1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
|
// Copyright (c) 2011 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef WEBKIT_PLUGINS_NPAPI_PLUGIN_GROUP_H_
#define WEBKIT_PLUGINS_NPAPI_PLUGIN_GROUP_H_
#pragma once
#include <map>
#include <set>
#include <string>
#include <vector>
#include "base/gtest_prod_util.h"
#include "base/memory/scoped_ptr.h"
#include "base/string16.h"
#include "webkit/plugins/npapi/webplugininfo.h"
class DictionaryValue;
class FilePath;
class TableModelArrayControllerTest;
class PluginExceptionsTableModelTest;
class Version;
namespace webkit {
namespace npapi {
class PluginList;
namespace plugin_test_internal {
class PluginListWithoutFileIO;
}
// Hard-coded version ranges for plugin groups.
struct VersionRangeDefinition {
// Matcher for lowest version matched by this range (inclusive). May be empty
// to match everything iff |version_matcher_high| is also empty.
const char* version_matcher_low;
// Matcher for highest version matched by this range (exclusive). May be empty
// to match anything higher than |version_matcher_low|.
const char* version_matcher_high;
const char* min_version; // Minimum secure version.
bool requires_authorization; // If this range needs user permission to run.
};
// Hard-coded definitions of plugin groups.
struct PluginGroupDefinition {
const char* identifier; // Unique identifier for this group.
const char* name; // Name of this group.
const char* name_matcher; // Substring matcher for the plugin name.
const VersionRangeDefinition* versions; // List of version ranges.
size_t num_versions; // Size of the array |versions| points to.
const char* update_url; // Location of latest secure version.
};
// Run-time structure to hold version range information.
struct VersionRange {
public:
explicit VersionRange(VersionRangeDefinition definition);
VersionRange(const VersionRange& other);
VersionRange& operator=(const VersionRange& other);
~VersionRange();
std::string low_str;
std::string high_str;
std::string min_str;
scoped_ptr<Version> low;
scoped_ptr<Version> high;
scoped_ptr<Version> min;
bool requires_authorization;
private:
void InitFrom(const VersionRange& other);
};
// A PluginGroup can match a range of versions of a specific plugin (as defined
// by matching a substring of its name).
// It contains all WebPluginInfo structs (at least one) matching its definition.
// In addition, it knows about a security "baseline", i.e. the minimum version
// of a plugin that is needed in order not to exhibit known security
// vulnerabilities.
class PluginGroup {
public:
// Used by about:plugins to disable Reader plugin when internal PDF viewer is
// enabled.
static const char* kAdobeReaderGroupName;
static const char* kAdobeReaderUpdateURL;
static const char* kJavaGroupName;
static const char* kQuickTimeGroupName;
static const char* kShockwaveGroupName;
static const char* kRealPlayerGroupName;
static const char* kSilverlightGroupName;
PluginGroup(const PluginGroup& other);
~PluginGroup();
PluginGroup& operator=(const PluginGroup& other);
// Configures the set of plugin name patterns for enabling and disabling
// plugins via enterprise configuration management.
static void SetPolicyEnforcedPluginPatterns(
const std::set<string16>& plugins_disabled,
const std::set<string16>& plugins_disabled_exceptions,
const std::set<string16>& plugins_enabled);
// Tests whether |plugin_name| is disabled by policy.
static bool IsPluginNameDisabledByPolicy(const string16& plugin_name);
// Tests whether |plugin_name| within the plugin group |group_name| is
// disabled by policy.
static bool IsPluginFileNameDisabledByPolicy(const string16& plugin_name,
const string16& group_name);
// Tests whether |plugin_name| is enabled by policy.
static bool IsPluginNameEnabledByPolicy(const string16& plugin_name);
// Returns true if the given plugin matches this group.
bool Match(const WebPluginInfo& plugin) const;
// Adds the given plugin to this group.
void AddPlugin(const WebPluginInfo& plugin);
// Removes a plugin from the group by its path.
bool RemovePlugin(const FilePath& filename);
// The two following functions enable/disable a plugin given its filename. The
// function returns true if the plugin could be enabled/disabled. Plugins
// might not get enabled/disabled if they are controlled by policy or are
// already in the wanted state.
bool EnablePlugin(const FilePath& filename);
bool DisablePlugin(const FilePath& filename);
// Enables/disables this group. This enables/disables all plugins in the
// group.
bool EnableGroup(bool enable);
// Checks whether the group should be disabled/enabled by a policy and puts
// it in the needed state. Updates all contained plugins too.
void EnforceGroupPolicy();
// Returns whether the plugin group is enabled or not.
bool Enabled() const { return enabled_; }
// Returns a unique identifier for this group, if one is defined, or the empty
// string otherwise.
const std::string& identifier() const { return identifier_; }
// Sets a unique identifier for this group or if none is set an empty string.
void set_identifier(const std::string& identifier) {
identifier_ = identifier;
}
// Returns this group's name, or the filename without extension if the name
// is empty.
string16 GetGroupName() const;
// Returns all plugins added to the group.
const std::vector<WebPluginInfo>& web_plugins_info() const {
return web_plugin_infos_;
}
// Checks whether a plugin exists in the group with the given path.
bool ContainsPlugin(const FilePath& path) const;
// Returns the description of the highest-priority plug-in in the group.
const string16& description() const { return description_; }
// Returns a DictionaryValue with data to display in the UI.
