diff options
| author | jam@chromium.org <jam@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-05-12 18:15:30 +0000 |
|---|---|---|
| committer | jam@chromium.org <jam@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-05-12 18:15:30 +0000 |
| commit | 45316d6f9cd510bd1b4604c38713272b2c8a7c9e (patch) | |
| tree | 4055d1f19f436e9f1bf0d44a648e95e45b1e82d3 | |
| parent | fd59f820f28a384de8f880237979e7fe28854040 (diff) | |
| download | chromium_src-45316d6f9cd510bd1b4604c38713272b2c8a7c9e.zip chromium_src-45316d6f9cd510bd1b4604c38713272b2c8a7c9e.tar.gz chromium_src-45316d6f9cd510bd1b4604c38713272b2c8a7c9e.tar.bz2 | |
Chrome side of having the WebKit FileSystem API use WebPermissionClient for checking if using file system is fine. Depends on https://bugs.webkit.org/show_bug.cgi?id=60683
BUG=76793
Review URL: http://codereview.chromium.org/7012007
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@85153 0039d316-1c4b-4281-b951-d872f2087c98
18 files changed, 112 insertions, 48 deletions
diff --git a/chrome/browser/chrome_worker_message_filter.cc b/chrome/browser/chrome_worker_message_filter.cc index e6d7bcb..babf251 100644 --- a/chrome/browser/chrome_worker_message_filter.cc +++ b/chrome/browser/chrome_worker_message_filter.cc @@ -23,6 +23,7 @@ bool ChromeWorkerMessageFilter::OnMessageReceived(const IPC::Message& message) { bool handled = true; IPC_BEGIN_MESSAGE_MAP(ChromeWorkerMessageFilter, message) IPC_MESSAGE_HANDLER(WorkerProcessHostMsg_AllowDatabase, OnAllowDatabase) + IPC_MESSAGE_HANDLER(WorkerProcessHostMsg_AllowFileSystem, OnAllowFileSystem) IPC_MESSAGE_UNHANDLED(handled = false) IPC_END_MESSAGE_MAP() @@ -65,3 +66,14 @@ void ChromeWorkerMessageFilter::OnAllowDatabase(int worker_route_id, break; } } + +void ChromeWorkerMessageFilter::OnAllowFileSystem(int worker_route_id, + const GURL& url, + bool* result) { + // TODO(kinuko): Need to notify the UI thread to indicate that + // there's a blocked content. See the above for inspiration. + ContentSetting content_setting = + host_content_settings_map_->GetContentSetting( + url, CONTENT_SETTINGS_TYPE_COOKIES, ""); + *result = content_setting != CONTENT_SETTING_BLOCK; +} diff --git a/chrome/browser/chrome_worker_message_filter.h b/chrome/browser/chrome_worker_message_filter.h index 532337b..6b3f4aa 100644 --- a/chrome/browser/chrome_worker_message_filter.h +++ b/chrome/browser/chrome_worker_message_filter.h @@ -35,6 +35,9 @@ class ChromeWorkerMessageFilter : public IPC::ChannelProxy::MessageFilter, const string16& display_name, unsigned long estimated_size, bool* result); + void OnAllowFileSystem(int worker_route_id, + const GURL& url, + bool* result); WorkerProcessHost* process_; scoped_refptr<HostContentSettingsMap> host_content_settings_map_; diff --git a/chrome/browser/renderer_host/chrome_render_message_filter.cc b/chrome/browser/renderer_host/chrome_render_message_filter.cc index 35834fa..56caebd 100644 --- a/chrome/browser/renderer_host/chrome_render_message_filter.cc +++ b/chrome/browser/renderer_host/chrome_render_message_filter.cc @@ -82,6 +82,7 @@ bool ChromeRenderMessageFilter::OnMessageReceived(const IPC::Message& message, IPC_MESSAGE_HANDLER(ViewHostMsg_GetPluginPolicies, OnGetPluginPolicies) IPC_MESSAGE_HANDLER(ViewHostMsg_AllowDatabase, OnAllowDatabase) IPC_MESSAGE_HANDLER(ViewHostMsg_AllowDOMStorage, OnAllowDOMStorage) + IPC_MESSAGE_HANDLER(ViewHostMsg_AllowFileSystem, OnAllowFileSystem) IPC_MESSAGE_HANDLER(ViewHostMsg_AllowIndexedDB, OnAllowIndexedDB) IPC_MESSAGE_HANDLER(ViewHostMsg_CanTriggerClipboardRead, OnCanTriggerClipboardRead) @@ -359,6 +360,20 @@ void ChromeRenderMessageFilter::OnAllowDOMStorage(int render_view_id, render_process_id_, render_view_id, url, type, !