Home | History | Annotate | Download | only in plugins
      1 /*
      2  * Copyright (C) 2006, 2007, 2008, 2009, 2010 Apple Inc. All rights reserved.
      3  * Copyright (C) 2008 Collabora Ltd. All rights reserved.
      4  * Copyright (C) 2010 Girish Ramakrishnan <girish (at) forwardbias.in>
      5  *
      6  * Redistribution and use in source and binary forms, with or without
      7  * modification, are permitted provided that the following conditions
      8  * are met:
      9  * 1. Redistributions of source code must retain the above copyright
     10  *    notice, this list of conditions and the following disclaimer.
     11  * 2. Redistributions in binary form must reproduce the above copyright
     12  *    notice, this list of conditions and the following disclaimer in the
     13  *    documentation and/or other materials provided with the distribution.
     14  *
     15  * THIS SOFTWARE IS PROVIDED BY APPLE COMPUTER, INC. ``AS IS'' AND ANY
     16  * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
     17  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
     18  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE COMPUTER, INC. OR
     19  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
     20  * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
     21  * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
     22  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
     23  * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     24  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     25  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
     26  */
     27 
     28 #include "config.h"
     29 #include "PluginView.h"
     30 
     31 #if USE(JSC)
     32 #include "BridgeJSC.h"
     33 #endif
     34 #include "Chrome.h"
     35 #include "CookieJar.h"
     36 #include "Document.h"
     37 #include "DocumentLoader.h"
     38 #include "Element.h"
     39 #include "FocusController.h"
     40 #include "Frame.h"
     41 #include "FrameLoader.h"
     42 #include "FrameLoaderClient.h"
     43 #include "FrameTree.h"
     44 #include "FrameView.h"
     45 #include "GraphicsContext.h"
     46 #include "HTMLNames.h"
     47 #include "HTMLPlugInElement.h"
     48 #include "Image.h"
     49 #include "KeyboardEvent.h"
     50 #include "MIMETypeRegistry.h"
     51 #include "MouseEvent.h"
     52 #include "NotImplemented.h"
     53 #include "Page.h"
     54 #include "PlatformMouseEvent.h"
     55 #include "PluginDatabase.h"
     56 #include "PluginDebug.h"
     57 #include "PluginMainThreadScheduler.h"
     58 #include "PluginPackage.h"
     59 #include "ProxyServer.h"
     60 #include "RenderBox.h"
     61 #include "RenderObject.h"
     62 #include "ScriptController.h"
     63 #include "ScriptValue.h"
     64 #include "SecurityOrigin.h"
     65 #include "Settings.h"
     66 #include "npruntime_impl.h"
     67 #include <wtf/ASCIICType.h>
     68 
     69 #if OS(WINDOWS) && ENABLE(NETSCAPE_PLUGIN_API)
     70 #include "PluginMessageThrottlerWin.h"
     71 #endif
     72 
     73 #if defined(ANDROID_PLUGINS)
     74 #include "TouchEvent.h"
     75 #endif
     76 
     77 #if USE(JSC)
     78 #include "JSDOMBinding.h"
     79 #include "JSDOMWindow.h"
     80 #include "c_instance.h"
     81 #include "runtime_root.h"
     82 #include <runtime/JSLock.h>
     83 #include <runtime/JSValue.h>
     84 
     85 using JSC::ExecState;
     86 using JSC::JSLock;
     87 using JSC::JSObject;
     88 using JSC::JSValue;
     89 using JSC::UString;
     90 #endif
     91 
     92 #if ENABLE(NETSCAPE_PLUGIN_API)
     93 
     94 using std::min;
     95 
     96 using namespace WTF;
     97 
     98 namespace WebCore {
     99 
    100 using namespace HTMLNames;
    101 
    102 static int s_callingPlugin;
    103 
    104 typedef HashMap<NPP, PluginView*> InstanceMap;
    105 
    106 static InstanceMap& instanceMap()
    107 {
    108     static InstanceMap& map = *new InstanceMap;
    109     return map;
    110 }
    111 
    112 static String scriptStringIfJavaScriptURL(const KURL& url)
    113 {
    114     if (!protocolIsJavaScript(url))
    115         return String();
    116 
    117     // This returns an unescaped string
    118     return decodeURLEscapeSequences(url.string().substring(11));
    119 }
    120 
    121 PluginView* PluginView::s_currentPluginView = 0;
    122 
    123 void PluginView::popPopupsStateTimerFired(Timer<PluginView>*)
    124 {
    125     popPopupsEnabledState();
    126 }
    127 
    128 IntRect PluginView::windowClipRect() const
    129 {
    130     // Start by clipping to our bounds.
    131     IntRect clipRect(m_windowRect);
    132 
    133     // Take our element and get the clip rect from the enclosing layer and frame view.
    134     RenderLayer* layer = m_element->renderer()->enclosingLayer();
    135     FrameView* parentView = m_element->document()->view();
    136     clipRect.intersect(parentView->windowClipRectForLayer(layer, true));
    137 
    138     return clipRect;
    139 }
    140 
    141 void PluginView::setFrameRect(const IntRect& rect)
    142 {
    143     if (m_element->document()->printing())
    144         return;
    145 
    146     if (rect != frameRect())
    147         Widget::setFrameRect(rect);
    148 
    149     updatePluginWidget();
    150 
    151 #if OS(WINDOWS) || OS(SYMBIAN)
    152     // On Windows and Symbian, always call plugin to change geometry.
    153     setNPWindowRect(rect);
    154 #elif defined(XP_UNIX)
    155     // On Unix, multiple calls to setNPWindow() in windowed mode causes Flash to crash
    156     if (m_mode == NP_FULL || !m_isWindowed)
    157         setNPWindowRect(rect);
    158 #endif
    159 }
    160 
    161 void PluginView::frameRectsChanged()
    162 {
    163     updatePluginWidget();
    164 }
    165 
    166 void PluginView::handleEvent(Event* event)
    167 {
    168     if (!m_plugin || m_isWindowed)
    169         return;
    170 
    171     // Protect the plug-in from deletion while dispatching the event.
    172     RefPtr<PluginView> protect(this);
    173 
    174     if (event->isMouseEvent())
    175         handleMouseEvent(static_cast<MouseEvent*>(event));
    176     else if (event->isKeyboardEvent())
    177         handleKeyboardEvent(static_cast<KeyboardEvent*>(event));
    178 #if defined(ANDROID_PLUGINS)
    179 #if ENABLE(TOUCH_EVENTS)
    180     else if (event->isTouchEvent())
    181         handleTouchEvent(static_cast<TouchEvent*>(event));
    182 #endif
    183     else if (event->type() == eventNames().DOMFocusOutEvent)
    184         handleFocusEvent(false);
    185     else if (event->type() == eventNames().DOMFocusInEvent)
    186         handleFocusEvent(true);
    187 #endif
    188 #if defined(XP_UNIX) && ENABLE(NETSCAPE_PLUGIN_API)
    189     else if (event->type() == eventNames().focusoutEvent)
    190         handleFocusOutEvent();
    191     else if (event->type() == eventNames().focusinEvent)
    192         handleFocusInEvent();
    193 #endif
    194 }
    195 
    196 void PluginView::init()
    197 {
    198     if (m_haveInitialized)
    199         return;
    200 
    201     m_haveInitialized = true;
    202 
    203     if (!m_plugin) {
    204         ASSERT(m_status == PluginStatusCanNotFindPlugin);
    205         return;
    206     }
    207 
    208     LOG(Plugins, "PluginView::init(): Initializing plug-in '%s'", m_plugin->name().utf8().data());
    209 
    210     if (!m_plugin->load()) {
    211         m_plugin = 0;
    212         m_status = PluginStatusCanNotLoadPlugin;
    213         return;
    214     }
    215 
    216     if (!startOrAddToUnstartedList()) {
    217         m_status = PluginStatusCanNotLoadPlugin;
    218         return;
    219     }
    220 
    221     m_status = PluginStatusLoadedSuccessfully;
    222 }
    223 
    224 bool PluginView::startOrAddToUnstartedList()
    225 {
    226     if (!m_parentFrame->page())
    227         return false;
    228 
    229     // We only delay starting the plug-in if we're going to kick off the load
    230     // ourselves. Otherwise, the loader will try to deliver data before we've
    231     // started the plug-in.
