diff options
| author | bauerb@chromium.org <bauerb@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-11-03 15:43:01 +0000 |
|---|---|---|
| committer | bauerb@chromium.org <bauerb@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-11-03 15:43:01 +0000 |
| commit | 123a049615ac055099d09f9797d856b64b726c0d (patch) | |
| tree | 5d6b0b64b61e7c0f2825521cb67547685be0f7fd /webkit | |
| parent | adf6b2e17687fc42a548898fb27347e74cb73918 (diff) | |
| download | chromium_src-123a049615ac055099d09f9797d856b64b726c0d.zip chromium_src-123a049615ac055099d09f9797d856b64b726c0d.tar.gz chromium_src-123a049615ac055099d09f9797d856b64b726c0d.tar.bz2 | |
Handle plugin MIME type mismatches in PluginList instead of ChromeContentRendererClient.
This allows the default plug-in (or the missing plug-in placeholder) to handle the MIME type.
BUG=102664
TEST=see bug
Review URL: http://codereview.chromium.org/8439043
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@108469 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'webkit')
| -rw-r--r-- | webkit/plugins/npapi/plugin_list.cc | 30 |
1 files changed, 27 insertions, 3 deletions
diff --git a/webkit/plugins/npapi/plugin_list.cc b/webkit/plugins/npapi/plugin_list.cc index ccc91dd..00d069e 100644 --- a/webkit/plugins/npapi/plugin_list.cc +++ b/webkit/plugins/npapi/plugin_list.cc @@ -20,6 +20,31 @@ #include "webkit/plugins/npapi/plugin_lib.h" #include "webkit/plugins/plugin_switches.h" +namespace { + +static const char kApplicationOctetStream[] = "application/octet-stream"; + +base::LazyInstance<webkit::npapi::PluginList> g_singleton( + base::LINKER_INITIALIZED); + +bool AllowMimeTypeMismatch(const std::string& orig_mime_type, + const std::string& actual_mime_type) { + if (orig_mime_type == actual_mime_type) { + NOTREACHED(); + return true; + } + + // We do not permit URL-sniff based plug-in MIME type overrides aside from + // the case where the "type" was initially missing or generic + // (application/octet-stream). + // We collected stats to determine this approach isn't a major compat issue, + // and we defend against content confusion attacks in various cases, such + // as when the user doesn't have the Flash plug-in enabled. + return orig_mime_type.empty() || orig_mime_type == kApplicationOctetStream; +} + +} + namespace webkit { namespace npapi { @@ -175,8 +200,6 @@ static const PluginGroupDefinition kGroupDefinitions[] = { }; #endif -base::LazyInstance<PluginList> g_singleton(base::LINKER_INITIALIZED); - // static PluginList* PluginList::Singleton() { return g_singleton.Pointer(); @@ -574,7 +597,8 @@ void PluginList::GetPluginInfoArray( if (SupportsExtension(plugins[i], extension, &actual_mime_type)) { FilePath path = plugins[i].path; if (path.value() != kDefaultPluginLibraryName && - visited_plugins.insert(path).second) { + visited_plugins.insert(path).second && + AllowMimeTypeMismatch(mime_type, actual_mime_type)) { info->push_back(plugins[i]); if (actual_mime_types) actual_mime_types->push_back(actual_mime_type); |