*allowed)); } +void ChromeRenderMessageFilter::OnAllowFileSystem(int render_view_id, + const GURL& url, + bool* allowed) { + + // TODO(kinuko): Need to notify the UI thread to indicate that + // there's a blocked content. See the above for inspiration. + ContentSetting setting = host_content_settings_map_->GetContentSetting( + url, CONTENT_SETTINGS_TYPE_COOKIES, ""); + DCHECK((setting == CONTENT_SETTING_ALLOW) || + (setting == CONTENT_SETTING_BLOCK) || + (setting == CONTENT_SETTING_SESSION_ONLY)); + *allowed = setting != CONTENT_SETTING_BLOCK; +} + void ChromeRenderMessageFilter::OnAllowIndexedDB(int render_view_id, const string16& origin_url, const string16& name, diff --git a/chrome/browser/renderer_host/chrome_render_message_filter.h b/chrome/browser/renderer_host/chrome_render_message_filter.h index 5ff7bb1..a3293b3 100644 --- a/chrome/browser/renderer_host/chrome_render_message_filter.h +++ b/chrome/browser/renderer_host/chrome_render_message_filter.h @@ -93,6 +93,7 @@ class ChromeRenderMessageFilter : public BrowserMessageFilter { const GURL& url, DOMStorageType type, bool* allowed); + void OnAllowFileSystem(int render_view_id, const GURL& url, bool* allowed); void OnAllowIndexedDB(int render_view_id, const string16& origin_url, const string16& name, diff --git a/chrome/common/render_messages.h b/chrome/common/render_messages.h index 80534d8..c3db8f6 100644 --- a/chrome/common/render_messages.h +++ b/chrome/common/render_messages.h @@ -315,6 +315,13 @@ IPC_SYNC_MESSAGE_CONTROL3_1(ViewHostMsg_AllowDOMStorage, DOMStorageType /* type */, bool /* allowed */) +// Sent by the renderer process to check whether access to FileSystem is +// granted by content settings. +IPC_SYNC_MESSAGE_CONTROL2_1(ViewHostMsg_AllowFileSystem, + int /* render_view_id */, + GURL /* origin_url */, + bool /* allowed */) + // Sent by the renderer process to check whether access to Indexed DBis // granted by content settings. IPC_SYNC_MESSAGE_CONTROL3_1(ViewHostMsg_AllowIndexedDB, diff --git a/chrome/renderer/chrome_render_view_observer.cc b/chrome/renderer/chrome_render_view_observer.cc index 9bdb65e..e05503b 100644 --- a/chrome/renderer/chrome_render_view_observer.cc +++ b/chrome/renderer/chrome_render_view_observer.cc @@ -301,6 +301,10 @@ bool ChromeRenderViewObserver::allowDatabase( frame, name, display_name, estimated_size); } +bool ChromeRenderViewObserver::allowFileSystem(WebFrame* frame) { + return content_settings_->AllowFileSystem(frame); +} + bool ChromeRenderViewObserver::allowImages(WebFrame* frame, bool enabled_per_settings) { return content_settings_->AllowImages(frame, enabled_per_settings); diff --git a/chrome/renderer/chrome_render_view_observer.h b/chrome/renderer/chrome_render_view_observer.h index 7ead50f..863a5b9 100644 --- a/chrome/renderer/chrome_render_view_observer.h +++ b/chrome/renderer/chrome_render_view_observer.h @@ -69,12 +69,13 @@ class ChromeRenderViewObserver : public RenderViewObserver, const WebKit::WebString& name, const WebKit::WebString& display_name, unsigned long estimated_size) OVERRIDE; + // TODO(jam): add OVERRIDE once WebKit is rolled. + virtual bool allowFileSystem(WebKit::WebFrame* frame); virtual bool allowImages(WebKit::WebFrame* frame, bool enabled_per_settings) OVERRIDE; - // TODO(jam): add OVERRIDE once WebKit is rolled. virtual bool allowIndexedDB(WebKit::WebFrame* frame, const WebKit::WebString& name, - const WebKit::WebSecurityOrigin& origin); + const WebKit::WebSecurityOrigin& origin) OVERRIDE; virtual bool allowPlugins(WebKit::WebFrame* frame, bool enabled_per_settings) OVERRIDE; virtual bool allowScript(WebKit::WebFrame* frame, diff --git a/chrome/renderer/content_settings_observer.cc b/chrome/renderer/content_settings_observer.cc index ec51b8b..d9ebc24 100644 --- a/chrome/renderer/content_settings_observer.cc +++ b/chrome/renderer/content_settings_observer.cc @@ -145,6 +145,17 @@ bool ContentSettingsObserver::AllowDatabase(WebFrame* frame, return result; } +bool ContentSettingsObserver::AllowFileSystem(WebFrame* frame) { + WebSecurityOrigin origin = frame->securityOrigin(); + if (origin.isEmpty()) + return false; // Uninitialized document? + + bool result = false; + Send(new