DevTools: Implement raw cookies access for inspector.

Review URL: http://codereview.chromium.org/294025 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@30457 0039d316-1c4b-4281-b951-d872f2087c98
author: pfeldman@chromium.org <pfeldman@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2009-10-29 16:07:21 +0000
committer: pfeldman@chromium.org <pfeldman@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2009-10-29 16:07:21 +0000
commit: 971713ef6b3cb00c871a3420b890c0feeb80d605 (patch)
tree: 0df6925f83f162737a2b7813a5e19e7a6b8f228a /chrome/browser
parent: 2add77b802f0f5cab795a0a4d9ecb48003447d51 (diff)
download: chromium_src-971713ef6b3cb00c871a3420b890c0feeb80d605.zip
chromium_src-971713ef6b3cb00c871a3420b890c0feeb80d605.tar.gz
chromium_src-971713ef6b3cb00c871a3420b890c0feeb80d605.tar.bz2
5 files changed, 144 insertions, 27 deletions
diff --git a/chrome/browser/child_process_security_policy.cc b/chrome/browser/child_process_security_policy.cc
index 7f009e9..635e0cf 100644
--- a/chrome/browser/child_process_security_policy.cc
+++ b/chrome/browser/child_process_security_policy.cc
@@ -17,7 +17,9 @@
 // information.
 class ChildProcessSecurityPolicy::SecurityState {
  public:
-  SecurityState() : enabled_bindings_(0) { }
+  SecurityState()
+    : enabled_bindings_(0),
+      can_read_raw_cookies_(false) { }
   ~SecurityState() {
     scheme_policy_.clear();
   }
@@ -41,6 +43,14 @@ class ChildProcessSecurityPolicy::SecurityState {
     enabled_bindings_ |= bindings;
   }
 
+  void GrantReadRawCookies() {
+    can_read_raw_cookies_ = true;
+  }
+
+  void RevokeReadRawCookies() {
+    can_read_raw_cookies_ = false;
+  }
+
   // Determine whether permission has been granted to request url.
   // Schemes that have not been granted default to being denied.
   bool CanRequestURL(const GURL& url) {
@@ -66,6 +76,10 @@ class ChildProcessSecurityPolicy::SecurityState {
     return BindingsPolicy::is_extension_enabled(enabled_bindings_);
   }
 
+  bool can_read_raw_cookies() const {
+    return can_read_raw_cookies_;
+  }
+
  private:
   typedef std::map<std::string, bool> SchemeMap;
   typedef std::set<FilePath> FileSet;
@@ -82,6 +96,8 @@ class ChildProcessSecurityPolicy::SecurityState {
 
   int enabled_bindings_;
 
+  bool can_read_raw_cookies_;
+
   DISALLOW_COPY_AND_ASSIGN(SecurityState);
 };
 
@@ -252,6 +268,26 @@ void ChildProcessSecurityPolicy::GrantExtensionBindings(int renderer_id) {
   state->second->GrantBindings(BindingsPolicy::EXTENSION);
 }
 
+void ChildProcessSecurityPolicy::GrantReadRawCookies(int renderer_id) {
+  AutoLock lock(lock_);
+
+  SecurityStateMap::iterator state = security_state_.find(renderer_id);
+  if (state == security_state_.end())
+    return;
+
+  state->second->GrantReadRawCookies();
+}
+
+void ChildProcessSecurityPolicy::RevokeReadRawCookies(int renderer_id) {
+  AutoLock lock(lock_);
+
+  SecurityStateMap::iterator state = security_state_.find(renderer_id);
+  if (state == security_state_.end())
+    return;
+
+  state->second->RevokeReadRawCookies();
+}
+
 bool ChildProcessSecurityPolicy::CanRequestURL(
     int renderer_id, const GURL& url) {
   if (!url.is_valid())
@@ -325,3 +361,13 @@ bool ChildProcessSecurityPolicy::HasExtensionBindings(int renderer_id) {
 
   return state->second->has_extension_bindings();
 }
+
+bool ChildProcessSecurityPolicy::CanReadRawCookies(int renderer_id) {
+  AutoLock lock(lock_);
+
+  SecurityStateMap::iterator state = security_state_.find(renderer_id);
+  if (state == security_state_.end())
+    return false;
+
+  return state->second->can_read_raw_cookies();
+}
diff --git a/chrome/browser/child_process_security_policy.h b/chrome/browser/child_process_security_policy.h
index 402cd1b..9cde10a 100644
--- a/chrome/browser/child_process_security_policy.h
+++ b/chrome/browser/child_process_security_policy.h
@@ -80,6 +80,12 @@ class ChildProcessSecurityPolicy {
   // Grant this renderer the ability to use extension Bindings.
   void GrantExtensionBindings(int renderer_id);
 
