1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "content/child/npapi/webplugin_delegate_impl.h"
6
7 #include <map>
8 #include <set>
9 #include <string>
10 #include <vector>
11
12 #include "base/bind.h"
13 #include "base/compiler_specific.h"
14 #include "base/lazy_instance.h"
15 #include "base/memory/scoped_ptr.h"
16 #include "base/message_loop/message_loop.h"
17 #include "base/metrics/stats_counters.h"
18 #include "base/strings/string_util.h"
19 #include "base/strings/stringprintf.h"
20 #include "base/synchronization/lock.h"
21 #include "base/version.h"
22 #include "base/win/iat_patch_function.h"
23 #include "base/win/registry.h"
24 #include "base/win/windows_version.h"
25 #include "content/child/npapi/plugin_instance.h"
26 #include "content/child/npapi/plugin_lib.h"
27 #include "content/child/npapi/plugin_stream_url.h"
28 #include "content/child/npapi/webplugin.h"
29 #include "content/child/npapi/webplugin_ime_win.h"
30 #include "content/common/cursors/webcursor.h"
31 #include "content/common/plugin_constants_win.h"
32 #include "content/public/common/content_constants.h"
33 #include "skia/ext/platform_canvas.h"
34 #include "third_party/WebKit/public/web/WebInputEvent.h"
35 #include "ui/gfx/win/dpi.h"
36 #include "ui/gfx/win/hwnd_util.h"
37
38 using blink::WebKeyboardEvent;
39 using blink::WebInputEvent;
40 using blink::WebMouseEvent;
41
42 namespace content {
43
44 namespace {
45
46 const wchar_t kWebPluginDelegateProperty[] = L"WebPluginDelegateProperty";
47 const wchar_t kPluginFlashThrottle[] = L"FlashThrottle";
48
49 // The fastest we are willing to process WM_USER+1 events for Flash.
50 // Flash can easily exceed the limits of our CPU if we don't throttle it.
51 // The throttle has been chosen by testing various delays and compromising
52 // on acceptable Flash performance and reasonable CPU consumption.
53 //
54 // I'd like to make the throttle delay variable, based on the amount of
55 // time currently required to paint Flash plugins. There isn't a good
56 // way to count the time spent in aggregate plugin painting, however, so
57 // this seems to work well enough.
58 const int kFlashWMUSERMessageThrottleDelayMs = 5;
59
60 // Flash displays popups in response to user clicks by posting a WM_USER
61 // message to the plugin window. The handler for this message displays
62 // the popup. To ensure that the popups allowed state is sent correctly
63 // to the renderer we reset the popups allowed state in a timer.
64 const int kWindowedPluginPopupTimerMs = 50;
65
66 // The current instance of the plugin which entered the modal loop.
67 WebPluginDelegateImpl* g_current_plugin_instance = NULL;
68
69 typedef std::deque<MSG> ThrottleQueue;
70 base::LazyInstance<ThrottleQueue> g_throttle_queue = LAZY_INSTANCE_INITIALIZER;
71
72 base::LazyInstance<std::map<HWND, WNDPROC> > g_window_handle_proc_map =
73 LAZY_INSTANCE_INITIALIZER;
74
75 // Helper object for patching the TrackPopupMenu API.
76 base::LazyInstance<base::win::IATPatchFunction> g_iat_patch_track_popup_menu =
77 LAZY_INSTANCE_INITIALIZER;
78
79 // Helper object for patching the SetCursor API.
80 base::LazyInstance<base::win::IATPatchFunction> g_iat_patch_set_cursor =
81 LAZY_INSTANCE_INITIALIZER;
82
83 // Helper object for patching the RegEnumKeyExW API.
84 base::LazyInstance<base::win::IATPatchFunction> g_iat_patch_reg_enum_key_ex_w =
85 LAZY_INSTANCE_INITIALIZER;
86
87 // Helper object for patching the GetProcAddress API.
88 base::LazyInstance<base::win::IATPatchFunction> g_iat_patch_get_proc_address =
89 LAZY_INSTANCE_INITIALIZER;
90
91 base::LazyInstance<base::win::IATPatchFunction> g_iat_patch_window_from_point =
92 LAZY_INSTANCE_INITIALIZER;
93
94 // http://crbug.com/16114
95 // Enforces providing a valid device context in NPWindow, so that NPP_SetWindow
96 // is never called with NPNWindoTypeDrawable and NPWindow set to NULL.