    232     if (!m_loadManually && !m_parentFrame->page()->canStartMedia()) {
    233         m_parentFrame->document()->addMediaCanStartListener(this);
    234         m_isWaitingToStart = true;
    235         return true;
    236     }
    237 
    238     return start();
    239 }
    240 
    241 bool PluginView::start()
    242 {
    243     if (m_isStarted)
    244         return false;
    245 
    246     m_isWaitingToStart = false;
    247 
    248     PluginMainThreadScheduler::scheduler().registerPlugin(m_instance);
    249 
    250     ASSERT(m_plugin);
    251     ASSERT(m_plugin->pluginFuncs()->newp);
    252 
    253     NPError npErr;
    254     {
    255         PluginView::setCurrentPluginView(this);
    256 #if USE(JSC)
    257         JSC::JSLock::DropAllLocks dropAllLocks(JSC::SilenceAssertionsOnly);
    258 #endif
    259         setCallingPlugin(true);
    260         npErr = m_plugin->pluginFuncs()->newp((NPMIMEType)m_mimeType.utf8().data(), m_instance, m_mode, m_paramCount, m_paramNames, m_paramValues, NULL);
    261         setCallingPlugin(false);
    262         LOG_NPERROR(npErr);
    263         PluginView::setCurrentPluginView(0);
    264     }
    265 
    266     if (npErr != NPERR_NO_ERROR) {
    267         m_status = PluginStatusCanNotLoadPlugin;
    268         PluginMainThreadScheduler::scheduler().unregisterPlugin(m_instance);
    269         return false;
    270     }
    271 
    272     m_isStarted = true;
    273 
    274     if (!m_url.isEmpty() && !m_loadManually) {
    275         FrameLoadRequest frameLoadRequest(m_parentFrame->document()->securityOrigin());
    276         frameLoadRequest.resourceRequest().setHTTPMethod("GET");
    277         frameLoadRequest.resourceRequest().setURL(m_url);
    278 #ifdef ANDROID_PLUGINS
    279         if (!SecurityOrigin::shouldHideReferrer(
    280                 m_url, m_parentFrame->loader()->outgoingReferrer()))
    281           frameLoadRequest.resourceRequest().setHTTPReferrer(
    282               m_parentFrame->loader()->outgoingReferrer());
    283 #endif
    284         load(frameLoadRequest, false, 0);
    285     }
    286 
    287     m_status = PluginStatusLoadedSuccessfully;
    288 
    289     if (!platformStart())
    290         m_status = PluginStatusCanNotLoadPlugin;
    291 
    292     if (m_status != PluginStatusLoadedSuccessfully)
    293         return false;
    294 
    295     if (parentFrame()->page())
    296         parentFrame()->page()->didStartPlugin(this);
    297 
    298     return true;
    299 }
    300 
    301 void PluginView::mediaCanStart()
    302 {
    303     ASSERT(!m_isStarted);
    304     if (!start())
    305         parentFrame()->loader()->client()->dispatchDidFailToStartPlugin(this);
    306 }
    307 
    308 PluginView::~PluginView()
    309 {
    310     LOG(Plugins, "PluginView::~PluginView()");
    311 
    312     ASSERT(!m_lifeSupportTimer.isActive());
    313 
    314     // If we failed to find the plug-in, we'll return early in our constructor, and
    315     // m_instance will be 0.
    316     if (m_instance)
    317         instanceMap().remove(m_instance);
    318 
    319     if (m_isWaitingToStart)
    320         m_parentFrame->document()->removeMediaCanStartListener(this);
    321 
    322     stop();
    323 
    324     deleteAllValues(m_requests);
    325 
    326     freeStringArray(m_paramNames, m_paramCount);
    327     freeStringArray(m_paramValues, m_paramCount);
    328 
    329     platformDestroy();
    330 
    331     m_parentFrame->script()->cleanupScriptObjectsForPlugin(this);
    332 
    333 #if PLATFORM(ANDROID)
    334     // Since we have no legacy plugins to check, we ignore the quirks check.
    335     if (m_plugin)
    336 #else
    337     if (m_plugin && !(m_plugin->quirks().contains(PluginQuirkDontUnloadPlugin)))
    338 #endif
    339         m_plugin->unload();
    340 }
    341 
    342 void PluginView::stop()
    343 {
    344     if (!m_isStarted)
    345         return;
    346 
    347     if (parentFrame()->page())
    348         parentFrame()->page()->didStopPlugin(this);
    349 
    350     LOG(Plugins, "PluginView::stop(): Stopping plug-in '%s'", m_plugin->name().utf8().data());
    351 
    352     HashSet<RefPtr<PluginStream> > streams = m_streams;
    353     HashSet<RefPtr<PluginStream> >::iterator end = streams.end();
    354     for (HashSet<RefPtr<PluginStream> >::iterator it = streams.begin(); it != end; ++it) {
    355         (*it)->stop();
    356         disconnectStream((*it).get());
    357     }
    358 
    359     ASSERT(m_streams.isEmpty());
    360 
    361     m_isStarted = false;
    362 
    363 #if USE(JSC)
    364     JSC::JSLock::DropAllLocks dropAllLocks(JSC::SilenceAssertionsOnly);
    365 #endif
    366 
    367 #if ENABLE(NETSCAPE_PLUGIN_API)
    368 #if defined(XP_WIN) && !PLATFORM(GTK)
    369     // Unsubclass the window
    370     if (m_isWindowed) {
    371 #if OS(WINCE)
    372         WNDPROC currentWndProc = (WNDPROC)GetWindowLong(platformPluginWidget(), GWL_WNDPROC);
    373 
    374         if (currentWndProc == PluginViewWndProc)
    375             SetWindowLong(platformPluginWidget(), GWL_WNDPROC, (LONG)m_pluginWndProc);
    376 #else
    377         WNDPROC currentWndProc = (WNDPROC)GetWindowLongPtr(platformPluginWidget(), GWLP_WNDPROC);
    378 
    379         if (currentWndProc == PluginViewWndProc)
    380             SetWindowLongPtr(platformPluginWidget(), GWLP_WNDPROC, (LONG_PTR)m_pluginWndProc);
    381 #endif
    382     }
    383 #endif // !defined(XP_WIN) || PLATFORM(GTK)
    384 #endif // ENABLE(NETSCAPE_PLUGIN_API)
    385 
    386 #if !defined(XP_MACOSX)
    387     // Clear the window
    388     m_npWindow.window = 0;
    389 
    390     if (m_plugin->pluginFuncs()->setwindow && !m_plugin->quirks().contains(PluginQuirkDontSetNullWindowHandleOnDestroy)) {
    391         PluginView::setCurrentPluginView(this);
    392         setCallingPlugin(true);
    393         m_plugin->pluginFuncs()->setwindow(m_instance, &m_npWindow);
    394         setCallingPlugin(false);
    395         PluginView::setCurrentPluginView(0);
    396     }
    397 
    398 #ifdef XP_UNIX
    399     if (m_isWindowed && m_npWindow.ws_info)
    400            delete (NPSetWindowCallbackStruct *)m_npWindow.ws_info;
    401     m_npWindow.ws_info = 0;
    402 #endif
    403 
    404 #endif // !defined(XP_MACOSX)
    405 
    406     PluginMainThreadScheduler::scheduler().unregisterPlugin(m_instance);
    407 
    408     NPSavedData* savedData = 0;
    409     PluginView::setCurrentPluginView(this);
    410     setCallingPlugin(true);
    411     NPError npErr = m_plugin->pluginFuncs()->destroy(m_instance, &savedData);
    412     setCallingPlugin(false);
    413     LOG_NPERROR(npErr);
    414     PluginView::setCurrentPluginView(0);
    415 
    416 #if ENABLE(NETSCAPE_PLUGIN_API)
    417     if (savedData) {
    418         // TODO: Actually save this data instead of just discarding it
    419         if (savedData->buf)
    420             NPN_MemFree(savedData->buf);
    421         NPN_MemFree(savedData);
    422     }
    423 #endif
    424 
    425     m_instance->pdata = 0;
    426 }
    427 
    428 void PluginView::setCurrentPluginView(PluginView* pluginView)
    429 {
    430     s_currentPluginView = pluginView;
    431 }
    432 
    433 PluginView* PluginView::currentPluginView()
    434 {
    435     return s_currentPluginView;
    436 }
    437 
    438 static char* createUTF8String(const String& str)
    439 {
    440     CString cstr = str.utf8();
    441     char* result = reinterpret_cast<char*>(fastMalloc(cstr.length() + 1));
    442 
    443     strncpy(result, cstr.data(), cstr.length() + 1);
    444 
    445     return result;
    446 }
    447 
    448 void PluginView::performRequest(PluginRequest* request)
    449 {
    450     if (!m_isStarted)
    451         return;
    452 
    453     // don't let a plugin start any loads if it is no longer part of a document that is being
    454     // displayed unless the loads are in the same frame as the plugin.
