Restrict platform app access to WebKit features by modifying JS bindings.

BUG=119751
TEST=PlatformAppBrowserTest.*

Review URL: http://codereview.chromium.org/9963019

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@130946 0039d316-1c4b-4281-b951-d872f2087c98

10 files changed, 174 insertions, 25 deletions

diff --git a/chrome/browser/extensions/platform_app_browsertest.cc b/chrome/browser/extensions/platform_app_browsertest.cc
index 3aeac39..4a2b48f 100644
--- a/chrome/browser/extensions/platform_app_browsertest.cc
+++ b/chrome/browser/extensions/platform_app_browsertest.cc
@@ -176,15 +176,15 @@ IN_PROC_BROWSER_TEST_F(PlatformAppBrowserTest, DisallowNavigation) {
   EXPECT_TRUE(result);
 }
 
-IN_PROC_BROWSER_TEST_F(PlatformAppBrowserTest, DisallowModalDialogs) {
-  ASSERT_TRUE(RunPlatformAppTest("platform_apps/modal_dialogs")) << message_;
-}
-
 // Tests that localStorage and WebSQL are disabled for platform apps.
 IN_PROC_BROWSER_TEST_F(PlatformAppBrowserTest, DisallowStorage) {
   ASSERT_TRUE(RunPlatformAppTest("platform_apps/storage")) << message_;
 }
 
+IN_PROC_BROWSER_TEST_F(PlatformAppBrowserTest, Restrictions) {
+  ASSERT_TRUE(RunPlatformAppTest("platform_apps/restrictions")) << message_;
+}
+
 // Tests that platform apps can use the chrome.windows.* API.
 #if defined(USE_AURA)
 // On Aura, this currently fails because the window width is returned as 256
diff --git a/chrome/chrome_renderer.gypi b/chrome/chrome_renderer.gypi
index 57ee53d..9148db4 100644
--- a/chrome/chrome_renderer.gypi
+++ b/chrome/chrome_renderer.gypi
@@ -154,6 +154,7 @@
         'renderer/resources/extensions/page_action_custom_bindings.js',
         'renderer/resources/extensions/page_actions_custom_bindings.js',
         'renderer/resources/extensions/page_capture_custom_bindings.js',
+        'renderer/resources/extensions/platform_app.js',
         'renderer/resources/extensions/schema_generated_bindings.js',
         'renderer/resources/extensions/send_request.js',
         'renderer/resources/extensions/set_icon.js',
diff --git a/chrome/renderer/extensions/extension_dispatcher.cc b/chrome/renderer/extensions/extension_dispatcher.cc
index 561cb04..eb320fd 100644
--- a/chrome/renderer/extensions/extension_dispatcher.cc
+++ b/chrome/renderer/extensions/extension_dispatcher.cc
@@ -527,6 +527,7 @@ void ExtensionDispatcher::PopulateSourceMap() {
   source_map_.RegisterSource("pageAction", IDR_PAGE_ACTION_CUSTOM_BINDINGS_JS);
   source_map_.RegisterSource("pageCapture",
                              IDR_PAGE_CAPTURE_CUSTOM_BINDINGS_JS);
+  source_map_.RegisterSource("platformApp", IDR_PLATFORM_APP_JS);
   source_map_.RegisterSource("storage", IDR_STORAGE_CUSTOM_BINDINGS_JS);
   source_map_.RegisterSource("tabs", IDR_TABS_CUSTOM_BINDINGS_JS);
   source_map_.RegisterSource("tts", IDR_TTS_CUSTOM_BINDINGS_JS);
@@ -657,6 +658,11 @@ void ExtensionDispatcher::DidCreateScriptContext(
     InstallBindings(module_system.get(), v8_context, "extension");
   }
 
