diff options
| -rw-r--r-- | chrome/chrome_renderer.gypi | 2 | ||||
| -rw-r--r-- | chrome/renderer/chrome_content_renderer_client.cc | 8 | ||||
| -rw-r--r-- | chrome/renderer/chrome_content_renderer_client.h | 3 | ||||
| -rw-r--r-- | chrome/renderer/worker_permission_client_proxy.cc | 63 | ||||
| -rw-r--r-- | chrome/renderer/worker_permission_client_proxy.h | 52 | ||||
| -rw-r--r-- | content/content_worker.gypi | 2 | ||||
| -rw-r--r-- | content/public/renderer/content_renderer_client.cc | 6 | ||||
| -rw-r--r-- | content/public/renderer/content_renderer_client.h | 6 | ||||
| -rw-r--r-- | content/renderer/render_frame_impl.cc | 8 | ||||
| -rw-r--r-- | content/renderer/render_frame_impl.h | 2 | ||||
| -rw-r--r-- | content/worker/shared_worker_permission_client_proxy.cc | 52 | ||||
| -rw-r--r-- | content/worker/shared_worker_permission_client_proxy.h | 45 | ||||
| -rw-r--r-- | content/worker/websharedworkerclient_proxy.cc | 35 | ||||
| -rw-r--r-- | content/worker/websharedworkerclient_proxy.h | 6 |
14 files changed, 270 insertions, 20 deletions
diff --git a/chrome/chrome_renderer.gypi b/chrome/chrome_renderer.gypi index 04a471a..6f57afe 100644 --- a/chrome/chrome_renderer.gypi +++ b/chrome/chrome_renderer.gypi @@ -351,6 +351,8 @@ 'renderer/web_apps.h', 'renderer/webview_color_overlay.cc', 'renderer/webview_color_overlay.h', + 'renderer/worker_permission_client_proxy.cc', + 'renderer/worker_permission_client_proxy.h', ], 'conditions': [ ['disable_nacl!=1', { diff --git a/chrome/renderer/chrome_content_renderer_client.cc b/chrome/renderer/chrome_content_renderer_client.cc index 8c366d3..e026cf5 100644 --- a/chrome/renderer/chrome_content_renderer_client.cc +++ b/chrome/renderer/chrome_content_renderer_client.cc @@ -63,6 +63,7 @@ #include "chrome/renderer/searchbox/searchbox_extension.h" #include "chrome/renderer/tts_dispatcher.h" #include "chrome/renderer/validation_message_agent.h" +#include "chrome/renderer/worker_permission_client_proxy.h" #include "components/autofill/content/renderer/autofill_agent.h" #include "components/autofill/content/renderer/password_autofill_agent.h" #include "components/autofill/content/renderer/password_generation_agent.h" @@ -1396,4 +1397,11 @@ bool ChromeContentRendererClient::ShouldEnableSiteIsolationPolicy() const { return !command_line->HasSwitch(switches::kExtensionProcess); } +WebKit::WebWorkerPermissionClientProxy* +ChromeContentRendererClient::CreateWorkerPermissionClientProxy( + content::RenderView* render_view, + WebKit::WebFrame* frame) { + return new WorkerPermissionClientProxy(render_view, frame); +} + } // namespace chrome diff --git a/chrome/renderer/chrome_content_renderer_client.h b/chrome/renderer/chrome_content_renderer_client.h index 733b982..0b8aa6b 100644 --- a/chrome/renderer/chrome_content_renderer_client.h +++ b/chrome/renderer/chrome_content_renderer_client.h @@ -142,6 +142,9 @@ class ChromeContentRendererClient : public content::ContentRendererClient { virtual bool ShouldReportDetailedMessageForSource( const base::string16& source) const OVERRIDE; virtual bool ShouldEnableSiteIsolationPolicy() const OVERRIDE; + virtual WebKit::WebWorkerPermissionClientProxy* + CreateWorkerPermissionClientProxy(content::RenderView* render_view, + WebKit::WebFrame* frame) OVERRIDE; virtual bool AllowPepperMediaStreamAPI(const GURL& url) OVERRIDE; virtual void AddKeySystems( std::vector<content::KeySystemInfo>* key_systems) OVERRIDE; diff --git a/chrome/renderer/worker_permission_client_proxy.cc b/chrome/renderer/worker_permission_client_proxy.cc new file mode 100644 