summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--chrome/browser/plugin_service.cc3
-rw-r--r--chrome/common/extensions/extension.cc2
-rw-r--r--chrome/common/extensions/extension.h1
-rw-r--r--chrome/renderer/render_process_impl.cc14
-rw-r--r--chrome/renderer/render_view.cc24
5 files changed, 32 insertions, 12 deletions
diff --git a/chrome/browser/plugin_service.cc b/chrome/browser/plugin_service.cc
index f6ecaac..1b36382 100644
--- a/chrome/browser/plugin_service.cc
+++ b/chrome/browser/plugin_service.cc
@@ -104,8 +104,7 @@ PluginService::PluginService()
}
#ifndef DISABLE_NACL
- if (command_line->HasSwitch(switches::kInternalNaCl))
- RegisterInternalNaClPlugin();
+ RegisterInternalNaClPlugin();
#endif
chrome::RegisterInternalGPUPlugin();
diff --git a/chrome/common/extensions/extension.cc b/chrome/common/extensions/extension.cc
index 6d6c05d..82cfe9f 100644
--- a/chrome/common/extensions/extension.cc
+++ b/chrome/common/extensions/extension.cc
@@ -128,6 +128,7 @@ const char* Extension::kIdlePermission = "idle";
const char* Extension::kNotificationPermission = "notifications";
const char* Extension::kTabPermission = "tabs";
const char* Extension::kUnlimitedStoragePermission = "unlimited_storage";
+const char* Extension::kNativeClientPermission = "native_client";
const char* Extension::kPermissionNames[] = {
Extension::kBackgroundPermission,
@@ -141,6 +142,7 @@ const char* Extension::kPermissionNames[] = {
Extension::kNotificationPermission,
Extension::kTabPermission,
Extension::kUnlimitedStoragePermission,
+ Extension::kNativeClientPermission,
};
const size_t Extension::kNumPermissions =
arraysize(Extension::kPermissionNames);
diff --git a/chrome/common/extensions/extension.h b/chrome/common/extensions/extension.h
index f81974d..8f15faf 100644
--- a/chrome/common/extensions/extension.h
+++ b/chrome/common/extensions/extension.h
@@ -106,6 +106,7 @@ class Extension {
static const char* kNotificationPermission;
static const char* kTabPermission;
static const char* kUnlimitedStoragePermission;
+ static const char* kNativeClientPermission;
static const char* kPermissionNames[];
static const size_t kNumPermissions;
diff --git a/chrome/renderer/render_process_impl.cc b/chrome/renderer/render_process_impl.cc
index 59fe985..34f3ef8 100644
--- a/chrome/renderer/render_process_impl.cc
+++ b/chrome/renderer/render_process_impl.cc
@@ -184,14 +184,12 @@ RenderProcessImpl::RenderProcessImpl()
}
#ifndef DISABLE_NACL
- if (command_line.HasSwitch(switches::kInternalNaCl)) {
- std::map<std::string, uintptr_t> funcs;
- funcs["launch_nacl_process"] =
- reinterpret_cast<uintptr_t>(LaunchNaClProcess);
- funcs["launch_nacl_process_multi_fd"] =
- reinterpret_cast<uintptr_t>(LaunchNaClProcessMultiFD);
- RegisterInternalNaClPlugin(funcs);
- }
+ std::map<std::string, uintptr_t> funcs;
+ funcs["launch_nacl_process"] =
+ reinterpret_cast<uintptr_t>(LaunchNaClProcess);
+ funcs["launch_nacl_process_multi_fd"] =
+ reinterpret_cast<uintptr_t>(LaunchNaClProcessMultiFD);
+ RegisterInternalNaClPlugin(funcs);
#endif
if (!command_line.HasSwitch(switches::kDisableByteRangeSupport)) {
diff --git a/chrome/renderer/render_view.cc b/chrome/renderer/render_view.cc
index e77d6a9..30339df 100644
--- a/chrome/renderer/render_view.cc
+++ b/chrome/renderer/render_view.cc
@@ -3247,8 +3247,28 @@ webkit_glue::WebPluginDelegate* RenderView::CreatePluginDelegate(
}
// Check for Native Client modules.
- if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kInternalNaCl)) {
- if (mime_type == "application/x-nacl-srpc") {
+ if (mime_type == "application/x-nacl-srpc") {
+ // NaCl is only permitted when we're in an extension/application with the
+ // appropriate permission, or when explicitly enabled on the command line.
+
+ // TODO(cbiffle): need browser test for this before M7 (bug 45881)
+ GURL main_frame_url(webview()->mainFrame()->url());
+ const std::string &extension_id =
+ RenderThread::current()->GetExtensionIdByURL(main_frame_url);
+ bool in_ext = extension_id != "";
+ bool explicit_enable =
+ CommandLine::ForCurrentProcess()->HasSwitch(switches::kInternalNaCl);
+
+ if (in_ext) {
+ if (ExtensionProcessBindings::HasPermission(extension_id,
+ Extension::kNativeClientPermission)) {
+ in_process_plugin = true;
+ use_pepper_host = true;
+ } else {
+ // Disable NaCl for apps lacking the permission, even with the flag.
+ return NULL;
+ }
+ } else if (explicit_enable) {
in_process_plugin = true;
use_pepper_host = true;
}
generated by cgit v1.1 at 2025-01-18 18:36:34 +0000