    455     const String& targetFrameName = request->frameLoadRequest().frameName();
    456     if (m_parentFrame->loader()->documentLoader() != m_parentFrame->loader()->activeDocumentLoader() &&
    457         (targetFrameName.isNull() || m_parentFrame->tree()->find(targetFrameName) != m_parentFrame))
    458         return;
    459 
    460     KURL requestURL = request->frameLoadRequest().resourceRequest().url();
    461     String jsString = scriptStringIfJavaScriptURL(requestURL);
    462 
    463     if (jsString.isNull()) {
    464         // if this is not a targeted request, create a stream for it. otherwise,
    465         // just pass it off to the loader
    466         if (targetFrameName.isEmpty()) {
    467             RefPtr<PluginStream> stream = PluginStream::create(this, m_parentFrame.get(), request->frameLoadRequest().resourceRequest(), request->sendNotification(), request->notifyData(), plugin()->pluginFuncs(), instance(), m_plugin->quirks());
    468             m_streams.add(stream);
    469             stream->start();
    470         } else {
    471             // If the target frame is our frame, we could destroy the
    472             // PluginView, so we protect it. <rdar://problem/6991251>
    473             RefPtr<PluginView> protect(this);
    474 
    475             m_parentFrame->loader()->load(request->frameLoadRequest().resourceRequest(), targetFrameName, false);
    476 
    477             // FIXME: <rdar://problem/4807469> This should be sent when the document has finished loading
    478             if (request->sendNotification()) {
    479                 PluginView::setCurrentPluginView(this);
    480 #if USE(JSC)
    481                 JSC::JSLock::DropAllLocks dropAllLocks(JSC::SilenceAssertionsOnly);
    482 #endif
    483                 setCallingPlugin(true);
    484                 m_plugin->pluginFuncs()->urlnotify(m_instance, requestURL.string().utf8().data(), NPRES_DONE, request->notifyData());
    485                 setCallingPlugin(false);
    486                 PluginView::setCurrentPluginView(0);
    487             }
    488         }
    489         return;
    490     }
    491 
    492     // Targeted JavaScript requests are only allowed on the frame that contains the JavaScript plugin
    493     // and this has been made sure in ::load.
    494     ASSERT(targetFrameName.isEmpty() || m_parentFrame->tree()->find(targetFrameName) == m_parentFrame);
    495 
    496     // Executing a script can cause the plugin view to be destroyed, so we keep a reference to it.
    497     RefPtr<PluginView> protector(this);
    498     ScriptValue result = m_parentFrame->script()->executeScript(jsString, request->shouldAllowPopups());
    499 
    500     if (targetFrameName.isNull()) {
    501         String resultString;
    502 
    503 #if USE(JSC)
    504         ScriptState* scriptState = m_parentFrame->script()->globalObject(pluginWorld())->globalExec();
    505 #elif USE(V8)
    506         ScriptState* scriptState = 0; // Not used with V8
    507 #endif
    508         CString cstr;
    509         if (result.getString(scriptState, resultString))
    510             cstr = resultString.utf8();
    511 
    512         RefPtr<PluginStream> stream = PluginStream::create(this, m_parentFrame.get(), request->frameLoadRequest().resourceRequest(), request->sendNotification(), request->notifyData(), plugin()->pluginFuncs(), instance(), m_plugin->quirks());
    513         m_streams.add(stream);
    514         stream->sendJavaScriptStream(requestURL, cstr);
    515     }
    516 }
    517 
    518 void PluginView::requestTimerFired(Timer<PluginView>* timer)
    519 {
    520     ASSERT(timer == &m_requestTimer);
    521     ASSERT(m_requests.size() > 0);
    522     ASSERT(!m_isJavaScriptPaused);
    523 
    524     PluginRequest* request = m_requests[0];
    525     m_requests.remove(0);
    526 
    527     // Schedule a new request before calling performRequest since the call to
    528     // performRequest can cause the plugin view to be deleted.
    529     if (m_requests.size() > 0)
    530         m_requestTimer.startOneShot(0);
    531 
    532     performRequest(request);
    533     delete request;
    534 }
    535 
    536 void PluginView::scheduleRequest(PluginRequest* request)
    537 {
    538     m_requests.append(request);
    539 
    540     if (!m_isJavaScriptPaused)
    541         m_requestTimer.startOneShot(0);
    542 }
    543 
    544 NPError PluginView::load(const FrameLoadRequest& frameLoadRequest, bool sendNotification, void* notifyData)
    545 {
    546     ASSERT(frameLoadRequest.resourceRequest().httpMethod() == "GET" || frameLoadRequest.resourceRequest().httpMethod() == "POST");
    547 
    548     KURL url = frameLoadRequest.resourceRequest().url();
    549 
    550     if (url.isEmpty())
    551         return NPERR_INVALID_URL;
    552 
    553     // Don't allow requests to be made when the document loader is stopping all loaders.
    554     DocumentLoader* loader = m_parentFrame->loader()->documentLoader();
    555     if (!loader || loader->isStopping())
    556         return NPERR_GENERIC_ERROR;
    557 
    558     const String& targetFrameName = frameLoadRequest.frameName();
    559     String jsString = scriptStringIfJavaScriptURL(url);
    560 
    561     if (!jsString.isNull()) {
    562         // Return NPERR_GENERIC_ERROR if JS is disabled. This is what Mozilla does.
    563         if (!m_parentFrame->script()->canExecuteScripts(NotAboutToExecuteScript))
    564             return NPERR_GENERIC_ERROR;
    565 
    566         // For security reasons, only allow JS requests to be made on the frame that contains the plug-in.
    567         if (!targetFrameName.isNull() && m_parentFrame->tree()->find(targetFrameName) != m_parentFrame)
    568             return NPERR_INVALID_PARAM;
    569     } else if (!m_parentFrame->document()->securityOrigin()->canDisplay(url))
    570         return NPERR_GENERIC_ERROR;
    571 
    572     PluginRequest* request = new PluginRequest(frameLoadRequest, sendNotification, notifyData, arePopupsAllowed());
    573     scheduleRequest(request);
    574 
    575     return NPERR_NO_ERROR;
    576 }
    577 
    578 static KURL makeURL(const KURL& baseURL, const char* relativeURLString)
    579 {
    580     String urlString = relativeURLString;
    581 
    582     // Strip return characters.
