = extensions::GetNonBookmarkAppExtension(
1248 *extensions, url);
1249 bool is_extension_url = !!new_url_extension;
1250
1251 // If the navigation would cross an app extent boundary, we also need
1252 // to defer to the browser to ensure process isolation. This is not necessary
1253 // for server redirects, which will be transferred to a new process by the
1254 // browser process when they are ready to commit. It is necessary for client
1255 // redirects, which won't be transferred in the same way.
1256 if (!is_server_redirect &&
1257 CrossesExtensionExtents(frame, url, *extensions, is_extension_url,
1258 is_initial_navigation)) {
1259 // Include the referrer in this case since we're going from a hosted web
1260 // page. (the packaged case is handled previously by the extension
1261 // navigation test)
1262 *send_referrer = true;
1263
1264 const Extension* extension =
1265 extension_dispatcher_->extensions()->GetExtensionOrAppByURL(url);
1266 if (extension && extension->is_app()) {
1267 extensions::RecordAppLaunchType(
1268 extension_misc::APP_LAUNCH_CONTENT_NAVIGATION, extension->GetType());
1269 }
1270 return true;
1271 }
1272
1273 // If this is a reload, check whether it has the wrong process type. We
1274 // should send it to the browser if it's an extension URL (e.g., hosted app)
1275 // in a normal process, or if it's a process for an extension that has been
1276 // uninstalled.
1277 if (frame->top()->document().url() == url) {
1278 if (is_extension_url != extension_dispatcher_->is_extension_process())
1279 return true;
1280 }
1281 #endif // defined(ENABLE_EXTENSIONS)
1282
1283 return false;
1284 }
1285
1286 #if defined(ENABLE_EXTENSIONS)
1287 bool ChromeContentRendererClient::ShouldForwardToGuestContainer(
1288 const IPC::Message& msg) {
1289 return extensions::GuestViewContainer::HandlesMessage(msg);
1290 }
1291 #endif
1292
1293 bool ChromeContentRendererClient::WillSendRequest(
1294 blink::WebFrame* frame,
1295 ui::PageTransition transition_type,
1296 const GURL& url,
1297 const GURL& first_party_for_cookies,
1298 GURL* new_url) {
1299 // Check whether the request should be allowed. If not allowed, we reset the
1300 // URL to something invalid to prevent the request and cause an error.
1301 #if defined(ENABLE_EXTENSIONS)
1302 if (url.SchemeIs(extensions::kExtensionScheme) &&
1303 !extensions::ResourceRequestPolicy::CanRequestResource(
1304 url,
1305 frame,
1306 transition_type,
1307 extension_dispatcher_->extensions())) {
1308 *new_url = GURL(chrome::kExtensionInvalidRequestURL);
1309 return true;
1310 }
1311
1312 if (url.SchemeIs(extensions::kExtensionResourceScheme) &&
1313 !extensions::ResourceRequestPolicy::CanRequestExtensionResourceScheme(
1314 url,
1315 frame)) {
1316 *new_url = GURL(chrome::kExtensionResourceInvalidRequestURL);
1317 return true;
1318 }
1319 #endif
1320
1321 const content::RenderView* render_view =
1322 content::RenderView::FromWebView(frame->view());
1323 SearchBox* search_box = SearchBox::Get(render_view);
1324 if (search_box && url.SchemeIs(chrome::kChromeSearchScheme)) {
1325 if (url.host() == chrome::kChromeUIThumbnailHost)
1326 return search_box->GenerateThumbnailURLFromTransientURL(url, new_url);
1327 else if (url.host() == chrome::kChromeUIFaviconHost)
1328 return search_box->GenerateFaviconURLFromTransientURL(url, new_url);
1329 }
1330
1331 return false;
1332 }
1333
1334 void ChromeContentRendererClient::DidCreateScriptContext(
1335 WebFrame* frame, v8::Handle<v8::Context> context, int extension_group,
1336 int world_id) {
1337 #if defined(ENABLE_EXTENSIONS)
1338 extension_dispatcher_->DidCreateScriptContext(
1339 frame, context, extension_group, world_id);
1340 #endif
1341 }
1342
1343 unsigned long long ChromeContentRendererClient::VisitedLinkHash(
1344 const char* canonical_url, size_t length) {
1345 return visited_link_slave_->ComputeURLFingerprint(canonical_url, length);
1346 }
1347
1348 bool ChromeContentRendererClient::IsLinkVisited(unsigned long long link_hash) {
1349 return visited_link_slave_->IsVisited(link_hash);
1350 }
1351
1352 blink::WebPrescientNetworking*
1353 ChromeContentRendererClient::GetPrescientNetworking() {
1354 return prescient_networking_dispatcher_.get();
1355 }
1356
1357 bool ChromeContentRendererClient::ShouldOverridePageVisibilityState(
1358 const content::RenderFrame* render_frame,
1359 blink::WebPageVisibilityState* override_state) {
1360 if (!prerender::PrerenderHelper::IsPrerendering(render_frame))
1361 return false;
1362
1363 *override_state = blink::WebPageVisibilityStatePrerender;
1364 return true;
1365 }
1366
1367 #if defined(ENABLE_EXTENSIONS)
1368 void ChromeContentRendererClient::SetExtensionDispatcherForTest(
1369 extensions::Dispatcher* extension_dispatcher) {
1370 extension_dispatcher_.reset(extension_dispatcher);
1371 permissions_policy_delegate_.reset(
1372 new extensions::RendererPermissionsPolicyDelegate(
1373 extension_dispatcher_.get()));
1374 }
1375
1376 extensions::Dispatcher*
1377 ChromeContentRendererClient::GetExtensionDispatcherForTest() {
1378 return extension_dispatcher_.get();
1379 }
1380
1381 bool ChromeContentRendererClient::CrossesExtensionExtents(
1382 WebFrame* frame,
1383 const GURL& new_url,
1384 const extensions::ExtensionSet& extensions,
1385 bool is_extension_url,
1386 bool is_initial_navigation) {
1387 GURL old_url(frame->top()->document().url());
1388
1389 // If old_url is still empty and this is an initial navigation, then this is
1390 // a window.open operation. We should look at the opener URL.
