search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Revert "Added incident report for variations seed signature mismatch."
[chromium-blink-merge.git] / chrome / renderer / chrome_content_renderer_client.cc
blobb0ff9203690c15a3ed17bb4863bfac4466cca8ea
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/renderer/chrome_content_renderer_client.h"
6
7 #include "base/command_line.h"
8 #include "base/debug/crash_logging.h"
9 #include "base/logging.h"
10 #include "base/metrics/field_trial.h"
11 #include "base/metrics/histogram.h"
12 #include "base/metrics/user_metrics_action.h"
13 #include "base/path_service.h"
14 #include "base/strings/string_number_conversions.h"
15 #include "base/strings/string_util.h"
16 #include "base/strings/utf_string_conversions.h"
17 #include "base/values.h"
18 #include "chrome/common/chrome_paths.h"
19 #include "chrome/common/chrome_switches.h"
20 #include "chrome/common/chrome_version_info.h"
21 #include "chrome/common/crash_keys.h"
22 #include "chrome/common/extensions/chrome_extensions_client.h"
23 #include "chrome/common/extensions/extension_constants.h"
24 #include "chrome/common/extensions/extension_process_policy.h"
25 #include "chrome/common/localized_error.h"
26 #include "chrome/common/pepper_permission_util.h"
27 #include "chrome/common/render_messages.h"
28 #include "chrome/common/url_constants.h"
29 #include "chrome/grit/generated_resources.h"
30 #include "chrome/grit/locale_settings.h"
31 #include "chrome/grit/renderer_resources.h"
32 #include "chrome/renderer/benchmarking_extension.h"
33 #include "chrome/renderer/chrome_render_frame_observer.h"
34 #include "chrome/renderer/chrome_render_process_observer.h"
35 #include "chrome/renderer/chrome_render_view_observer.h"
36 #include "chrome/renderer/content_settings_observer.h"
37 #include "chrome/renderer/external_extension.h"
38 #include "chrome/renderer/loadtimes_extension_bindings.h"
39 #include "chrome/renderer/media/cast_ipc_dispatcher.h"
40 #include "chrome/renderer/media/chrome_key_systems.h"
41 #include "chrome/renderer/net/net_error_helper.h"
42 #include "chrome/renderer/net/prescient_networking_dispatcher.h"
43 #include "chrome/renderer/net/renderer_net_predictor.h"
44 #include "chrome/renderer/net_benchmarking_extension.h"
45 #include "chrome/renderer/page_load_histograms.h"
46 #include "chrome/renderer/pepper/pepper_helper.h"
47 #include "chrome/renderer/playback_extension.h"
48 #include "chrome/renderer/plugins/chrome_plugin_placeholder.h"
49 #include "chrome/renderer/plugins/plugin_uma.h"
50 #include "chrome/renderer/prefetch_helper.h"
51 #include "chrome/renderer/prerender/prerender_dispatcher.h"
52 #include "chrome/renderer/prerender/prerender_helper.h"
53 #include "chrome/renderer/prerender/prerender_media_load_deferrer.h"
54 #include "chrome/renderer/prerender/prerenderer_client.h"
55 #include "chrome/renderer/principals_extension_bindings.h"
56 #include "chrome/renderer/printing/print_web_view_helper.h"
57 #include "chrome/renderer/safe_browsing/malware_dom_details.h"
58 #include "chrome/renderer/safe_browsing/phishing_classifier_delegate.h"
59 #include "chrome/renderer/searchbox/search_bouncer.h"
60 #include "chrome/renderer/searchbox/searchbox.h"
61 #include "chrome/renderer/searchbox/searchbox_extension.h"
62 #include "chrome/renderer/tts_dispatcher.h"
63 #include "chrome/renderer/worker_permission_client_proxy.h"
64 #include "components/autofill/content/renderer/autofill_agent.h"
65 #include "components/autofill/content/renderer/password_autofill_agent.h"
66 #include "components/autofill/content/renderer/password_generation_agent.h"
67 #include "components/content_settings/core/common/content_settings_pattern.h"
68 #include "components/dom_distiller/core/url_constants.h"
69 #include "components/nacl/renderer/ppb_nacl_private_impl.h"
70 #include "components/password_manager/content/renderer/credential_manager_client.h"
71 #include "components/pdf/renderer/ppb_pdf_impl.h"
72 #include "components/plugins/renderer/mobile_youtube_plugin.h"
73 #include "components/signin/core/common/profile_management_switches.h"
74 #include "components/visitedlink/renderer/visitedlink_slave.h"
75 #include "components/web_cache/renderer/web_cache_render_process_observer.h"
76 #include "content/public/common/content_constants.h"
77 #include "content/public/renderer/render_frame.h"
78 #include "content/public/renderer/render_thread.h"
79 #include "content/public/renderer/render_view.h"
80 #include "content/public/renderer/render_view_visitor.h"
81 #include "extensions/common/constants.h"
82 #include "extensions/common/extension.h"
83 #include "extensions/common/extension_set.h"
84 #include "extensions/common/extension_urls.h"
85 #include "extensions/common/switches.h"
86 #include "ipc/ipc_sync_channel.h"
87 #include "net/base/net_errors.h"
88 #include "ppapi/c/private/ppb_nacl_private.h"
89 #include "ppapi/c/private/ppb_pdf.h"
90 #include "ppapi/shared_impl/ppapi_switches.h"
91 #include "third_party/WebKit/public/platform/WebURL.h"
92 #include "third_party/WebKit/public/platform/WebURLError.h"
93 #include "third_party/WebKit/public/platform/WebURLRequest.h"
94 #include "third_party/WebKit/public/web/WebCache.h"
95 #include "third_party/WebKit/public/web/WebDataSource.h"
96 #include "third_party/WebKit/public/web/WebDocument.h"
97 #include "third_party/WebKit/public/web/WebElement.h"
98 #include "third_party/WebKit/public/web/WebLocalFrame.h"
99 #include "third_party/WebKit/public/web/WebPluginContainer.h"
100 #include "third_party/WebKit/public/web/WebPluginParams.h"
101 #include "third_party/WebKit/public/web/WebSecurityOrigin.h"
102 #include "third_party/WebKit/public/web/WebSecurityPolicy.h"
103 #include "ui/base/l10n/l10n_util.h"
104 #include "ui/base/layout.h"
105 #include "ui/base/resource/resource_bundle.h"
106 #include "ui/base/webui/jstemplate_builder.h"
107 #include "widevine_cdm_version.h" // In SHARED_INTERMEDIATE_DIR.
108
109 #if !defined(DISABLE_NACL)
110 #include "components/nacl/common/nacl_constants.h"
111 #include "components/nacl/renderer/nacl_helper.h"
112 #endif
113
114 #if defined(ENABLE_EXTENSIONS)
115 #include "chrome/renderer/extensions/chrome_extensions_dispatcher_delegate.h"
116 #include "chrome/renderer/extensions/chrome_extensions_renderer_client.h"
117 #include "chrome/renderer/extensions/extension_frame_helper.h"
118 #include "chrome/renderer/extensions/renderer_permissions_policy_delegate.h"
119 #include "chrome/renderer/extensions/resource_request_policy.h"
120 #include "extensions/renderer/dispatcher.h"
121 #include "extensions/renderer/extension_helper.h"
122 #include "extensions/renderer/extensions_render_frame_observer.h"
123 #include "extensions/renderer/guest_view/guest_view_container.h"
124 #include "extensions/renderer/script_context.h"
125 #endif
126
127 #if defined(ENABLE_FULL_PRINTING)
128 #include "chrome/renderer/pepper/chrome_pdf_print_client.h"
129 #endif
130
131 #if defined(ENABLE_SPELLCHECK)
132 #include "chrome/renderer/spellchecker/spellcheck.h"
133 #include "chrome/renderer/spellchecker/spellcheck_provider.h"
134 #endif
135
136 #if defined(ENABLE_WEBRTC)
137 #include "chrome/renderer/media/webrtc_logging_message_filter.h"
138 #endif
139
140 #if defined(OS_WIN)
141 #include "chrome_elf/blacklist/blacklist.h"
142 #endif
143
144 using autofill::AutofillAgent;
145 using autofill::PasswordAutofillAgent;
146 using autofill::PasswordGenerationAgent;
147 using base::ASCIIToUTF16;
148 using base::UserMetricsAction;
149 using content::RenderThread;
150 using content::WebPluginInfo;
151 using extensions::Extension;
152 using blink::WebCache;
153 using blink::WebConsoleMessage;
154 using blink::WebDataSource;
155 using blink::WebDocument;
156 using blink::WebFrame;
157 using blink::WebLocalFrame;
158 using blink::WebPlugin;
159 using blink::WebPluginParams;
160 using blink::WebSecurityOrigin;
161 using blink::WebSecurityPolicy;
162 using blink::WebString;
163 using blink::WebURL;
164 using blink::WebURLError;
165 using blink::WebURLRequest;
166 using blink::WebURLResponse;
167 using blink::WebVector;
168
169 namespace {
170
171 ChromeContentRendererClient* g_current_client;
172
173 #if defined(ENABLE_PLUGINS)
174 const char* const kPredefinedAllowedCompositorOrigins[] = {
175 "6EAED1924DB611B6EEF2A664BD077BE7EAD33B8F", // see crbug.com/383937
176 "4EB74897CB187C7633357C2FE832E0AD6A44883A" // see crbug.com/383937
177 };
178
179 const char* const kPredefinedAllowedVideoDecodeOrigins[] = {
180 "6EAED1924DB611B6EEF2A664BD077BE7EAD33B8F", // see crbug.com/383937
181 "4EB74897CB187C7633357C2FE832E0AD6A44883A" // see crbug.com/383937
182 };
183 #endif
184
185 static void AppendParams(const std::vector<base::string16>& additional_names,
186 const std::vector<base::string16>& additional_values,
187 WebVector<WebString>* existing_names,
188 WebVector<WebString>* existing_values) {
189 DCHECK(additional_names.size() == additional_values.size());
190 DCHECK(existing_names->size() == existing_values->size());
191
192 size_t existing_size = existing_names->size();
193 size_t total_size = existing_size + additional_names.size();
194
195 WebVector<WebString> names(total_size);
196 WebVector<WebString> values(total_size);
197
198 for (size_t i = 0; i < existing_size; ++i) {
199 names[i] = (*existing_names)[i];
200 values[i] = (*existing_values)[i];
201 }
202
203 for (size_t i = 0; i < additional_names.size(); ++i) {
204 names[existing_size + i] = additional_names[i];
205 values[existing_size + i] = additional_values[i];
206 }
207
208 existing_names->swap(names);
209 existing_values->swap(values);
210 }
211
212 #if defined(ENABLE_SPELLCHECK)
213 class SpellCheckReplacer : public content::RenderViewVisitor {
214 public:
215 explicit SpellCheckReplacer(SpellCheck* spellcheck)
216 : spellcheck_(spellcheck) {}
217 bool Visit(content::RenderView* render_view) override;
218
219 private:
220 SpellCheck* spellcheck_; // New shared spellcheck for all views. Weak Ptr.
221 DISALLOW_COPY_AND_ASSIGN(SpellCheckReplacer);
222 };
223
224 bool SpellCheckReplacer::Visit(content::RenderView* render_view) {
225 SpellCheckProvider* provider = SpellCheckProvider::Get(render_view);
226 DCHECK(provider);
227 provider->set_spellcheck(spellcheck_);
228 return true;
229 }
230 #endif
231
232 // For certain sandboxed Pepper plugins, use the JavaScript Content Settings.
233 bool ShouldUseJavaScriptSettingForPlugin(const WebPluginInfo& plugin) {
234 if (plugin.type != WebPluginInfo::PLUGIN_TYPE_PEPPER_IN_PROCESS &&
235 plugin.type != WebPluginInfo::PLUGIN_TYPE_PEPPER_OUT_OF_PROCESS) {
236 return false;
237 }
238
239 #if !defined(DISABLE_NACL)
240 // Treat Native Client invocations like JavaScript.
241 if (plugin.name == ASCIIToUTF16(nacl::kNaClPluginName))
242 return true;
243 #endif
244
245 #if defined(WIDEVINE_CDM_AVAILABLE) && defined(ENABLE_PEPPER_CDMS)
246 // Treat CDM invocations like JavaScript.
247 if (plugin.name == ASCIIToUTF16(kWidevineCdmDisplayName)) {
248 DCHECK(plugin.type == WebPluginInfo::PLUGIN_TYPE_PEPPER_OUT_OF_PROCESS);
249 return true;
250 }
251 #endif // defined(WIDEVINE_CDM_AVAILABLE) && defined(ENABLE_PEPPER_CDMS)
252
253 return false;
254 }
255
256 #if defined(ENABLE_EXTENSIONS)
257 void IsGuestViewApiAvailableToScriptContext(
258 bool* api_is_available,
259 extensions::ScriptContext* context) {
260 if (context->GetAvailability("guestViewInternal").is_available()) {
261 *api_is_available = true;
262 }
263 }
264 #endif
265
266 } // namespace
267
268 ChromeContentRendererClient::ChromeContentRendererClient() {
269 g_current_client = this;
270
271 extensions::ExtensionsClient::Set(
272 extensions::ChromeExtensionsClient::GetInstance());
273 #if defined(ENABLE_EXTENSIONS)
274 extensions::ExtensionsRendererClient::Set(
275 ChromeExtensionsRendererClient::GetInstance());
276 #endif
277 #if defined(ENABLE_PLUGINS)
278 for (size_t i = 0; i < arraysize(kPredefinedAllowedCompositorOrigins); ++i)
279 allowed_compositor_origins_.insert(kPredefinedAllowedCompositorOrigins[i]);
280 for (size_t i = 0; i < arraysize(kPredefinedAllowedVideoDecodeOrigins); ++i)
281 allowed_video_decode_origins_.insert(
282 kPredefinedAllowedVideoDecodeOrigins[i]);
283 #endif
284 }
285
286 ChromeContentRendererClient::~ChromeContentRendererClient() {
287 g_current_client = NULL;
288 }
289
290 void ChromeContentRendererClient::RenderThreadStarted() {
291 RenderThread* thread = RenderThread::Get();
292
293 chrome_observer_.reset(new ChromeRenderProcessObserver(this));
294 web_cache_observer_.reset(new web_cache::WebCacheRenderProcessObserver());
295
296 #if defined(ENABLE_EXTENSIONS)
297 extension_dispatcher_delegate_.reset(
298 new ChromeExtensionsDispatcherDelegate());
299 // ChromeRenderViewTest::SetUp() creates its own ExtensionDispatcher and
300 // injects it using SetExtensionDispatcher(). Don't overwrite it.
301 if (!extension_dispatcher_) {
302 extension_dispatcher_.reset(
303 new extensions::Dispatcher(extension_dispatcher_delegate_.get()));
304 }
305 permissions_policy_delegate_.reset(
306 new extensions::RendererPermissionsPolicyDelegate(
307 extension_dispatcher_.get()));
308 #endif
309
310 prescient_networking_dispatcher_.reset(new PrescientNetworkingDispatcher());
311 net_predictor_.reset(new RendererNetPredictor());
312 #if defined(ENABLE_SPELLCHECK)
313 // ChromeRenderViewTest::SetUp() creates a Spellcheck and injects it using
314 // SetSpellcheck(). Don't overwrite it.
315 if (!spellcheck_) {
316 spellcheck_.reset(new SpellCheck());
317 thread->AddObserver(spellcheck_.get());
318 }
319 #endif
320 visited_link_slave_.reset(new visitedlink::VisitedLinkSlave());
321 #if defined(FULL_SAFE_BROWSING)
322 phishing_classifier_.reset(safe_browsing::PhishingClassifierFilter::Create());
323 #endif
324 prerender_dispatcher_.reset(new prerender::PrerenderDispatcher());
325 #if defined(ENABLE_WEBRTC)
326 webrtc_logging_message_filter_ = new WebRtcLoggingMessageFilter(
327 content::RenderThread::Get()->GetIOMessageLoopProxy());
328 #endif
329 search_bouncer_.reset(new SearchBouncer());
330
331 thread->AddObserver(chrome_observer_.get());
332 thread->AddObserver(web_cache_observer_.get());
333 #if defined(ENABLE_EXTENSIONS)
334 thread->AddObserver(extension_dispatcher_.get());
335 #endif
336 #if defined(FULL_SAFE_BROWSING)
337 thread->AddObserver(phishing_classifier_.get());
338 #endif
339 thread->AddObserver(visited_link_slave_.get());
340 thread->AddObserver(prerender_dispatcher_.get());
341 thread->AddObserver(search_bouncer_.get());
342
343 #if defined(ENABLE_WEBRTC)
344 thread->AddFilter(webrtc_logging_message_filter_.get());
345 #endif
346 thread->AddFilter(new CastIPCDispatcher(
347 content::RenderThread::Get()->GetIOMessageLoopProxy()));
348
349 thread->RegisterExtension(extensions_v8::ExternalExtension::Get());
350 thread->RegisterExtension(extensions_v8::LoadTimesExtension::Get());
351
352 CommandLine* command_line = CommandLine::ForCurrentProcess();
353 if (command_line->HasSwitch(switches::kEnableBenchmarking))
354 thread->RegisterExtension(extensions_v8::BenchmarkingExtension::Get());
355 if (command_line->HasSwitch(switches::kEnableNetBenchmarking))
356 thread->RegisterExtension(extensions_v8::NetBenchmarkingExtension::Get());
357 if (command_line->HasSwitch(switches::kInstantProcess))
358 thread->RegisterExtension(extensions_v8::SearchBoxExtension::Get());
359
360 if (command_line->HasSwitch(switches::kPlaybackMode) ||
361 command_line->HasSwitch(switches::kRecordMode)) {
362 thread->RegisterExtension(extensions_v8::PlaybackExtension::Get());
363 }
364
365 // TODO(guohui): needs to forward the new-profile-management switch to
366 // renderer processes.