    583     urlString.replace('\n', "");
    584     urlString.replace('\r', "");
    585 
    586     return KURL(baseURL, urlString);
    587 }
    588 
    589 NPError PluginView::getURLNotify(const char* url, const char* target, void* notifyData)
    590 {
    591     FrameLoadRequest frameLoadRequest(m_parentFrame->document()->securityOrigin());
    592 
    593     frameLoadRequest.setFrameName(target);
    594     frameLoadRequest.resourceRequest().setHTTPMethod("GET");
    595     frameLoadRequest.resourceRequest().setURL(makeURL(m_baseURL, url));
    596 #ifdef ANDROID_PLUGINS
    597     if (!SecurityOrigin::shouldHideReferrer(
    598             frameLoadRequest.resourceRequest().url(), m_url))
    599         frameLoadRequest.resourceRequest().setHTTPReferrer(m_url);
    600 #endif
    601 
    602     return load(frameLoadRequest, true, notifyData);
    603 }
    604 
    605 NPError PluginView::getURL(const char* url, const char* target)
    606 {
    607     FrameLoadRequest frameLoadRequest(m_parentFrame->document()->securityOrigin());
    608 
    609     frameLoadRequest.setFrameName(target);
    610     frameLoadRequest.resourceRequest().setHTTPMethod("GET");
    611     frameLoadRequest.resourceRequest().setURL(makeURL(m_baseURL, url));
    612 #ifdef ANDROID_PLUGINS
    613     if (!SecurityOrigin::shouldHideReferrer(
    614             frameLoadRequest.resourceRequest().url(), m_url))
    615         frameLoadRequest.resourceRequest().setHTTPReferrer(m_url);
    616 #endif
    617 
    618     return load(frameLoadRequest, false, 0);
    619 }
    620 
    621 NPError PluginView::postURLNotify(const char* url, const char* target, uint32_t len, const char* buf, NPBool file, void* notifyData)
    622 {
    623     return handlePost(url, target, len, buf, file, notifyData, true, true);
    624 }
    625 
    626 NPError PluginView::postURL(const char* url, const char* target, uint32_t len, const char* buf, NPBool file)
    627 {
    628     // As documented, only allow headers to be specified via NPP_PostURL when using a file.
    629     return handlePost(url, target, len, buf, file, 0, false, file);
    630 }
    631 
    632 NPError PluginView::newStream(NPMIMEType type, const char* target, NPStream** stream)
    633 {
    634     notImplemented();
    635     // Unsupported
    636     return NPERR_GENERIC_ERROR;
    637 }
    638 
    639 int32_t PluginView::write(NPStream* stream, int32_t len, void* buffer)
    640 {
    641     notImplemented();
    642     // Unsupported
    643     return -1;
    644 }
    645 
    646 NPError PluginView::destroyStream(NPStream* stream, NPReason reason)
    647 {
    648     if (!stream || PluginStream::ownerForStream(stream) != m_instance)
    649         return NPERR_INVALID_INSTANCE_ERROR;
    650 
    651     PluginStream* browserStream = static_cast<PluginStream*>(stream->ndata);
    652     browserStream->cancelAndDestroyStream(reason);
    653 
    654     return NPERR_NO_ERROR;
    655 }
    656 
    657 void PluginView::status(const char* message)
    658 {
    659     if (Page* page = m_parentFrame->page())
    660         page->chrome()->setStatusbarText(m_parentFrame.get(), String::fromUTF8(message));
    661 }
    662 
    663 NPError PluginView::setValue(NPPVariable variable, void* value)
    664 {
    665     LOG(Plugins, "PluginView::setValue(%s): ", prettyNameForNPPVariable(variable, value).data());
    666 
    667     switch (variable) {
    668     case NPPVpluginWindowBool:
    669         m_isWindowed = value;
    670         return NPERR_NO_ERROR;
    671     case NPPVpluginTransparentBool:
    672         m_isTransparent = value;
    673         return NPERR_NO_ERROR;
    674 #if defined(XP_MACOSX)
    675     case NPPVpluginDrawingModel: {
    676         // Can only set drawing model inside NPP_New()
    677         if (this != currentPluginView())
    678            return NPERR_GENERIC_ERROR;
    679 
    680         NPDrawingModel newDrawingModel = NPDrawingModel(uintptr_t(value));
    681         switch (newDrawingModel) {
    682         case NPDrawingModelCoreGraphics:
    683             m_drawingModel = newDrawingModel;
    684             return NPERR_NO_ERROR;
    685 #ifndef NP_NO_QUICKDRAW
    686         case NPDrawingModelQuickDraw:
    687 #endif
    688         case NPDrawingModelCoreAnimation:
    689         default:
    690             LOG(Plugins, "Plugin asked for unsupported drawing model: %s",
    691                     prettyNameForDrawingModel(newDrawingModel));
    692             return NPERR_GENERIC_ERROR;
    693         }
    694     }
    695 
    696     case NPPVpluginEventModel: {
    697         // Can only set event model inside NPP_New()
    698         if (this != currentPluginView())
    699            return NPERR_GENERIC_ERROR;
    700 
    701         NPEventModel newEventModel = NPEventModel(uintptr_t(value));
    702         switch (newEventModel) {
    703 #ifndef NP_NO_CARBON
    704         case NPEventModelCarbon:
    705 #endif
    706         case NPEventModelCocoa:
    707             m_eventModel = newEventModel;
    708             return NPERR_NO_ERROR;
    709 
    710         default:
    711             LOG(Plugins, "Plugin asked for unsupported event model: %s",
    712                     prettyNameForEventModel(newEventModel));
    713             return NPERR_GENERIC_ERROR;
    714         }
    715     }
    716 #endif // defined(XP_MACOSX)
    717 
    718 #if PLATFORM(QT) && defined(MOZ_PLATFORM_MAEMO) && (MOZ_PLATFORM_MAEMO >= 5)
    719     case NPPVpluginWindowlessLocalBool:
    720         m_renderToImage = true;
    721         return NPERR_NO_ERROR;
    722 #endif
    723 
    724     default:
    725 #ifdef PLUGIN_PLATFORM_SETVALUE
    726         return platformSetValue(variable, value);
    727 #else
    728         notImplemented();
    729         return NPERR_GENERIC_ERROR;
    730 #endif
    731     }
    732 }
    733 
    734 void PluginView::invalidateTimerFired(Timer<PluginView>* timer)
    735 {
    736     ASSERT(timer == &m_invalidateTimer);
    737 
    738     for (unsigned i = 0; i < m_invalidRects.size(); i++)
    739         invalidateRect(m_invalidRects[i]);
    740     m_invalidRects.clear();
    741 }
    742 
    743 
    744 void PluginView::pushPopupsEnabledState(bool state)
    745 {
    746     m_popupStateStack.append(state);
    747 }
    748 
    749 void PluginView::popPopupsEnabledState()
    750 {
    751     m_popupStateStack.removeLast();
    752 }
    753 
    754 bool PluginView::arePopupsAllowed() const
    755 {
    756     if (!m_popupStateStack.isEmpty())
    757         return m_popupStateStack.last();
    758 
    759     return false;
    760 }
    761 
    762 void PluginView::setJavaScriptPaused(bool paused)
    763 {
    764     if (m_isJavaScriptPaused == paused)
    765         return;
    766     m_isJavaScriptPaused = paused;
    767 
    768     if (m_isJavaScriptPaused)
    769         m_requestTimer.stop();
    770     else if (!m_requests.isEmpty())
    771         m_requestTimer.startOneShot(0);
    772 }
    773 
    774 #if ENABLE(NETSCAPE_PLUGIN_API)
    775 NPObject* PluginView::npObject()
    776 {
    777     NPObject* object = 0;
    778 
    779     if (!m_isStarted || !m_plugin || !m_plugin->pluginFuncs()->getvalue)
    780         return 0;
    781 
    782     // On Windows, calling Java's NPN_GetValue can allow the message loop to
    783     // run, allowing loading to take place or JavaScript to run. Protect the
    784     // PluginView from destruction. <rdar://problem/6978804>
    785     RefPtr<PluginView> protect(this);
    786 
    787     NPError npErr;
    788     {
    789         PluginView::setCurrentPluginView(this);
    790 #if USE(JSC)
    791         JSC::JSLock::DropAllLocks dropAllLocks(JSC::SilenceAssertionsOnly);
    792 #endif
    793         setCallingPlugin(true);
    794         npErr = m_plugin->pluginFuncs()->getvalue(m_instance, NPPVpluginScriptableNPObject, &object);
    795         setCallingPlugin(false);
    796         PluginView::setCurrentPluginView(0);
    797     }
    798 
    799     if (npErr != NPERR_NO_ERROR)
    800         return 0;
    801 
    802     return object;
    803 }
    804 #endif
    805 
    806 #if USE(JSC)
    807 PassRefPtr<JSC::Bindings::Instance> PluginView::bindingInstance()
    808 {
    809 #if ENABLE(NETSCAPE_PLUGIN_API)
    810     NPObject* object = npObject();
    811     if (!object)
    812         return 0;
    813 
    814     if (hasOneRef()) {
    815         // The renderer for the PluginView was destroyed during the above call, and
    816         // the PluginView will be destroyed when this function returns, so we
    817         // return null.