97 // Doing so allows removing NPP_SetWindow call during painting a windowless
98 // plugin, which otherwise could trigger layout change while painting by
99 // invoking NPN_Evaluate. Which would cause bad, bad crashes. Bad crashes.
100 // TODO(dglazkov): If this approach doesn't produce regressions, move class to
101 // webplugin_delegate_impl.h and implement for other platforms.
102 class DrawableContextEnforcer {
103 public:
DrawableContextEnforcer(NPWindow * window)104 explicit DrawableContextEnforcer(NPWindow* window)
105 : window_(window),
106 disposable_dc_(window && !window->window) {
107 // If NPWindow is NULL, create a device context with monochrome 1x1 surface
108 // and stuff it to NPWindow.
109 if (disposable_dc_)
110 window_->window = CreateCompatibleDC(NULL);
111 }
112
~DrawableContextEnforcer()113 ~DrawableContextEnforcer() {
114 if (!disposable_dc_)
115 return;
116
117 DeleteDC(static_cast<HDC>(window_->window));
118 window_->window = NULL;
119 }
120
121 private:
122 NPWindow* window_;
123 bool disposable_dc_;
124 };
125
126 // These are from ntddk.h
127 typedef LONG NTSTATUS;
128
129 #ifndef STATUS_SUCCESS
130 #define STATUS_SUCCESS ((NTSTATUS)0x00000000L)
131 #endif
132
133 #ifndef STATUS_BUFFER_TOO_SMALL
134 #define STATUS_BUFFER_TOO_SMALL ((NTSTATUS)0xC0000023L)
135 #endif
136
137 typedef enum _KEY_INFORMATION_CLASS {
138 KeyBasicInformation,
139 KeyNodeInformation,
140 KeyFullInformation,
141 KeyNameInformation,
142 KeyCachedInformation,
143 KeyVirtualizationInformation
144 } KEY_INFORMATION_CLASS;
145
146 typedef struct _KEY_NAME_INFORMATION {
147 ULONG NameLength;
148 WCHAR Name[1];
149 } KEY_NAME_INFORMATION, *PKEY_NAME_INFORMATION;
150
151 typedef DWORD (__stdcall *ZwQueryKeyType)(
152 HANDLE key_handle,
153 int key_information_class,
154 PVOID key_information,
155 ULONG length,
156 PULONG result_length);
157
158 // Returns a key's full path.
GetKeyPath(HKEY key)159 std::wstring GetKeyPath(HKEY key) {
160 if (key == NULL)
161 return L"";
162
163 HMODULE dll = GetModuleHandle(L"ntdll.dll");
164 if (dll == NULL)
165 return L"";
166
167 ZwQueryKeyType func = reinterpret_cast<ZwQueryKeyType>(
168 ::GetProcAddress(dll, "ZwQueryKey"));
169 if (func == NULL)
170 return L"";
171
172 DWORD size = 0;
173 DWORD result = 0;
174 result = func(key, KeyNameInformation, 0, 0, &size);
175 if (result != STATUS_BUFFER_TOO_SMALL)
176 return L"";
177
178 scoped_ptr<char[]> buffer(new char[size]);
179 if (buffer.get() == NULL)
180 return L"";
181
182 result = func(key, KeyNameInformation, buffer.get(), size, &size);
183 if (result != STATUS_SUCCESS)
184 return L"";
185
186 KEY_NAME_INFORMATION* info =
187 reinterpret_cast<KEY_NAME_INFORMATION*>(buffer.get());
188 return std::wstring(info->Name, info->NameLength / sizeof(wchar_t));
189 }
190
GetPluginMajorVersion(const WebPluginInfo & plugin_info)191 int GetPluginMajorVersion(const WebPluginInfo& plugin_info) {
192 Version plugin_version;
193 WebPluginInfo::CreateVersionFromString(plugin_info.version, &plugin_version);
194
195 int major_version = 0;
196 if (plugin_version.IsValid())
197 major_version = plugin_version.components()[0];
198
199 return major_version;
200 }
201
202 } // namespace
203
HandleEventMessageFilterHook(int code,WPARAM wParam,LPARAM lParam)204 LRESULT CALLBACK WebPluginDelegateImpl::HandleEventMessageFilterHook(