ViewHostMsg_AllowFileSystem( + routing_id(), GURL(origin.toString()), &result)); + return result; +} + bool ContentSettingsObserver::AllowImages(WebFrame* frame, bool enabled_per_settings) { if (enabled_per_settings && diff --git a/chrome/renderer/content_settings_observer.h b/chrome/renderer/content_settings_observer.h index 9221a7f..2cc548d 100644 --- a/chrome/renderer/content_settings_observer.h +++ b/chrome/renderer/content_settings_observer.h @@ -45,6 +45,7 @@ class ContentSettingsObserver const WebKit::WebString& name, const WebKit::WebString& display_name, unsigned long estimated_size); + bool AllowFileSystem(WebKit::WebFrame* frame); bool AllowImages(WebKit::WebFrame* frame, bool enabled_per_settings); bool AllowIndexedDB(WebKit::WebFrame* frame, const WebKit::WebString& name, diff --git a/content/browser/content_browser_client.h b/content/browser/content_browser_client.h index 2de7751..d2b0824 100644 --- a/content/browser/content_browser_client.h +++ b/content/browser/content_browser_client.h @@ -39,12 +39,14 @@ class ContentBrowserClient { Profile* profile, const GURL& url); - // Notifies that a BrowserRenderProcessHost has been created. This is called + // Notifies that a BrowserRenderProcessHost has been created. This is called // before the content layer adds its own BrowserMessageFilters, so that the // embedder's IPC filters have priority. virtual void BrowserRenderProcessHostCreated(BrowserRenderProcessHost* host); - // Notifies that a WorkerProcessHost has been created. + // Notifies that a WorkerProcessHost has been created. This is called + // before the content layer adds its own message filters, so that the + // embedder's IPC filters have priority. virtual void WorkerProcessHostCreated(WorkerProcessHost* host); // Gets the WebUIFactory which will be responsible for generating WebUIs. diff --git a/content/browser/file_system/file_system_dispatcher_host.cc b/content/browser/file_system/file_system_dispatcher_host.cc index 7989f604..b6c50b7 100644 --- a/content/browser/file_system/file_system_dispatcher_host.cc +++ b/content/browser/file_system/file_system_dispatcher_host.cc @@ -11,7 +11,6 @@ #include "base/platform_file.h" #include "base/threading/thread.h" #include "base/time.h" -#include "chrome/browser/content_settings/host_content_settings_map.h" #include "chrome/browser/profiles/profile.h" #include "content/browser/resource_context.h" #include "content/common/file_system_messages.h" @@ -105,26 +104,20 @@ class BrowserFileSystemCallbackDispatcher }; FileSystemDispatcherHost::FileSystemDispatcherHost( - const content::ResourceContext* resource_context, - HostContentSettingsMap* host_content_settings_map) + const content::ResourceContext* resource_context) : context_(NULL), - host_content_settings_map_(host_content_settings_map), resource_context_(resource_context), request_context_(NULL) { DCHECK(resource_context_); - DCHECK(host_content_settings_map_); } FileSystemDispatcherHost::FileSystemDispatcherHost( net::URLRequestContext* request_context, - HostContentSettingsMap* host_content_settings_map, fileapi::FileSystemContext* file_system_context) : context_(file_system_context), - host_content_settings_map_(host_content_settings_map), resource_context_(NULL), request_context_(request_context) { DCHECK(request_context_); - DCHECK(host_content_settings_map_); DCHECK(context_); } @@ -171,20 +164,6 @@ bool FileSystemDispatcherHost::OnMessageReceived( void FileSystemDispatcherHost::OnOpen( int request_id, const GURL& origin_url, fileapi::FileSystemType type, int64 requested_size, bool create) { - ContentSetting content_setting = - host_content_settings_map_->GetContentSetting( - origin_url, CONTENT_SETTINGS_TYPE_COOKIES, ""); - DCHECK((content_setting == CONTENT_SETTING_ALLOW) || - (content_setting == CONTENT_SETTING_BLOCK) || - (content_setting == CONTENT_SETTING_SESSION_ONLY)); - if (content_setting == CONTENT_SETTING_BLOCK) { - // TODO(kinuko): Need to notify the UI thread to indicate that - // there's a blocked