    818         return 0;
    819     }
    820 
    821     RefPtr<JSC::Bindings::RootObject> root = m_parentFrame->script()->createRootObject(this);
    822     RefPtr<JSC::Bindings::Instance> instance = JSC::Bindings::CInstance::create(object, root.release());
    823 
    824     _NPN_ReleaseObject(object);
    825 
    826     return instance.release();
    827 #else
    828     return 0;
    829 #endif
    830 }
    831 #endif
    832 
    833 #if USE(V8)
    834 // This is really JS engine independent
    835 NPObject* PluginView::getNPObject() {
    836 #if ENABLE(NETSCAPE_PLUGIN_API)
    837     if (!m_plugin || !m_plugin->pluginFuncs()->getvalue)
    838         return 0;
    839 
    840     NPObject* object = 0;
    841 
    842     NPError npErr;
    843     {
    844         PluginView::setCurrentPluginView(this);
    845         setCallingPlugin(true);
    846         npErr = m_plugin->pluginFuncs()->getvalue(m_instance, NPPVpluginScriptableNPObject, &object);
    847         setCallingPlugin(false);
    848         PluginView::setCurrentPluginView(0);
    849     }
    850 
    851     if (npErr != NPERR_NO_ERROR || !object)
    852         return 0;
    853 
    854     // Bindings::CInstance (used in JSC version) retains the object, so in ~PluginView() it calls
    855     // cleanupScriptObjectsForPlugin() to releases the object. To maintain the reference count,
    856     // don't call _NPN_ReleaseObject(object) here.
    857     return object;
    858 #else
    859     return 0;
    860 #endif  // NETSCAPE_PLUGIN_API
    861 }
    862 #endif  // V8
    863 
    864 void PluginView::disconnectStream(PluginStream* stream)
    865 {
    866     ASSERT(m_streams.contains(stream));
    867 
    868     m_streams.remove(stream);
    869 }
    870 
    871 void PluginView::setParameters(const Vector<String>& paramNames, const Vector<String>& paramValues)
    872 {
    873     ASSERT(paramNames.size() == paramValues.size());
    874 
    875     unsigned size = paramNames.size();
    876     unsigned paramCount = 0;
    877 
    878     m_paramNames = reinterpret_cast<char**>(fastMalloc(sizeof(char*) * size));
    879     m_paramValues = reinterpret_cast<char**>(fastMalloc(sizeof(char*) * size));
    880 
    881     for (unsigned i = 0; i < size; i++) {
    882         if (m_plugin->quirks().contains(PluginQuirkRemoveWindowlessVideoParam) && equalIgnoringCase(paramNames[i], "windowlessvideo"))
    883             continue;
    884 
    885         if (paramNames[i] == "pluginspage")
    886             m_pluginsPage = paramValues[i];
    887 
    888         m_paramNames[paramCount] = createUTF8String(paramNames[i]);
    889         m_paramValues[paramCount] = createUTF8String(paramValues[i]);
    890 
    891         paramCount++;
    892     }
    893 
    894     m_paramCount = paramCount;
    895 }
    896 
    897 PluginView::PluginView(Frame* parentFrame, const IntSize& size, PluginPackage* plugin, Element* element, const KURL& url, const Vector<String>& paramNames, const Vector<String>& paramValues, const String& mimeType, bool loadManually)
    898     : m_parentFrame(parentFrame)
    899     , m_plugin(plugin)
    900     , m_element(element)
    901     , m_isStarted(false)
    902     , m_url(url)
    903     , m_baseURL(m_parentFrame->loader()->completeURL(m_parentFrame->document()->baseURL().string()))
    904     , m_status(PluginStatusLoadedSuccessfully)
    905     , m_requestTimer(this, &PluginView::requestTimerFired)
    906     , m_invalidateTimer(this, &PluginView::invalidateTimerFired)
    907     , m_popPopupsStateTimer(this, &PluginView::popPopupsStateTimerFired)
    908     , m_lifeSupportTimer(this, &PluginView::lifeSupportTimerFired)
    909     , m_mode(loadManually ? NP_FULL : NP_EMBED)
    910     , m_paramNames(0)
    911     , m_paramValues(0)
    912     , m_mimeType(mimeType)
    913     , m_instance(0)
    914 #if defined(XP_MACOSX)
    915     , m_isWindowed(false)
    916 #else
    917     , m_isWindowed(true)
    918 #endif
    919     , m_isTransparent(false)
    920     , m_haveInitialized(false)
    921     , m_isWaitingToStart(false)
    922 #if defined(XP_UNIX)
    923     , m_needsXEmbed(false)
    924 #endif
    925 #if OS(WINDOWS) && ENABLE(NETSCAPE_PLUGIN_API)
    926     , m_pluginWndProc(0)
    927     , m_lastMessage(0)
    928     , m_isCallingPluginWndProc(false)
    929     , m_wmPrintHDC(0)
    930     , m_haveUpdatedPluginWidget(false)
    931 #endif
    932 #if (PLATFORM(QT) && OS(WINDOWS)) || defined(XP_MACOSX)
    933     , m_window(0)
    934 #endif
    935 #if defined(XP_MACOSX)
    936     , m_drawingModel(NPDrawingModel(-1))
    937     , m_eventModel(NPEventModel(-1))
    938     , m_contextRef(0)
    939     , m_fakeWindow(0)
    940 #endif
    941 #if defined(XP_UNIX) && ENABLE(NETSCAPE_PLUGIN_API)
    942     , m_hasPendingGeometryChange(true)
    943     , m_drawable(0)
    944     , m_visual(0)
    945     , m_colormap(0)
    946     , m_pluginDisplay(0)
    947 #endif
    948 #if PLATFORM(QT) && defined(MOZ_PLATFORM_MAEMO) && (MOZ_PLATFORM_MAEMO >= 5)
    949     , m_renderToImage(false)
    950 #endif
    951     , m_loadManually(loadManually)
    952     , m_manualStream(0)
    953     , m_isJavaScriptPaused(false)
    954     , m_isHalted(false)
    955     , m_hasBeenHalted(false)
    956     , m_haveCalledSetWindow(false)
    957 {
    958 #if defined(ANDROID_PLUGINS)
    959     platformInit();
    960 #endif
    961 
    962     if (!m_plugin) {
    963         m_status = PluginStatusCanNotFindPlugin;
    964         return;
    965     }
    966 
    967     m_instance = &m_instanceStruct;
    968     m_instance->ndata = this;
    969     m_instance->pdata = 0;
    970 
    971     instanceMap().add(m_instance, this);
    972 
    973     setParameters(paramNames, paramValues);
    974 
    975     memset(&m_npWindow, 0, sizeof(m_npWindow));
    976 #if defined(XP_MACOSX)
    977     memset(&m_npCgContext, 0, sizeof(m_npCgContext));
    978 #endif
    979 
    980     resize(size);
    981 }
    982 
    983 void PluginView::focusPluginElement()
    984 {
    985     // Focus the plugin
    986     if (Page* page = m_parentFrame->page())
    987         page->focusController()->setFocusedFrame(m_parentFrame);
    988     m_parentFrame->document()->setFocusedNode(m_element);
    989 }
    990 
    991 void PluginView::didReceiveResponse(const ResourceResponse& response)
    992 {
    993     if (m_status != PluginStatusLoadedSuccessfully)
    994         return;
    995 
    996     ASSERT(m_loadManually);
    997     ASSERT(!m_manualStream);
    998 
    999     m_manualStream = PluginStream::create(this, m_parentFrame.get(), m_parentFrame->loader()->activeDocumentLoader()->request(), false, 0, plugin()->pluginFuncs(), instance(), m_plugin->quirks());