205 int code, WPARAM wParam, LPARAM lParam) {
206 if (g_current_plugin_instance) {
207 g_current_plugin_instance->OnModalLoopEntered();
208 } else {
209 NOTREACHED();
210 }
211 return CallNextHookEx(NULL, code, wParam, lParam);
212 }
213
MouseHookProc(int code,WPARAM wParam,LPARAM lParam)214 LRESULT CALLBACK WebPluginDelegateImpl::MouseHookProc(
215 int code, WPARAM wParam, LPARAM lParam) {
216 if (code == HC_ACTION) {
217 MOUSEHOOKSTRUCT* hook_struct = reinterpret_cast<MOUSEHOOKSTRUCT*>(lParam);
218 if (hook_struct)
219 HandleCaptureForMessage(hook_struct->hwnd, wParam);
220 }
221
222 return CallNextHookEx(NULL, code, wParam, lParam);
223 }
224
WebPluginDelegateImpl(WebPlugin * plugin,PluginInstance * instance)225 WebPluginDelegateImpl::WebPluginDelegateImpl(
226 WebPlugin* plugin,
227 PluginInstance* instance)
228 : instance_(instance),
229 quirks_(0),
230 plugin_(plugin),
231 windowless_(false),
232 windowed_handle_(NULL),
233 windowed_did_set_window_(false),
234 plugin_wnd_proc_(NULL),
235 last_message_(0),
236 is_calling_wndproc(false),
237 dummy_window_for_activation_(NULL),
238 dummy_window_parent_(NULL),
239 old_dummy_window_proc_(NULL),
240 handle_event_message_filter_hook_(NULL),
241 handle_event_pump_messages_event_(NULL),
242 user_gesture_message_posted_(false),
243 user_gesture_msg_factory_(this),
244 handle_event_depth_(0),
245 mouse_hook_(NULL),
246 first_set_window_call_(true),
247 plugin_has_focus_(false),
248 has_webkit_focus_(false),
249 containing_view_has_focus_(true),
250 creation_succeeded_(false) {
251 memset(&window_, 0, sizeof(window_));
252
253 const WebPluginInfo& plugin_info = instance_->plugin_lib()->plugin_info();
254 std::wstring filename =
255 base::StringToLowerASCII(plugin_info.path.BaseName().value());
256
257 if (instance_->mime_type() == kFlashPluginSwfMimeType ||
258 filename == kFlashPlugin) {
259 // Flash only requests windowless plugins if we return a Mozilla user
260 // agent.
261 instance_->set_use_mozilla_user_agent();
262 quirks_ |= PLUGIN_QUIRK_THROTTLE_WM_USER_PLUS_ONE;
263 quirks_ |= PLUGIN_QUIRK_PATCH_SETCURSOR;
264 quirks_ |= PLUGIN_QUIRK_ALWAYS_NOTIFY_SUCCESS;
265 quirks_ |= PLUGIN_QUIRK_HANDLE_MOUSE_CAPTURE;
266 quirks_ |= PLUGIN_QUIRK_EMULATE_IME;
267 quirks_ |= PLUGIN_QUIRK_FAKE_WINDOW_FROM_POINT;
268 } else if (filename == kAcrobatReaderPlugin) {
269 // Check for the version number above or equal 9.
270 int major_version = GetPluginMajorVersion(plugin_info);
271 if (major_version >= 9) {
272 quirks_ |= PLUGIN_QUIRK_DIE_AFTER_UNLOAD;
273 // 9.2 needs this.
274 quirks_ |= PLUGIN_QUIRK_SETWINDOW_TWICE;
275 }
276 quirks_ |= PLUGIN_QUIRK_BLOCK_NONSTANDARD_GETURL_REQUESTS;
277 } else if (plugin_info.name.find(L"Windows Media Player") !=
278 std::wstring::npos) {
279 // Windows Media Player needs two NPP_SetWindow calls.
280 quirks_ |= PLUGIN_QUIRK_SETWINDOW_TWICE;
281
282 // Windowless mode doesn't work in the WMP NPAPI plugin.
283 quirks_ |= PLUGIN_QUIRK_NO_WINDOWLESS;
284
285 // The media player plugin sets its size on the first NPP_SetWindow call
286 // and never updates its size. We should call the underlying NPP_SetWindow
287 // only when we have the correct size.
288 quirks_ |= PLUGIN_QUIRK_IGNORE_FIRST_SETWINDOW_CALL;
289
290 if (filename == kOldWMPPlugin) {
291 // Non-admin users on XP couldn't modify the key to force the new UI.
