From c0cecd1fb74b856db81c03eac8b39078add7e53f Mon Sep 17 00:00:00 2001 From: "jstritar@chromium.org" Date: Thu, 5 Apr 2012 16:50:12 +0000 Subject: Restrict platform app access to WebKit features by modifying JS bindings. BUG=119751 TEST=PlatformAppBrowserTest.* Review URL: http://codereview.chromium.org/9963019 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@130946 0039d316-1c4b-4281-b951-d872f2087c98 --- .../browser/extensions/platform_app_browsertest.cc | 8 +- chrome/chrome_renderer.gypi | 1 + chrome/renderer/extensions/extension_dispatcher.cc | 6 ++ chrome/renderer/renderer_resources.grd | 1 + .../renderer/resources/extensions/platform_app.css | 4 + .../renderer/resources/extensions/platform_app.js | 40 +++++++ .../platform_apps/modal_dialogs/main.html | 6 -- .../platform_apps/modal_dialogs/manifest.json | 14 --- .../extensions/platform_apps/modal_dialogs/test.js | 20 ---- .../platform_apps/restrictions/main.html | 6 ++ .../platform_apps/restrictions/manifest.json | 14 +++ .../extensions/platform_apps/restrictions/test.js | 117 +++++++++++++++++++++ 12 files changed, 193 insertions(+), 44 deletions(-) create mode 100644 chrome/renderer/resources/extensions/platform_app.js delete mode 100644 chrome/test/data/extensions/platform_apps/modal_dialogs/main.html delete mode 100644 chrome/test/data/extensions/platform_apps/modal_dialogs/manifest.json delete mode 100644 chrome/test/data/extensions/platform_apps/modal_dialogs/test.js create mode 100644 chrome/test/data/extensions/platform_apps/restrictions/main.html create mode 100644 chrome/test/data/extensions/platform_apps/restrictions/manifest.json create mode 100644 chrome/test/data/extensions/platform_apps/restrictions/test.js diff --git a/chrome/browser/extensions/platform_app_browsertest.cc b/chrome/browser/extensions/platform_app_browsertest.cc index 3aeac39..4a2b48f 100644 --- a/chrome/browser/extensions/platform_app_browsertest.cc +++ b/chrome/browser/extensions/platform_app_browsertest.cc @@ -176,15 +176,15 @@ IN_PROC_BROWSER_TEST_F(PlatformAppBrowserTest, DisallowNavigation) { EXPECT_TRUE(result); } -IN_PROC_BROWSER_TEST_F(PlatformAppBrowserTest, DisallowModalDialogs) { - ASSERT_TRUE(RunPlatformAppTest("platform_apps/modal_dialogs")) << message_; -} - // Tests that localStorage and WebSQL are disabled for platform apps. IN_PROC_BROWSER_TEST_F(PlatformAppBrowserTest, DisallowStorage) { ASSERT_TRUE(RunPlatformAppTest("platform_apps/storage")) << message_; } +IN_PROC_BROWSER_TEST_F(PlatformAppBrowserTest, Restrictions) { + ASSERT_TRUE(RunPlatformAppTest("platform_apps/restrictions")) << message_; +} + // Tests that platform apps can use the chrome.windows.* API. #if defined(USE_AURA) // On Aura, this currently fails because the window width is returned as 256 diff --git a/chrome/chrome_renderer.gypi b/chrome/chrome_renderer.gypi index 57ee53d..9148db4 100644 --- a/chrome/chrome_renderer.gypi +++ b/chrome/chrome_renderer.gypi @@ -154,6 +154,7 @@ 'renderer/resources/extensions/page_action_custom_bindings.js', 'renderer/resources/extensions/page_actions_custom_bindings.js', 'renderer/resources/extensions/page_capture_custom_bindings.js', + 'renderer/resources/extensions/platform_app.js', 'renderer/resources/extensions/schema_generated_bindings.js', 'renderer/resources/extensions/send_request.js', 'renderer/resources/extensions/set_icon.js', diff --git a/chrome/renderer/extensions/extension_dispatcher.cc b/chrome/renderer/extensions/extension_dispatcher.cc index 561cb04..eb320fd 100644 --- a/chrome/renderer/extensions/extension_dispatcher.cc +++ b/chrome/renderer/extensions/extension_dispatcher.cc @@ -527,6 +527,7 @@ void