   1000     m_manualStream->setLoadManually(true);
   1001 
   1002     m_manualStream->didReceiveResponse(0, response);
   1003 }
   1004 
   1005 void PluginView::didReceiveData(const char* data, int length)
   1006 {
   1007     if (m_status != PluginStatusLoadedSuccessfully)
   1008         return;
   1009 
   1010     ASSERT(m_loadManually);
   1011     ASSERT(m_manualStream);
   1012 
   1013     m_manualStream->didReceiveData(0, data, length);
   1014 }
   1015 
   1016 void PluginView::didFinishLoading()
   1017 {
   1018     if (m_status != PluginStatusLoadedSuccessfully)
   1019         return;
   1020 
   1021     ASSERT(m_loadManually);
   1022     ASSERT(m_manualStream);
   1023 
   1024     m_manualStream->didFinishLoading(0);
   1025 }
   1026 
   1027 void PluginView::didFail(const ResourceError& error)
   1028 {
   1029     if (m_status != PluginStatusLoadedSuccessfully)
   1030         return;
   1031 
   1032     ASSERT(m_loadManually);
   1033 
   1034     if (m_manualStream)
   1035         m_manualStream->didFail(0, error);
   1036 }
   1037 
   1038 void PluginView::setCallingPlugin(bool b) const
   1039 {
   1040     if (!m_plugin->quirks().contains(PluginQuirkHasModalMessageLoop))
   1041         return;
   1042 
   1043     if (b)
   1044         ++s_callingPlugin;
   1045     else
   1046         --s_callingPlugin;
   1047 
   1048     ASSERT(s_callingPlugin >= 0);
   1049 }
   1050 
   1051 bool PluginView::isCallingPlugin()
   1052 {
   1053     return s_callingPlugin > 0;
   1054 }
   1055 
   1056 PassRefPtr<PluginView> PluginView::create(Frame* parentFrame, const IntSize& size, Element* element, const KURL& url, const Vector<String>& paramNames, const Vector<String>& paramValues, const String& mimeType, bool loadManually)
   1057 {
   1058     // if we fail to find a plugin for this MIME type, findPlugin will search for
   1059     // a plugin by the file extension and update the MIME type, so pass a mutable String
   1060     String mimeTypeCopy = mimeType;
   1061     PluginPackage* plugin = PluginDatabase::installedPlugins()->findPlugin(url, mimeTypeCopy);
   1062 
   1063     // No plugin was found, try refreshing the database and searching again
   1064     if (!plugin && PluginDatabase::installedPlugins()->refresh()) {
   1065         mimeTypeCopy = mimeType;
   1066         plugin = PluginDatabase::installedPlugins()->findPlugin(url, mimeTypeCopy);
   1067     }
   1068 
   1069     return adoptRef(new PluginView(parentFrame, size, plugin, element, url, paramNames, paramValues, mimeTypeCopy, loadManually));
   1070 }
   1071 
   1072 void PluginView::freeStringArray(char** stringArray, int length)
   1073 {
   1074     if (!stringArray)
   1075         return;
   1076 
   1077     for (int i = 0; i < length; i++)
   1078         fastFree(stringArray[i]);
   1079 
   1080     fastFree(stringArray);
   1081 }
   1082 
   1083 static inline bool startsWithBlankLine(const Vector<char>& buffer)
   1084 {
   1085     return buffer.size() > 0 && buffer[0] == '\n';
   1086 }
   1087 
   1088 static inline int locationAfterFirstBlankLine(const Vector<char>& buffer)
   1089 {
   1090     const char* bytes = buffer.data();
   1091     unsigned length = buffer.size();
   1092 
   1093     for (unsigned i = 0; i < length - 4; i++) {
   1094         // Support for Acrobat. It sends "\n\n".
   1095         if (bytes[i] == '\n' && bytes[i + 1] == '\n')
   1096             return i + 2;
   1097 
   1098         // Returns the position after 2 CRLF's or 1 CRLF if it is the first line.
   1099         if (bytes[i] == '\r' && bytes[i + 1] == '\n') {
   1100             i += 2;
   1101             if (i == 2)
   1102                 return i;
   1103             else if (bytes[i] == '\n')
   1104                 // Support for Director. It sends "\r\n\n" (3880387).
   1105                 return i + 1;
   1106             else if (bytes[i] == '\r' && bytes[i + 1] == '\n')
   1107                 // Support for Flash. It sends "\r\n\r\n" (3758113).
   1108                 return i + 2;
   1109         }
   1110     }
   1111 
   1112     return -1;
   1113 }
   1114 
   1115 static inline const char* findEOL(const char* bytes, unsigned length)
   1116 {
   1117     // According to the HTTP specification EOL is defined as
   1118     // a CRLF pair. Unfortunately, some servers will use LF
   1119     // instead. Worse yet, some servers will use a combination
   1120     // of both (e.g. <header>CRLFLF<body>), so findEOL needs
   1121     // to be more forgiving. It will now accept CRLF, LF or
   1122     // CR.
   1123     //
   1124     // It returns NULL if EOLF is not found or it will return
   1125     // a pointer to the first terminating character.
   1126     for (unsigned i = 0; i < length; i++) {
   1127         if (bytes[i] == '\n')
   1128             return bytes + i;
   1129         if (bytes[i] == '\r') {
   1130             // Check to see if spanning buffer bounds
   1131             // (CRLF is across reads). If so, wait for
   1132             // next read.
   1133             if (i + 1 == length)
   1134                 break;
   1135 
   1136             return bytes + i;
   1137         }
   1138     }
   1139 
   1140     return 0;
   1141 }
   1142 
   1143 static inline String capitalizeRFC822HeaderFieldName(const String& name)
   1144 {
   1145     bool capitalizeCharacter = true;
   1146     String result;
   1147 
   1148     for (unsigned i = 0; i < name.length(); i++) {
   1149         UChar c;
   1150 
   1151         if (capitalizeCharacter && name[i] >= 'a' && name[i] <= 'z')
   1152             c = toASCIIUpper(name[i]);
   1153         else if (!capitalizeCharacter && name[i] >= 'A' && name[i] <= 'Z')
   1154             c = toASCIILower(name[i]);
   1155         else
   1156             c = name[i];
   1157 
   1158         if (name[i] == '-')
   1159             capitalizeCharacter = true;
   1160         else
   1161             capitalizeCharacter = false;
   1162 
   1163         result.append(c);
   1164     }
   1165 
   1166     return result;
   1167 }
   1168 
   1169 static inline HTTPHeaderMap parseRFC822HeaderFields(const Vector<char>& buffer, unsigned length)
   1170 {
   1171     const char* bytes = buffer.data();
   1172     const char* eol;
   1173     String lastKey;
   1174     HTTPHeaderMap headerFields;
   1175 
   1176     // Loop ove rlines until we're past the header, or we can't find any more end-of-lines
   1177     while ((eol = findEOL(bytes, length))) {
   1178         const char* line = bytes;
   1179         int lineLength = eol - bytes;
   1180 
   1181         // Move bytes to the character after the terminator as returned by findEOL.
   1182         bytes = eol + 1;
   1183         if ((*eol == '\r') && (*bytes == '\n'))
   1184             bytes++; // Safe since findEOL won't return a spanning CRLF.