292 quirks_ |= PLUGIN_QUIRK_PATCH_REGENUMKEYEXW;
293 }
294 } else if (instance_->mime_type() == "audio/x-pn-realaudio-plugin" ||
295 filename == kRealPlayerPlugin) {
296 quirks_ |= PLUGIN_QUIRK_DONT_CALL_WND_PROC_RECURSIVELY;
297 } else if (plugin_info.name.find(L"VLC Multimedia Plugin") !=
298 std::wstring::npos ||
299 plugin_info.name.find(L"VLC Multimedia Plug-in") !=
300 std::wstring::npos) {
301 // VLC hangs on NPP_Destroy if we call NPP_SetWindow with a null window
302 // handle
303 quirks_ |= PLUGIN_QUIRK_DONT_SET_NULL_WINDOW_HANDLE_ON_DESTROY;
304 int major_version = GetPluginMajorVersion(plugin_info);
305 if (major_version == 0) {
306 // VLC 0.8.6d and 0.8.6e crash if multiple instances are created.
307 quirks_ |= PLUGIN_QUIRK_DONT_ALLOW_MULTIPLE_INSTANCES;
308 }
309 } else if (filename == kSilverlightPlugin) {
310 // Explanation for this quirk can be found in
311 // WebPluginDelegateImpl::Initialize.
312 quirks_ |= PLUGIN_QUIRK_PATCH_SETCURSOR;
313 } else if (plugin_info.name.find(L"DivX Web Player") !=
314 std::wstring::npos) {
315 // The divx plugin sets its size on the first NPP_SetWindow call and never
316 // updates its size. We should call the underlying NPP_SetWindow only when
317 // we have the correct size.
318 quirks_ |= PLUGIN_QUIRK_IGNORE_FIRST_SETWINDOW_CALL;
319 }
320 }
321
~WebPluginDelegateImpl()322 WebPluginDelegateImpl::~WebPluginDelegateImpl() {
323 if (::IsWindow(dummy_window_for_activation_)) {
324 WNDPROC current_wnd_proc = reinterpret_cast<WNDPROC>(
325 GetWindowLongPtr(dummy_window_for_activation_, GWLP_WNDPROC));
326 if (current_wnd_proc == DummyWindowProc) {
327 SetWindowLongPtr(dummy_window_for_activation_,
328 GWLP_WNDPROC,
329 reinterpret_cast<LONG_PTR>(old_dummy_window_proc_));
330 }
331 ::DestroyWindow(dummy_window_for_activation_);
332 }
333
334 DestroyInstance();
335
336 if (!windowless_)
337 WindowedDestroyWindow();
338
339 if (handle_event_pump_messages_event_) {
340 CloseHandle(handle_event_pump_messages_event_);
341 }
342 }
343
PlatformInitialize()344 bool WebPluginDelegateImpl::PlatformInitialize() {
345 plugin_->SetWindow(windowed_handle_);
346
347 if (windowless_) {
348 CreateDummyWindowForActivation();
349 handle_event_pump_messages_event_ = CreateEvent(NULL, TRUE, FALSE, NULL);
350 plugin_->SetWindowlessData(
351 handle_event_pump_messages_event_,
352 reinterpret_cast<gfx::NativeViewId>(dummy_window_for_activation_));
353 }
354
355 // Windowless plugins call the WindowFromPoint API and passes the result of
356 // that to the TrackPopupMenu API call as the owner window. This causes the
357 // API to fail as the API expects the window handle to live on the same
358 // thread as the caller. It works in the other browsers as the plugin lives
359 // on the browser thread. Our workaround is to intercept the TrackPopupMenu
360 // API and replace the window handle with the dummy activation window.
361 if (windowless_ && !g_iat_patch_track_popup_menu.Pointer()->is_patched()) {
362 g_iat_patch_track_popup_menu.Pointer()->Patch(
363 GetPluginPath().value().c_str(), "user32.dll", "TrackPopupMenu",
364 WebPluginDelegateImpl::TrackPopupMenuPatch);
365 }
366
367 // Windowless plugins can set cursors by calling the SetCursor API. This
368 // works because the thread inputs of the browser UI thread and the plugin
369 // thread are attached. We intercept the SetCursor API for windowless
370 // plugins and remember the cursor being set. This is shipped over to the
371 // browser in the HandleEvent call, which ensures that the cursor does not
372 // change when a windowless plugin instance changes the cursor
373 // in a background tab.