+  // Grant this renderer the ability to read raw cookies.
+  void GrantReadRawCookies(int renderer_id);
+
+  // Revoke read raw cookies permission.
+  void RevokeReadRawCookies(int renderer_id);
+
   // Before servicing a renderer's request for a URL, the browser should call
   // this method to determine whether the renderer has the capability to
   // request the URL.
@@ -90,16 +96,19 @@ class ChildProcessSecurityPolicy {
   // capability to upload the requested file.
   bool CanUploadFile(int renderer_id, const FilePath& file);
 
-  // Returns true of the specified renderer_id has been granted DOMUIBindings.
+  // Returns true if the specified renderer_id has been granted DOMUIBindings.
   // The browser should check this property before assuming the renderer is
   // allowed to use DOMUIBindings.
   bool HasDOMUIBindings(int renderer_id);
 
-  // Returns true of the specified renderer_id has been granted DOMUIBindings.
+  // Returns true if the specified renderer_id has been granted DOMUIBindings.
   // The browser should check this property before assuming the renderer is
   // allowed to use extension bindings.
   bool HasExtensionBindings(int renderer_id);
 
+  // Returns true if the specified renderer_id has been granted ReadRawCookies.
+  bool CanReadRawCookies(int renderer_id);
+
  private:
   friend class ChildProcessSecurityPolicyInProcessBrowserTest;
   FRIEND_TEST(ChildProcessSecurityPolicyInProcessBrowserTest, NoLeak);
diff --git a/chrome/browser/debugger/devtools_manager.cc b/chrome/browser/debugger/devtools_manager.cc
index bff379c..cc8cb22 100644
--- a/chrome/browser/debugger/devtools_manager.cc
+++ b/chrome/browser/debugger/devtools_manager.cc
@@ -7,6 +7,7 @@
 #include "base/message_loop.h"
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/browsing_instance.h"
+#include "chrome/browser/child_process_security_policy.h"
 #include "chrome/browser/debugger/devtools_window.h"
 #include "chrome/browser/debugger/devtools_client_host.h"
 #include "chrome/browser/profile.h"
@@ -42,9 +43,8 @@ DevToolsClientHost* DevToolsManager::GetDevToolsClientHostFor(
     RenderViewHost* inspected_rvh) {
   InspectedRvhToClientHostMap::iterator it =
       inspected_rvh_to_client_host_.find(inspected_rvh);
-  if (it != inspected_rvh_to_client_host_.end()) {
+  if (it != inspected_rvh_to_client_host_.end())
     return it->second;
-  }
   return NULL;
 }
 
@@ -64,9 +64,8 @@ void DevToolsManager::ForwardToDevToolsAgent(
     RenderViewHost* client_rvh,
     const IPC::Message& message) {
   DevToolsClientHost* client_host = FindOnwerDevToolsClientHost(client_rvh);
-  if (client_host) {
+  if (client_host)
     ForwardToDevToolsAgent(client_host, message);
-  }
 }
 
 void DevToolsManager::ForwardToDevToolsAgent(DevToolsClientHost* from,
@@ -96,9 +95,9 @@ void DevToolsManager::ForwardToDevToolsClient(RenderViewHost* inspected_rvh,
 
 void DevToolsManager::ActivateWindow(RenderViewHost* client_rvh) {
   DevToolsClientHost* client_host = FindOnwerDevToolsClientHost(client_rvh);
-  if (!client_host) {
+  if (!client_host)
     return;
-  }
+
   DevToolsWindow* window = client_host->AsDevToolsWindow();
   DCHECK(window);
   window->Activate();
@@ -106,9 +105,8 @@ void DevToolsManager::ActivateWindow(RenderViewHost* client_rvh) {
 
 void DevToolsManager::CloseWindow(RenderViewHost* client_rvh) {
   DevToolsClientHost* client_host = FindOnwerDevToolsClientHost(client_rvh);
-  if (client_host) {
+  if (client_host)
     CloseWindow(client_host);
-  }
 }
 
 void DevToolsManager::DockWindow(RenderViewHost* client_rvh) {
@@ -147,9 +145,8 @@ void DevToolsManager::InspectElement(RenderViewHost* inspected_rvh,
 
 void DevToolsManager::ClientHostClosing(DevToolsClientHost* host) {
   RenderViewHost* inspected_rvh = GetInspectedRenderViewHost(host);
-  if (!inspected_rvh) {
+  if (!inspected_rvh)
     return;
-  }
   SendDetachToAgent(inspected_rvh);
 
