CPAPI (0.11) for gears drag drop.

Provide a method that allows the gears plugin to ask the browser
process to verify that its renderer has permission to access the
drop files. Update the copyright notices.

BUG=7995

Review URL: http://codereview.chromium.org/159074

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@21437 0039d316-1c4b-4281-b951-d872f2087c98

4 files changed, 34 insertions, 5 deletions

diff --git a/chrome/browser/child_process_security_policy.cc b/chrome/browser/child_process_security_policy.cc
index 20130e7..c1cb73e 100644
--- a/chrome/browser/child_process_security_policy.cc
+++ b/chrome/browser/child_process_security_policy.cc
@@ -1,4 +1,4 @@
-// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
+// Copyright (c) 2009 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
@@ -292,7 +292,7 @@ bool ChildProcessSecurityPolicy::CanRequestURL(int renderer_id, const GURL& url)
 }
 
 bool ChildProcessSecurityPolicy::CanUploadFile(int renderer_id,
-                                           const FilePath& file) {
+                                               const FilePath& file) {
   AutoLock lock(lock_);
 
   SecurityStateMap::iterator state = security_state_.find(renderer_id);
diff --git a/chrome/browser/chrome_plugin_host.cc b/chrome/browser/chrome_plugin_host.cc
index 75a2fc3..4e61732 100644
--- a/chrome/browser/chrome_plugin_host.cc
+++ b/chrome/browser/chrome_plugin_host.cc
@@ -1,4 +1,4 @@
-// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
+// Copyright (c) 2009 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
@@ -546,6 +546,12 @@ CPError STDCALL CPB_SetDropEffect(
   return CPERR_FAILURE;
 }
 
+CPError STDCALL CPB_AllowFileDrop(
+    CPID id, CPBrowsingContext context, const char* file_drag_data) {
+  NOTREACHED() << "Should not be called in the browser process.";
+  return CPERR_FAILURE;
+}
+
 //
 // Functions related to network interception
 //
@@ -789,6 +795,7 @@ CPBrowserFuncs* GetCPBrowserFuncsForBrowser() {
     browser_funcs.open_file_dialog = CPB_OpenFileDialog;
     browser_funcs.get_drag_data = CPB_GetDragData;
     browser_funcs.set_drop_effect = CPB_SetDropEffect;
+    browser_funcs.allow_file_drop = CPB_AllowFileDrop;
 
     request_funcs.size = sizeof(request_funcs);
     request_funcs.start_request = CPR_StartRequest;
diff --git a/chrome/browser/plugin_process_host.cc b/chrome/browser/plugin_process_host.cc
index f03b42f..ca2f502 100644
--- a/chrome/browser/plugin_process_host.cc
+++ b/chrome/browser/plugin_process_host.cc
@@ -1,4 +1,4 @@
-// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
+// Copyright (c) 2009 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
@@ -27,6 +27,7 @@
 #include "base/scoped_ptr.h"
 #include "base/thread.h"
 #include "chrome/browser/browser_process.h"
+#include "chrome/browser/child_process_security_policy.h"
 #include "chrome/browser/chrome_plugin_browsing_context.h"
 #include "chrome/browser/chrome_thread.h"
 #include "chrome/browser/plugin_service.h"
@@ -439,6 +440,7 @@ void PluginProcessHost::OnMessageReceived(const IPC::Message& msg) {
                         OnGetPluginFinderUrl)
     IPC_MESSAGE_HANDLER(PluginProcessHostMsg_PluginMessage, OnPluginMessage)
     IPC_MESSAGE_HANDLER(PluginProcessHostMsg_GetCookies, OnGetCookies)
+    IPC_MESSAGE_HANDLER(PluginProcessHostMsg_AccessFiles, OnAccessFiles)
     IPC_MESSAGE_HANDLER_DELAY_REPLY(PluginProcessHostMsg_ResolveProxy,
                                     OnResolveProxy)
 #if defined(OS_WIN)
@@ -507,6 +509,24 @@ void PluginProcessHost::OnGetCookies(uint32 request_context,
   *cookies = context->cookie_store()->GetCookies(url);
 }
 
+void PluginProcessHost::OnAccessFiles(int process_id,
+                                      const std::vector<std::string>& files,
+                                      bool* allowed) {
+  ChildProcessSecurityPolicy* policy =
+      ChildProcessSecurityPolicy::GetInstance();
+
+  for (size_t i = 0; i < files.size(); ++i) {
+    const FilePath path = FilePath::FromWStringHack(UTF8ToWide(files[i]));
+    if (!policy->CanUploadFile(process_id, path)) {
+      LOG(INFO) << "Denied unauthorized request for file " << files[i];
+      *allowed = false;
+      return;
+    }
+  }
+
+  *allowed = true;
+}
+
 void PluginProcessHost::OnResolveProxy(const GURL& url,
                                        IPC::Message* reply_msg) {
   resolve_proxy_msg_helper_.Start(url, reply_msg);
diff --git a/chrome/browser/plugin_process_host.h b/chrome/browser/plugin_process_host.h
index 8c3a948..22e9249 100644
--- a/chrome/browser/plugin_process_host.h
+++ b/chrome/browser/plugin_process_host.h
@@ -1,4 +1,4 @@
-// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
+// Copyright (c) 2009 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
@@ -101,6 +101,8 @@ class PluginProcessHost : public ChildProcessHost,
   void OnGetPluginFinderUrl(std::string* plugin_finder_url);
   void OnGetCookies(uint32 request_context, const GURL& url,
                     std::string* cookies);
+  void OnAccessFiles(int process_id, const std::vector<std::string>& files,
+                     bool* allowed);
   void OnResolveProxy(const GURL& url, IPC::Message* reply_msg);
   void OnPluginMessage(const std::vector<uint8>& data);