374 if (windowless_ && !g_iat_patch_set_cursor.Pointer()->is_patched() &&
375 (quirks_ & PLUGIN_QUIRK_PATCH_SETCURSOR)) {
376 g_iat_patch_set_cursor.Pointer()->Patch(
377 GetPluginPath().value().c_str(), "user32.dll", "SetCursor",
378 WebPluginDelegateImpl::SetCursorPatch);
379 }
380
381 // The windowed flash plugin has a bug which occurs when the plugin enters
382 // fullscreen mode. It basically captures the mouse on WM_LBUTTONDOWN and
383 // does not release capture correctly causing it to stop receiving
384 // subsequent mouse events. This problem is also seen in Safari where there
385 // is code to handle this in the wndproc. However the plugin subclasses the
386 // window again in WM_LBUTTONDOWN before entering full screen. As a result
387 // Safari does not receive the WM_LBUTTONUP message. To workaround this
388 // issue we use a per thread mouse hook. This bug does not occur in Firefox
389 // and opera. Firefox has code similar to Safari. It could well be a bug in
390 // the flash plugin, which only occurs in webkit based browsers.
391 if (quirks_ & PLUGIN_QUIRK_HANDLE_MOUSE_CAPTURE) {
392 mouse_hook_ = SetWindowsHookEx(WH_MOUSE, MouseHookProc, NULL,
393 GetCurrentThreadId());
394 }
395
396 // On XP, WMP will use its old UI unless a registry key under HKLM has the
397 // name of the current process. We do it in the installer for admin users,
398 // for the rest patch this function.
399 if ((quirks_ & PLUGIN_QUIRK_PATCH_REGENUMKEYEXW) &&
400 base::win::GetVersion() == base::win::VERSION_XP &&
401 (base::win::RegKey().Open(HKEY_LOCAL_MACHINE,
402 L"SOFTWARE\\Microsoft\\MediaPlayer\\ShimInclusionList\\chrome.exe",
403 KEY_READ) != ERROR_SUCCESS) &&
404 !g_iat_patch_reg_enum_key_ex_w.Pointer()->is_patched()) {
405 g_iat_patch_reg_enum_key_ex_w.Pointer()->Patch(
406 L"wmpdxm.dll", "advapi32.dll", "RegEnumKeyExW",
407 WebPluginDelegateImpl::RegEnumKeyExWPatch);
408 }
409
410 // Flash retrieves the pointers to IMM32 functions with GetProcAddress() calls
411 // and use them to retrieve IME data. We add a patch to this function so we
412 // can dispatch these IMM32 calls to the WebPluginIMEWin class, which emulates
413 // IMM32 functions for Flash.
414 if (!g_iat_patch_get_proc_address.Pointer()->is_patched() &&
415 (quirks_ & PLUGIN_QUIRK_EMULATE_IME)) {
416 g_iat_patch_get_proc_address.Pointer()->Patch(
417 GetPluginPath().value().c_str(), "kernel32.dll", "GetProcAddress",
418 GetProcAddressPatch);
419 }
420
421 if (windowless_ && !g_iat_patch_window_from_point.Pointer()->is_patched() &&
422 (quirks_ & PLUGIN_QUIRK_FAKE_WINDOW_FROM_POINT)) {
423 g_iat_patch_window_from_point.Pointer()->Patch(
424 GetPluginPath().value().c_str(), "user32.dll", "WindowFromPoint",
425 WebPluginDelegateImpl::WindowFromPointPatch);
426 }
427
428 return true;
429 }
430
PlatformDestroyInstance()431 void WebPluginDelegateImpl::PlatformDestroyInstance() {
432 if (!instance_->plugin_lib())
433 return;
434
435 // Unpatch if this is the last plugin instance.