367 if (switches::IsEnableAccountConsistency())
368 thread->RegisterExtension(extensions_v8::PrincipalsExtension::Get());
369
370 // chrome:, chrome-search:, chrome-devtools:, and chrome-distiller: pages
371 // should not be accessible by normal content, and should also be unable to
372 // script anything but themselves (to help limit the damage that a corrupt
373 // page could cause).
374 WebString chrome_ui_scheme(ASCIIToUTF16(content::kChromeUIScheme));
375 WebSecurityPolicy::registerURLSchemeAsDisplayIsolated(chrome_ui_scheme);
376
377 WebString chrome_search_scheme(ASCIIToUTF16(chrome::kChromeSearchScheme));
378 // The Instant process can only display the content but not read it. Other
379 // processes can't display it or read it.
380 if (!command_line->HasSwitch(switches::kInstantProcess))
381 WebSecurityPolicy::registerURLSchemeAsDisplayIsolated(chrome_search_scheme);
382
383 WebString dev_tools_scheme(ASCIIToUTF16(content::kChromeDevToolsScheme));
384 WebSecurityPolicy::registerURLSchemeAsDisplayIsolated(dev_tools_scheme);
385
386 WebString dom_distiller_scheme(
387 ASCIIToUTF16(dom_distiller::kDomDistillerScheme));
388 // TODO(nyquist): Add test to ensure this happens when the flag is set.
389 WebSecurityPolicy::registerURLSchemeAsDisplayIsolated(dom_distiller_scheme);
390
391 #if defined(OS_CHROMEOS)
392 WebString external_file_scheme(ASCIIToUTF16(chrome::kExternalFileScheme));
393 WebSecurityPolicy::registerURLSchemeAsLocal(external_file_scheme);
394 #endif
395
396 // chrome: and chrome-search: pages should not be accessible by bookmarklets
397 // or javascript: URLs typed in the omnibox.
398 WebSecurityPolicy::registerURLSchemeAsNotAllowingJavascriptURLs(
399 chrome_ui_scheme);
400 WebSecurityPolicy::registerURLSchemeAsNotAllowingJavascriptURLs(
401 chrome_search_scheme);
402
403 // chrome:, chrome-search:, chrome-extension:, and chrome-extension-resource:
404 // resources shouldn't trigger insecure content warnings.
405 WebSecurityPolicy::registerURLSchemeAsSecure(chrome_ui_scheme);
406 WebSecurityPolicy::registerURLSchemeAsSecure(chrome_search_scheme);
407
408 WebString extension_scheme(ASCIIToUTF16(extensions::kExtensionScheme));
409 WebSecurityPolicy::registerURLSchemeAsSecure(extension_scheme);
410
411 WebString extension_resource_scheme(
412 ASCIIToUTF16(extensions::kExtensionResourceScheme));
413 WebSecurityPolicy::registerURLSchemeAsSecure(extension_resource_scheme);
414
415 // chrome:, chrome-extension:, chrome-extension-resource: resources should be
416 // allowed to receive CORS requests.
417 WebSecurityPolicy::registerURLSchemeAsCORSEnabled(chrome_ui_scheme);
418 WebSecurityPolicy::registerURLSchemeAsCORSEnabled(extension_scheme);
419 WebSecurityPolicy::registerURLSchemeAsCORSEnabled(extension_resource_scheme);
420
421 // chrome-extension: resources should bypass Content Security Policy checks
422 // when included in protected resources.
423 WebSecurityPolicy::registerURLSchemeAsBypassingContentSecurityPolicy(
424 extension_scheme);
425 WebSecurityPolicy::registerURLSchemeAsBypassingContentSecurityPolicy(
426 extension_resource_scheme);
427
428 #if defined(OS_WIN)
429 // Report if the renderer process has been patched by chrome_elf.
430 // TODO(csharp): Remove once the renderer is no longer getting
431 // patched this way.
432 if (blacklist::IsBlacklistInitialized())
433 UMA_HISTOGRAM_BOOLEAN("Blacklist.PatchedInRenderer", true);
434 #endif
435 #if defined(ENABLE_FULL_PRINTING)
436 pdf_print_client_.reset(new ChromePDFPrintClient());
437 pdf::PPB_PDF_Impl::SetPrintClient(pdf_print_client_.get());
438 #endif
439 }
440
441 void ChromeContentRendererClient::RenderFrameCreated(
442 content::RenderFrame* render_frame) {
443 new ChromeRenderFrameObserver(render_frame);
444
445 extensions::Dispatcher* ext_dispatcher = NULL;
446 #if defined(ENABLE_EXTENSIONS)
447 ext_dispatcher = extension_dispatcher_.get();
448 #endif
449 ContentSettingsObserver* content_settings =
450 new ContentSettingsObserver(render_frame, ext_dispatcher);
451 if (chrome_observer_.get()) {
452 content_settings->SetContentSettingRules(
453 chrome_observer_->content_setting_rules());
454 }
455
456 #if defined(ENABLE_EXTENSIONS)
457 new extensions::ExtensionsRenderFrameObserver(render_frame);
458 new extensions::ExtensionFrameHelper(render_frame, ext_dispatcher);
459 #endif
460
461 #if defined(ENABLE_PLUGINS)
462 new PepperHelper(render_frame);
463 #endif
464
465 #if !defined(DISABLE_NACL)
466 new nacl::NaClHelper(render_frame);
467 #endif
468
469 // TODO(jam): when the frame tree moves into content and parent() works at
470 // RenderFrame construction, simplify this by just checking parent().
471 if (render_frame->GetRenderView()->GetMainRenderFrame() != render_frame) {
472 // Avoid any race conditions from having the browser tell subframes that
473 // they're prerendering.
474 if (prerender::PrerenderHelper::IsPrerendering(
475 render_frame->GetRenderView()->GetMainRenderFrame())) {
476 new prerender::PrerenderHelper(render_frame);
477 }
478 }
479
480 if (render_frame->GetRenderView()->GetMainRenderFrame() == render_frame) {
481 // Only attach NetErrorHelper to the main frame, since only the main frame
482 // should get error pages.
483 // PrefetchHelper is also needed only for main frames.
484 new NetErrorHelper(render_frame);
485 new prefetch::PrefetchHelper(render_frame);
486 }
487 }
488
489 void ChromeContentRendererClient::RenderViewCreated(
490 content::RenderView* render_view) {
491 #if defined(ENABLE_EXTENSIONS)
492 new extensions::ExtensionHelper(render_view, extension_dispatcher_.get());
493 extension_dispatcher_->OnRenderViewCreated(render_view);
494 #endif
495 new PageLoadHistograms(render_view);
496 #if defined(ENABLE_PRINTING)
497 new printing::PrintWebViewHelper(render_view);
498 #endif
499 #if defined(ENABLE_SPELLCHECK)
500 new SpellCheckProvider(render_view, spellcheck_.get());
501 #endif
502 new prerender::PrerendererClient(render_view);
503 #if defined(FULL_SAFE_BROWSING)
504 safe_browsing::MalwareDOMDetails::Create(render_view);
505 #endif
506
507 PasswordGenerationAgent* password_generation_agent =
508 new PasswordGenerationAgent(render_view);
509 PasswordAutofillAgent* password_autofill_agent =
510 new PasswordAutofillAgent(render_view);
511 new AutofillAgent(render_view,
512 password_autofill_agent,
513 password_generation_agent);
514
515 CommandLine* command_line = CommandLine::ForCurrentProcess();
516 if (command_line->HasSwitch(switches::kInstantProcess))
517 new SearchBox(render_view);
518
519 new ChromeRenderViewObserver(render_view, web_cache_observer_.get());
520
521 new password_manager::CredentialManagerClient(render_view);
522 }
523
524 void ChromeContentRendererClient::SetNumberOfViews(int number_of_views) {
525 base::debug::SetCrashKeyValue(crash_keys::kNumberOfViews,
526 base::IntToString(number_of_views));
527 }
528
529 SkBitmap* ChromeContentRendererClient::GetSadPluginBitmap() {
530 return const_cast<SkBitmap*>(ResourceBundle::GetSharedInstance().
531 GetImageNamed(IDR_SAD_PLUGIN).ToSkBitmap());
532 }
533
534 SkBitmap* ChromeContentRendererClient::GetSadWebViewBitmap() {
535 return const_cast<SkBitmap*>(ResourceBundle::GetSharedInstance().
