1 /* 2 * Copyright (C) 2011 Google Inc. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions are 6 * met: 7 * 8 * * Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * * Redistributions in binary form must reproduce the above 11 * copyright notice, this list of conditions and the following disclaimer 12 * in the documentation and/or other materials provided with the 13 * distribution. 14 * * Neither the name of Google Inc. nor the names of its 15 * contributors may be used to endorse or promote products derived from 16 * this software without specific prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 22 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 29 */ 30 31 #ifndef WebPermissionClient_h 32 #define WebPermissionClient_h 33 34 namespace WebKit { 35 36 class WebDocument; 37 class WebFrame; 38 class WebSecurityOrigin; 39 class WebString; 40 class WebURL; 41 42 class WebPermissionClient { 43 public: 44 // Controls whether access to Web Databases is allowed for this frame. 45 virtual bool allowDatabase(WebFrame*, const WebString& name, const WebString& displayName, unsigned long estimatedSize) { return true; } 46 47 // Controls whether access to File System is allowed for this frame. 48 virtual bool allowFileSystem(WebFrame*) { return true; } 49 50 // Controls whether images are allowed for this frame. 51 virtual bool allowImage(WebFrame* frame, bool enabledPerSettings, const WebURL& imageURL) { return enabledPerSettings; } 52 53 // Controls whether access to Indexed DB are allowed for this frame. 54 virtual bool allowIndexedDB(WebFrame*, const WebString& name, const WebSecurityOrigin&) { return true; } 55 56 // Controls whether plugins are allowed for this frame. 57 virtual bool allowPlugins(WebFrame*, bool enabledPerSettings) { return enabledPerSettings; } 58 59 // Controls whether scripts are allowed to execute for this frame. 60 virtual bool allowScript(WebFrame*, bool enabledPerSettings) { return enabledPerSettings; } 61 62 // Controls whether scripts loaded from the given URL are allowed to execute for this frame. 63 virtual bool allowScriptFromSource(WebFrame*, bool enabledPerSettings, const WebURL& scriptURL) { return enabledPerSettings; } 64 65 // Controls whether insecrure content is allowed to display for this frame. 66 virtual bool allowDisplayingInsecureContent(WebFrame*, bool enabledPerSettings, const WebSecurityOrigin&, const WebURL&) { return enabledPerSettings; } 67 68 // Controls whether insecrure scripts are allowed to execute for this frame. 69 virtual bool allowRunningInsecureContent(WebFrame*, bool enabledPerSettings, const WebSecurityOrigin&, const WebURL&) { return enabledPerSettings; } 70 71 // Controls whether the given script extension should run in a new script 72 // context in this frame. If extensionGroup is 0, the script context is the 73 // frame's main context. Otherwise, it is a context created by 74 // WebFrame::executeScriptInIsolatedWorld with that same extensionGroup 75 // value. 76 virtual bool allowScriptExtension(WebFrame*, const WebString& extensionName, int extensionGroup) { return true; } 77 78 virtual bool allowScriptExtension(WebFrame* webFrame, const WebString& extensionName, int extensionGroup, int worldId) 79 { 80 return allowScriptExtension(webFrame, extensionName, extensionGroup); 81 } 82 83 // Controls whether HTML5 Web Storage is allowed for this frame. 84 // If local is true, then this is for local storage, otherwise it's for session storage. 85 virtual bool allowStorage(WebFrame*, bool local) { return true; } 86 87 // Controls whether access to read the clipboard is allowed for this frame. 88 virtual bool allowReadFromClipboard(WebFrame*, bool defaultValue) { return defaultValue; } 89 90 // Controls whether access to write the clipboard is allowed for this frame. 91 virtual bool allowWriteToClipboard(WebFrame*, bool defaultValue) { return defaultValue; } 92 93 // Controls whether enabling Web Components API for this frame. 94 virtual bool allowWebComponents(const WebDocument&, bool defaultValue) { return defaultValue; } 95 96 // Controls whether to enable MutationEvents for this document. 97 // The common use case of this method is actually to selectively disable MutationEvents, 98 // but it's been named for consistency with the rest of the interface. 99 virtual bool allowMutationEvents(const WebDocument&, bool defaultValue) { return defaultValue; } 100 101 // Controls whether pushState and related History APIs are enabled for this frame. 102 virtual bool allowPushState(const WebDocument&) { return true; } 103 104 // Notifies the client that the frame would have instantiated a plug-in if plug-ins were enabled. 105 virtual void didNotAllowPlugins(WebFrame*) { } 106 107 // Notifies the client that the frame would have executed script if script were enabled. 108 virtual void didNotAllowScript(WebFrame*) { } 109 110 protected: 111 ~WebPermissionClient() { } 112 }; 113 114 } // namespace WebKit 115 116 #endif 117