index 0000000..f7a0a79 --- /dev/null +++ b/chrome/renderer/worker_permission_client_proxy.cc @@ -0,0 +1,63 @@ +// Copyright 2013 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "chrome/common/render_messages.h" +#include "chrome/renderer/worker_permission_client_proxy.h" +#include "content/public/renderer/render_thread.h" +#include "content/public/renderer/render_view.h" +#include "ipc/ipc_sync_message_filter.h" +#include "third_party/WebKit/public/web/WebDocument.h" +#include "third_party/WebKit/public/web/WebFrame.h" +#include "third_party/WebKit/public/web/WebSecurityOrigin.h" + +WorkerPermissionClientProxy::WorkerPermissionClientProxy( + content::RenderView* render_view, + WebKit::WebFrame* frame) + : routing_id_(render_view->GetRoutingID()), + is_unique_origin_(false) { + if (frame->document().securityOrigin().isUnique() || + frame->top()->document().securityOrigin().isUnique()) + is_unique_origin_ = true; + sync_message_filter_ = content::RenderThread::Get()->GetSyncMessageFilter(); + document_origin_url_ = GURL(frame->document().securityOrigin().toString()); + top_frame_origin_url_ = GURL( + frame->top()->document().securityOrigin().toString()); +} + +WorkerPermissionClientProxy::~WorkerPermissionClientProxy() {} + +bool WorkerPermissionClientProxy::allowDatabase( + const WebKit::WebString& name, + const WebKit::WebString& display_name, + unsigned long estimated_size) { + if (is_unique_origin_) + return false; + + bool result = false; + sync_message_filter_->Send(new ChromeViewHostMsg_AllowDatabase( + routing_id_, document_origin_url_, top_frame_origin_url_, + name, display_name, &result)); + return result; +} + +bool WorkerPermissionClientProxy::allowFileSystem() { + if (is_unique_origin_) + return false; + + bool result = false; + sync_message_filter_->Send(new ChromeViewHostMsg_AllowFileSystem( + routing_id_, document_origin_url_, top_frame_origin_url_, &result)); + return result; +} + +bool WorkerPermissionClientProxy::allowIndexedDB( + const WebKit::WebString& name) { + if (is_unique_origin_) + return false; + + bool result = false; + sync_message_filter_->Send(new ChromeViewHostMsg_AllowIndexedDB( + routing_id_, document_origin_url_, top_frame_origin_url_, name, &result)); + return result; +} diff --git a/chrome/renderer/worker_permission_client_proxy.h b/chrome/renderer/worker_permission_client_proxy.h new file mode 100644 index 0000000..c28e18a --- /dev/null +++ b/chrome/renderer/worker_permission_client_proxy.h @@ -0,0 +1,52 @@ +// Copyright 2013 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef CHROME_RENDERER_WORKER_PERMISSION_CLIENT_PROXY_H_ +#define CHROME_RENDERER_WORKER_PERMISSION_CLIENT_PROXY_H_ + +#include "base/basictypes.h" +#include "base/memory/ref_counted.h" +#include "third_party/WebKit/public/web/WebWorkerPermissionClientProxy.h" +#include "url/gurl.h" + +namespace IPC { +class SyncMessageFilter; +} + +namespace content { +class RenderView; +} + +namespace WebKit { +class WebFrame; +} + +// This proxy is created on the main renderer thread then passed onto +// the blink's worker thread. +class WorkerPermissionClientProxy + : public WebKit::WebWorkerPermissionClientProxy { + public: + WorkerPermissionClientProxy(content::RenderView* render_view, + WebKit::WebFrame* frame); + virtual ~WorkerPermissionClientProxy(); + + // WebWorkerPermissionClientProxy overrides. + virtual bool allowDatabase(const WebKit::WebString& name, + const WebKit::WebString& display_name, + unsigned long estimated_size); + virtual bool allowFileSystem(); + virtual bool allowIndexedDB(const