536 GetImageNamed(IDR_SAD_WEBVIEW).ToSkBitmap());
537 }
538
539 #if defined(ENABLE_EXTENSIONS)
540 const Extension* ChromeContentRendererClient::GetExtensionByOrigin(
541 const WebSecurityOrigin& origin) const {
542 if (!EqualsASCII(origin.protocol(), extensions::kExtensionScheme))
543 return NULL;
544
545 const std::string extension_id = origin.host().utf8().data();
546 return extension_dispatcher_->extensions()->GetByID(extension_id);
547 }
548 #endif
549
550 bool ChromeContentRendererClient::OverrideCreatePlugin(
551 content::RenderFrame* render_frame,
552 WebLocalFrame* frame,
553 const WebPluginParams& params,
554 WebPlugin** plugin) {
555 std::string orig_mime_type = params.mimeType.utf8();
556 #if defined(ENABLE_EXTENSIONS)
557 if (orig_mime_type == content::kBrowserPluginMimeType) {
558 bool guest_view_api_available = false;
559 extension_dispatcher_->script_context_set().ForEach(
560 render_frame->GetRenderView(),
561 base::Bind(&IsGuestViewApiAvailableToScriptContext,
562 &guest_view_api_available));
563 if (guest_view_api_available)
564 return false;
565 }
566 #endif
567
568 ChromeViewHostMsg_GetPluginInfo_Output output;
569 #if defined(ENABLE_PLUGINS)
570 render_frame->Send(new ChromeViewHostMsg_GetPluginInfo(
571 render_frame->GetRoutingID(), GURL(params.url),
572 frame->top()->document().url(), orig_mime_type, &output));
573
574 if (output.plugin.type == content::WebPluginInfo::PLUGIN_TYPE_BROWSER_PLUGIN)
575 return false;
576 #else
577 output.status.value = ChromeViewHostMsg_GetPluginInfo_Status::kNotFound;
578 #endif
579 *plugin = CreatePlugin(render_frame, frame, params, output);
580 return true;
581 }
582
583 WebPlugin* ChromeContentRendererClient::CreatePluginReplacement(
584 content::RenderFrame* render_frame,
585 const base::FilePath& plugin_path) {
586 ChromePluginPlaceholder* placeholder =
587 ChromePluginPlaceholder::CreateErrorPlugin(render_frame, plugin_path);
588 return placeholder->plugin();
589 }
590
591 void ChromeContentRendererClient::DeferMediaLoad(
592 content::RenderFrame* render_frame,
593 const base::Closure& closure) {
594 #if defined(OS_ANDROID)
595 // Chromium for Android doesn't support prerender yet.
596 closure.Run();
597 return;
598 #else
599 if (!prerender::PrerenderHelper::IsPrerendering(render_frame)) {
600 closure.Run();
601 return;
602 }
603
604 // Lifetime is tied to |render_frame| via content::RenderFrameObserver.
605 new prerender::PrerenderMediaLoadDeferrer(render_frame, closure);
606 #endif
607 }
608
609 WebPlugin* ChromeContentRendererClient::CreatePlugin(
610 content::RenderFrame* render_frame,
611 WebLocalFrame* frame,
612 const WebPluginParams& original_params,
613 const ChromeViewHostMsg_GetPluginInfo_Output& output) {
614 const ChromeViewHostMsg_GetPluginInfo_Status& status = output.status;
615 const WebPluginInfo& plugin = output.plugin;
616 const std::string& actual_mime_type = output.actual_mime_type;
617 const base::string16& group_name = output.group_name;
618 const std::string& identifier = output.group_identifier;
619 ChromeViewHostMsg_GetPluginInfo_Status::Value status_value = status.value;
620 GURL url(original_params.url);
621 std::string orig_mime_type = original_params.mimeType.utf8();
622 ChromePluginPlaceholder* placeholder = NULL;
623
624 // If the browser plugin is to be enabled, this should be handled by the
625 // renderer, so the code won't reach here due to the early exit in
626 // OverrideCreatePlugin.
627 if (status_value == ChromeViewHostMsg_GetPluginInfo_Status::kNotFound ||
628 orig_mime_type == content::kBrowserPluginMimeType) {
629 #if defined(OS_ANDROID)
630 if (plugins::MobileYouTubePlugin::IsYouTubeURL(url, orig_mime_type)) {
631 base::StringPiece template_html(
632 ResourceBundle::GetSharedInstance().GetRawDataResource(
633 IDR_MOBILE_YOUTUBE_PLUGIN_HTML));
634 return (new plugins::MobileYouTubePlugin(
635 render_frame,
636 frame,
637 original_params,
638 template_html,
639 GURL(ChromePluginPlaceholder::kPluginPlaceholderDataURL)))
640 ->plugin();
641 }
642 #endif
643 PluginUMAReporter::GetInstance()->ReportPluginMissing(orig_mime_type, url);
644 placeholder = ChromePluginPlaceholder::CreateMissingPlugin(
645 render_frame, frame, original_params);
646 } else {
647 // TODO(bauerb): This should be in content/.
648 WebPluginParams params(original_params);
649 for (size_t i = 0; i < plugin.mime_types.size(); ++i) {
650 if (plugin.mime_types[i].mime_type == actual_mime_type) {
651 AppendParams(plugin.mime_types[i].additional_param_names,
652 plugin.mime_types[i].additional_param_values,
653 &params.attributeNames,
654 &params.attributeValues);
655 break;
656 }
657 }
658 if (params.mimeType.isNull() && (actual_mime_type.size() > 0)) {
659 // Webkit might say that mime type is null while we already know the
660 // actual mime type via ChromeViewHostMsg_GetPluginInfo. In that case
661 // we should use what we know since WebpluginDelegateProxy does some
662 // specific initializations based on this information.
663 params.mimeType = WebString::fromUTF8(actual_mime_type.c_str());
664 }
665
666 ContentSettingsObserver* observer =
667 ContentSettingsObserver::Get(render_frame);
668
669 const ContentSettingsType content_type =
670 ShouldUseJavaScriptSettingForPlugin(plugin) ?
671 CONTENT_SETTINGS_TYPE_JAVASCRIPT :
672 CONTENT_SETTINGS_TYPE_PLUGINS;
673
674 if ((status_value ==
675 ChromeViewHostMsg_GetPluginInfo_Status::kUnauthorized ||
676 status_value == ChromeViewHostMsg_GetPluginInfo_Status::kClickToPlay ||
677 status_value == ChromeViewHostMsg_GetPluginInfo_Status::kBlocked) &&
678 observer->IsPluginTemporarilyAllowed(identifier)) {
679 status_value = ChromeViewHostMsg_GetPluginInfo_Status::kAllowed;
680 }
681
682 // Allow full-page plug-ins for click-to-play.
683 if (status_value == ChromeViewHostMsg_GetPluginInfo_Status::kClickToPlay &&
684 !frame->parent() &&
685 !frame->opener() &&
686 frame->document().isPluginDocument()) {
687 status_value = ChromeViewHostMsg_GetPluginInfo_Status::kAllowed;
688 }
689
690 #if defined(OS_WIN)
691 // In Windows we need to check if we can load NPAPI plugins.
692 // For example, if the render view is in the Ash desktop, we should not.
693 if (status_value == ChromeViewHostMsg_GetPluginInfo_Status::kAllowed &&
694 plugin.type == content::WebPluginInfo::PLUGIN_TYPE_NPAPI) {
695 if (observer->AreNPAPIPluginsBlocked())
696 status_value =
697 ChromeViewHostMsg_GetPluginInfo_Status::kNPAPINotSupported;
698 }
699 #endif
700
701 switch (status_value) {
702 case ChromeViewHostMsg_GetPluginInfo_Status::kNotFound: {
703 NOTREACHED();
704 break;
705 }
706 case ChromeViewHostMsg_GetPluginInfo_Status::kAllowed: {
707 #if !defined(DISABLE_NACL)
708 const bool is_nacl_plugin =
709 plugin.name == ASCIIToUTF16(nacl::kNaClPluginName);
710 const bool is_nacl_mime_type =
711 actual_mime_type == nacl::kNaClPluginMimeType;
712 const bool is_pnacl_mime_type =
713 actual_mime_type == nacl::kPnaclPluginMimeType;
714 if (is_nacl_plugin || is_nacl_mime_type || is_pnacl_mime_type) {
715 bool is_nacl_unrestricted = false;
716 if (is_nacl_mime_type) {
717 is_nacl_unrestricted =
718 CommandLine::ForCurrentProcess()->HasSwitch(
719 switches::kEnableNaCl);
720 } else if (is_pnacl_mime_type) {
721 is_nacl_unrestricted = true;
722 }
723 GURL manifest_url;
724 GURL app_url;
725 if (is_nacl_mime_type || is_pnacl_mime_type) {
726 // Normal NaCl/PNaCl embed. The app URL is the page URL.
727 manifest_url = url;
728 app_url = frame->top()->document().url();
729 } else {
730 // NaCl is being invoked as a content handler. Look up the NaCl
731 // module using the MIME type. The app URL is the manifest URL.