content. - Send(new FileSystemMsg_OpenComplete( - request_id, false, std::string(), GURL())); - return; - } - GetNewOperation(request_id)->OpenFileSystem(origin_url, type, create); } diff --git a/content/browser/file_system/file_system_dispatcher_host.h b/content/browser/file_system/file_system_dispatcher_host.h index 33203d1..48867d5 100644 --- a/content/browser/file_system/file_system_dispatcher_host.h +++ b/content/browser/file_system/file_system_dispatcher_host.h @@ -13,7 +13,6 @@ #include "webkit/fileapi/file_system_types.h" class GURL; -class HostContentSettingsMap; class Profile; class Receiver; class RenderMessageFilter; @@ -38,12 +37,10 @@ class URLRequestContext; class FileSystemDispatcherHost : public BrowserMessageFilter { public: // Used by the renderer. - FileSystemDispatcherHost( - const content::ResourceContext* resource_context, - HostContentSettingsMap* host_content_settings_map); + explicit FileSystemDispatcherHost( + const content::ResourceContext* resource_context); // Used by the worker, since it has the context handy already. FileSystemDispatcherHost(net::URLRequestContext* request_context, - HostContentSettingsMap* host_content_settings_map, fileapi::FileSystemContext* file_system_context); ~FileSystemDispatcherHost(); @@ -92,9 +89,6 @@ class FileSystemDispatcherHost : public BrowserMessageFilter { fileapi::FileSystemContext* context_; - // Used to look up permissions. - scoped_refptr<HostContentSettingsMap> host_content_settings_map_; - // Keeps ongoing file system operations. typedef IDMap<fileapi::FileSystemOperation> OperationsMap; OperationsMap operations_; diff --git a/content/browser/renderer_host/browser_render_process_host.cc b/content/browser/renderer_host/browser_render_process_host.cc index d0b4621..00aa5c3 100644 --- a/content/browser/renderer_host/browser_render_process_host.cc +++ b/content/browser/renderer_host/browser_render_process_host.cc @@ -371,8 +371,7 @@ void BrowserRenderProcessHost::CreateMessageFilters() { new PepperMessageFilter(&profile()->GetResourceContext())); channel_->AddFilter(new speech_input::SpeechInputDispatcherHost(id())); channel_->AddFilter( - new FileSystemDispatcherHost(&profile()->GetResourceContext(), - profile()->GetHostContentSettingsMap())); + new FileSystemDispatcherHost(&profile()->GetResourceContext())); channel_->AddFilter(new device_orientation::MessageFilter()); channel_->AddFilter( new BlobMessageFilter(id(), profile()->GetBlobStorageContext())); diff --git a/content/browser/worker_host/worker_process_host.cc b/content/browser/worker_host/worker_process_host.cc index 082e09c..aaaccaa 100644 --- a/content/browser/worker_host/worker_process_host.cc +++ b/content/browser/worker_host/worker_process_host.cc @@ -201,9 +201,9 @@ bool WorkerProcessHost::Init(int render_process_id) { base::PLATFORM_FILE_WRITE_ATTRIBUTES); } - CreateMessageFilters(render_process_id); - + // Call the embedder first so that their IPC filters have priority. content::GetContentClient()->browser()->WorkerProcessHostCreated(this); + CreateMessageFilters(render_process_id); return true; } @@ -228,9 +228,7 @@ void WorkerProcessHost::CreateMessageFilters(int render_process_id) { AddFilter(worker_message_filter_); AddFilter(new AppCacheDispatcherHost(resource_context_, id())); AddFilter(new FileSystemDispatcherHost( - request_context, - resource_context_->host_content_settings_map(), - resource_context_->file_system_context())); + request_context, resource_context_->file_system_context())); AddFilter(new FileUtilitiesMessageFilter(id())); AddFilter( new BlobMessageFilter(id(), resource_context_->blob_storage_context())); @@ -293,6 +291,8 @@ bool WorkerProcessHost::OnMessageReceived(const IPC::Message& message) { IPC_BEGIN_MESSAGE_MAP_EX(WorkerProcessHost, message, msg_is_ok) IPC_MESSAGE_HANDLER(WorkerHostMsg_WorkerContextClosed, OnWorkerContextClosed) + IPC_MESSAGE_HANDLER(WorkerProcessHostMsg_AllowDatabase, OnAllowDatabase) + IPC_MESSAGE_HANDLER(WorkerProcessHostMsg_AllowFileSystem, OnAllowFileSystem) IPC_MESSAGE_UNHANDLED(handled = false) IPC_END_MESSAGE_MAP_EX() @@ -338,6 +338,21 @@ void WorkerProcessHost::OnWorkerContextClosed(int worker_route_id) { } } +void WorkerProcessHost::OnAllowDatabase(int worker_route_id, + const GURL& url, + const string16& name, + const string16& display_name, + unsigned long estimated_size, + bool* result) { + *result = true; +} + +void WorkerProcessHost::OnAllowFileSystem(int worker_route_id, + const GURL& url, + bool* result) { + *result = true; +} + void WorkerProcessHost::RelayMessage( const IPC::Message& message, WorkerMessageFilter* filter, diff --git a/content/browser/worker_host/worker_process_host.h b/content/browser/worker_host/worker_process_host.h index 720e217..29637b0 100644 --- a/content/browser/worker_host/worker_process_host.h +++ b/content/browser/worker_host/worker_process_host.h @@ -162,6 +162,15 @@ class WorkerProcessHost : public BrowserChildProcessHost { virtual bool OnMessageReceived(const IPC::Message& message); void OnWorkerContextClosed(int worker_route_id); + void OnAllowDatabase(int worker_route_id, + const GURL& url, + const string16& name, + const string16& display_name, + unsigned long estimated_size, + bool* result); + void OnAllowFileSystem(int worker_route_id, + const GURL& url, + bool* result); // Relays a message to the given endpoint. Takes care of parsing the message // if it contains a message port and sending it a valid route id. diff --git a/content/common/worker_messages.h b/content/common/worker_messages.h index 3b1e79f..20e0d26 100644 --- a/content/common/worker_messages.h +++ b/content/common/worker_messages.h @@ -118,7 +118,7 @@ IPC_MESSAGE_CONTROL2(WorkerProcessHostMsg_SendQueuedMessages, std::vector<QueuedMessage> /* queued_messages */) // Sent by the worker process to check whether access to web databases is -// granted by content settings. +// allowed. IPC_SYNC_MESSAGE_CONTROL5_1(WorkerProcessHostMsg_AllowDatabase, int /* worker_route_id */, GURL /* origin url */, @@ -127,6 +127,12 @@ IPC_SYNC_MESSAGE_CONTROL5_1(WorkerProcessHostMsg_AllowDatabase, unsigned long /* estimated size */, bool /* result */) +// Sent by the worker process to check whether access to file system is allowed. +IPC_SYNC_MESSAGE_CONTROL2_1(WorkerProcessHostMsg_AllowFileSystem, + int /* worker_route_id */, + GURL /* origin url */, + bool /* result */) + //----------------------------------------------------------------------------- // Worker messages // These are messages sent from the renderer process to the worker process. diff --git a/content/worker/webworkerclient_proxy.cc b/content/worker/webworkerclient_proxy.cc index 3f67170..f665de5 100644 --- a/content/worker/webworkerclient_proxy.cc +++ b/content/worker/webworkerclient_proxy.cc @@ -149,12 +149,17 @@ bool WebWorkerClientProxy::allowDatabase(WebFrame* frame, if (origin.isEmpty()) return false; - bool result; - if (!Send(new WorkerProcessHostMsg_AllowDatabase(route_id_, - GURL(origin.toString().utf8()), name, display_name, estimated_size, - &result))) - return false; + bool result = false; + Send(new WorkerProcessHostMsg_AllowDatabase( + route_id_, GURL(origin.toString().utf8()), name, display_name, + estimated_size, &result)); + return result; +} +bool WebWorkerClientProxy::allowFileSystem() { + bool result = false; + Send(new WorkerProcessHostMsg_AllowFileSystem( + route_id_, stub_->url().GetOrigin(), &result)); return result; } diff --git a/content/worker/webworkerclient_proxy.h b/content/worker/webworkerclient_proxy.h index 580738c..66268a2 100644 --- a/content/worker/webworkerclient_proxy.h +++ b/content/worker/webworkerclient_proxy.h @@ -73,7 +73,7 @@ class WebWorkerClientProxy : public WebKit::WebWorkerClient { const WebKit::WebString& name, const WebKit::WebString& display_name, unsigned long estimated_size); - + virtual bool allowFileSystem(); virtual void openFileSystem(WebKit::WebFileSystem::Type type, long long size, bool create, |