WebKit::WebString& name); + + private: + // Loading document context for this worker. + const int routing_id_; + bool is_unique_origin_; + GURL document_origin_url_; + GURL top_frame_origin_url_; + scoped_refptr<IPC::SyncMessageFilter> sync_message_filter_; + + DISALLOW_COPY_AND_ASSIGN(WorkerPermissionClientProxy); +}; + +#endif // CHROME_RENDERER_WORKER_PERMISSION_CLIENT_PROXY_H_ diff --git a/content/content_worker.gypi b/content/content_worker.gypi index 827ca53..4ee1599 100644 --- a/content/content_worker.gypi +++ b/content/content_worker.gypi @@ -16,6 +16,8 @@ 'worker/websharedworkerclient_proxy.cc', 'worker/websharedworkerclient_proxy.h', 'worker/worker_main.cc', + 'worker/shared_worker_permission_client_proxy.cc', + 'worker/shared_worker_permission_client_proxy.h', 'worker/worker_thread.cc', 'worker/worker_thread.h', 'worker/worker_webapplicationcachehost_impl.cc', diff --git a/content/public/renderer/content_renderer_client.cc b/content/public/renderer/content_renderer_client.cc index 6c93cbf..fbbe343 100644 --- a/content/public/renderer/content_renderer_client.cc +++ b/content/public/renderer/content_renderer_client.cc @@ -195,4 +195,10 @@ bool ContentRendererClient::ShouldEnableSiteIsolationPolicy() const { return true; } +WebKit::WebWorkerPermissionClientProxy* +ContentRendererClient::CreateWorkerPermissionClientProxy( + RenderView* render_view, WebKit::WebFrame* frame) { + return NULL; +} + } // namespace content diff --git a/content/public/renderer/content_renderer_client.h b/content/public/renderer/content_renderer_client.h index b5b11cd..86b7e31 100644 --- a/content/public/renderer/content_renderer_client.h +++ b/content/public/renderer/content_renderer_client.h @@ -43,6 +43,7 @@ class WebSpeechSynthesizer; class WebSpeechSynthesizerClient; class WebThemeEngine; class WebURLRequest; +class WebWorkerPermissionClientProxy; struct WebPluginParams; struct WebURLError; } @@ -265,6 +266,11 @@ class CONTENT_EXPORT ContentRendererClient { // this renderer process. Currently, we apply the policy only to a renderer // process running on a normal page from the web. virtual bool ShouldEnableSiteIsolationPolicy() const; + + // Creates a permission client proxy for in-renderer worker. + virtual WebKit::WebWorkerPermissionClientProxy* + CreateWorkerPermissionClientProxy(RenderView* render_view, + WebKit::WebFrame* frame); }; } // namespace content diff --git a/content/renderer/render_frame_impl.cc b/content/renderer/render_frame_impl.cc index a414e41..f3a78fa 100644 --- a/content/renderer/render_frame_impl.cc +++ b/content/renderer/render_frame_impl.cc @@ -193,6 +193,14 @@ WebKit::WebApplicationCacheHost* RenderFrameImpl::createApplicationCacheHost( RenderThreadImpl::current()->appcache_dispatcher()->backend_proxy()); } +WebKit::WebWorkerPermissionClientProxy* +RenderFrameImpl::createWorkerPermissionClientProxy(WebFrame* frame) { + if (!frame || !frame->view()) + return NULL; + return GetContentClient()->renderer()->CreateWorkerPermissionClientProxy( + RenderViewImpl::FromWebView(frame->view()), frame); +} + WebKit::WebCookieJar* RenderFrameImpl::cookieJar(WebKit::WebFrame* frame) { return render_view_->cookieJar(frame); } diff --git a/content/renderer/render_frame_impl.h b/content/renderer/render_frame_impl.h index 0033457..7239b0c 100644 --- a/content/renderer/render_frame_impl.h +++ b/content/renderer/render_frame_impl.h @@ -47,6 +47,8 @@ class CONTENT_EXPORT RenderFrameImpl virtual WebKit::WebApplicationCacheHost* createApplicationCacheHost( WebKit::WebFrame* frame, WebKit::WebApplicationCacheHostClient* client); + virtual