   1185 
   1186         length -= (bytes - line);
   1187         if (lineLength == 0)
   1188             // Blank line; we're at the end of the header
   1189             break;
   1190         else if (*line == ' ' || *line == '\t') {
   1191             // Continuation of the previous header
   1192             if (lastKey.isNull()) {
   1193                 // malformed header; ignore it and continue
   1194                 continue;
   1195             } else {
   1196                 // Merge the continuation of the previous header
   1197                 String currentValue = headerFields.get(lastKey);
   1198                 String newValue(line, lineLength);
   1199 
   1200                 headerFields.set(lastKey, currentValue + newValue);
   1201             }
   1202         } else {
   1203             // Brand new header
   1204             const char* colon;
   1205             for (colon = line; *colon != ':' && colon != eol; colon++) {
   1206                 // empty loop
   1207             }
   1208             if (colon == eol)
   1209                 // malformed header; ignore it and continue
   1210                 continue;
   1211             else {
   1212                 lastKey = capitalizeRFC822HeaderFieldName(String(line, colon - line));
   1213                 String value;
   1214 
   1215                 for (colon++; colon != eol; colon++) {
   1216                     if (*colon != ' ' && *colon != '\t')
   1217                         break;
   1218                 }
   1219                 if (colon == eol)
   1220                     value = "";
   1221                 else
   1222                     value = String(colon, eol - colon);
   1223 
   1224                 String oldValue = headerFields.get(lastKey);
   1225                 if (!oldValue.isNull()) {
   1226                     String tmp = oldValue;
   1227                     tmp += ", ";
   1228                     tmp += value;
   1229                     value = tmp;
   1230                 }
   1231 
   1232                 headerFields.set(lastKey, value);
   1233             }
   1234         }
   1235     }
   1236 
   1237     return headerFields;
   1238 }
   1239 
   1240 NPError PluginView::handlePost(const char* url, const char* target, uint32_t len, const char* buf, bool file, void* notifyData, bool sendNotification, bool allowHeaders)
   1241 {
   1242     if (!url || !len || !buf)
   1243         return NPERR_INVALID_PARAM;
   1244 
   1245     FrameLoadRequest frameLoadRequest(m_parentFrame->document()->securityOrigin());
   1246 
   1247     HTTPHeaderMap headerFields;
   1248     Vector<char> buffer;
   1249 
   1250     if (file) {
   1251         NPError readResult = handlePostReadFile(buffer, len, buf);
   1252         if(readResult != NPERR_NO_ERROR)
   1253             return readResult;
   1254     } else {
   1255         buffer.resize(len);
   1256         memcpy(buffer.data(), buf, len);
   1257     }
   1258 
   1259     const char* postData = buffer.data();
   1260     int postDataLength = buffer.size();
   1261 
   1262     if (allowHeaders) {
   1263         if (startsWithBlankLine(buffer)) {
   1264             postData++;
   1265             postDataLength--;
   1266         } else {
   1267             int location = locationAfterFirstBlankLine(buffer);
   1268             if (location != -1) {
   1269                 // If the blank line is somewhere in the middle of the buffer, everything before is the header
   1270                 headerFields = parseRFC822HeaderFields(buffer, location);
   1271                 unsigned dataLength = buffer.size() - location;
   1272 
   1273                 // Sometimes plugins like to set Content-Length themselves when they post,
   1274                 // but WebFoundation does not like that. So we will remove the header
   1275                 // and instead truncate the data to the requested length.
   1276                 String contentLength = headerFields.get("Content-Length");
   1277 
   1278                 if (!contentLength.isNull())
   1279                     dataLength = min(contentLength.toInt(), (int)dataLength);
   1280                 headerFields.remove("Content-Length");
   1281 
   1282                 postData += location;
   1283                 postDataLength = dataLength;
   1284             }
   1285         }
   1286     }
   1287 
   1288     frameLoadRequest.resourceRequest().setHTTPMethod("POST");
   1289     frameLoadRequest.resourceRequest().setURL(makeURL(m_baseURL, url));
   1290     frameLoadRequest.resourceRequest().addHTTPHeaderFields(headerFields);
   1291     frameLoadRequest.resourceRequest().setHTTPBody(FormData::create(postData, postDataLength));
   1292     frameLoadRequest.setFrameName(target);
   1293 
   1294     return load(frameLoadRequest, sendNotification, notifyData);
   1295 }
   1296 
   1297 #ifdef PLUGIN_SCHEDULE_TIMER
   1298 uint32_t PluginView::scheduleTimer(NPP instance, uint32_t interval, bool repeat,
   1299                                void (*timerFunc)(NPP, uint32_t timerID))
   1300 {
   1301     return m_timerList.schedule(instance, interval, repeat, timerFunc);
   1302 }
   1303 
   1304 void PluginView::unscheduleTimer(NPP instance, uint32_t timerID)
   1305 {
   1306     m_timerList.unschedule(instance, timerID);
   1307 }
   1308 #endif
   1309 
   1310 void PluginView::invalidateWindowlessPluginRect(const IntRect& rect)
   1311 {
   1312     if (!isVisible())
   1313         return;
   1314 
   1315     if (!m_element->renderer())
   1316         return;
   1317     RenderBox* renderer = toRenderBox(m_element->renderer());
   1318 
   1319     IntRect dirtyRect = rect;
   1320     dirtyRect.move(renderer->borderLeft() + renderer->paddingLeft(), renderer->borderTop() + renderer->paddingTop());
   1321     renderer->repaintRectangle(dirtyRect);
   1322 }
   1323 
   1324 void PluginView::paintMissingPluginIcon(GraphicsContext* context, const IntRect& rect)
   1325 {
   1326     static RefPtr<Image> nullPluginImage;
   1327     if (!nullPluginImage)
   1328         nullPluginImage = Image::loadPlatformResource("nullPlugin");
   1329 
   1330     IntRect imageRect(frameRect().x(), frameRect().y(), nullPluginImage->width(), nullPluginImage->height());
   1331 
   1332     int xOffset = (frameRect().width() - imageRect.width()) / 2;
   1333     int yOffset = (frameRect().height() - imageRect.height()) / 2;
   1334 
   1335     imageRect.move(xOffset, yOffset);
   1336 
   1337     if (!rect.intersects(imageRect))
   1338         return;
   1339 
   1340     context->save();
   1341     context->clip(windowClipRect());
   1342     context->drawImage(nullPluginImage.get(), ColorSpaceDeviceRGB, imageRect.location());
   1343     context->restore();
   1344 }
   1345 
   1346 static const char* MozillaUserAgent = "Mozilla/5.0 ("
   1347 #if defined(XP_MACOSX)
   1348         "Macintosh; U; Intel Mac OS X;"
   1349 #elif defined(XP_WIN)
   1350         "Windows; U; Windows NT 5.1;"
   1351 #elif defined(XP_UNIX)
   1352 // The Gtk port uses X11 plugins in Mac.
   1353 #if OS(DARWIN) && PLATFORM(GTK)
   1354     "X11; U; Intel Mac OS X;"
   1355 #else
   1356     "X11; U; Linux i686;"
   1357 #endif
   1358 #endif
   1359         " en-US; rv:1.8.1) Gecko/20061010 Firefox/2.0";
   1360 
   1361 const char* PluginView::userAgent()
   1362 {
   1363 #if !PLATFORM(ANDROID)
   1364     if (m_plugin->quirks().contains(PluginQuirkWantsMozillaUserAgent))
   1365         return MozillaUserAgent;
   1366 #endif
   1367 
   1368     if (m_userAgent.isNull())
   1369         m_userAgent = m_parentFrame->loader()->userAgent(m_url).utf8();
   1370 
   1371     return m_userAgent.data();
   1372 }
   1373 
   1374 #if ENABLE(NETSCAPE_PLUGIN_API)
   1375 const char* PluginView::userAgentStatic()
   1376 {
   1377     return MozillaUserAgent;
   1378 }
   1379 #endif
   1380 
   1381 
   1382 Node* PluginView::node() const
   1383 {
   1384     return m_element;
   1385 }
   1386 
   1387 String PluginView::pluginName() const
   1388 {
   1389     return m_plugin->name();
   1390 }
   1391 
   1392 void PluginView::lifeSupportTimerFired(Timer<PluginView>*)
   1393 {
   1394     deref();
   1395 }
   1396 
   1397 void PluginView::keepAlive()
   1398 {
   1399     if (m_lifeSupportTimer.isActive())
   1400         return;
   1401 
   1402     ref();
   1403     m_lifeSupportTimer.startOneShot(0);
   1404 }
   1405 
   1406 #if ENABLE(NETSCAPE_PLUGIN_API)
   1407 void PluginView::keepAlive(NPP instance)
   1408 {
