1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROME_BROWSER_PLUGINS_CHROME_PLUGIN_SERVICE_FILTER_H_ 6 #define CHROME_BROWSER_PLUGINS_CHROME_PLUGIN_SERVICE_FILTER_H_ 7 8 #include <map> 9 #include <set> 10 #include <vector> 11 12 #include "base/containers/hash_tables.h" 13 #include "base/files/file_path.h" 14 #include "base/memory/ref_counted.h" 15 #include "base/memory/singleton.h" 16 #include "base/synchronization/lock.h" 17 #include "content/public/browser/notification_observer.h" 18 #include "content/public/browser/notification_registrar.h" 19 #include "content/public/browser/plugin_service_filter.h" 20 #include "content/public/common/webplugininfo.h" 21 #include "url/gurl.h" 22 23 class PluginPrefs; 24 class Profile; 25 26 namespace content { 27 class WebContents; 28 } 29 30 // This class must be created (by calling the |GetInstance| method) on the UI 31 // thread, but is safe to use on any thread after that. 32 class ChromePluginServiceFilter : public content::PluginServiceFilter, 33 public content::NotificationObserver { 34 public: 35 static ChromePluginServiceFilter* GetInstance(); 36 37 // This method should be called on the UI thread. 38 void RegisterResourceContext(PluginPrefs* plugin_prefs, const void* context); 39 40 void UnregisterResourceContext(const void* context); 41 42 // Overrides the plugin lookup mechanism for a given tab and object URL to use 43 // a specifc plugin. 44 void OverridePluginForFrame(int render_process_id, 45 int render_frame_id, 46 const GURL& url, 47 const content::WebPluginInfo& plugin); 48 49 // Restricts the given plugin to the given profile and origin of the given 50 // URL. 51 void RestrictPluginToProfileAndOrigin(const base::FilePath& plugin_path, 52 Profile* profile, 53 const GURL& url); 54 55 // Lifts a restriction on a plug-in. 56 void UnrestrictPlugin(const base::FilePath& plugin_path); 57 58 // Authorizes a given plug-in for a given process. 59 void AuthorizePlugin(int render_process_id, 60 const base::FilePath& plugin_path); 61 62 // Authorizes all plug-ins for a given WebContents. If |load_blocked| is true, 63 // then the renderer is told to load the plugin with given |identifier| (or 64 // pllugins if |identifier| is empty). 65 // This method can only be called on the UI thread. 66 void AuthorizeAllPlugins(content::WebContents* web_contents, 67 bool load_blocked, 68 const std::string& identifier); 69 70 // Returns whether the plugin is found in restricted_plugins_. 71 bool IsPluginRestricted(const base::FilePath& plugin_path); 72 73 // PluginServiceFilter implementation: 74 virtual bool IsPluginAvailable( 75 int render_process_id, 76 int render_frame_id, 77 const void* context, 78 const GURL& url, 79 const GURL& policy_url, 80 content::WebPluginInfo* plugin) OVERRIDE; 81 82 // CanLoadPlugin always grants permission to the browser 83 // (render_process_id == 0) 84 virtual bool CanLoadPlugin( 85 int render_process_id, 86 const base::FilePath& path) OVERRIDE; 87 88 private: 89 friend struct DefaultSingletonTraits<ChromePluginServiceFilter>; 90 91 struct OverriddenPlugin { 92 OverriddenPlugin(); 93 ~OverriddenPlugin(); 94 95 int render_frame_id; 96 GURL url; // If empty, the override applies to all urls in render_frame. 97 content::WebPluginInfo plugin; 98 }; 99 100 struct ProcessDetails { 101 ProcessDetails(); 102 ~ProcessDetails(); 103 104 std::vector<OverriddenPlugin> overridden_plugins; 105 std::set<base::FilePath> authorized_plugins; 106 }; 107 108 ChromePluginServiceFilter(); 109 virtual ~ChromePluginServiceFilter(); 110 111 // content::NotificationObserver implementation: 112 virtual void Observe(int type, 113 const content::NotificationSource& source, 114 const content::NotificationDetails& details) OVERRIDE; 115 116 ProcessDetails* GetOrRegisterProcess(int render_process_id); 117 const ProcessDetails* GetProcess(int render_process_id) const; 118 119 content::NotificationRegistrar registrar_; 120 121 base::Lock lock_; // Guards access to member variables. 122 // Map of plugin paths to the origin they are restricted to. 123 typedef std::pair<const void*, GURL> RestrictedPluginPair; 124 typedef base::hash_map<base::FilePath, 125 RestrictedPluginPair> RestrictedPluginMap; 126 RestrictedPluginMap restricted_plugins_; 127 typedef std::map<const void*, scoped_refptr<PluginPrefs> > ResourceContextMap; 128 ResourceContextMap resource_context_map_; 129 130 std::map<int, ProcessDetails> plugin_details_; 131 }; 132 133 #endif // CHROME_BROWSER_PLUGINS_CHROME_PLUGIN_SERVICE_FILTER_H_ 134