1 /* 2 * Copyright 2009, The Android Open Source Project 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * * Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * * Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 13 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS ``AS IS'' AND ANY 14 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 16 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR 17 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 18 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 19 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 20 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY 21 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 23 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 */ 25 26 #ifndef GeolocationPermissions_h 27 #define GeolocationPermissions_h 28 29 #include "PlatformString.h" 30 // We must include this before before HashMap.h, as it provides specalizations 31 // for String hash types instantiated there. 32 #include "StringHash.h" 33 #include "Timer.h" 34 #include <wtf/HashMap.h> 35 #include <wtf/HashSet.h> 36 #include <wtf/RefCounted.h> 37 #include <wtf/Vector.h> 38 39 namespace WebCore { 40 class Frame; 41 class Geolocation; 42 class SQLiteDatabase; 43 } 44 45 namespace android { 46 47 class WebViewCore; 48 49 // The GeolocationPermissions class manages Geolocation permissions for the 50 // browser. Permissions are managed on a per-origin basis, as required by 51 // the Geolocation spec - http://dev.w3.org/geo/api/spec-source.html. An 52 // origin specifies the scheme, host and port of particular frame. An 53 // origin is represented here as a string, using the output of 54 // WebCore::SecurityOrigin::toString. 55 // 56 // Each instance handles permissions for a given main frame. The class 57 // enforces the following policy. 58 // - Non-remembered permissions last for the dureation of the main frame. 59 // - Remembered permissions last indefinitely. 60 // - All permissions are shared between child frames of a main frame. 61 // - Only remembered permissions are shared between main frames. 62 // - Remembered permissions are made available for use in the browser 63 // settings menu. 64 class GeolocationPermissions : public RefCounted<GeolocationPermissions> { 65 public: 66 // Creates the GeolocationPermissions object to manage permissions for 67 // the specified main frame (i.e. tab). The WebViewCore is used to 68 // communicate with the browser to display UI. 69 GeolocationPermissions(WebViewCore* webViewCore, WebCore::Frame* mainFrame); 70 virtual ~GeolocationPermissions(); 71 72 // Queries the permission state for the specified frame. If the 73 // permission state has not yet been set, prompts the user. Once the 74 // permission state has been determined, asynchronously calls back to 75 // the Geolocation objects in all frames in this WebView that are from 76 // the same origin as the requesting frame. 77 void queryPermissionState(WebCore::Frame* frame); 78 void cancelPermissionStateQuery(WebCore::Frame*); 79 80 // Provides this object with a permission state set by the user. The 81 // permission is specified by 'allow' and applied to 'origin'. If 82 // 'remember' is set, the permission state is remembered permanently. 83 // The new permission state is recorded and will trigger callbacks to 84 // geolocation objects as described above. If any other permission 85 // requests are queued, the next is started. 86 void providePermissionState(WebCore::String origin, bool allow, bool remember); 87 88 // Clears the temporary permission state and any pending requests. Used 89 // when the main frame is refreshed or navigated to a new URL. 90 void resetTemporaryPermissionStates(); 91 92 // Static methods for use from Java. These are used to interact with the 93 // browser settings menu and to update the permanent permissions when 94 // system settings are changed. 95 // Gets the list of all origins for which permanent permissions are 96 // recorded. 97 typedef HashSet<WebCore::String> OriginSet; 98 static OriginSet getOrigins(); 99 // Gets whether the specified origin is allowed. 100 static bool getAllowed(WebCore::String origin); 101 // Clears the permission state for the specified origin. 102 static void clear(WebCore::String origin); 103 // Sets the permission state for the specified origin to allowed. 104 static void allow(WebCore::String origin); 105 // Clears the permission state for all origins. 106 static void clearAll(); 107 // Sets whether the GeolocationPermissions object should always deny 108 // permission requests, irrespective of previously recorded permission 109 // states. 110 static void setAlwaysDeny(bool deny); 111 112 static void setDatabasePath(WebCore::String path); 113 static bool openDatabase(WebCore::SQLiteDatabase*); 114 115 // Saves the permanent permissions to the DB if required. 116 static void maybeStorePermanentPermissions(); 117 118 private: 119 // Records the permission state for the specified origin and whether 120 // this should be remembered. 121 void recordPermissionState(WebCore::String origin, bool allow, bool remember); 122 123 // Used to make an asynchronous callback to the Geolocation objects. 124 void makeAsynchronousCallbackToGeolocation(WebCore::String origin, bool allow); 125 void timerFired(WebCore::Timer<GeolocationPermissions>* timer); 126 127 // Calls back to the Geolocation objects in all frames from the 128 // specified origin. There may be no such objects, as the frames using 129 // Geolocation from the specified origin may no longer use Geolocation, 130 // or may have been navigated to a different origin.. 131 void maybeCallbackFrames(WebCore::String origin, bool allow); 132 133 // Cancels pending permission requests for the specified origin in 134 // other main frames (ie browser tabs). This is used when the user 135 // specifies permission to be remembered. 136 static void cancelPendingRequestsInOtherTabs(WebCore::String origin); 137 void cancelPendingRequests(WebCore::String origin); 138 139 static void maybeLoadPermanentPermissions(); 140 141 const WebCore::String& nextOriginInQueue(); 142 143 WebViewCore* m_webViewCore; 144 WebCore::Frame* m_mainFrame; 145 // A vector of the origins queued to make a permission request. 146 // The first in the vector is the origin currently making the request. 147 typedef Vector<WebCore::String> OriginVector; 148 OriginVector m_queuedOrigins; 149 // A map from a queued origin to the set of frames that have requested 150 // permission for that origin. 151 typedef HashSet<WebCore::Frame*> FrameSet; 152 typedef HashMap<WebCore::String, FrameSet> OriginToFramesMap; 153 OriginToFramesMap m_queuedOriginsToFramesMap; 154 155 typedef WTF::HashMap<WebCore::String, bool> PermissionsMap; 156 PermissionsMap m_temporaryPermissions; 157 static PermissionsMap s_permanentPermissions; 158 159 typedef WTF::Vector<GeolocationPermissions*> GeolocationPermissionsVector; 160 static GeolocationPermissionsVector s_instances; 161 162 WebCore::Timer<GeolocationPermissions> m_timer; 163 164 struct CallbackData { 165 WebCore::String origin; 166 bool allow; 167 }; 168 CallbackData m_callbackData; 169 170 static bool s_alwaysDeny; 171 172 static bool s_permanentPermissionsLoaded; 173 static bool s_permanentPermissionsModified; 174 static WebCore::String s_databasePath; 175 }; 176 177 } // namespace android 178 179 #endif 180