1391 if (is_initial_navigation && old_url.is_empty() && frame->opener()) {
1392 // If we're about to open a normal web page from a same-origin opener stuck
1393 // in an extension process, we want to keep it in process to allow the
1394 // opener to script it.
1395 WebDocument opener_document = frame->opener()->document();
1396 WebSecurityOrigin opener = frame->opener()->document().securityOrigin();
1397 bool opener_is_extension_url =
1398 !opener.isUnique() && extensions.GetExtensionOrAppByURL(
1399 opener_document.url()) != NULL;
1400 if (!is_extension_url &&
1401 !opener_is_extension_url &&
1402 extension_dispatcher_->is_extension_process() &&
1403 opener.canRequest(WebURL(new_url)))
1404 return false;
1405
1406 // In all other cases, we want to compare against the top frame's URL (as
1407 // opposed to the opener frame's), since that's what determines the type of
1408 // process. This allows iframes outside an app to open a popup in the app.
1409 old_url = frame->top()->opener()->top()->document().url();
1410 }
1411
1412 // Only consider keeping non-app URLs in an app process if this window
1413 // has an opener (in which case it might be an OAuth popup that tries to
1414 // script an iframe within the app).
1415 bool should_consider_workaround = !!frame->opener();
1416
1417 return extensions::CrossesExtensionProcessBoundary(
1418 extensions, old_url, new_url, should_consider_workaround);
1419 }
1420 #endif // defined(ENABLE_EXTENSIONS)
1421
1422 #if defined(ENABLE_SPELLCHECK)
1423 void ChromeContentRendererClient::SetSpellcheck(SpellCheck* spellcheck) {
1424 RenderThread* thread = RenderThread::Get();
1425 if (spellcheck_.get() && thread)
1426 thread->RemoveObserver(spellcheck_.get());
1427 spellcheck_.reset(spellcheck);
1428 SpellCheckReplacer replacer(spellcheck_.get());
1429 content::RenderView::ForEach(&replacer);
1430 if (thread)
1431 thread->AddObserver(spellcheck_.get());
1432 }
1433 #endif
1434
1435 // static
1436 bool ChromeContentRendererClient::WasWebRequestUsedBySomeExtensions() {
1437 #if defined(ENABLE_EXTENSIONS)
1438 return g_current_client->extension_dispatcher_
1439 ->WasWebRequestUsedBySomeExtensions();
1440 #else
1441 return false;
1442 #endif
1443 }
1444
1445 const void* ChromeContentRendererClient::CreatePPAPIInterface(
1446 const std::string& interface_name) {
1447 #if defined(ENABLE_PLUGINS)
1448 #if !defined(DISABLE_NACL)
1449 if (interface_name == PPB_NACL_PRIVATE_INTERFACE)
1450 return nacl::GetNaClPrivateInterface();
1451 #endif // DISABLE_NACL
1452 if (interface_name == PPB_PDF_INTERFACE)
1453 return pdf::PPB_PDF_Impl::GetInterface();
1454 #endif
1455 return NULL;
1456 }
1457
1458 bool ChromeContentRendererClient::IsExternalPepperPlugin(
1459 const std::string& module_name) {
1460 // TODO(bbudge) remove this when the trusted NaCl plugin has been removed.
1461 // We must defer certain plugin events for NaCl instances since we switch
1462 // from the in-process to the out-of-process proxy after instantiating them.
