Restrict platform app access to WebKit features by modifying JS bindings.

BUG=119751 TEST=PlatformAppBrowserTest.* Review URL: http://codereview.chromium.org/9963019 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@130946 0039d316-1c4b-4281-b951-d872f2087c98
author: jstritar@chromium.org <jstritar@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2012-04-05 16:50:12 +0000
committer: jstritar@chromium.org <jstritar@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2012-04-05 16:50:12 +0000
commit: c0cecd1fb74b856db81c03eac8b39078add7e53f (patch)
tree: 6f41a94d1468b1d48dea78417e556ffdad7c3e57 /chrome/renderer
parent: a1ed3c8d69b5e63bb65c9dea31391fd747a7c2a2 (diff)
download: chromium_src-c0cecd1fb74b856db81c03eac8b39078add7e53f.zip
chromium_src-c0cecd1fb74b856db81c03eac8b39078add7e53f.tar.gz
chromium_src-c0cecd1fb74b856db81c03eac8b39078add7e53f.tar.bz2
4 files changed, 51 insertions, 0 deletions
diff --git a/chrome/renderer/extensions/extension_dispatcher.cc b/chrome/renderer/extensions/extension_dispatcher.cc
index 561cb04..eb320fd 100644
--- a/chrome/renderer/extensions/extension_dispatcher.cc
+++ b/chrome/renderer/extensions/extension_dispatcher.cc
@@ -527,6 +527,7 @@ void ExtensionDispatcher::PopulateSourceMap() {
   source_map_.RegisterSource("pageAction", IDR_PAGE_ACTION_CUSTOM_BINDINGS_JS);
   source_map_.RegisterSource("pageCapture",
                              IDR_PAGE_CAPTURE_CUSTOM_BINDINGS_JS);
+  source_map_.RegisterSource("platformApp", IDR_PLATFORM_APP_JS);
   source_map_.RegisterSource("storage", IDR_STORAGE_CUSTOM_BINDINGS_JS);
   source_map_.RegisterSource("tabs", IDR_TABS_CUSTOM_BINDINGS_JS);
   source_map_.RegisterSource("tts", IDR_TTS_CUSTOM_BINDINGS_JS);
@@ -657,6 +658,11 @@ void ExtensionDispatcher::DidCreateScriptContext(
     InstallBindings(module_system.get(), v8_context, "extension");
   }
 
+  // Inject custom JS into the platform app context to block certain features
+  // of the document and window.
+  if (extension && extension->is_platform_app())
+    module_system->Require("platformApp");
+
   context->set_module_system(module_system.Pass());
 
   context->DispatchOnLoadEvent(
diff --git a/chrome/renderer/renderer_resources.grd b/chrome/renderer/renderer_resources.grd
index 08a7a8f..599d2dd 100644
--- a/chrome/renderer/renderer_resources.grd
+++ b/chrome/renderer/renderer_resources.grd
@@ -22,6 +22,7 @@ without changes to the corresponding grd file. fb9 -->
       <include name="IDR_MISCELLANEOUS_BINDINGS_JS" file="resources\extensions\miscellaneous_bindings.js" type="BINDATA" />
       <include name="IDR_NET_ERROR_HTML" file="resources\neterror.html" flattenhtml="true" type="BINDATA" />
       <include name="IDR_PLATFORM_APP_CSS" file="resources\extensions\platform_app.css" type="BINDATA" />
+      <include name="IDR_PLATFORM_APP_JS" file="resources\extensions\platform_app.js" type="BINDATA" />
       <include name="IDR_SAD_PLUGIN" file="resources\sadplugin.png" type="BINDATA" />
       <include name="IDR_SCHEMA_GENERATED_BINDINGS_JS" file="resources\extensions\schema_generated_bindings.js" type="BINDATA" />
 
diff --git a/chrome/renderer/resources/extensions/platform_app.css b/chrome/renderer/resources/extensions/platform_app.css
index fddbe16..3216539 100644
--- a/chrome/renderer/resources/extensions/platform_app.css
+++ b/chrome/renderer/resources/extensions/platform_app.css
@@ -1,4 +1,8 @@
 /*
+ * Copyright (c) 2012 The Chromium Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
  * A style sheet for Chrome platform apps.
  */
 
diff --git a/chrome/renderer/resources/extensions/platform_app.js b/chrome/renderer/resources/extensions/platform_app.js
new file mode 100644
index 0000000..3660a81
--- /dev/null
+++ b/chrome/renderer/resources/extensions/platform_app.js
@@ -0,0 +1,40 @@
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+var errorMsg = 'Not available for platform apps.';
+var stub = function() { throw errorMsg; };
+
+// Disable document.open|close|write.
+document.open = stub;
+document.close = stub;
+document.write = stub;
+
+// Disable history.
+window.history = {
+  open: stub,
+  back: stub,
+  forward: stub,
+  go: stub,
+  pushState: stub,
+  replaceState: stub,
+  get length() { throw errorMsg; },
+  get state() { throw errorMsg; }
+};
+
+// Disable find.
+window.find = stub;
+
+// Disable modal dialogs.
+window.alert = stub;
+window.confirm = stub;
+window.prompt = stub;
+
+// Disable window.*bar.
+var stubBar = { get visible() { throw errorMsg; } };
+window.locationbar = stubBar;
+window.menubar = stubBar;
+window.personalbar = stubBar;
+window.scrollbars = stubBar;
+window.statusbar = stubBar;
+window.toolbar = stubBar;
author	jstritar@chromium.org <jstritar@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2012-04-05 16:50:12 +0000
committer	jstritar@chromium.org <jstritar@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2012-04-05 16:50:12 +0000
commit	c0cecd1fb74b856db81c03eac8b39078add7e53f (patch)
tree	6f41a94d1468b1d48dea78417e556ffdad7c3e57 /chrome/renderer
parent	a1ed3c8d69b5e63bb65c9dea31391fd747a7c2a2 (diff)
download	chromium_src-c0cecd1fb74b856db81c03eac8b39078add7e53f.zip chromium_src-c0cecd1fb74b856db81c03eac8b39078add7e53f.tar.gz chromium_src-c0cecd1fb74b856db81c03eac8b39078add7e53f.tar.bz2