1 /****************************************************************************
2 **
3 ** Copyright (C) 2018 The Qt Company Ltd.
4 ** Contact: https://www.qt.io/licensing/
5 **
6 ** This file is part of the QtWebEngine module of the Qt Toolkit.
7 **
8 ** $QT_BEGIN_LICENSE:LGPL$
9 ** Commercial License Usage
10 ** Licensees holding valid commercial Qt licenses may use this file in
11 ** accordance with the commercial license agreement provided with the
12 ** Software or, alternatively, in accordance with the terms contained in
13 ** a written agreement between you and The Qt Company. For licensing terms
14 ** and conditions see https://www.qt.io/terms-conditions. For further
15 ** information use the contact form at https://www.qt.io/contact-us.
16 **
17 ** GNU Lesser General Public License Usage
18 ** Alternatively, this file may be used under the terms of the GNU Lesser
19 ** General Public License version 3 as published by the Free Software
20 ** Foundation and appearing in the file LICENSE.LGPL3 included in the
21 ** packaging of this file. Please review the following information to
22 ** ensure the GNU Lesser General Public License version 3 requirements
23 ** will be met: https://www.gnu.org/licenses/lgpl-3.0.html.
24 **
25 ** GNU General Public License Usage
26 ** Alternatively, this file may be used under the terms of the GNU
27 ** General Public License version 2.0 or (at your option) the GNU General
28 ** Public license version 3 or any later version approved by the KDE Free
29 ** Qt Foundation. The licenses are as published by the Free Software
30 ** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3
31 ** included in the packaging of this file. Please review the following
32 ** information to ensure the GNU General Public License requirements will
33 ** be met: https://www.gnu.org/licenses/gpl-2.0.html and
34 ** https://www.gnu.org/licenses/gpl-3.0.html.
35 **
36 ** $QT_END_LICENSE$
37 **
38 ****************************************************************************/
39
40 // Based on chrome/renderer/content_settings_observer.cc:
41 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
42 // Use of this source code is governed by a BSD-style license that can be
43 // found in the LICENSE file.
44
45 #include "content_settings_observer_qt.h"
46
47 #include "content/public/renderer/render_frame.h"
48 #include "third_party/blink/public/platform/web_security_origin.h"
49 #include "third_party/blink/public/web/web_plugin_document.h"
50 #include "third_party/blink/public/web/web_local_frame.h"
51 #include "url/origin.h"
52
53 #include "common/qt_messages.h"
54
55 using blink::WebSecurityOrigin;
56 using blink::WebString;
57
58 namespace {
59
IsUniqueFrame(blink::WebFrame * frame)60 bool IsUniqueFrame(blink::WebFrame *frame)
61 {
62 return frame->GetSecurityOrigin().IsOpaque() ||
63 frame->Top()->GetSecurityOrigin().IsOpaque();
64 }
65
66 } // namespace
67
68 namespace QtWebEngineCore {
69
ContentSettingsObserverQt(content::RenderFrame * render_frame)70 ContentSettingsObserverQt::ContentSettingsObserverQt(content::RenderFrame *render_frame)
71 : content::RenderFrameObserver(render_frame)
72 , content::RenderFrameObserverTracker<ContentSettingsObserverQt>(render_frame)
73 , m_currentRequestId(0)
74 {
75 ClearBlockedContentSettings();
76 render_frame->GetWebFrame()->SetContentSettingsClient(this);
77 }
78
~ContentSettingsObserverQt()79 ContentSettingsObserverQt::~ContentSettingsObserverQt() {}
80
OnMessageReceived(const IPC::Message & message)81 bool ContentSettingsObserverQt::OnMessageReceived(const IPC::Message &message)
82 {
83 bool handled = true;
84 IPC_BEGIN_MESSAGE_MAP(ContentSettingsObserverQt, message)
85 IPC_MESSAGE_HANDLER(QtWebEngineMsg_RequestFileSystemAccessAsyncResponse, OnRequestFileSystemAccessAsyncResponse)
86 IPC_MESSAGE_UNHANDLED(handled = false)
87 IPC_END_MESSAGE_MAP()
88
89 return handled;
90 }
91
DidCommitProvisionalLoad(bool is_same_document_navigation,ui::PageTransition)92 void ContentSettingsObserverQt::DidCommitProvisionalLoad(bool is_same_document_navigation, ui::PageTransition /*transition*/)
93 {
94 blink::WebLocalFrame *frame = render_frame()->GetWebFrame();
95 if (frame->Parent())
96 return; // Not a top-level navigation.
