diff options
author | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2019-12-03 16:51:55 +0100 |
---|---|---|
committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2020-01-13 13:39:45 +0100 |
commit | 6287dc28f97b370faf01fefbdf1453bd8935e998 (patch) | |
tree | 3e6c3d86b3483d581077df78c9e0103dcc1047e8 /src/core | |
parent | 09ce1e76716ca660ef6a9b39e4bb0015d03a0793 (diff) |
Fix extensions with network-service
Extension resources are now loaded through ExtensionsBrowserClientQt's
LoadResourceFromResourceBundle, and permission to load extra schemes
is now handled by installing subresource URL loaders.
Change-Id: Id0445088607c9be019fbfc134db4e60b94e54479
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
Diffstat (limited to 'src/core')
-rw-r--r-- | src/core/content_browser_client_qt.cpp | 87 | ||||
-rw-r--r-- | src/core/content_browser_client_qt.h | 1 | ||||
-rw-r--r-- | src/core/extensions/extensions_browser_client_qt.cpp | 162 |
3 files changed, 247 insertions, 3 deletions
diff --git a/src/core/content_browser_client_qt.cpp b/src/core/content_browser_client_qt.cpp index e29a161ca..987934555 100644 --- a/src/core/content_browser_client_qt.cpp +++ b/src/core/content_browser_client_qt.cpp @@ -159,12 +159,15 @@ #endif #if BUILDFLAG(ENABLE_EXTENSIONS) -#include "extensions/extensions_browser_client_qt.h" +#include "content/public/browser/file_url_loader.h" #include "extensions/browser/extension_message_filter.h" #include "extensions/browser/guest_view/extensions_guest_view_message_filter.h" #include "extensions/browser/io_thread_extension_message_filter.h" #include "extensions/common/constants.h" + #include "common/extensions/extensions_client_qt.h" +#include "extensions/extension_web_contents_observer_qt.h" +#include "extensions/extensions_browser_client_qt.h" #include "net/plugin_response_interceptor_url_loader_throttle.h" #endif @@ -481,12 +484,20 @@ void ContentBrowserClientQt::AppendExtraCommandLineSwitches(base::CommandLine* c void ContentBrowserClientQt::GetAdditionalWebUISchemes(std::vector<std::string>* additional_schemes) { + ContentBrowserClient::GetAdditionalWebUISchemes(additional_schemes); additional_schemes->push_back(content::kChromeDevToolsScheme); } void ContentBrowserClientQt::GetAdditionalViewSourceSchemes(std::vector<std::string>* additional_schemes) { - additional_schemes->push_back(content::kChromeDevToolsScheme); + ContentBrowserClient::GetAdditionalViewSourceSchemes(additional_schemes); +} + +void ContentBrowserClientQt::GetAdditionalAllowedSchemesForFileSystem(std::vector<std::string>* additional_schemes) +{ + ContentBrowserClient::GetAdditionalAllowedSchemesForFileSystem(additional_schemes); + additional_schemes->push_back(content::kChromeDevToolsScheme); + additional_schemes->push_back(content::kChromeUIScheme); } #if defined(Q_OS_LINUX) @@ -1084,6 +1095,46 @@ void ContentBrowserClientQt::RegisterNonNetworkNavigationURLLoaderFactories(int #endif } +#if BUILDFLAG(ENABLE_EXTENSIONS) +namespace { +// The FileURLLoaderFactory provided to the extension background pages. +// Checks with the ChildProcessSecurityPolicy to validate the file access. +class FileURLLoaderFactory : public network::mojom::URLLoaderFactory +{ +public: + explicit FileURLLoaderFactory(int child_id) : child_id_(child_id) {} + +private: + // network::mojom::URLLoaderFactory: + void CreateLoaderAndStart(network::mojom::URLLoaderRequest loader, + int32_t routing_id, + int32_t request_id, + uint32_t options, + const network::ResourceRequest& request, + network::mojom::URLLoaderClientPtr client, + const