DictionaryValue* GetDataForUI() const;
// Returns a DictionaryValue with data to save in the preferences.
DictionaryValue* GetSummary() const;
// Returns the update URL.
std::string GetUpdateURL() const { return update_url_; }
// Returns true if the highest-priority plugin in this group has known
// security problems.
bool IsVulnerable() const;
// Returns true if this plug-in group always requires user authorization
// to run.
bool RequiresAuthorization() const;
// Check if the group has no plugins. Could happen after a reload if the plug-
// in has disappeared from the pc (or in the process of updating).
bool IsEmpty() const;
// Disables all plugins in this group that are older than the
// minimum version.
void DisableOutdatedPlugins();
// Parse a version string as used by a plug-in. This method is more lenient
// in accepting weird version strings than Version::GetFromString().
static Version* CreateVersionFromString(const string16& version_string);
std::vector<WebPluginInfo> web_plugin_infos() { return web_plugin_infos_; }
private:
friend class PluginList;
friend class plugin_test_internal::PluginListWithoutFileIO;
friend class PluginGroupTest;
friend class ::TableModelArrayControllerTest;
friend class ::PluginExceptionsTableModelTest;
FRIEND_TEST_ALL_PREFIXES(PluginListTest, DisableOutdated);
// Generates the (short) identifier string for the given plugin.
static std::string GetIdentifier(const WebPluginInfo& wpi);
// Generates the long identifier (based on the full file path) for the given
// plugin, to be called when the short identifier is not unique.
static std::string GetLongIdentifier(const WebPluginInfo& wpi);
// Creates a PluginGroup from a PluginGroupDefinition. The caller takes
// ownership of the created PluginGroup.
static PluginGroup* FromPluginGroupDefinition(
const PluginGroupDefinition& definition);
// Creates a PluginGroup from a WebPluginInfo. The caller takes ownership of
// the created PluginGroup.
static PluginGroup* FromWebPluginInfo(const WebPluginInfo& wpi);
// Returns |true| if |version| is contained in [low, high) of |range|.
static bool IsVersionInRange(const Version& version,
const VersionRange& range);
// Returns |true| iff |plugin_version| is both contained in |version_range|
// and declared outdated (== vulnerable) by it.
static bool IsPluginOutdated(const Version& plugin_version,
const VersionRange& version_range);
PluginGroup(const string16& group_name,
const string16& name_matcher,
const std::string& update_url,
const std::string& identifier);
void InitFrom(const PluginGroup& other);
// Set the description and version for this plugin group from the
// given plug-in.
void UpdateDescriptionAndVersion(const WebPluginInfo& plugin);
// Updates the active plugin in the group. The active plugin is the first
// enabled one, or if all plugins are disabled, simply the first one.
void UpdateActivePlugin(const WebPluginInfo& plugin);
// Resets the group state to its default value (as if the group was empty).
// After calling this method, calling |UpdateActivePlugin| with all plugins
// in a row will correctly set the group state.
void ResetGroupState();
// Enables the plugin if not already enabled and if policy allows it to.
// Returns true on success. Does not update the group state.
static bool Enable(WebPluginInfo* plugin, int reason);
// Disables the plugin if not already disabled and if policy allows it to.
// Returns true on success. Does not update the group state.
static bool Disable(WebPluginInfo* plugin, int reason);
// Helper function to implement the functions above.
static bool SetPluginState(WebPluginInfo* plugin,
int new_reason,
bool state_changes);
// Returns a non-const vector of all plugins in the group. This is only used
// by PluginList.
std::vector<WebPluginInfo>& GetPluginsContainer() {
return web_plugin_infos_;
}
// Checks if |name| matches any of the patterns in |pattern_set|.
static bool IsStringMatchedInSet(const string16& name,
const std::set<string16>* pattern_set);
static std::set<string16>* policy_disabled_plugin_patterns_;
static std::set<string16>* policy_disabled_plugin_exception_patterns_;
static std::set<string16>* policy_enabled_plugin_patterns_;
std::string identifier_;
string16 group_name_;
string16 name_matcher_;
string16 description_;
std::string update_url_;
bool enabled_;
std::vector<VersionRange> version_ranges_;
scoped_ptr<Version> version_;
std::vector<WebPluginInfo> web_plugin_infos_;
};
} // namespace npapi
} // namespace webkit
#endif // WEBKIT_PLUGINS_NPAPI_PLUGIN_GROUP_H_
|