   1409     PluginView* view = instanceMap().get(instance);
   1410     if (!view)
   1411         return;
   1412 
   1413     view->keepAlive();
   1414 }
   1415 
   1416 NPError PluginView::getValueStatic(NPNVariable variable, void* value)
   1417 {
   1418     LOG(Plugins, "PluginView::getValueStatic(%s)", prettyNameForNPNVariable(variable).data());
   1419 
   1420     NPError result;
   1421     if (platformGetValueStatic(variable, value, &result))
   1422         return result;
   1423 
   1424     return NPERR_GENERIC_ERROR;
   1425 }
   1426 
   1427 NPError PluginView::getValue(NPNVariable variable, void* value)
   1428 {
   1429     LOG(Plugins, "PluginView::getValue(%s)", prettyNameForNPNVariable(variable).data());
   1430 
   1431     NPError result;
   1432     if (platformGetValue(variable, value, &result))
   1433         return result;
   1434 
   1435     if (platformGetValueStatic(variable, value, &result))
   1436         return result;
   1437 
   1438     switch (variable) {
   1439     case NPNVWindowNPObject: {
   1440         if (m_isJavaScriptPaused)
   1441             return NPERR_GENERIC_ERROR;
   1442 
   1443         NPObject* windowScriptObject = m_parentFrame->script()->windowScriptNPObject();
   1444 
   1445         // Return value is expected to be retained, as described here: <http://www.mozilla.org/projects/plugin/npruntime.html>
   1446         if (windowScriptObject)
   1447             _NPN_RetainObject(windowScriptObject);
   1448 
   1449         void** v = (void**)value;
   1450         *v = windowScriptObject;
   1451 
   1452         return NPERR_NO_ERROR;
   1453     }
   1454 
   1455     case NPNVPluginElementNPObject: {
   1456         if (m_isJavaScriptPaused)
   1457             return NPERR_GENERIC_ERROR;
   1458 
   1459         NPObject* pluginScriptObject = 0;
   1460 
   1461         if (m_element->hasTagName(appletTag) || m_element->hasTagName(embedTag) || m_element->hasTagName(objectTag))
   1462             pluginScriptObject = static_cast<HTMLPlugInElement*>(m_element)->getNPObject();
   1463 
   1464         // Return value is expected to be retained, as described here: <http://www.mozilla.org/projects/plugin/npruntime.html>
   1465         if (pluginScriptObject)
   1466             _NPN_RetainObject(pluginScriptObject);
   1467 
   1468         void** v = (void**)value;
   1469         *v = pluginScriptObject;
   1470 
   1471         return NPERR_NO_ERROR;
   1472     }
   1473 
   1474     case NPNVprivateModeBool: {
   1475         Page* page = m_parentFrame->page();
   1476         if (!page)
   1477             return NPERR_GENERIC_ERROR;
   1478         *((NPBool*)value) = !page->settings() || page->settings()->privateBrowsingEnabled();
   1479         return NPERR_NO_ERROR;
   1480     }
   1481 
   1482     default:
   1483         return NPERR_GENERIC_ERROR;
   1484     }
   1485 }
   1486 
   1487 static Frame* getFrame(Frame* parentFrame, Element* element)
   1488 {
   1489     if (parentFrame)
   1490         return parentFrame;
   1491 
   1492     Document* document = element->document();
   1493     if (!document)
   1494         document = element->ownerDocument();
   1495     if (document)
   1496         return document->frame();
   1497 
   1498     return 0;
   1499 }
   1500 
   1501 NPError PluginView::getValueForURL(NPNURLVariable variable, const char* url, char** value, uint32_t* len)
   1502 {
   1503     LOG(Plugins, "PluginView::getValueForURL(%s)", prettyNameForNPNURLVariable(variable).data());
   1504 
   1505     NPError result = NPERR_NO_ERROR;
   1506 
   1507     switch (variable) {
   1508     case NPNURLVCookie: {
   1509         KURL u(m_baseURL, url);
   1510         if (u.isValid()) {
   1511             Frame* frame = getFrame(parentFrame(), m_element);
   1512             if (frame) {
   1513                 const CString cookieStr = cookies(frame->document(), u).utf8();
   1514                 if (!cookieStr.isNull()) {
   1515                     const int size = cookieStr.length();
   1516                     *value = static_cast<char*>(NPN_MemAlloc(size+1));
   1517                     if (*value) {
   1518                         memset(*value, 0, size+1);
   1519                         memcpy(*value, cookieStr.data(), size+1);
   1520                         if (len)
   1521                             *len = size;
   1522                     } else
   1523                         result = NPERR_OUT_OF_MEMORY_ERROR;
   1524                 }
   1525             }
   1526         } else
   1527             result = NPERR_INVALID_URL;
   1528         break;
   1529     }
   1530     case NPNURLVProxy: {
   1531         KURL u(m_baseURL, url);
   1532         if (u.isValid()) {
   1533             Frame* frame = getFrame(parentFrame(), m_element);
   1534             const FrameLoader* frameLoader = frame ? frame->loader() : 0;
   1535             const NetworkingContext* context = frameLoader ? frameLoader->networkingContext() : 0;
   1536             const CString proxyStr = toString(proxyServersForURL(u, context)).utf8();
   1537             if (!proxyStr.isNull()) {
   1538                 const int size = proxyStr.length();
   1539                 *value = static_cast<char*>(NPN_MemAlloc(size+1));
   1540                 if (*value) {
   1541                     memset(*value, 0, size+1);
   1542                     memcpy(*value, proxyStr.data(), size+1);
   1543                     if (len)
   1544                         *len = size;
   1545                 } else
   1546                     result = NPERR_OUT_OF_MEMORY_ERROR;
   1547             }
   1548         } else
   1549             result = NPERR_INVALID_URL;
   1550         break;
   1551     }
   1552     default:
   1553         result = NPERR_GENERIC_ERROR;
   1554         LOG(Plugins, "PluginView::getValueForURL: %s", prettyNameForNPNURLVariable(variable).data());
   1555         break;
   1556     }
   1557 
   1558     return result;
   1559 }
   1560 
   1561 
   1562 NPError PluginView::setValueForURL(NPNURLVariable variable, const char* url, const char* value, uint32_t len)
   1563 {
   1564     LOG(Plugins, "PluginView::setValueForURL(%s)", prettyNameForNPNURLVariable(variable).data());
   1565 
   1566     NPError result = NPERR_NO_ERROR;
   1567 
   1568     switch (variable) {
   1569     case NPNURLVCookie: {
   1570         KURL u(m_baseURL, url);
   1571         if (u.isValid()) {
   1572             const String cookieStr = String::fromUTF8(value, len);
   1573             Frame* frame = getFrame(parentFrame(), m_element);
   1574             if (frame && !cookieStr.isEmpty())
   1575                 setCookies(frame->document(), u, cookieStr);
   1576         } else
   1577             result = NPERR_INVALID_URL;
   1578         break;
   1579     }
   1580     case NPNURLVProxy:
   1581         LOG(Plugins, "PluginView::setValueForURL(%s): Plugins are NOT allowed to set proxy information.", prettyNameForNPNURLVariable(variable).data());
   1582         result = NPERR_GENERIC_ERROR;
   1583         break;
   1584     default:
   1585         LOG(Plugins, "PluginView::setValueForURL: %s", prettyNameForNPNURLVariable(variable).data());
   1586         result = NPERR_GENERIC_ERROR;
   1587         break;
   1588     }
   1589 
   1590     return result;
   1591 }
   1592 
   1593 NPError PluginView::getAuthenticationInfo(const char* protocol, const char* host, int32_t port, const char* scheme, const char* realm, char** username, uint32_t* ulen, char** password, uint32_t* plen)
   1594 {
   1595     LOG(Plugins, "PluginView::getAuthenticationInfo: protocol=%s, host=%s, port=%d", protocol, host, port);
   1596     notImplemented();
   1597     return NPERR_GENERIC_ERROR;
   1598 }
   1599 #endif
   1600 
   1601 void PluginView::privateBrowsingStateChanged(bool privateBrowsingEnabled)
   1602 {
   1603     NPP_SetValueProcPtr setValue = m_plugin->pluginFuncs()->setvalue;
   1604     if (!setValue)
   1605         return;
   1606 
   1607     PluginView::setCurrentPluginView(this);
   1608 #if USE(JSC)
   1609     JSC::JSLock::DropAllLocks dropAllLocks(JSC::SilenceAssertionsOnly);
   1610 #endif
   1611     setCallingPlugin(true);
   1612     NPBool value = privateBrowsingEnabled;
   1613     setValue(m_instance, NPNVprivateModeBool, &value);
   1614     setCallingPlugin(false);
   1615     PluginView::setCurrentPluginView(0);
   1616 }
   1617 
   1618 } // namespace WebCore
   1619 
   1620 #endif // ENABLE(NETSCAPE_PLUGIN_API)
   1621