ExtensionDispatcher::PopulateSourceMap() { source_map_.RegisterSource("pageAction", IDR_PAGE_ACTION_CUSTOM_BINDINGS_JS); source_map_.RegisterSource("pageCapture", IDR_PAGE_CAPTURE_CUSTOM_BINDINGS_JS); + source_map_.RegisterSource("platformApp", IDR_PLATFORM_APP_JS); source_map_.RegisterSource("storage", IDR_STORAGE_CUSTOM_BINDINGS_JS); source_map_.RegisterSource("tabs", IDR_TABS_CUSTOM_BINDINGS_JS); source_map_.RegisterSource("tts", IDR_TTS_CUSTOM_BINDINGS_JS); @@ -657,6 +658,11 @@ void ExtensionDispatcher::DidCreateScriptContext( InstallBindings(module_system.get(), v8_context, "extension"); } + // Inject custom JS into the platform app context to block certain features + // of the document and window. + if (extension && extension->is_platform_app()) + module_system->Require("platformApp"); + context->set_module_system(module_system.Pass()); context->DispatchOnLoadEvent( diff --git a/chrome/renderer/renderer_resources.grd b/chrome/renderer/renderer_resources.grd index 08a7a8f..599d2dd 100644 --- a/chrome/renderer/renderer_resources.grd +++ b/chrome/renderer/renderer_resources.grd @@ -22,6 +22,7 @@ without changes to the corresponding grd file. fb9 --> + diff --git a/chrome/renderer/resources/extensions/platform_app.css b/chrome/renderer/resources/extensions/platform_app.css index fddbe16..3216539 100644 --- a/chrome/renderer/resources/extensions/platform_app.css +++ b/chrome/renderer/resources/extensions/platform_app.css @@ -1,4 +1,8 @@ /* + * Copyright (c) 2012 The Chromium Authors. All rights reserved. + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + * * A style sheet for Chrome platform apps. */ diff --git a/chrome/renderer/resources/extensions/platform_app.js b/chrome/renderer/resources/extensions/platform_app.js new file mode 100644 index 0000000..3660a81 --- /dev/null +++ b/chrome/renderer/resources/extensions/platform_app.js @@ -0,0 +1,40 @@ +// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +var errorMsg = 'Not available for platform apps.'; +var stub = function() { throw errorMsg; }; + +// Disable document.open|close|write. +document.open = stub; +document.close = stub; +document.write = stub; + +// Disable history. +window.history = { + open: stub, + back: stub, + forward: stub, + go: stub, + pushState: stub, + replaceState: stub, + get length() { throw errorMsg; }, + get state() { throw errorMsg; } +}; + +// Disable find. +window.find = stub; + +// Disable modal dialogs. +window.alert = stub; +window.confirm = stub; +window.prompt = stub; + +// Disable window.*bar. +var stubBar = { get visible() { throw errorMsg; } }; +window.locationbar = stubBar; +window.menubar = stubBar; +window.personalbar = stubBar; +window.scrollbars = stubBar; +window.statusbar = stubBar; +window.toolbar = stubBar; diff --git a/chrome/test/data/extensions/platform_apps/modal_dialogs/main.html b/chrome/test/data/extensions/platform_apps/modal_dialogs/main.html deleted file mode 100644 index 78a21b8..0000000 --- a/chrome/test/data/extensions/platform_apps/modal_dialogs/main.html +++ /dev/null @@ -1,6 +0,0 @@ - - diff --git a/chrome/test/data/extensions/platform_apps/modal_dialogs/manifest.json b/chrome/test/data/extensions/platform_apps/modal_dialogs/manifest.json deleted file mode 100644 index bbc6e17..0000000 --- a/chrome/test/data/extensions/platform_apps/modal_dialogs/manifest.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "name": "Platform App Test: modal dialogs are disallowed", - "platform_app": true, - "version": "1", - "manifest_version": 2, - "app": { - "launch": { - "local_path": "main.html", - "container": "shell", - "width": 250, - "height": 250 - } - } -} diff --git a/chrome/test/data/extensions/platform_apps/modal_dialogs/test.js b/chrome/test/data/extensions/platform_apps/modal_dialogs/test.js deleted file mode 100644 index 2b015ea..0000000 --- a/chrome/test/data/extensions/platform_apps/modal_dialogs/test.js +++ /dev/null @@ -1,20 +0,0 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -chrome.test.runTests([ - function testAlert() { - alert("You shouldn't see