732 manifest_url = GetNaClContentHandlerURL(actual_mime_type, plugin);
733 app_url = manifest_url;
734 }
735 const Extension* extension =
736 g_current_client->extension_dispatcher_->extensions()->
737 GetExtensionOrAppByURL(manifest_url);
738 if (!IsNaClAllowed(manifest_url,
739 app_url,
740 is_nacl_unrestricted,
741 extension,
742 &params)) {
743 WebString error_message;
744 if (is_nacl_mime_type) {
745 error_message =
746 "Only unpacked extensions and apps installed from the Chrome "
747 "Web Store can load NaCl modules without enabling Native "
748 "Client in about:flags.";
749 } else if (is_pnacl_mime_type) {
750 error_message =
751 "Portable Native Client must not be disabled in about:flags.";
752 }
753 frame->addMessageToConsole(
754 WebConsoleMessage(WebConsoleMessage::LevelError,
755 error_message));
756 placeholder = ChromePluginPlaceholder::CreateBlockedPlugin(
757 render_frame,
758 frame,
759 params,
760 plugin,
761 identifier,
762 group_name,
763 IDR_BLOCKED_PLUGIN_HTML,
764 #if defined(OS_CHROMEOS)
765 l10n_util::GetStringUTF16(IDS_NACL_PLUGIN_BLOCKED));
766 #else
767 l10n_util::GetStringFUTF16(IDS_PLUGIN_BLOCKED, group_name));
768 #endif
769 break;
770 }
771 }
772 #endif // !defined(DISABLE_NACL)
773
774 // Delay loading plugins if prerendering.
775 // TODO(mmenke): In the case of prerendering, feed into
776 // ChromeContentRendererClient::CreatePlugin instead, to
777 // reduce the chance of future regressions.
778 if (prerender::PrerenderHelper::IsPrerendering(render_frame)) {
779 placeholder = ChromePluginPlaceholder::CreateBlockedPlugin(
780 render_frame,
781 frame,
782 params,
783 plugin,
784 identifier,
785 group_name,
786 IDR_CLICK_TO_PLAY_PLUGIN_HTML,
787 l10n_util::GetStringFUTF16(IDS_PLUGIN_LOAD, group_name));
788 placeholder->set_blocked_for_prerendering(true);
789 placeholder->set_allow_loading(true);
790 break;
791 }
792
793 return render_frame->CreatePlugin(frame, plugin, params);
794 }
795 case ChromeViewHostMsg_GetPluginInfo_Status::kNPAPINotSupported: {
796 RenderThread::Get()->RecordAction(
797 UserMetricsAction("Plugin_NPAPINotSupported"));
798 placeholder = ChromePluginPlaceholder::CreateBlockedPlugin(
799 render_frame,
800 frame,
801 params,
802 plugin,
803 identifier,
804 group_name,
805 IDR_BLOCKED_PLUGIN_HTML,
806 l10n_util::GetStringUTF16(IDS_PLUGIN_NOT_SUPPORTED_METRO));
807 render_frame->Send(new ChromeViewHostMsg_NPAPINotSupported(
808 render_frame->GetRoutingID(), identifier));
809 break;
810 }
811 case ChromeViewHostMsg_GetPluginInfo_Status::kDisabled: {
812 PluginUMAReporter::GetInstance()->ReportPluginDisabled(orig_mime_type,
813 url);
814 placeholder = ChromePluginPlaceholder::CreateBlockedPlugin(
815 render_frame,
816 frame,
817 params,
818 plugin,
819 identifier,
820 group_name,
821 IDR_DISABLED_PLUGIN_HTML,
822 l10n_util::GetStringFUTF16(IDS_PLUGIN_DISABLED, group_name));
823 break;
824 }
825 case ChromeViewHostMsg_GetPluginInfo_Status::kOutdatedBlocked: {
826 #if defined(ENABLE_PLUGIN_INSTALLATION)
827 placeholder = ChromePluginPlaceholder::CreateBlockedPlugin(
828 render_frame,
829 frame,
830 params,
831 plugin,
832 identifier,
833 group_name,
834 IDR_BLOCKED_PLUGIN_HTML,
835 l10n_util::GetStringFUTF16(IDS_PLUGIN_OUTDATED, group_name));
836 placeholder->set_allow_loading(true);
837 render_frame->Send(new ChromeViewHostMsg_BlockedOutdatedPlugin(
838 render_frame->GetRoutingID(), placeholder->CreateRoutingId(),
839 identifier));
840 #else
841 NOTREACHED();
842 #endif
843 break;
844 }
845 case ChromeViewHostMsg_GetPluginInfo_Status::kOutdatedDisallowed: {
846 placeholder = ChromePluginPlaceholder::CreateBlockedPlugin(
847 render_frame,
848 frame,
849 params,
850 plugin,
851 identifier,
852 group_name,
853 IDR_BLOCKED_PLUGIN_HTML,
854 l10n_util::GetStringFUTF16(IDS_PLUGIN_OUTDATED, group_name));
855 break;
856 }
857 case ChromeViewHostMsg_GetPluginInfo_Status::kUnauthorized: {
858 placeholder = ChromePluginPlaceholder::CreateBlockedPlugin(
859 render_frame,
860 frame,
861 params,
862 plugin,
863 identifier,
864 group_name,
865 IDR_BLOCKED_PLUGIN_HTML,
866 l10n_util::GetStringFUTF16(IDS_PLUGIN_NOT_AUTHORIZED, group_name));
867 placeholder->set_allow_loading(true);
868 // Check to see if old infobar should be displayed.
869 std::string trial_group =
870 base::FieldTrialList::FindFullName("UnauthorizedPluginInfoBar");
871 if (plugin.type != content::WebPluginInfo::PLUGIN_TYPE_NPAPI ||
872 trial_group == "Enabled") {
873 render_frame->Send(new ChromeViewHostMsg_BlockedUnauthorizedPlugin(
874 render_frame->GetRoutingID(),
875 group_name,
876 identifier));
877 } else {
878 // Send IPC for showing blocked plugins page action.
879 observer->DidBlockContentType(content_type);
880 }
881 break;
882 }
883 case ChromeViewHostMsg_GetPluginInfo_Status::kClickToPlay: {
884 placeholder = ChromePluginPlaceholder::CreateBlockedPlugin(
885 render_frame,
886 frame,
887 params,
888 plugin,
889 identifier,
890 group_name,
891 IDR_CLICK_TO_PLAY_PLUGIN_HTML,
892 l10n_util::GetStringFUTF16(IDS_PLUGIN_LOAD, group_name));
893 placeholder->set_allow_loading(true);
894 RenderThread::Get()->RecordAction(
895 UserMetricsAction("Plugin_ClickToPlay"));
896 observer->DidBlockContentType(content_type);
897 break;
898 }
899 case ChromeViewHostMsg_GetPluginInfo_Status::kBlocked: {
900 placeholder = ChromePluginPlaceholder::CreateBlockedPlugin(
901 render_frame,
902 frame,
903 params,
904 plugin,
905 identifier,
906 group_name,
907 IDR_BLOCKED_PLUGIN_HTML,
908 l10n_util::GetStringFUTF16(IDS_PLUGIN_BLOCKED, group_name));
909 placeholder->set_allow_loading(true);
910 RenderThread::Get()->RecordAction(UserMetricsAction("Plugin_Blocked"));
911 observer->DidBlockContentType(content_type);
912 break;
913 }
914 case ChromeViewHostMsg_GetPluginInfo_Status::kBlockedByPolicy: {
915 placeholder = ChromePluginPlaceholder::CreateBlockedPlugin(
916 render_frame,
917 frame,
918 params,
919 plugin,
920 identifier,
921 group_name,
922 IDR_BLOCKED_PLUGIN_HTML,
923 l10n_util::GetStringFUTF16(IDS_PLUGIN_BLOCKED, group_name));
924 placeholder->set_allow_loading(false);
925 RenderThread::Get()->RecordAction(
926 UserMetricsAction("Plugin_BlockedByPolicy"));
927 observer->DidBlockContentType(content_type);
928 break;
929 }
930 }
931 }
932 placeholder->SetStatus(status);
933 return placeholder->plugin();
934 }
935
936 // For NaCl content handling plugins, the NaCl manifest is stored in an
937 // additonal 'nacl' param associated with the MIME type.
938 // static
939 GURL ChromeContentRendererClient::GetNaClContentHandlerURL(
940 const std::string& actual_mime_type,
941 const content::WebPluginInfo& plugin) {
942 // Look for the manifest URL among the MIME type's additonal parameters.
943 const char* kNaClPluginManifestAttribute = "nacl";
944 base::string16 nacl_attr = ASCIIToUTF16(kNaClPluginManifestAttribute);
945 for (size_t i = 0; i < plugin.mime_types.size(); ++i) {
946 if (plugin.mime_types[i].mime_type == actual_mime_type) {
947 const content::WebPluginMimeType& content_type = plugin.mime_types[i];
948 for (size_t i = 0; i < content_type.additional_param_names.size(); ++i) {
949 if (content_type.additional_param_names[i] == nacl_attr)
950 return GURL(content_type.additional_param_values[i]);
951 }
952 break;
953 }
954 }
955 return GURL();
956 }
957
958 // static
959 bool ChromeContentRendererClient::IsNaClAllowed(
960 const GURL& manifest_url,
961 const GURL& app_url,
962 bool is_nacl_unrestricted,
963 const Extension* extension,
964 WebPluginParams* params) {
965 // Temporarily allow these whitelisted apps and WebUIs to use NaCl.
966 std::string app_url_host = app_url.host();
967 std::string manifest_url_path = manifest_url.path();
968
969 bool is_whitelisted_web_ui =
970 app_url.spec() == chrome::kChromeUIAppListStartPageURL;
971
972 bool is_photo_app =
973 // Whitelisted apps must be served over https.