97
98 if (!is_same_document_navigation)
99 ClearBlockedContentSettings();
100
101 GURL url = frame->GetDocument().Url();
102 // If we start failing this DCHECK, please makes sure we don't regress
103 // this bug: http://code.google.com/p/chromium/issues/detail?id=79304
104 DCHECK(frame->GetDocument().GetSecurityOrigin().ToString() == "null" || !url.SchemeIs(url::kDataScheme));
105 }
106
OnDestruct()107 void ContentSettingsObserverQt::OnDestruct()
108 {
109 delete this;
110 }
111
AllowDatabase()112 bool ContentSettingsObserverQt::AllowDatabase()
113 {
114 blink::WebFrame *frame = render_frame()->GetWebFrame();
115 if (IsUniqueFrame(frame))
116 return false;
117
118 bool result = false;
119 Send(new QtWebEngineHostMsg_AllowDatabase(routing_id(), url::Origin(frame->GetSecurityOrigin()).GetURL(),
120 url::Origin(frame->Top()->GetSecurityOrigin()).GetURL(), &result));
121 return result;
122 }
123
RequestFileSystemAccessAsync(base::OnceCallback<void (bool)> callback)124 void ContentSettingsObserverQt::RequestFileSystemAccessAsync(base::OnceCallback<void(bool)> callback)
125 {
126 blink::WebFrame *frame = render_frame()->GetWebFrame();
127 if (IsUniqueFrame(frame)) {
128 std::move(callback).Run(false);
129 return;
130 }
131 ++m_currentRequestId;
132 bool inserted = m_permissionRequests.insert(std::make_pair(m_currentRequestId, std::move(callback))).second;
133
134 // Verify there are no duplicate insertions.
135 DCHECK(inserted);
136
137 Send(new QtWebEngineHostMsg_RequestFileSystemAccessAsync(routing_id(), m_currentRequestId,
138 url::Origin(frame->GetSecurityOrigin()).GetURL(),
139 url::Origin(frame->Top()->GetSecurityOrigin()).GetURL()));
140 }
141
AllowIndexedDB()142 bool ContentSettingsObserverQt::AllowIndexedDB()
143 {
144 blink::WebFrame *frame = render_frame()->GetWebFrame();
145 if (IsUniqueFrame(frame))
146 return false;
147
148 bool result = false;
149 Send(new QtWebEngineHostMsg_AllowIndexedDB(routing_id(),
150 url::Origin(frame->GetSecurityOrigin()).GetURL(),
151 url::Origin(frame->Top()->GetSecurityOrigin()).GetURL(), &result));
152 return result;
153 }
154
AllowStorage(bool local)155 bool ContentSettingsObserverQt::AllowStorage(bool local)
156 {
157 blink::WebLocalFrame *frame = render_frame()->GetWebFrame();
158 if (IsUniqueFrame(frame))
159 return false;
160
161 StoragePermissionsKey key(url::Origin(frame->GetDocument().GetSecurityOrigin()).GetURL(), local);
162 const auto permissions = m_cachedStoragePermissions.find(key);
163 if (permissions != m_cachedStoragePermissions.end())
164 return permissions->second;
165
166 bool result = false;
167 Send(new QtWebEngineHostMsg_AllowDOMStorage(routing_id(), url::Origin(frame->GetSecurityOrigin()).GetURL(),
168 url::Origin(frame->Top()->GetSecurityOrigin()).GetURL(), local, &result));
169 m_cachedStoragePermissions[key] = result;
170 return result;
171 }
172
OnRequestFileSystemAccessAsyncResponse(int request_id,bool allowed)173 void ContentSettingsObserverQt::OnRequestFileSystemAccessAsyncResponse(int request_id, bool allowed)
174 {
175 auto it = m_permissionRequests.find(request_id);
176 if (it == m_permissionRequests.end())
177 return;
178
179 base::OnceCallback<void(bool)> callback = std::move(it->second);
180 m_permissionRequests.erase(it);
181
182 std::move(callback).Run(allowed);
183 }
184
ClearBlockedContentSettings()185 void ContentSettingsObserverQt::ClearBlockedContentSettings()
186 {
187 m_cachedStoragePermissions.clear();
188 }
189
190 } // namespace QtWebEngineCore
191