+  // Inject custom JS into the platform app context to block certain features
+  // of the document and window.
+  if (extension && extension->is_platform_app())
+    module_system->Require("platformApp");
+
   context->set_module_system(module_system.Pass());
 
   context->DispatchOnLoadEvent(
diff --git a/chrome/renderer/renderer_resources.grd b/chrome/renderer/renderer_resources.grd
index 08a7a8f..599d2dd 100644
--- a/chrome/renderer/renderer_resources.grd
+++ b/chrome/renderer/renderer_resources.grd
@@ -22,6 +22,7 @@ without changes to the corresponding grd file. fb9 -->
       <include name="IDR_MISCELLANEOUS_BINDINGS_JS" file="resources\extensions\miscellaneous_bindings.js" type="BINDATA" />
       <include name="IDR_NET_ERROR_HTML" file="resources\neterror.html" flattenhtml="true" type="BINDATA" />
       <include name="IDR_PLATFORM_APP_CSS" file="resources\extensions\platform_app.css" type="BINDATA" />
+      <include name="IDR_PLATFORM_APP_JS" file="resources\extensions\platform_app.js" type="BINDATA" />
       <include name="IDR_SAD_PLUGIN" file="resources\sadplugin.png" type="BINDATA" />
       <include name="IDR_SCHEMA_GENERATED_BINDINGS_JS" file="resources\extensions\schema_generated_bindings.js" type="BINDATA" />
 
diff --git a/chrome/renderer/resources/extensions/platform_app.css b/chrome/renderer/resources/extensions/platform_app.css
index fddbe16..3216539 100644
--- a/chrome/renderer/resources/extensions/platform_app.css
+++ b/chrome/renderer/resources/extensions/platform_app.css
@@ -1,4 +1,8 @@
 /*
+ * Copyright (c) 2012 The Chromium Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
  * A style sheet for Chrome platform apps.
  */
 