974 app_url.SchemeIs("https") &&
975 manifest_url.SchemeIs("https") &&
976 (EndsWith(app_url_host, "plus.google.com", false) ||
977 EndsWith(app_url_host, "plus.sandbox.google.com", false)) &&
978 manifest_url.DomainIs("ssl.gstatic.com") &&
979 (manifest_url_path.find("s2/oz/nacl/") == 1 ||
980 manifest_url_path.find("photos/nacl/") == 1);
981
982 std::string manifest_fs_host;
983 if (manifest_url.SchemeIsFileSystem() && manifest_url.inner_url()) {
984 manifest_fs_host = manifest_url.inner_url()->host();
985 }
986 bool is_hangouts_app =
987 // Whitelisted apps must be served over secure scheme.
988 app_url.SchemeIs("https") &&
989 manifest_url.SchemeIsSecure() &&
990 manifest_url.SchemeIsFileSystem() &&
991 (EndsWith(app_url_host, "talkgadget.google.com", false) ||
992 EndsWith(app_url_host, "plus.google.com", false) ||
993 EndsWith(app_url_host, "plus.sandbox.google.com", false)) &&
994 // The manifest must be loaded from the host's FileSystem.
995 (manifest_fs_host == app_url_host);
996
997 bool is_whitelisted_app = is_photo_app || is_hangouts_app;
998
999 bool is_extension_from_webstore = extension &&
1000 extension->from_webstore();
1001
1002 bool is_invoked_by_hosted_app = extension &&
1003 extension->is_hosted_app() &&
1004 extension->web_extent().MatchesURL(app_url);
1005
1006 // Allow built-in extensions and extensions under development.
1007 bool is_extension_unrestricted = extension &&
1008 (extension->location() == extensions::Manifest::COMPONENT ||
1009 extensions::Manifest::IsUnpackedLocation(extension->location()));
1010
1011 bool is_invoked_by_extension = app_url.SchemeIs("chrome-extension");
1012
1013 // The NaCl PDF viewer is always allowed and can use 'Dev' interfaces.
1014 bool is_nacl_pdf_viewer =
1015 (is_extension_from_webstore &&
1016 manifest_url.SchemeIs("chrome-extension") &&
1017 manifest_url.host() == "acadkphlmlegjaadjagenfimbpphcgnh");
1018
1019 // Allow Chrome Web Store extensions, built-in extensions and extensions
1020 // under development if the invocation comes from a URL with an extension
1021 // scheme. Also allow invocations if they are from whitelisted URLs or
1022 // if --enable-nacl is set.
1023 bool is_nacl_allowed = is_nacl_unrestricted ||
1024 is_whitelisted_web_ui ||
1025 is_whitelisted_app ||
1026 is_nacl_pdf_viewer ||
1027 is_invoked_by_hosted_app ||
1028 (is_invoked_by_extension &&
1029 (is_extension_from_webstore ||
1030 is_extension_unrestricted));
1031 if (is_nacl_allowed) {
1032 bool app_can_use_dev_interfaces = is_nacl_pdf_viewer;
1033 // Make sure that PPAPI 'dev' interfaces aren't available for production
1034 // apps unless they're whitelisted.
1035 WebString dev_attribute = WebString::fromUTF8("@dev");
1036 if ((!is_whitelisted_app && !is_extension_from_webstore) ||
1037 app_can_use_dev_interfaces) {
1038 // Add the special '@dev' attribute.
1039 std::vector<base::string16> param_names;
1040 std::vector<base::string16> param_values;
1041 param_names.push_back(dev_attribute);
1042 param_values.push_back(WebString());
1043 AppendParams(
1044 param_names,
1045 param_values,
1046 &params->attributeNames,
1047 &params->attributeValues);
1048 } else {
1049 // If the params somehow contain '@dev', remove it.
1050 size_t attribute_count = params->attributeNames.size();
1051 for (size_t i = 0; i < attribute_count; ++i) {
1052 if (params->attributeNames[i].equals(dev_attribute))
1053 params->attributeNames[i] = WebString();
1054 }
1055 }
1056 }
1057 return is_nacl_allowed;
1058 }
1059
1060 bool ChromeContentRendererClient::HasErrorPage(int http_status_code,
1061 std::string* error_domain) {
1062 // Use an internal error page, if we have one for the status code.
1063 if (!LocalizedError::HasStrings(LocalizedError::kHttpErrorDomain,
1064 http_status_code)) {
1065 return false;
1066 }
1067
1068 *error_domain = LocalizedError::kHttpErrorDomain;
1069 return true;
1070 }
1071
1072 bool ChromeContentRendererClient::ShouldSuppressErrorPage(
1073 content::RenderFrame* render_frame,
1074 const GURL& url) {
1075 // Unit tests for ChromeContentRendererClient pass a NULL RenderFrame here.
1076 // Unfortunately it's very difficult to construct a mock RenderView, so skip
1077 // this functionality in this case.
1078 if (render_frame) {
1079 content::RenderView* render_view = render_frame->GetRenderView();
1080 content::RenderFrame* main_render_frame = render_view->GetMainRenderFrame();
1081 blink::WebFrame* web_frame = render_frame->GetWebFrame();
1082 NetErrorHelper* net_error_helper = NetErrorHelper::Get(main_render_frame);
1083 if (net_error_helper->ShouldSuppressErrorPage(web_frame, url))
1084 return true;
1085 }
1086 // Do not flash an error page if the Instant new tab page fails to load.
1087 return search_bouncer_.get() && search_bouncer_->IsNewTabPage(url);
1088 }
1089
1090 void ChromeContentRendererClient::GetNavigationErrorStrings(
1091 content::RenderView* render_view,
1092 blink::WebFrame* frame,
1093 const blink::WebURLRequest& failed_request,
1094 const blink::WebURLError& error,
1095 std::string* error_html,
1096 base::string16* error_description) {
1097 const GURL failed_url = error.unreachableURL;
1098 const Extension* extension = NULL;
1099
1100 #if defined(ENABLE_EXTENSIONS)
1101 if (failed_url.is_valid() &&
1102 !failed_url.SchemeIs(extensions::kExtensionScheme)) {
1103 extension = extension_dispatcher_->extensions()->GetExtensionOrAppByURL(
1104 failed_url);
1105 }
1106 #endif
1107
1108 bool is_post = EqualsASCII(failed_request.httpMethod(), "POST");
1109
1110 if (error_html) {
1111 bool extension_but_not_bookmark_app = false;
1112 #if defined(ENABLE_EXTENSIONS)
1113 extension_but_not_bookmark_app = extension && !extension->from_bookmark();
1114 #endif
1115 // Use a local error page.
1116 if (extension_but_not_bookmark_app) {
1117 #if defined(ENABLE_EXTENSIONS)
1118 // TODO(erikkay): Should we use a different template for different
1119 // error messages?
1120 int resource_id = IDR_ERROR_APP_HTML;
1121 const base::StringPiece template_html(
1122 ResourceBundle::GetSharedInstance().GetRawDataResource(
1123 resource_id));
1124 if (template_html.empty()) {
1125 NOTREACHED() << "unable to load template. ID: " << resource_id;
1126 } else {
1127 base::DictionaryValue error_strings;
1128 LocalizedError::GetAppErrorStrings(failed_url, extension,
1129 &error_strings);
1130 // "t" is the id of the template's root node.
1131 *error_html = webui::GetTemplatesHtml(template_html, &error_strings,
1132 "t");
1133 }
1134 #endif
1135 } else {
1136 // TODO(ellyjones): change GetNavigationErrorStrings to take a RenderFrame
1137 // instead of a RenderView, then pass that in.
1138 // This is safe for now because we only install the NetErrorHelper on the
1139 // main render frame anyway; see the TODO(ellyjones) in
1140 // RenderFrameCreated.
1141 content::RenderFrame* main_render_frame =
1142 render_view->GetMainRenderFrame();
1143 NetErrorHelper* helper = NetErrorHelper::Get(main_render_frame);
1144 helper->GetErrorHTML(frame, error, is_post, error_html);
1145 }
1146 }
1147
1148 if (error_description) {
1149 if (!extension)
1150 *error_description = LocalizedError::GetErrorDetails(error, is_post);
1151 }
1152 }
1153
1154 bool ChromeContentRendererClient::RunIdleHandlerWhenWidgetsHidden() {
1155 #if defined(ENABLE_EXTENSIONS)
1156 return !extension_dispatcher_->is_extension_process();
1157 #else
1158 return true;
1159 #endif
1160 }
1161
1162 bool ChromeContentRendererClient::AllowPopup() {
1163 #if defined(ENABLE_EXTENSIONS)
1164 extensions::ScriptContext* current_context =
1165 extension_dispatcher_->script_context_set().GetCurrent();
1166 if (!current_context || !current_context->extension())
1167 return false;
1168 // See http://crbug.com/117446 for the subtlety of this check.
