1 // Copyright 2014 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "chrome/browser/extensions/chrome_url_request_util.h" 6 7 #include <string> 8 9 #include "base/files/file_path.h" 10 #include "base/memory/weak_ptr.h" 11 #include "base/path_service.h" 12 #include "base/strings/string_number_conversions.h" 13 #include "base/strings/string_util.h" 14 #include "base/strings/stringprintf.h" 15 #include "base/task_runner_util.h" 16 #include "chrome/common/chrome_paths.h" 17 #include "chrome/common/extensions/manifest_url_handler.h" 18 #include "content/public/browser/browser_thread.h" 19 #include "content/public/browser/resource_request_info.h" 20 #include "extensions/browser/component_extension_resource_manager.h" 21 #include "extensions/browser/extension_protocols.h" 22 #include "extensions/browser/extensions_browser_client.h" 23 #include "extensions/browser/info_map.h" 24 #include "extensions/browser/url_request_util.h" 25 #include "extensions/common/file_util.h" 26 #include "net/base/mime_util.h" 27 #include "net/base/net_errors.h" 28 #include "net/http/http_request_headers.h" 29 #include "net/http/http_response_headers.h" 30 #include "net/http/http_response_info.h" 31 #include "net/url_request/url_request.h" 32 #include "net/url_request/url_request_simple_job.h" 33 #include "ui/base/resource/resource_bundle.h" 34 35 using content::BrowserThread; 36 using content::ResourceType; 37 using extensions::ExtensionsBrowserClient; 38 39 namespace { 40 41 // A request for an extension resource in a Chrome .pak file. These are used 42 // by component extensions. 43 class URLRequestResourceBundleJob : public net::URLRequestSimpleJob { 44 public: 45 URLRequestResourceBundleJob(net::URLRequest* request, 46 net::NetworkDelegate* network_delegate, 47 const base::FilePath& filename, 48 int resource_id, 49 const std::string& content_security_policy, 50 bool send_cors_header) 51 : net::URLRequestSimpleJob(request, network_delegate), 52 filename_(filename), 53 resource_id_(resource_id), 54 weak_factory_(this) { 55 // Leave cache headers out of resource bundle requests. 56 response_info_.headers = extensions::BuildHttpHeaders( 57 content_security_policy, send_cors_header, base::Time()); 58 } 59 60 // Overridden from URLRequestSimpleJob: 61 virtual int GetData(std::string* mime_type, 62 std::string* charset, 63 std::string* data, 64 const net::CompletionCallback& callback) const OVERRIDE { 65 const ResourceBundle& rb = ResourceBundle::GetSharedInstance(); 66 *data = rb.GetRawDataResource(resource_id_).as_string(); 67 68 // Add the Content-Length header now that we know the resource length. 69 response_info_.headers->AddHeader( 70 base::StringPrintf("%s: %s", 71 net::HttpRequestHeaders::kContentLength, 72 base::UintToString(data->size()).c_str())); 73 74 std::string* read_mime_type = new std::string; 75 bool posted = base::PostTaskAndReplyWithResult( 76 BrowserThread::GetBlockingPool(), 77 FROM_HERE, 78 base::Bind(&net::GetMimeTypeFromFile, 79 filename_, 80 base::Unretained(read_mime_type)), 81 base::Bind(&URLRequestResourceBundleJob::OnMimeTypeRead, 82 weak_factory_.GetWeakPtr(), 83 mime_type, 84 charset, 85 data, 86 base::Owned(read_mime_type), 87 callback)); 88 DCHECK(posted); 89 90 return net::ERR_IO_PENDING; 91 } 92 93 virtual void GetResponseInfo(net::HttpResponseInfo* info) OVERRIDE { 94 *info = response_info_; 95 } 96 97 private: 98 virtual ~URLRequestResourceBundleJob() {} 99 100 void OnMimeTypeRead(std::string* out_mime_type, 101 std::string* charset, 102 std::string* data, 103 std::string* read_mime_type, 104 const net::CompletionCallback& callback, 105 bool read_result) { 106 *out_mime_type = *read_mime_type; 107 if (StartsWithASCII(*read_mime_type, "text/", false)) { 108 // All of our HTML files should be UTF-8 and for other resource types 109 // (like images), charset doesn't matter. 110 DCHECK(base::IsStringUTF8(*data)); 111 *charset = "utf-8"; 112 } 113 int result = read_result ? net::OK : net::ERR_INVALID_URL; 114 callback.Run(result); 115 } 116 117 // We need the filename of the resource to determine the mime type. 118 base::FilePath filename_; 119 120 // The resource bundle id to load. 121 int resource_id_; 122 123 net::HttpResponseInfo response_info_; 124 125 mutable base::WeakPtrFactory<URLRequestResourceBundleJob> weak_factory_; 126 }; 127 128 } // namespace 129 130 namespace extensions { 131 namespace chrome_url_request_util { 132 133 bool AllowCrossRendererResourceLoad(net::URLRequest* request, 134 bool is_incognito, 135 const Extension* extension, 136 InfoMap* extension_info_map, 137 bool* allowed) { 138 if (url_request_util::AllowCrossRendererResourceLoad( 139 request, is_incognito, extension, extension_info_map, allowed)) { 140 return true; 141 } 142 143 // If there aren't any explicitly marked web accessible resources, the 144 // load should be allowed only if it is by DevTools. A close approximation is 145 // checking if the extension contains a DevTools page. 146 if (!ManifestURL::GetDevToolsPage(extension).is_empty()) { 147 *allowed = true; 148 return true; 149 } 150 151 // Couldn't determine if the resource is allowed or not. 152 return false; 153 } 154 155 net::URLRequestJob* MaybeCreateURLRequestResourceBundleJob( 156 net::URLRequest* request, 157 net::NetworkDelegate* network_delegate, 158 const base::FilePath& directory_path, 159 const std::string& content_security_policy, 160 bool send_cors_header) { 161 base::FilePath resources_path; 162 base::FilePath relative_path; 163 // Try to load extension resources from chrome resource file if 164 // directory_path is a descendant of resources_path. resources_path 165 // corresponds to src/chrome/browser/resources in source tree. 166 if (PathService::Get(chrome::DIR_RESOURCES, &resources_path) && 167 // Since component extension resources are included in 168 // component_extension_resources.pak file in resources_path, calculate 169 // extension relative path against resources_path. 170 resources_path.AppendRelativePath(directory_path, &relative_path)) { 171 base::FilePath request_path = 172 extensions::file_util::ExtensionURLToRelativeFilePath(request->url()); 173 int resource_id = 0; 174 if (ExtensionsBrowserClient::Get() 175 ->GetComponentExtensionResourceManager() 176 ->IsComponentExtensionResource( 177 directory_path, request_path, &resource_id)) { 178 relative_path = relative_path.Append(request_path); 179 relative_path = relative_path.NormalizePathSeparators(); 180 return new URLRequestResourceBundleJob(request, 181 network_delegate, 182 relative_path, 183 resource_id, 184 content_security_policy, 185 send_cors_header); 186 } 187 } 188 return NULL; 189 } 190 191 } // namespace chrome_url_request_util 192 } // namespace extensions 193