diff options
| author | bauerb@chromium.org <bauerb@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-08-30 17:05:34 +0000 |
|---|---|---|
| committer | bauerb@chromium.org <bauerb@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-08-30 17:05:34 +0000 |
| commit | 5e45686bbb4cf67e111bde33d55f936cd133b6a1 (patch) | |
| tree | 471f0827b4c88fd88883f35661c073cf1fc83d2f /chrome | |
| parent | 42a614dd5fe677fd2b98e3b7615c6b2cd733f60b (diff) | |
| download | chromium_src-5e45686bbb4cf67e111bde33d55f936cd133b6a1.zip chromium_src-5e45686bbb4cf67e111bde33d55f936cd133b6a1.tar.gz chromium_src-5e45686bbb4cf67e111bde33d55f936cd133b6a1.tar.bz2 | |
Move --block-nonsandboxed-plugins command line switch to preferences.
BUG=53812
TEST=none
Review URL: http://codereview.chromium.org/3217009
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@57872 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome')
| -rw-r--r-- | chrome/app/generated_resources.grd | 5 | ||||
| -rw-r--r-- | chrome/browser/host_content_settings_map.cc | 27 | ||||
| -rw-r--r-- | chrome/browser/host_content_settings_map.h | 7 | ||||
| -rw-r--r-- | chrome/browser/renderer_host/resource_message_filter.cc | 11 | ||||
| -rw-r--r-- | chrome/common/pref_names.cc | 3 | ||||
| -rw-r--r-- | chrome/common/pref_names.h | 1 | ||||
| -rw-r--r-- | chrome/common/render_messages_internal.h | 3 | ||||
| -rw-r--r-- | chrome/renderer/render_view.cc | 5 |
8 files changed, 53 insertions, 9 deletions
diff --git a/chrome/app/generated_resources.grd b/chrome/app/generated_resources.grd index dbf566e..032b723 100644 --- a/chrome/app/generated_resources.grd +++ b/chrome/app/generated_resources.grd @@ -4617,7 +4617,10 @@ Keep your key file in a safe place. You will need it to create new versions of y Plug-in Settings: </message> <message name="IDS_PLUGIN_LOAD_RADIO" desc="A radio button in the Content Settings dialog for allowing plug-ins use on any site."> - Allow all sites to use plug-ins (recommended) + Allow all sites to use all plug-ins (recommended) + </message> + <message name="IDS_PLUGIN_LOAD_SANDBOXED_RADIO" desc="A radio button in the Content Settings dialog for allowing sandboxed plug-ins on any site."> + Allow only sandboxed plug-ins </message> <message name="IDS_PLUGIN_NOLOAD_RADIO" desc="A radio button in the Content Settings dialog for preventing plug-ins use on any site."> Do not allow any site to use plug-ins diff --git a/chrome/browser/host_content_settings_map.cc b/chrome/browser/host_content_settings_map.cc index b44485d..6b791c3 100644 --- a/chrome/browser/host_content_settings_map.cc +++ b/chrome/browser/host_content_settings_map.cc @@ -212,6 +212,8 @@ HostContentSettingsMap::HostContentSettingsMap(Profile* profile) // Read misc. global settings. block_third_party_cookies_ = prefs->GetBoolean(prefs::kBlockThirdPartyCookies); + block_nonsandboxed_plugins_ = + prefs->GetBoolean(prefs::kBlockNonsandboxedPlugins); // Verify preferences version. if (!prefs->HasPrefPath(prefs::kContentSettingsVersion)) { @@ -241,6 +243,7 @@ void HostContentSettingsMap::RegisterUserPrefs(PrefService* prefs) { kContentSettingsPatternVersion); prefs->RegisterDictionaryPref(prefs::kContentSettingsPatterns); prefs->RegisterBooleanPref(prefs::kBlockThirdPartyCookies, false); + prefs->RegisterBooleanPref(prefs::kBlockNonsandboxedPlugins, false); prefs->RegisterIntegerPref(prefs::kContentSettingsWindowLastTabIndex, 0); // Obsolete prefs, for migration: @@ -682,6 +685,28 @@ void HostContentSettingsMap::SetBlockThirdPartyCookies(bool block) { prefs->ClearPref(prefs::kBlockThirdPartyCookies); } +void HostContentSettingsMap::SetBlockNonsandboxedPlugins(bool block) { + DCHECK(ChromeThread::CurrentlyOn(ChromeThread::UI)); + + // This setting may not be directly modified for OTR sessions. Instead, it + // is synced to the main profile's setting. + if (is_off_the_record_) { + NOTREACHED(); + return; + } + + { + AutoLock auto_lock(lock_); + block_nonsandboxed_plugins_ = block; + } + + PrefService* prefs = profile_->GetPrefs(); + if (block) + prefs->SetBoolean(prefs::kBlockNonsandboxedPlugins, true); + else + prefs->ClearPref(prefs::kBlockNonsandboxedPlugins); +} + void HostContentSettingsMap::ResetToDefaults() { DCHECK(ChromeThread::CurrentlyOn(ChromeThread::UI)); @@ -692,6 +717,7 @@ void HostContentSettingsMap::ResetToDefaults() { host_content_settings_.clear(); off_the_record_settings_.clear(); block_third_party_cookies_ = false; + block_nonsandboxed_plugins_ = false; } if (!is_off_the_record_) { @@ -700,6 +726,7 @@ void HostContentSettingsMap::ResetToDefaults() { prefs->ClearPref(prefs::kDefaultContentSettings); prefs->ClearPref(prefs::kContentSettingsPatterns); prefs->ClearPref(prefs::kBlockThirdPartyCookies); + prefs->ClearPref(prefs::kBlockNonsandboxedPlugins); updating_preferences_ = false; NotifyObservers( ContentSettingsDetails(Pattern(), CONTENT_SETTINGS_TYPE_DEFAULT, "")); diff --git a/chrome/browser/host_content_settings_map.h b/chrome/browser/host_content_settings_map.h index 0bf8044..2be7e23 100644 --- a/chrome/browser/host_content_settings_map.h +++ b/chrome/browser/host_content_settings_map.h @@ -219,6 +219,12 @@ class HostContentSettingsMap // This should only be called on the UI thread. void SetBlockThirdPartyCookies(bool block); + bool GetBlockNonsandboxedPlugins() const { + return block_nonsandboxed_plugins_; + } + + void SetBlockNonsandboxedPlugins(bool block); + // Resets all settings levels. // // This should only be called on the UI thread. @@ -293,6 +299,7 @@ class HostContentSettingsMap // Misc global settings. bool block_third_party_cookies_; + bool block_nonsandboxed_plugins_; // Used around accesses to the settings objects to guarantee thread safety. mutable Lock lock_; diff --git a/chrome/browser/renderer_host/resource_message_filter.cc b/chrome/browser/renderer_host/resource_message_filter.cc index bdef995..caed317 100644 --- a/chrome/browser/renderer_host/resource_message_filter.cc +++ b/chrome/browser/renderer_host/resource_message_filter.cc @@ -784,10 +784,13 @@ void ResourceMessageFilter::OnGetPluginInfo(const GURL& url, #endif *setting = map->GetNonDefaultContentSetting( policy_url, CONTENT_SETTINGS_TYPE_PLUGINS, resource); - if (*setting == CONTENT_SETTING_DEFAULT && - map->GetDefaultContentSetting(CONTENT_SETTINGS_TYPE_PLUGINS) == - CONTENT_SETTING_BLOCK) { - *setting = CONTENT_SETTING_BLOCK; + if (*setting == CONTENT_SETTING_DEFAULT) { + ContentSetting defaultContentSetting = + map->GetDefaultContentSetting(CONTENT_SETTINGS_TYPE_PLUGINS); + if (defaultContentSetting == CONTENT_SETTING_BLOCK || + !map->GetBlockNonsandboxedPlugins()) { + *setting = defaultContentSetting; + } } } } diff --git a/chrome/common/pref_names.cc b/chrome/common/pref_names.cc index 4e591a7..2dcc3db 100644 --- a/chrome/common/pref_names.cc +++ b/chrome/common/pref_names.cc @@ -485,6 +485,9 @@ const char kContentSettingsPatterns[] = "profile.content_settings.patterns"; // regardless of other content settings. const char kBlockThirdPartyCookies[] = "profile.block_third_party_cookies"; +// Boolean that is true if non-sandboxed plug-ins should be blocked. +const char kBlockNonsandboxedPlugins[] = "profile.block_nonsandboxed_plugins"; + // Boolean that is true when all locally stored site data (e.g. cookies, local // storage, etc..) should be deleted on exit. const char kClearSiteDataOnExit[] = "profile.clear_site_data_on_exit"; diff --git a/chrome/common/pref_names.h b/chrome/common/pref_names.h index 0ff87c6..4a02534 100644 --- a/chrome/common/pref_names.h +++ b/chrome/common/pref_names.h @@ -187,6 +187,7 @@ extern const char kPerHostContentSettings[]; // OBSOLETE extern const char kContentSettingsVersion[]; extern const char kContentSettingsPatterns[]; extern const char kBlockThirdPartyCookies[]; +extern const char kBlockNonsandboxedPlugins[]; extern const char kClearSiteDataOnExit[]; extern const char kPerHostZoomLevels[]; extern const char kAutoFillEnabled[]; diff --git a/chrome/common/render_messages_internal.h b/chrome/common/render_messages_internal.h index 3b0a13f..1c65934 100644 --- a/chrome/common/render_messages_internal.h +++ b/chrome/common/render_messages_internal.h @@ -1303,7 +1303,8 @@ IPC_BEGIN_MESSAGES(ViewHost) // content settings for |policy_url|. It still appears in navigator.plugins in // Javascript though, and can be loaded via click-to-play. // If |setting| is set to CONTENT_SETTING_ALLOW, the domain is explicitly - // white-listed for the plug-in. + // white-listed for the plug-in, or the user has chosen not to block + // nonsandboxed plugins. // If |setting| is set to CONTENT_SETTING_DEFAULT, the plug-in is neither // blocked nor white-listed, which means that it's allowed by default and // can still be blocked if it's non-sandboxed. diff --git a/chrome/renderer/render_view.cc b/chrome/renderer/render_view.cc index 71dd537..5af03eb 100644 --- a/chrome/renderer/render_view.cc +++ b/chrome/renderer/render_view.cc @@ -2364,9 +2364,8 @@ WebPlugin* RenderView::createPlugin(WebFrame* frame, PepperPluginRegistry::GetInstance()->GetModule(info.path); if (pepper_module) return CreatePepperPlugin(frame, params, info.path, pepper_module.get()); - if (CommandLine::ForCurrentProcess()->HasSwitch( - switches::kBlockNonSandboxedPlugins) && - setting != CONTENT_SETTING_ALLOW) { + if (setting != CONTENT_SETTING_ALLOW) { + // If the host is not whitelisted for this plugin, block it. Send(new ViewHostMsg_NonSandboxedPluginBlocked(routing_id_, resource, group->GetGroupName())); |