1169 switch (current_context->context_type()) {
1170 case extensions::Feature::UNSPECIFIED_CONTEXT:
1171 case extensions::Feature::WEB_PAGE_CONTEXT:
1172 case extensions::Feature::UNBLESSED_EXTENSION_CONTEXT:
1173 case extensions::Feature::WEBUI_CONTEXT:
1174 return false;
1175 case extensions::Feature::BLESSED_EXTENSION_CONTEXT:
1176 case extensions::Feature::CONTENT_SCRIPT_CONTEXT:
1177 return true;
1178 case extensions::Feature::BLESSED_WEB_PAGE_CONTEXT:
1179 return !current_context->web_frame()->parent();
1180 }
1181 NOTREACHED();
1182 #endif
1183 return false;
1184 }
1185
1186 bool ChromeContentRendererClient::ShouldFork(WebFrame* frame,
1187 const GURL& url,
1188 const std::string& http_method,
1189 bool is_initial_navigation,
1190 bool is_server_redirect,
1191 bool* send_referrer) {
1192 DCHECK(!frame->parent());
1193
1194 // If this is the Instant process, fork all navigations originating from the
1195 // renderer. The destination page will then be bucketed back to this Instant
1196 // process if it is an Instant url, or to another process if not. Conversely,
1197 // fork if this is a non-Instant process navigating to an Instant url, so that
1198 // such navigations can also be bucketed into an Instant renderer.
1199 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kInstantProcess) ||
1200 (search_bouncer_.get() && search_bouncer_->ShouldFork(url))) {
1201 *send_referrer = true;
1202 return true;
1203 }
1204
1205 // For now, we skip the rest for POST submissions. This is because
1206 // http://crbug.com/101395 is more likely to cause compatibility issues
1207 // with hosted apps and extensions than WebUI pages. We will remove this
1208 // check when cross-process POST submissions are supported.
1209 if (http_method != "GET")
1210 return false;
1211
1212 // If this is the Signin process, fork all navigations originating from the
1213 // renderer. The destination page will then be bucketed back to this Signin
1214 // process if it is a Signin url, or to another process if not.
1215 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kSigninProcess)) {
1216 // We never want to allow non-signin pages to fork-on-POST to a
1217 // signin-related action URL. We'll need to handle this carefully once
1218 // http://crbug.com/101395 is fixed. The CHECK ensures we don't forget.
1219 CHECK_NE(http_method, "POST");
1220 return true;
1221 }
1222
1223 // If |url| matches one of the prerendered URLs, stop this navigation and try
1224 // to swap in the prerendered page on the browser process. If the prerendered
1225 // page no longer exists by the time the OpenURL IPC is handled, a normal
1226 // navigation is attempted.
1227 if (prerender_dispatcher_.get() &&
1228 prerender_dispatcher_->IsPrerenderURL(url)) {
1229 *send_referrer = true;
1230 return true;
1231 }
1232
1233 #if defined(ENABLE_EXTENSIONS)
1234 const extensions::ExtensionSet* extensions =
1235 extension_dispatcher_->extensions();
1236
1237 // Determine if the new URL is an extension (excluding bookmark apps).
1238 const Extension* new_url_extension = extensions::GetNonBookmarkAppExtension(
1239 *extensions, url);
1240 bool is_extension_url = !!new_url_extension;
1241
1242 // If the navigation would cross an app extent boundary, we also need
1243 // to defer to the browser to ensure process isolation. This is not necessary
1244 // for server redirects, which will be transferred to a new process by the
1245 // browser process when they are ready to commit. It is necessary for client
1246 // redirects, which won't be transferred in the same way.
1247 if (!is_server_redirect &&
1248 CrossesExtensionExtents(frame, url, *extensions, is_extension_url,
1249 is_initial_navigation)) {
1250 // Include the referrer in this case since we're going from a hosted web
1251 // page. (the packaged case is handled previously by the extension
1252 // navigation test)
1253 *send_referrer = true;
1254
1255 const Extension* extension =
1256 extension_dispatcher_->extensions()->GetExtensionOrAppByURL(url);
1257 if (extension && extension->is_app()) {
1258 UMA_HISTOGRAM_ENUMERATION(
1259 extension->is_platform_app() ?
1260 extension_misc::kPlatformAppLaunchHistogram :
1261 extension_misc::kAppLaunchHistogram,
1262 extension_misc::APP_LAUNCH_CONTENT_NAVIGATION,
1263 extension_misc::APP_LAUNCH_BUCKET_BOUNDARY);
1264 }
1265 return true;
1266 }
1267
1268 // If this is a reload, check whether it has the wrong process type. We
1269 // should send it to the browser if it's an extension URL (e.g., hosted app)
1270 // in a normal process, or if it's a process for an extension that has been
1271 // uninstalled.
1272 if (frame->top()->document().url() == url) {
1273 if (is_extension_url != extension_dispatcher_->is_extension_process())
1274 return true;
1275 }
1276 #endif // defined(ENABLE_EXTENSIONS)
1277
1278 return false;
1279 }
1280
1281 bool ChromeContentRendererClient::WillSendRequest(
1282 blink::WebFrame* frame,
1283 ui::PageTransition transition_type,
1284 const GURL& url,
1285 const GURL& first_party_for_cookies,
1286 GURL* new_url) {
1287 // Check whether the request should be allowed. If not allowed, we reset the
1288 // URL to something invalid to prevent the request and cause an error.
1289 #if defined(ENABLE_EXTENSIONS)
1290 if (url.SchemeIs(extensions::kExtensionScheme) &&
1291 !extensions::ResourceRequestPolicy::CanRequestResource(
1292 url,
1293 frame,
1294 transition_type,
1295 extension_dispatcher_->extensions())) {
1296 *new_url = GURL(chrome::kExtensionInvalidRequestURL);
1297 return true;
1298 }
1299
1300 if (url.SchemeIs(extensions::kExtensionResourceScheme) &&
1301 !extensions::ResourceRequestPolicy::CanRequestExtensionResourceScheme(
1302 url,
1303 frame)) {
1304 *new_url = GURL(chrome::kExtensionResourceInvalidRequestURL);
1305 return true;
1306 }
1307 #endif
1308
1309 const content::RenderView* render_view =
1310 content::RenderView::FromWebView(frame->view());
1311 SearchBox* search_box = SearchBox::Get(render_view);
1312 if (search_box && url.SchemeIs(chrome::kChromeSearchScheme)) {
1313 if (url.host() == chrome::kChromeUIThumbnailHost)
1314 return search_box->GenerateThumbnailURLFromTransientURL(url, new_url);
1315 else if (url.host() == chrome::kChromeUIFaviconHost)
1316 return search_box->GenerateFaviconURLFromTransientURL(url, new_url);
1317 }
1318
1319 return false;
1320 }
1321
1322 void ChromeContentRendererClient::DidCreateScriptContext(
1323 WebFrame* frame, v8::Handle<v8::Context> context, int extension_group,
1324 int world_id) {
1325 #if defined(ENABLE_EXTENSIONS)
1326 extension_dispatcher_->DidCreateScriptContext(
1327 frame, context, extension_group, world_id);
1328 #endif
1329 }
1330
1331 unsigned long long ChromeContentRendererClient::VisitedLinkHash(
1332 const char* canonical_url, size_t length) {
1333 return visited_link_slave_->ComputeURLFingerprint(canonical_url, length);
1334 }
1335
1336 bool ChromeContentRendererClient::IsLinkVisited(unsigned long long link_hash) {
1337 return visited_link_slave_->IsVisited(link_hash);
1338 }
1339
1340 blink::WebPrescientNetworking*
1341 ChromeContentRendererClient::GetPrescientNetworking() {
1342 return prescient_networking_dispatcher_.get();
1343 }
1344
1345 bool ChromeContentRendererClient::ShouldOverridePageVisibilityState(
1346 const content::RenderFrame* render_frame,
1347 blink::WebPageVisibilityState* override_state) {
1348 if (!prerender::PrerenderHelper::IsPrerendering(render_frame))
1349 return false;
1350
1351 *override_state = blink::WebPageVisibilityStatePrerender;
1352 return true;
1353 }
1354
1355 #if defined(ENABLE_EXTENSIONS)
1356 void ChromeContentRendererClient::SetExtensionDispatcherForTest(
1357 extensions::Dispatcher* extension_dispatcher) {
1358 extension_dispatcher_.reset(extension_dispatcher);
1359 permissions_policy_delegate_.reset(
1360 new extensions::RendererPermissionsPolicyDelegate(
1361 extension_dispatcher_.get()));
1362 }
1363
1364 extensions::Dispatcher*
1365 ChromeContentRendererClient::GetExtensionDispatcherForTest() {
1366 return extension_dispatcher_.get();
1367 }
1368
1369 bool ChromeContentRendererClient::CrossesExtensionExtents(
1370 WebFrame* frame,
1371 const GURL& new_url,
1372 const extensions::ExtensionSet& extensions,
1373 bool is_extension_url,
1374 bool is_initial_navigation) {
1375 GURL old_url(frame->top()->document().url());
1376
1377 // If old_url is still empty and this is an initial navigation, then this is
1378 // a window.open operation. We should look at the opener URL.