this.... woot!"); - chrome.test.succeed(); - }, - - function testConfirm() { - chrome.test.assertFalse(confirm("Should this test fail?")); - chrome.test.succeed(); - }, - - function testPrompt() { - chrome.test.assertEq(null, prompt("Return null to pass!")); - chrome.test.succeed(); - } -]); diff --git a/chrome/test/data/extensions/platform_apps/restrictions/main.html b/chrome/test/data/extensions/platform_apps/restrictions/main.html new file mode 100644 index 0000000..78a21b8 --- /dev/null +++ b/chrome/test/data/extensions/platform_apps/restrictions/main.html @@ -0,0 +1,6 @@ + + diff --git a/chrome/test/data/extensions/platform_apps/restrictions/manifest.json b/chrome/test/data/extensions/platform_apps/restrictions/manifest.json new file mode 100644 index 0000000..a268b09 --- /dev/null +++ b/chrome/test/data/extensions/platform_apps/restrictions/manifest.json @@ -0,0 +1,14 @@ +{ + "name": "Platform App Test: various document and window restrictions", + "platform_app": true, + "version": "1", + "manifest_version": 2, + "app": { + "launch": { + "local_path": "main.html", + "container": "shell", + "width": 250, + "height": 250 + } + } +} diff --git a/chrome/test/data/extensions/platform_apps/restrictions/test.js b/chrome/test/data/extensions/platform_apps/restrictions/test.js new file mode 100644 index 0000000..25008d6 --- /dev/null +++ b/chrome/test/data/extensions/platform_apps/restrictions/test.js @@ -0,0 +1,117 @@ +// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +var assertEq = chrome.test.assertEq; +var fail = chrome.test.fail; +var succeed = chrome.test.succeed; + +var error = "Not available for platform apps."; + +function assertThrowsError(method) { + try { + method(); + fail("error not thrown"); + } catch (e) { + assertEq(e, error); + } +} + +chrome.test.runTests([ + function testDocumentOpen() { + assertThrowsError(document.open); + succeed(); + }, + + function testDocumentClose() { + assertThrowsError(document.close); + succeed(); + }, + + function testDocumentWrite() { + assertThrowsError(document.write); + succeed(); + }, + + function testWindowHistoryOpen() { + assertThrowsError(window.history.open); + assertThrowsError(history.open); + succeed(); + }, + + function testWindowHistoryBack() { + assertThrowsError(window.history.back); + assertThrowsError(history.back); + succeed(); + }, + + function testWindowHistoryForward() { + assertThrowsError(window.history.forward); + assertThrowsError(history.forward); + succeed(); + }, + + function testWindowHistoryPushState() { + assertThrowsError(window.history.pushState); + assertThrowsError(history.pushState); + succeed(); + }, + + function testWindowHistoryReplaceState() { + assertThrowsError(window.history.replaceState); + assertThrowsError(history.replaceState); + succeed(); + }, + + function testWindowHistoryLength() { + assertThrowsError(function() { + var length = window.history.length; + length = history.length; + }); + succeed(); + }, + + function testWindowHistoryState() { + assertThrowsError(function() { + var state = window.history.state; + state = history.state; + }); + succeed(); + }, + + function testWindowFind() { + assertThrowsError(window.find); + assertThrowsError(find); + succeed(); + }, + + function testWindowAlert() { + assertThrowsError(window.alert); + assertThrowsError(alert); + succeed(); + }, + + function testWindowConfirm() { + assertThrowsError(window.confirm); + assertThrowsError(confirm); + succeed(); + }, + + function testWindowPrompt() { + assertThrowsError(window.prompt); + assertThrowsError(prompt); + succeed(); + }, + + function testBars() { + var bars = ['locationbar', 'menubar', 'personalbar', + 'scrollbars', 'statusbar', 'toolbar']; + for (var x = 0; x < bars.length; x++) { + assertThrowsError(function() { + var visible = this[bars[x]].visible; + visible = window[bars[x]].visible; + }); + } + succeed(); + } +]); -- cgit v1.1