WebKit::WebWorkerPermissionClientProxy* + createWorkerPermissionClientProxy(WebKit::WebFrame* frame); virtual WebKit::WebCookieJar* cookieJar(WebKit::WebFrame* frame); virtual WebKit::WebServiceWorkerProvider* createServiceWorkerProvider( WebKit::WebFrame* frame, diff --git a/content/worker/shared_worker_permission_client_proxy.cc b/content/worker/shared_worker_permission_client_proxy.cc new file mode 100644 index 0000000..dae30ff --- /dev/null +++ b/content/worker/shared_worker_permission_client_proxy.cc @@ -0,0 +1,52 @@ +// Copyright 2013 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "content/worker/shared_worker_permission_client_proxy.h" + +#include "content/child/thread_safe_sender.h" +#include "content/common/worker_messages.h" +#include "third_party/WebKit/public/platform/WebString.h" +#include "url/gurl.h" + +namespace content { + +SharedWorkerPermissionClientProxy::SharedWorkerPermissionClientProxy( + const GURL& origin_url, + int routing_id, + ThreadSafeSender* thread_safe_sender) + : origin_url_(origin_url), + routing_id_(routing_id), + thread_safe_sender_(thread_safe_sender) { +} + +SharedWorkerPermissionClientProxy::~SharedWorkerPermissionClientProxy() { +} + +bool SharedWorkerPermissionClientProxy::allowDatabase( + const WebKit::WebString& name, + const WebKit::WebString& display_name, + unsigned long estimated_size) { + bool result = false; + thread_safe_sender_->Send(new WorkerProcessHostMsg_AllowDatabase( + routing_id_, origin_url_, name, display_name, + estimated_size, &result)); + return result; +} + +bool SharedWorkerPermissionClientProxy::allowFileSystem() { + bool result = false; + thread_safe_sender_->Send(new WorkerProcessHostMsg_AllowFileSystem( + routing_id_, origin_url_, &result)); + return result; +} + +bool SharedWorkerPermissionClientProxy::allowIndexedDB( + const WebKit::WebString& name) { + bool result = false; + thread_safe_sender_->Send(new WorkerProcessHostMsg_AllowIndexedDB( + routing_id_, origin_url_, name, &result)); + return result; +} + +} // namespace content diff --git a/content/worker/shared_worker_permission_client_proxy.h b/content/worker/shared_worker_permission_client_proxy.h new file mode 100644 index 0000000..0a4fdc8 --- /dev/null +++ b/content/worker/shared_worker_permission_client_proxy.h @@ -0,0 +1,45 @@ +// Copyright 2013 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef CONTENT_WORKER_SHARED_WORKER_PERMISSION_CLIENT_PROXY_H_ +#define CONTENT_WORKER_SHARED_WORKER_PERMISSION_CLIENT_PROXY_H_ + +#include "base/basictypes.h" +#include "base/memory/ref_counted.h" +#include "third_party/WebKit/public/web/WebWorkerPermissionClientProxy.h" +#include "url/gurl.h" + +namespace content { + +class ThreadSafeSender; + +// This proxy is created on the main renderer thread then passed onto +// the blink's worker thread. +class SharedWorkerPermissionClientProxy + : public WebKit::WebWorkerPermissionClientProxy { + public: + SharedWorkerPermissionClientProxy( + const GURL& origin_url, + int routing_id, + ThreadSafeSender* thread_safe_sender); + virtual ~SharedWorkerPermissionClientProxy(); + + // WebWorkerPermissionClientProxy overrides. + virtual bool allowDatabase(const WebKit::WebString& name, + const WebKit::WebString& display_name, + unsigned long estimated_size); + virtual bool allowFileSystem(); + virtual bool allowIndexedDB(const WebKit::WebString& name); + + private: + const GURL origin_url_; + const int routing_id_; + scoped_refptr<ThreadSafeSender> thread_safe_sender_; + + DISALLOW_COPY_AND_ASSIGN(SharedWorkerPermissionClientProxy); +}; + +} // namespace