   inspected_rvh_to_client_host_.erase(inspected_rvh);
@@ -160,26 +157,34 @@ RenderViewHost* DevToolsManager::GetInspectedRenderViewHost(
     DevToolsClientHost* client_host) {
   ClientHostToInspectedRvhMap::iterator it =
       client_host_to_inspected_rvh_.find(client_host);
-  if (it != client_host_to_inspected_rvh_.end()) {
+  if (it != client_host_to_inspected_rvh_.end())
     return it->second;
-  }
   return NULL;
 }
 
 void DevToolsManager::UnregisterDevToolsClientHostFor(
       RenderViewHost* inspected_rvh) {
   DevToolsClientHost* host = GetDevToolsClientHostFor(inspected_rvh);
-  if (!host) {
+  if (!host)
     return;
-  }
   inspected_rvh_to_client_host_.erase(inspected_rvh);
   client_host_to_inspected_rvh_.erase(host);
-  if (inspected_rvh_for_reopen_ == inspected_rvh) {
+  if (inspected_rvh_for_reopen_ == inspected_rvh)
     inspected_rvh_for_reopen_ = NULL;
-  }
 
   // Issue tab closing event post unbound.
   host->InspectedTabClosing();
+
+  int process_id = inspected_rvh->process()->id();
+  for (InspectedRvhToClientHostMap::iterator it =
+           inspected_rvh_to_client_host_.begin();
+       it != inspected_rvh_to_client_host_.end();
+       ++it) {
+    if (it->first->process()->id() == process_id)
+      return;
+  }
+  // We've disconnected from the last renderer -> revoke cookie permissions.
+  ChildProcessSecurityPolicy::GetInstance()->RevokeReadRawCookies(process_id);
 }
 
 void DevToolsManager::OnNavigatingToPendingEntry(RenderViewHost* rvh,
@@ -219,6 +224,8 @@ void DevToolsManager::OnNavigatingToPendingEntry(RenderViewHost* rvh,
 
 void DevToolsManager::SendAttachToAgent(RenderViewHost* inspected_rvh) {
   if (inspected_rvh) {
+    ChildProcessSecurityPolicy::GetInstance()->GrantReadRawCookies(
+        inspected_rvh->process()->id());
     IPC::Message* m = new DevToolsAgentMsg_Attach();
     m->set_routing_id(inspected_rvh->routing_id());
     inspected_rvh->Send(m);
@@ -249,21 +256,18 @@ DevToolsClientHost* DevToolsManager::FindOnwerDevToolsClientHost(
        it != inspected_rvh_to_client_host_.end();
        ++it) {
     DevToolsWindow* win = it->second->AsDevToolsWindow();
-    if (!win) {
+    if (!win)
       continue;
-    }
-    if (client_rvh == win->GetRenderViewHost()) {
+    if (client_rvh == win->GetRenderViewHost())
       return it->second;
-    }
   }
   return NULL;
 }
 
 void DevToolsManager::ReopenWindow(RenderViewHost* client_rvh, bool docked) {
   DevToolsClientHost* client_host = FindOnwerDevToolsClientHost(client_rvh);
-  if (!client_host) {
+  if (!client_host)
     return;
-  }
   RenderViewHost* inspected_rvh = GetInspectedRenderViewHost(client_host);
   DCHECK(inspected_rvh);
   inspected_rvh->process()->profile()->GetPrefs()->SetBoolean(
@@ -294,9 +298,8 @@ void DevToolsManager::ToggleDevToolsWindow(RenderViewHost* inspected_rvh,
     do_open = true;
   }
   DevToolsWindow* window = host->AsDevToolsWindow();
-  if (!window) {
+  if (!window)
     return;
-  }
 
   // If window is docked and visible, we hide it on toggle. If window is
   // undocked, we show (activate) it.
diff --git a/chrome/browser/renderer_host/resource_message_filter.cc b/chrome/browser/renderer_host/resource_message_filter.cc
index 046ea92..4d0d451 100644
--- a/chrome/browser/renderer_host/resource_message_filter.cc
+++ b/chrome/browser/renderer_host/resource_message_filter.cc
@@ -47,6 +47,7 @@
 #include "chrome/common/render_messages.h"
 #include "chrome/common/url_constants.h"
 #include "chrome/common/worker_messages.h"
+#include "net/base/cookie_monster.h"
 #include "net/base/keygen_handler.h"
 #include "net/base/mime_util.h"
 #include "net/base/load_flags.h"
@@ -295,6 +296,8 @@ bool ResourceMessageFilter::OnMessageReceived(const IPC::Message& msg) {
       IPC_MESSAGE_HANDLER(ViewHostMsg_CreateWidget, OnMsgCreateWidget)
       IPC_MESSAGE_HANDLER(ViewHostMsg_SetCookie, OnSetCookie)
       IPC_MESSAGE_HANDLER(ViewHostMsg_GetCookies, OnGetCookies)
+      IPC_MESSAGE_HANDLER(ViewHostMsg_GetRawCookies, OnGetRawCookies)
+      IPC_MESSAGE_HANDLER(ViewHostMsg_DeleteCookie, OnDeleteCookie)
 #if defined(OS_WIN)  // This hack is Windows-specific.
       IPC_MESSAGE_HANDLER(ViewHostMsg_LoadFont, OnLoadFont)
 #endif
@@ -502,6 +505,53 @@ void ResourceMessageFilter::OnGetCookies(const GURL& url,
     *cookies = context->cookie_store()->GetCookies(url);
 }
 
