From 1864d422d4a32f994ca2734b7df815dc75e3614a Mon Sep 17 00:00:00 2001 From: "jiayl@chromium.org" Date: Mon, 16 Dec 2013 13:06:00 +0000 Subject: [PATCH] Include plus.google.com and plus.sandbox.google.com in the NaCl whitelist. We need these hosts whitelisted to make Hangouts work properly. See the comments in the original CL that extended the whitelist: https://chromiumcodereview.appspot.com/23466009#msg9 Also extend the manifest list to filesystem:https://... so we can load a cached plugin. NOTRY=true BUG= Review URL: https://codereview.chromium.org/99203009 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@240870 0039d316-1c4b-4281-b951-d872f2087c98 --- chrome/renderer/chrome_content_renderer_client.cc | 43 +++++++++++++++------- .../chrome_content_renderer_client_unittest.cc | 27 ++++++++++---- 2 files changed, 49 insertions(+), 21 deletions(-) diff --git a/chrome/renderer/chrome_content_renderer_client.cc b/chrome/renderer/chrome_content_renderer_client.cc index 74272ed8e4d5..0e5ef18e6f10 100644 --- a/chrome/renderer/chrome_content_renderer_client.cc +++ b/chrome/renderer/chrome_content_renderer_client.cc @@ -816,23 +816,36 @@ bool ChromeContentRendererClient::IsNaClAllowed( // Temporarily allow these whitelisted apps and WebUIs to use NaCl. std::string app_url_host = app_url.host(); std::string manifest_url_path = manifest_url.path(); + bool is_whitelisted_web_ui = app_url.spec() == chrome::kChromeUIAppListStartPageURL; - bool is_whitelisted_app = + + bool is_photo_app = // Whitelisted apps must be served over https. app_url.SchemeIs("https") && manifest_url.SchemeIs("https") && - // Photos app. - (((EndsWith(app_url_host, "plus.google.com", false) || - EndsWith(app_url_host, "plus.sandbox.google.com", false)) && - manifest_url.DomainIs("ssl.gstatic.com") && + (EndsWith(app_url_host, "plus.google.com", false) || + EndsWith(app_url_host, "plus.sandbox.google.com", false)) && + manifest_url.DomainIs("ssl.gstatic.com") && (manifest_url_path.find("s2/oz/nacl/") == 1 || - manifest_url_path.find("photos/nacl/") == 1)) || - // Chat app. - ((EndsWith(app_url_host, "talk.google.com", false) || - EndsWith(app_url_host, "talkgadget.google.com", false)) && - manifest_url.DomainIs("ssl.gstatic.com") && - manifest_url_path.find("chat/apps/fx") == 1)); + manifest_url_path.find("photos/nacl/") == 1); + + std::string manifest_fs_host; + if (manifest_url.SchemeIsFileSystem() && manifest_url.inner_url()) { + manifest_fs_host = manifest_url.inner_url()->host(); + } + bool is_hangouts_app = + // Whitelisted apps must be served over secure scheme. + app_url.SchemeIs("https") && + manifest_url.SchemeIsSecure() && + manifest_url.SchemeIsFileSystem() && + (EndsWith(app_url_host, "talkgadget.google.com", false) || + EndsWith(app_url_host, "plus.google.com", false) || + EndsWith(app_url_host, "plus.sandbox.google.com", false)) && + // The manifest must be loaded from the host's FileSystem. + (manifest_fs_host == app_url_host); + + bool is_whitelisted_app = is_photo_app || is_hangouts_app; bool is_extension_from_webstore = extension && extension->from_webstore(); @@ -1335,13 +1348,15 @@ bool ChromeContentRendererClient::AllowBrowserPlugin( bool ChromeContentRendererClient::AllowPepperMediaStreamAPI( const GURL& url) { #if !defined(OS_ANDROID) - // Allow only the Chat app to use the MediaStream APIs. It's OK to check + // Allow only the Hangouts app to use the MediaStream APIs. It's OK to check // the whitelist in the renderer, since we're only preventing access until // these APIs are public and stable. std::string url_host = url.host(); if (url.SchemeIs("https") && - (EndsWith(url_host, "talk.google.com", false) || - EndsWith(url_host, "talkgadget.google.com", false))) { + (EndsWith(url_host, "talkgadget.google.com", false) || + EndsWith(url_host, "plus.google.com", false) || + EndsWith(url_host, "plus.sandbox.google.com", false)) && + StartsWithASCII(url.path(), "/hangouts/", false)) { return true; } // Allow access for tests. diff --git a/chrome/renderer/chrome_content_renderer_client_unittest.cc b/chrome/renderer/chrome_content_renderer_client_unittest.cc index a2fcbc19555e..e2b70d296e47 100644 --- a/chrome/renderer/chrome_content_renderer_client_unittest.cc +++ b/chrome/renderer/chrome_content_renderer_client_unittest.cc @@ -41,9 +41,14 @@ const char kPhotosAppURL2[] = "https://foo.plus.sandbox.google.com"; const char kPhotosManifestURL1[] = "https://ssl.gstatic.com/s2/oz/nacl/foo"; const char kPhotosManifestURL2[] = "https://ssl.gstatic.com/photos/nacl/foo"; -const char kChatAppURL1[] = "https://foo.talkgadget.google.com"; -const char kChatAppURL2[] = "https://foo.talk.google.com"; -const char kChatManifestURL[] = "https://ssl.gstatic.com/chat/apps/fx"; +const char kChatAppURL1[] = "https://foo.talkgadget.google.com/hangouts/foo"; +const char kChatAppURL2[] = "https://foo.plus.google.com/hangouts/foo"; +const char kChatAppURL3[] = "https://foo.plus.sandbox.google.com/hangouts/foo"; +const char kChatManifestFS1[] = + "filesystem:https://foo.talkgadget.google.com/foo"; +const char kChatManifestFS2[] = "filesystem:https://foo.plus.google.com/foo"; +const char kChatManifestFS3[] = + "filesystem:https://foo.plus.sandbox.google.com/foo"; bool AllowsDevInterfaces(const WebPluginParams& params) { for (size_t i = 0; i < params.attributeNames.size(); ++i) { @@ -237,17 +242,23 @@ TEST_F(ChromeContentRendererClientTest, NaClRestriction) { EXPECT_FALSE(AllowsDevInterfaces(params)); // Whitelisted Chat app is allowed. EXPECT_TRUE(ChromeContentRendererClient::IsNaClAllowed( - GURL(kChatManifestURL), + GURL(kChatManifestFS1), GURL(kChatAppURL1), kNaClRestricted, CreateExtension(kExtensionRestricted, kExtensionNotFromWebStore).get(), ¶ms)); EXPECT_TRUE(ChromeContentRendererClient::IsNaClAllowed( - GURL(kChatManifestURL), + GURL(kChatManifestFS2), GURL(kChatAppURL2), kNaClRestricted, CreateExtension(kExtensionRestricted, kExtensionNotFromWebStore).get(), ¶ms)); + EXPECT_TRUE(ChromeContentRendererClient::IsNaClAllowed( + GURL(kChatManifestFS3), + GURL(kChatAppURL3), + kNaClRestricted, + CreateExtension(kExtensionRestricted, kExtensionNotFromWebStore).get(), + ¶ms)); // Whitelisted manifest URL, bad app URLs, NOT allowed. EXPECT_FALSE(ChromeContentRendererClient::IsNaClAllowed( @@ -368,14 +379,16 @@ TEST_F(ChromeContentRendererClientTest, AllowPepperMediaStreamAPI) { #if !defined(OS_ANDROID) EXPECT_TRUE(test.AllowPepperMediaStreamAPI(GURL(kChatAppURL1))); EXPECT_TRUE(test.AllowPepperMediaStreamAPI(GURL(kChatAppURL2))); + EXPECT_TRUE(test.AllowPepperMediaStreamAPI(GURL(kChatAppURL3))); #else EXPECT_FALSE(test.AllowPepperMediaStreamAPI(GURL(kChatAppURL1))); EXPECT_FALSE(test.AllowPepperMediaStreamAPI(GURL(kChatAppURL2))); + EXPECT_FALSE(test.AllowPepperMediaStreamAPI(GURL(kChatAppURL3))); #endif EXPECT_FALSE(test.AllowPepperMediaStreamAPI( - GURL("http://talkgadget.google.com"))); + GURL("http://talkgadget.google.com/hangouts/foo"))); EXPECT_FALSE(test.AllowPepperMediaStreamAPI( - GURL("https://talkgadget.evil.com"))); + GURL("https://talkgadget.evil.com/hangouts/foo"))); } TEST_F(ChromeContentRendererClientTest, ShouldSuppressErrorPage) { -- 2.11.4.GIT