content + +#endif // CONTENT_WORKER_SHARED_WORKER_PERMISSION_CLIENT_PROXY_H_ diff --git a/content/worker/websharedworkerclient_proxy.cc b/content/worker/websharedworkerclient_proxy.cc index 21182b0..29b977b 100644 --- a/content/worker/websharedworkerclient_proxy.cc +++ b/content/worker/websharedworkerclient_proxy.cc @@ -11,6 +11,7 @@ #include "content/common/worker_messages.h" #include "content/public/common/content_switches.h" #include "content/worker/shared_worker_devtools_agent.h" +#include "content/worker/shared_worker_permission_client_proxy.h" #include "content/worker/websharedworker_stub.h" #include "content/worker/worker_thread.h" #include "content/worker/worker_webapplicationcachehost_impl.h" @@ -77,36 +78,30 @@ WebApplicationCacheHost* WebSharedWorkerClientProxy::createApplicationCacheHost( return host; } -// TODO(abarth): Security checks should use WebDocument or WebSecurityOrigin, -// not WebFrame as the context object because WebFrames can contain different -// WebDocuments at different times. +WebKit::WebWorkerPermissionClientProxy* +WebSharedWorkerClientProxy::createWorkerPermissionClientProxy( + const WebKit::WebSecurityOrigin& origin) { + if (origin.isUnique()) + return NULL; + return new SharedWorkerPermissionClientProxy( + GURL(origin.toString()), route_id_, + ChildThread::current()->thread_safe_sender()); +} + +// TODO(kinuko): Deprecate these methods. bool WebSharedWorkerClientProxy::allowDatabase(WebFrame* frame, const WebString& name, const WebString& display_name, unsigned long estimated_size) { - WebSecurityOrigin origin = frame->document().securityOrigin(); - if (origin.isUnique()) - return false; - - bool result = false; - Send(new WorkerProcessHostMsg_AllowDatabase( - route_id_, GURL(origin.toString().utf8()), name, display_name, - estimated_size, &result)); - return result; + return false; } bool WebSharedWorkerClientProxy::allowFileSystem() { - bool result = false; - Send(new WorkerProcessHostMsg_AllowFileSystem( - route_id_, stub_->url().GetOrigin(), &result)); - return result; + return false; } bool WebSharedWorkerClientProxy::allowIndexedDB(const WebKit::WebString& name) { - bool result = false; - Send(new WorkerProcessHostMsg_AllowIndexedDB( - route_id_, stub_->url().GetOrigin(), name, &result)); - return result; + return false; } void WebSharedWorkerClientProxy::dispatchDevToolsMessage( diff --git a/content/worker/websharedworkerclient_proxy.h b/content/worker/websharedworkerclient_proxy.h index aef978c..bb51323 100644 --- a/content/worker/websharedworkerclient_proxy.h +++ b/content/worker/websharedworkerclient_proxy.h @@ -14,6 +14,7 @@ namespace WebKit { class WebApplicationCacheHost; class WebApplicationCacheHostClient; class WebFrame; +class WebSecurityOrigin; } namespace content { @@ -39,13 +40,18 @@ class WebSharedWorkerClientProxy : public WebKit::WebSharedWorkerClient { virtual WebKit::WebApplicationCacheHost* createApplicationCacheHost( WebKit::WebApplicationCacheHostClient* client); + virtual WebKit::WebWorkerPermissionClientProxy* + createWorkerPermissionClientProxy( + const WebKit::WebSecurityOrigin& origin); + // TODO(kinuko): Deprecate these methods. virtual bool allowDatabase(WebKit::WebFrame* frame, const WebKit::WebString& name, const WebKit::WebString& display_name, unsigned long estimated_size); virtual bool allowFileSystem(); virtual bool allowIndexedDB(const WebKit::WebString&); + virtual void dispatchDevToolsMessage(const WebKit::WebString&); virtual void saveDevToolsAgentState(const WebKit::WebString&); |