+void ResourceMessageFilter::OnGetRawCookies(
+    const GURL& url,
+    const GURL& first_party_for_cookies,
+    std::vector<webkit_glue::WebCookie>* raw_cookies) {
+  raw_cookies->clear();
+
+  URLRequestContext* context = GetRequestContextForURL(url);
+  net::CookieMonster* cookie_monster = context->cookie_store()->
+      GetCookieMonster();
+  if (!cookie_monster) {
+    NOTREACHED();
+    return;
+  }
+
+  if (!context->cookie_policy()->CanGetCookies(url, first_party_for_cookies))
+    return;
+
+  typedef std::vector<net::CookieMonster::CanonicalCookie> CanonicalCookieList;
+  CanonicalCookieList cookies;
+  cookie_monster->GetRawCookies(url, &cookies);
+  for (CanonicalCookieList::iterator it = cookies.begin();
+       it != cookies.end(); ++it) {
+     raw_cookies->push_back(
+         webkit_glue::WebCookie(
+             it->Name(),
+             it->Value(),
+             url.host(),
+             it->Path(),
+             it->ExpiryDate().ToDoubleT() * 1000,
+             it->IsHttpOnly(),
+             it->IsSecure(),
+             !it->IsPersistent()));
+  }
+}
+
+void ResourceMessageFilter::OnDeleteCookie(const GURL& url,
+                                           const std::string& cookie_name)
+{
+  URLRequestContext* context = GetRequestContextForURL(url);
+  net::CookieMonster* cookie_monster = context->cookie_store()->
+      GetCookieMonster();
+  if (!cookie_monster)
+    return;
+
+  cookie_monster->DeleteCookie(url, cookie_name);
+}
+
 #if defined(OS_WIN)  // This hack is Windows-specific.
 void ResourceMessageFilter::OnLoadFont(LOGFONT font) {
   // If renderer is running in a sandbox, GetTextMetrics
diff --git a/chrome/browser/renderer_host/resource_message_filter.h b/chrome/browser/renderer_host/resource_message_filter.h
index 0134c37..1a91466 100644
--- a/chrome/browser/renderer_host/resource_message_filter.h
+++ b/chrome/browser/renderer_host/resource_message_filter.h
@@ -50,6 +50,10 @@ class PrinterQuery;
 class PrintJobManager;
 }
 
+namespace webkit_glue {
+struct WebCookie;
+}
+
 namespace WebKit {
 struct WebScreenInfo;
 }
@@ -124,6 +128,11 @@ class ResourceMessageFilter : public IPC::ChannelProxy::MessageFilter,
   void OnGetCookies(const GURL& url,
                     const GURL& first_party_for_cookies,
                     std::string* cookies);
+  void OnGetRawCookies(const GURL& url,
+                       const GURL& first_party_for_cookies,
+                       std::vector<webkit_glue::WebCookie>* raw_cookies);
+  void OnDeleteCookie(const GURL& url,
+                      const std::string& cookieName);
   void OnPluginFileDialog(const IPC::Message& msg,
                           bool multiple_files,
                           const std::wstring& title,
author	pfeldman@chromium.org <pfeldman@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2009-10-29 16:07:21 +0000
committer	pfeldman@chromium.org <pfeldman@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2009-10-29 16:07:21 +0000
commit	971713ef6b3cb00c871a3420b890c0feeb80d605 (patch)
tree	0df6925f83f162737a2b7813a5e19e7a6b8f228a /chrome/browser
parent	2add77b802f0f5cab795a0a4d9ecb48003447d51 (diff)
download	chromium_src-971713ef6b3cb00c871a3420b890c0feeb80d605.zip chromium_src-971713ef6b3cb00c871a3420b890c0feeb80d605.tar.gz chromium_src-971713ef6b3cb00c871a3420b890c0feeb80d605.tar.bz2