diff --git a/chrome/renderer/resources/extensions/platform_app.js b/chrome/renderer/resources/extensions/platform_app.js
new file mode 100644
index 0000000..3660a81
--- /dev/null
+++ b/chrome/renderer/resources/extensions/platform_app.js
@@ -0,0 +1,40 @@
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+var errorMsg = 'Not available for platform apps.';
+var stub = function() { throw errorMsg; };
+
+// Disable document.open|close|write.
+document.open = stub;
+document.close = stub;
+document.write = stub;
+
+// Disable history.
+window.history = {
+  open: stub,
+  back: stub,
+  forward: stub,
+  go: stub,
+  pushState: stub,
+  replaceState: stub,
+  get length() { throw errorMsg; },
+  get state() { throw errorMsg; }
+};
+
+// Disable find.
+window.find = stub;
+
+// Disable modal dialogs.
+window.alert = stub;
+window.confirm = stub;
+window.prompt = stub;
+
+// Disable window.*bar.
+var stubBar = { get visible() { throw errorMsg; } };
+window.locationbar = stubBar;
+window.menubar = stubBar;
+window.personalbar = stubBar;
+window.scrollbars = stubBar;
+window.statusbar = stubBar;
+window.toolbar = stubBar;
diff --git a/chrome/test/data/extensions/platform_apps/modal_dialogs/test.js b/chrome/test/data/extensions/platform_apps/modal_dialogs/test.js
deleted file mode 100644
index 2b015ea..0000000
--- a/chrome/test/data/extensions/platform_apps/modal_dialogs/test.js
+++ /dev/null
@@ -1,20 +0,0 @@
-// Copyright (c) 2012 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-chrome.test.runTests([
-  function testAlert() {
-    alert("You shouldn't see this.... woot!");
-    chrome.test.succeed();
-  },
-
-  function testConfirm() {
-    chrome.test.assertFalse(confirm("Should this test fail?"));
-    chrome.test.succeed();
-  },
-
-  function testPrompt() {
-    chrome.test.assertEq(null, prompt("Return null to pass!"));
-    chrome.test.succeed();
-  }
-]);
diff --git a/chrome/test/data/extensions/platform_apps/modal_dialogs/main.html b/chrome/test/data/extensions/platform_apps/restrictions/main.html
index 78a21b8..78a21b8 100644
--- a/chrome/test/data/extensions/platform_apps/modal_dialogs/main.html
+++ b/chrome/test/data/extensions/platform_apps/restrictions/main.html
diff --git a/chrome/test/data/extensions/platform_apps/modal_dialogs/manifest.json b/chrome/test/data/extensions/platform_apps/restrictions/manifest.json
index bbc6e17..a268b09 100644
--- a/chrome/test/data/extensions/platform_apps/modal_dialogs/manifest.json
+++ b/chrome/test/data/extensions/platform_apps/restrictions/manifest.json
@@ -1,5 +1,5 @@
 {
-  "name": "Platform App Test: modal dialogs are disallowed",
+  "name": "Platform App Test: various document and window restrictions",
   "platform_app": true,
   "version": "1",
   "manifest_version": 2,
diff --git a/chrome/test/data/extensions/platform_apps/restrictions/test.js b/chrome/test/data/extensions/platform_apps/restrictions/test.js
new file mode 100644
index 0000000..25008d6
--- /dev/null
+++ b/chrome/test/data/extensions/platform_apps/restrictions/test.js
@@ -0,0 +1,117 @@
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+var assertEq = chrome.test.assertEq;
+var fail = chrome.test.fail;
+var succeed = chrome.test.succeed;
+
+var error = "Not available for platform apps.";
+
+function assertThrowsError(method) {
+  try {
+    method();
+    fail("error not thrown");
+  } catch (e) {
+    assertEq(e, error);
+  }
+}
+
+chrome.test.runTests([
+  function testDocumentOpen() {
+    assertThrowsError(document.open);
+    succeed();
+  },
+
+  function testDocumentClose() {
+    assertThrowsError(document.close);
+    succeed();
+  },
+
+  function testDocumentWrite() {
+    assertThrowsError(document.write);
+    succeed();
+  },
+
+  function testWindowHistoryOpen() {
+    assertThrowsError(window.history.open);
+    assertThrowsError(history.open);
+    succeed();
+  },
+
+  function testWindowHistoryBack() {
+    assertThrowsError(window.history.back);
+    assertThrowsError(history.back);
+    succeed();
+  },
+
+  function testWindowHistoryForward() {
+    assertThrowsError(window.history.forward);
+    assertThrowsError(history.forward);
+    succeed();
+  },
+
+  function testWindowHistoryPushState() {
+    assertThrowsError(window.history.pushState);
+    assertThrowsError(history.pushState);
+    succeed();
+  },
+
+  function testWindowHistoryReplaceState() {
+    assertThrowsError(window.history.replaceState);
+    assertThrowsError(history.replaceState);
+    succeed();
+  },
+
+  function testWindowHistoryLength() {
+    assertThrowsError(function() {
+      var length = window.history.length;
+      length = history.length;
+    });
+    succeed();
+  },
+
+  function testWindowHistoryState() {
+    assertThrowsError(function() {
+      var state = window.history.state;
+      state = history.state;
+    });
+    succeed();
+  },
+
+  function testWindowFind() {
+    assertThrowsError(window.find);
+    assertThrowsError(find);
+    succeed();
+  },
+
+  function testWindowAlert() {
+    assertThrowsError(window.alert);
+    assertThrowsError(alert);
+    succeed();
+  },
+
+  function testWindowConfirm() {
+    assertThrowsError(window.confirm);
+    assertThrowsError(confirm);
+    succeed();
+  },
+
+  function testWindowPrompt() {
+    assertThrowsError(window.prompt);
+    assertThrowsError(prompt);
+    succeed();
+  },
+
+  function testBars() {
+    var bars = ['locationbar', 'menubar', 'personalbar',
+                'scrollbars', 'statusbar', 'toolbar'];
+    for (var x = 0; x < bars.length; x++) {
+      assertThrowsError(function() {
+        var visible = this[bars[x]].visible;
+        visible = window[bars[x]].visible;
+      });
+    }
+    succeed();
+  }
+]);