net::MutableNetworkTrafficAnnotationTag &traffic_annotation) override + { + if (!content::ChildProcessSecurityPolicy::GetInstance()->CanRequestURL(child_id_, request.url)) { + client->OnComplete(network::URLLoaderCompletionStatus(net::ERR_ACCESS_DENIED)); + return; + } + content::CreateFileURLLoader(request, std::move(loader), std::move(client), + /* observer */ nullptr, + /* allow_directory_listing */ false); + } + + void Clone(network::mojom::URLLoaderFactoryRequest loader) override + { + bindings_.AddBinding(this, std::move(loader)); + } + + int child_id_; + mojo::BindingSet<network::mojom::URLLoaderFactory> bindings_; + DISALLOW_COPY_AND_ASSIGN(FileURLLoaderFactory); +}; +} // namespace +#endif + void ContentBrowserClientQt::RegisterNonNetworkSubresourceURLLoaderFactories(int render_process_id, int render_frame_id, NonNetworkURLLoaderFactoryMap *factories) { @@ -1100,6 +1151,38 @@ void ContentBrowserClientQt::RegisterNonNetworkSubresourceURLLoaderFactories(int auto factory = extensions::CreateExtensionURLLoaderFactory(render_process_id, render_frame_id); if (factory) factories->emplace(extensions::kExtensionScheme, std::move(factory)); + + content::RenderFrameHost *frame_host = content::RenderFrameHost::FromID(render_process_id, render_frame_id); + content::WebContents *web_contents = content::WebContents::FromRenderFrameHost(frame_host); + if (!web_contents) + return; + + extensions::ExtensionWebContentsObserverQt *web_observer = + extensions::ExtensionWebContentsObserverQt::FromWebContents(web_contents); + if (!web_observer) + return; + + const extensions::Extension *extension = web_observer->GetExtensionFromFrame(frame_host, false); + if (!extension) + return; + + std::vector<std::string> allowed_webui_hosts; + // Support for chrome:// scheme if appropriate. + if ((extension->is_extension() || extension->is_platform_app()) && + extensions::Manifest::IsComponentLocation(extension->location())) { + // Components of chrome that are implemented as extensions or platform apps + // are allowed to use chrome://resources/ and chrome://theme/ URLs. + allowed_webui_hosts.emplace_back(content::kChromeUIResourcesHost); + } + if (!allowed_webui_hosts.empty()) { + factories->emplace(content::kChromeUIScheme, + content::CreateWebUIURLLoader(frame_host, + content::kChromeUIScheme, + std::move(allowed_webui_hosts))); + } + // Support for file:// scheme when approved by ChildProcessSecurityPolicy. + // FIXME: Not needed after switching to using transferable url loaders and guest views. + factories->emplace(url::kFileScheme, std::make_unique<FileURLLoaderFactory>(render_process_id)); #endif } diff --git a/src/core/content_browser_client_qt.h b/src/core/content_browser_client_qt.h index b58ccb8c4..c6a252562 100644 --- a/src/core/content_browser_client_qt.h +++ b/src/core/content_browser_client_qt.h @@ -116,6 +116,7 @@ public: void GetAdditionalViewSourceSchemes(std::vector<std::string>* additional_schemes) override; void GetAdditionalWebUISchemes(std::vector<std::string>* additional_schemes) override; + void GetAdditionalAllowedSchemesForFileSystem(std::vector<std::string>* additional_schemes) override; void BindInterfaceRequestFromFrame(content::RenderFrameHost* render_frame_host, const std::string& interface_name, diff --git a/src/core/extensions/extensions_browser_client_qt.cpp b/src/core/extensions/extensions_browser_client_qt.cpp index 59c15d2f5..d974155c5 100644 --- a/src/core/extensions/extensions_browser_client_qt.cpp +++ b/src/core/extensions/extensions_browser_client_qt.cpp @@ -66,10 +66,12 @@ #include "extensions/browser/mojo/interface_registration.h" #include "extensions/browser/url_request_util.h" #include "extensions/common/file_util.h" +#include "mojo/public/cpp/bindings/strong_binding.h" #include "net/base/completion_once_callback.h" #include "net/base/mime_util.h" #include "net/url_request/url_request_simple_job.h" #include "services/network/public/mojom/url_loader.mojom.h" +#include "third_party/zlib/google/compression_utils.h" #include "ui/base/resource/resource_bundle.h" #include "component_extension_resource_manager_qt.h" @@ -165,6 +167,163 @@ private: mutable base::WeakPtrFactory<URLRequestResourceBundleJob> weak_factory_; }; +scoped_refptr<base::RefCountedMemory> GetResource(int resource_id, const std::string &extension_id) +{ + const ui::ResourceBundle &rb = ui::ResourceBundle::GetSharedInstance(); + scoped_refptr<base::RefCountedMemory> bytes = rb.LoadDataResourceBytes(resource_id); + auto *replacements = extensions::ExtensionsBrowserClient::Get()->GetComponentExtensionResourceManager() + ? extensions::ExtensionsBrowserClient::Get()->GetComponentExtensionResourceManager()->GetTemplateReplacementsForExtension( + extension_id) + : nullptr; + + bool is_gzipped = rb.IsGzipped(resource_id); + if (!bytes->size() || (!replacements && !is_gzipped)) { + return bytes; + } + + base::StringPiece input(reinterpret_cast<const char *>(bytes->front()), bytes->size()); + + std::string temp_str; + + base::StringPiece source = input; + if (is_gzipped) { + temp_str.resize(compression::GetUncompressedSize(input)); + source = temp_str; + CHECK(compression::GzipUncompress(input, source)); + } + + if (replacements) { + temp_str = ui::ReplaceTemplateExpressions(source, *replacements); + } + + DCHECK(!temp_str.empty()); + + return base::RefCountedString::TakeString(&temp_str); +} + +// Loads an extension resource in a Chrome .pak file. These are used by +// component extensions. +class ResourceBundleFileLoader : public network::mojom::URLLoader +{ +public: + static void CreateAndStart(const network::ResourceRequest &request, network::mojom::URLLoaderRequest loader, + network::mojom::URLLoaderClientPtrInfo client_info, const base::FilePath &filename, + int resource_id, const std::string &content_security_policy, bool send_cors_header) + { + // Owns itself. Will live as long as its URLLoader and URLLoaderClientPtr + // bindings are alive - essentially until either the client gives up or all + // file data has been sent to it. + auto *bundle_loader = new ResourceBundleFileLoader(content_security_policy, send_cors_header); + bundle_loader->Start(request, std::move(loader), std::move(client_info), filename, resource_id); + } + + // mojom::URLLoader implementation: + void FollowRedirect(const std::vector<std::string> &removed_headers, + const net::HttpRequestHeaders &modified_headers, const base::Optional<GURL> &new_url) override + { + NOTREACHED() << "No redirects for local file loads."; + } + // Current implementation reads all resource data at start of resource + // load, so priority, and pausing is not currently implemented. + void SetPriority(net::RequestPriority priority, int32_t intra_priority_value) override {} + void PauseReadingBodyFromNet() override {} + void ResumeReadingBodyFromNet() override {} + void ProceedWithResponse() override {} + +private: + ResourceBundleFileLoader(const std::string &content_security_policy, bool send_cors_header) : binding_(this) + { + response_headers_ = extensions::BuildHttpHeaders(content_security_policy, send_cors_header, base::Time()); + } + ~ResourceBundleFileLoader() override = default; + + void Start(const network::ResourceRequest &request, network::mojom::URLLoaderRequest loader, + network::mojom::URLLoaderClientPtrInfo client_info, const base::FilePath &filename, int resource_id) + { + client_.Bind(std::move(client_info)); + binding_.Bind(std::move(loader)); + binding_.set_connection_error_handler( + base::BindOnce(&ResourceBundleFileLoader::OnBindingError, base::Unretained(this))); + client_.set_connection_error_handler( + base::BindOnce(&ResourceBundleFileLoader::OnConnectionError, base::Unretained(this))); + auto data = GetResource(resource_id, request.url.host()); + + std::string *read_mime_type = new std::string; + base::PostTaskWithTraitsAndReplyWithResult( + FROM_HERE, { base::MayBlock() }, + base::BindOnce(&net::GetMimeTypeFromFile, filename, base::Unretained(read_mime_type)), + base::BindOnce(&ResourceBundleFileLoader::OnMimeTypeRead, weak_factory_.GetWeakPtr(), std::move(data), + base::Owned(read_mime_type))); + } + + void OnMimeTypeRead(scoped_refptr<base::RefCountedMemory> data, std::string *read_mime_type, bool read_result) + { + network::ResourceResponseHead head; + head.request_start = base::TimeTicks::Now(); + head.response_start = base::TimeTicks::Now(); + head.content_length = data->size(); + head.mime_type = *read_mime_type; + DetermineCharset(head.mime_type, data.get(), &head.charset); + mojo::DataPipe pipe(data->size()); + if (!pipe.consumer_handle.is_valid()) { + client_->OnComplete(network::URLLoaderCompletionStatus(net::ERR_FAILED)); + client_.reset(); + MaybeDeleteSelf(); + return; + } + head.headers = response_headers_; + head.headers->AddHeader(base::StringPrintf("%s: %s", net::HttpRequestHeaders::kContentLength, + base::NumberToString(head.content_length).c_str())); + if (!head.mime_type.empty()) { + head.headers->AddHeader( + base::StringPrintf("%s: %s", net::HttpRequestHeaders::kContentType, head.mime_type.c_str())); + } + client_->OnReceiveResponse(head); + client_->OnStartLoadingResponseBody(std::move(pipe.consumer_handle)); + + uint32_t write_size = data->size(); + MojoResult result = pipe.producer_handle->WriteData(data->front(), &write_size, MOJO_WRITE_DATA_FLAG_NONE); + OnFileWritten(result); + } + + void OnConnectionError() + { + client_.reset(); + MaybeDeleteSelf(); + } + + void OnBindingError() + { + binding_.Close(); + MaybeDeleteSelf(); + } + + void MaybeDeleteSelf() + { + if (!binding_.is_bound() && !client_.is_bound()) + delete this; + } + + void OnFileWritten(MojoResult result) + { + // All the data has been written now. The consumer will be notified that + // there will be no more data to read from now. + if (result == MOJO_RESULT_OK) + client_->OnComplete(network::URLLoaderCompletionStatus(net::OK)); + else + client_->OnComplete(network::URLLoaderCompletionStatus(net::ERR_FAILED)); + client_.reset(); + MaybeDeleteSelf(); + } + + mojo::Binding<network::mojom::URLLoader> binding_; + network::mojom::URLLoaderClientPtr client_; + scoped_refptr<net::HttpResponseHeaders> response_headers_; + base::WeakPtrFactory<ResourceBundleFileLoader> weak_factory_{ this }; + + DISALLOW_COPY_AND_ASSIGN(ResourceBundleFileLoader); +}; + } // namespace namespace extensions { @@ -307,7 +466,8 @@ void ExtensionsBrowserClientQt::LoadResourceFromResourceBundle(const network::Re network::mojom::URLLoaderClientPtr client, bool send_cors_header) { - NOTIMPLEMENTED(); + ResourceBundleFileLoader::CreateAndStart(request, std::move(loader), client.PassInterface(), resource_relative_path, + resource_id, content_security_policy, send_cors_header); } |