1463 return module_name == "Native Client";
1464 }
1465
1466 #if defined(ENABLE_PLUGINS) && defined(ENABLE_EXTENSIONS)
1467 bool ChromeContentRendererClient::IsExtensionOrSharedModuleWhitelisted(
1468 const GURL& url, const std::set<std::string>& whitelist) {
1469 const extensions::ExtensionSet* extension_set =
1470 g_current_client->extension_dispatcher_->extensions();
1471 return chrome::IsExtensionOrSharedModuleWhitelisted(url, extension_set,
1472 whitelist);
1473 }
1474 #endif
1475
1476 blink::WebSpeechSynthesizer*
1477 ChromeContentRendererClient::OverrideSpeechSynthesizer(
1478 blink::WebSpeechSynthesizerClient* client) {
1479 return new TtsDispatcher(client);
1480 }
1481
1482 bool ChromeContentRendererClient::AllowPepperMediaStreamAPI(
1483 const GURL& url) {
1484 #if !defined(OS_ANDROID)
1485 // Allow only the Hangouts app to use the MediaStream APIs. It's OK to check
1486 // the whitelist in the renderer, since we're only preventing access until
1487 // these APIs are public and stable.
1488 std::string url_host = url.host();
1489 if (url.SchemeIs("https") &&
1490 (EndsWith(url_host, "talkgadget.google.com", false) ||
1491 EndsWith(url_host, "plus.google.com", false) ||
1492 EndsWith(url_host, "plus.sandbox.google.com", false)) &&
1493 StartsWithASCII(url.path(), "/hangouts/", false)) {
1494 return true;
1495 }
1496 // Allow access for tests.
1497 if (base::CommandLine::ForCurrentProcess()->HasSwitch(
1498 switches::kEnablePepperTesting)) {
1499 return true;
1500 }
1501 #endif // !defined(OS_ANDROID)
1502 return false;
1503 }
1504
1505 void ChromeContentRendererClient::AddKeySystems(
1506 std::vector<media::KeySystemInfo>* key_systems) {
1507 AddChromeKeySystems(key_systems);
1508 }
1509
1510 bool ChromeContentRendererClient::ShouldReportDetailedMessageForSource(
1511 const base::string16& source) const {
1512 #if defined(ENABLE_EXTENSIONS)
1513 return extensions::IsSourceFromAnExtension(source);
1514 #else
1515 return false;
1516 #endif
1517 }
1518
1519 bool ChromeContentRendererClient::ShouldEnableSiteIsolationPolicy() const {
1520 // SiteIsolationPolicy is off by default. We would like to activate cross-site
1521 // document blocking (for UMA data collection) for normal renderer processes
1522 // running a normal web page from the Internet. We only turn on
1523 // SiteIsolationPolicy for a renderer process that does not have the extension
1524 // flag on.
1525 #if defined(ENABLE_EXTENSIONS)
1526 base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
1527 return !command_line->HasSwitch(extensions::switches::kExtensionProcess);
1528 #else
1529 return true;
1530 #endif
1531 }
1532
1533 blink::WebWorkerPermissionClientProxy*
1534 ChromeContentRendererClient::CreateWorkerPermissionClientProxy(
1535 content::RenderFrame* render_frame,
1536 blink::WebFrame* frame) {
1537 return new WorkerPermissionClientProxy(render_frame, frame);
1538 }
1539
1540 bool ChromeContentRendererClient::IsPluginAllowedToUseDevChannelAPIs() {
1541 #if defined(ENABLE_PLUGINS)
1542 // Allow access for tests.
1543 if (base::CommandLine::ForCurrentProcess()->HasSwitch(
1544 switches::kEnablePepperTesting)) {
1545 return true;
1546 }
1547
1548 chrome::VersionInfo::Channel channel = chrome::VersionInfo::GetChannel();
1549 // Allow dev channel APIs to be used on "Canary", "Dev", and "Unknown"
1550 // releases of Chrome. Permitting "Unknown" allows these APIs to be used on
1551 // Chromium builds as well.
1552 return channel <= chrome::VersionInfo::CHANNEL_DEV;
1553 #else
1554 return false;
1555 #endif
1556 }
1557
1558 bool ChromeContentRendererClient::IsPluginAllowedToUseCompositorAPI(
1559 const GURL& url) {
1560 #if defined(ENABLE_PLUGINS) && defined(ENABLE_EXTENSIONS)
1561 if (base::CommandLine::ForCurrentProcess()->HasSwitch(
1562 switches::kEnablePepperTesting))
1563 return true;
1564 if (IsExtensionOrSharedModuleWhitelisted(url, allowed_compositor_origins_))
1565 return true;
1566
1567 chrome::VersionInfo::Channel channel = chrome::VersionInfo::GetChannel();
1568 return channel <= chrome::VersionInfo::CHANNEL_DEV;
1569 #else
1570 return false;
1571 #endif
1572 }
1573
1574 content::BrowserPluginDelegate*
1575 ChromeContentRendererClient::CreateBrowserPluginDelegate(
1576 content::RenderFrame* render_frame,
1577 const std::string& mime_type,
1578 const GURL& original_url) {
1579 #if defined(ENABLE_EXTENSIONS)
1580 if (mime_type == content::kBrowserPluginMimeType) {
1581 return new extensions::ExtensionsGuestViewContainer(render_frame);
1582 } else {
1583 return new extensions::MimeHandlerViewContainer(
1584 render_frame, mime_type, original_url);
1585 }
1586 #else
1587 return NULL;
1588 #endif
1589 }