1379 if (is_initial_navigation && old_url.is_empty() && frame->opener()) {
1380 // If we're about to open a normal web page from a same-origin opener stuck
1381 // in an extension process, we want to keep it in process to allow the
1382 // opener to script it.
1383 WebDocument opener_document = frame->opener()->document();
1384 WebSecurityOrigin opener = frame->opener()->document().securityOrigin();
1385 bool opener_is_extension_url =
1386 !opener.isUnique() && extensions.GetExtensionOrAppByURL(
1387 opener_document.url()) != NULL;
1388 if (!is_extension_url &&
1389 !opener_is_extension_url &&
1390 extension_dispatcher_->is_extension_process() &&
1391 opener.canRequest(WebURL(new_url)))
1392 return false;
1393
1394 // In all other cases, we want to compare against the top frame's URL (as
1395 // opposed to the opener frame's), since that's what determines the type of
1396 // process. This allows iframes outside an app to open a popup in the app.
1397 old_url = frame->top()->opener()->top()->document().url();
1398 }
1399
1400 // Only consider keeping non-app URLs in an app process if this window
1401 // has an opener (in which case it might be an OAuth popup that tries to
1402 // script an iframe within the app).
1403 bool should_consider_workaround = !!frame->opener();
1404
1405 return extensions::CrossesExtensionProcessBoundary(
1406 extensions, old_url, new_url, should_consider_workaround);
1407 }
1408 #endif // defined(ENABLE_EXTENSIONS)
1409
1410 #if defined(ENABLE_SPELLCHECK)
1411 void ChromeContentRendererClient::SetSpellcheck(SpellCheck* spellcheck) {
1412 RenderThread* thread = RenderThread::Get();
1413 if (spellcheck_.get() && thread)
1414 thread->RemoveObserver(spellcheck_.get());
1415 spellcheck_.reset(spellcheck);
1416 SpellCheckReplacer replacer(spellcheck_.get());
1417 content::RenderView::ForEach(&replacer);
1418 if (thread)
1419 thread->AddObserver(spellcheck_.get());
1420 }
1421 #endif
1422
1423 // static
1424 bool ChromeContentRendererClient::WasWebRequestUsedBySomeExtensions() {
1425 #if defined(ENABLE_EXTENSIONS)
1426 return g_current_client->extension_dispatcher_
1427 ->WasWebRequestUsedBySomeExtensions();
1428 #else
1429 return false;
1430 #endif
1431 }
1432
1433 const void* ChromeContentRendererClient::CreatePPAPIInterface(
1434 const std::string& interface_name) {
1435 #if defined(ENABLE_PLUGINS)
1436 #if !defined(DISABLE_NACL)
1437 if (interface_name == PPB_NACL_PRIVATE_INTERFACE)
1438 return nacl::GetNaClPrivateInterface();
1439 #endif // DISABLE_NACL
1440 if (interface_name == PPB_PDF_INTERFACE)
1441 return pdf::PPB_PDF_Impl::GetInterface();
1442 #endif
1443 return NULL;
1444 }
1445
1446 bool ChromeContentRendererClient::IsExternalPepperPlugin(
1447 const std::string& module_name) {
1448 // TODO(bbudge) remove this when the trusted NaCl plugin has been removed.
1449 // We must defer certain plugin events for NaCl instances since we switch
1450 // from the in-process to the out-of-process proxy after instantiating them.
1451 return module_name == "Native Client";
1452 }
1453
1454 #if defined(ENABLE_PLUGINS) && defined(ENABLE_EXTENSIONS)
1455 bool ChromeContentRendererClient::IsExtensionOrSharedModuleWhitelisted(
1456 const GURL& url, const std::set<std::string>& whitelist) {
1457 const extensions::ExtensionSet* extension_set =
1458 g_current_client->extension_dispatcher_->extensions();
1459 return chrome::IsExtensionOrSharedModuleWhitelisted(url, extension_set,
1460 whitelist);
1461 }
1462 #endif
1463
1464 blink::WebSpeechSynthesizer*
1465 ChromeContentRendererClient::OverrideSpeechSynthesizer(
1466 blink::WebSpeechSynthesizerClient* client) {
1467 return new TtsDispatcher(client);
1468 }
1469
1470 bool ChromeContentRendererClient::AllowPepperMediaStreamAPI(
1471 const GURL& url) {
1472 #if !defined(OS_ANDROID)
1473 // Allow only the Hangouts app to use the MediaStream APIs. It's OK to check
1474 // the whitelist in the renderer, since we're only preventing access until
1475 // these APIs are public and stable.
1476 std::string url_host = url.host();
1477 if (url.SchemeIs("https") &&
1478 (EndsWith(url_host, "talkgadget.google.com", false) ||
1479 EndsWith(url_host, "plus.google.com", false) ||
1480 EndsWith(url_host, "plus.sandbox.google.com", false)) &&
1481 StartsWithASCII(url.path(), "/hangouts/", false)) {
1482 return true;
1483 }
1484 // Allow access for tests.
1485 if (CommandLine::ForCurrentProcess()->HasSwitch(
1486 switches::kEnablePepperTesting)) {
1487 return true;
1488 }
1489 #endif // !defined(OS_ANDROID)
1490 return false;
1491 }
1492
1493 void ChromeContentRendererClient::AddKeySystems(
1494 std::vector<content::KeySystemInfo>* key_systems) {
1495 AddChromeKeySystems(key_systems);
1496 }
1497
1498 bool ChromeContentRendererClient::ShouldReportDetailedMessageForSource(
1499 const base::string16& source) const {
1500 return extensions::IsSourceFromAnExtension(source);
1501 }
1502
1503 bool ChromeContentRendererClient::ShouldEnableSiteIsolationPolicy() const {
1504 // SiteIsolationPolicy is off by default. We would like to activate cross-site
1505 // document blocking (for UMA data collection) for normal renderer processes
1506 // running a normal web page from the Internet. We only turn on
1507 // SiteIsolationPolicy for a renderer process that does not have the extension
1508 // flag on.
1509 CommandLine* command_line = CommandLine::ForCurrentProcess();
1510 return !command_line->HasSwitch(extensions::switches::kExtensionProcess);
1511 }
1512
1513 blink::WebWorkerPermissionClientProxy*
1514 ChromeContentRendererClient::CreateWorkerPermissionClientProxy(
1515 content::RenderFrame* render_frame,
1516 blink::WebFrame* frame) {
1517 return new WorkerPermissionClientProxy(render_frame, frame);
1518 }
1519
1520 bool ChromeContentRendererClient::IsPluginAllowedToUseDevChannelAPIs() {
1521 #if defined(ENABLE_PLUGINS)
1522 // Allow access for tests.
1523 if (CommandLine::ForCurrentProcess()->HasSwitch(
1524 switches::kEnablePepperTesting)) {
1525 return true;
1526 }
1527
1528 chrome::VersionInfo::Channel channel = chrome::VersionInfo::GetChannel();
1529 // Allow dev channel APIs to be used on "Canary", "Dev", and "Unknown"
1530 // releases of Chrome. Permitting "Unknown" allows these APIs to be used on
1531 // Chromium builds as well.
1532 return channel <= chrome::VersionInfo::CHANNEL_DEV;
1533 #else
1534 return false;
1535 #endif
1536 }
1537
1538 bool ChromeContentRendererClient::IsPluginAllowedToUseCompositorAPI(
1539 const GURL& url) {
1540 #if defined(ENABLE_PLUGINS) && defined(ENABLE_EXTENSIONS)
1541 if (CommandLine::ForCurrentProcess()->HasSwitch(
1542 switches::kEnablePepperTesting))
1543 return true;
1544 if (IsExtensionOrSharedModuleWhitelisted(url, allowed_compositor_origins_))
1545 return true;
1546
1547 chrome::VersionInfo::Channel channel = chrome::VersionInfo::GetChannel();
1548 return channel <= chrome::VersionInfo::CHANNEL_DEV;
1549 #else
1550 return false;
1551 #endif
1552 }
1553
1554 bool ChromeContentRendererClient::IsPluginAllowedToUseVideoDecodeAPI(
1555 const GURL& url) {
1556 #if defined(ENABLE_PLUGINS) && defined(ENABLE_EXTENSIONS)
1557 if (CommandLine::ForCurrentProcess()->HasSwitch(
1558 switches::kEnablePepperTesting))
1559 return true;
1560
1561 if (IsExtensionOrSharedModuleWhitelisted(url, allowed_video_decode_origins_))
1562 return true;
1563
1564 chrome::VersionInfo::Channel channel = chrome::VersionInfo::GetChannel();
1565 return channel <= chrome::VersionInfo::CHANNEL_DEV;
1566 #else
1567 return false;
1568 #endif
1569 }
1570
1571 content::BrowserPluginDelegate*
1572 ChromeContentRendererClient::CreateBrowserPluginDelegate(
1573 content::RenderFrame* render_frame,
1574 const std::string& mime_type) {
1575 #if defined(ENABLE_EXTENSIONS)
1576 return new extensions::GuestViewContainer(render_frame, mime_type);
1577 #else
1578 return NULL;
1579 #endif
1580 }