436 if (instance_->plugin_lib()->instance_count() != 1)
437 return;
438
439 if (g_iat_patch_set_cursor.Pointer()->is_patched())
440 g_iat_patch_set_cursor.Pointer()->Unpatch();
441
442 if (g_iat_patch_track_popup_menu.Pointer()->is_patched())
443 g_iat_patch_track_popup_menu.Pointer()->Unpatch();
444
445 if (g_iat_patch_reg_enum_key_ex_w.Pointer()->is_patched())
446 g_iat_patch_reg_enum_key_ex_w.Pointer()->Unpatch();
447
448 if (g_iat_patch_window_from_point.Pointer()->is_patched())
449 g_iat_patch_window_from_point.Pointer()->Unpatch();
450
451 if (mouse_hook_) {
452 UnhookWindowsHookEx(mouse_hook_);
453 mouse_hook_ = NULL;
454 }
455 }
456
Paint(SkCanvas * canvas,const gfx::Rect & rect)457 void WebPluginDelegateImpl::Paint(SkCanvas* canvas, const gfx::Rect& rect) {
458 if (windowless_ && skia::SupportsPlatformPaint(canvas)) {
459 skia::ScopedPlatformPaint scoped_platform_paint(canvas);
460 HDC hdc = scoped_platform_paint.GetPlatformSurface();
461 WindowlessPaint(hdc, rect);
462 }
463 }
464
WindowedCreatePlugin()465 bool WebPluginDelegateImpl::WindowedCreatePlugin() {
466 DCHECK(!windowed_handle_);
467
468 RegisterNativeWindowClass();
469
470 // The window will be sized and shown later.
471 windowed_handle_ = CreateWindowEx(
472 WS_EX_LEFT | WS_EX_LTRREADING | WS_EX_RIGHTSCROLLBAR,
473 kNativeWindowClassName,
474 0,
475 WS_POPUP | WS_CLIPCHILDREN | WS_CLIPSIBLINGS,
476 0,
477 0,
478 0,
479 0,
480 GetDesktopWindow(),
481 0,
482 GetModuleHandle(NULL),
483 0);
484 if (windowed_handle_ == 0)
485 return false;
486
487 // This is a tricky workaround for Issue 2673 in chromium "Flash: IME not
488 // available". To use IMEs in this window, we have to make Windows attach
489 // IMEs to this window (i.e. load IME DLLs, attach them to this process, and
490 // add their message hooks to this window). Windows attaches IMEs while this
491 // process creates a top-level window. On the other hand, to layout this
492 // window correctly in the given parent window (RenderWidgetHostViewWin or
493 // RenderWidgetHostViewAura), this window should be a child window of the
494 // parent window. To satisfy both of the above conditions, this code once
495 // creates a top-level window and change it to a child window of the parent
496 // window (in the browser process).
497 SetWindowLongPtr(windowed_handle_, GWL_STYLE,
498 WS_CHILD | WS_CLIPCHILDREN | WS_CLIPSIBLINGS);
499
500 BOOL result = SetProp(windowed_handle_, kWebPluginDelegateProperty, this);
501 DCHECK(result == TRUE) << "SetProp failed, last error = " << GetLastError();
502
503 // Calling SetWindowLongPtrA here makes the window proc ASCII, which is
504 // required by at least the Shockwave Director plug-in.
505 SetWindowLongPtrA(windowed_handle_,
506 GWLP_WNDPROC,
507 reinterpret_cast<LONG_PTR>(DefWindowProcA));
508
509 return true;
510 }
511
WindowedDestroyWindow()512 void WebPluginDelegateImpl::WindowedDestroyWindow() {
513 if (windowed_handle_ != NULL) {
514 // Unsubclass the window.
515 WNDPROC current_wnd_proc = reinterpret_cast<WNDPROC>(
516 GetWindowLongPtr(windowed_handle_, GWLP_WNDPROC));
517 if (current_wnd_proc == NativeWndProc) {
518 SetWindowLongPtr(windowed_handle_,
519 GWLP_WNDPROC,
520 reinterpret_cast<LONG_PTR>(plugin_wnd_proc_));
521 }
522
523 plugin_->WillDestroyWindow(windowed_handle_);
524
525 DestroyWindow(windowed_handle_);
526 windowed_handle_ = 0;
527 }
528 }
529
530 // Erase all messages in the queue destined for a particular window.
531 // When windows are closing, callers should use this function to clear
532 // the queue.
533 // static
ClearThrottleQueueForWindow(HWND window)534 void WebPluginDelegateImpl::ClearThrottleQueueForWindow(HWND window) {
535 ThrottleQueue* throttle_queue = g_throttle_queue.Pointer();
536
537 ThrottleQueue::iterator it;
538 for (it = throttle_queue->begin(); it != throttle_queue->end(); ) {
539 if (it->hwnd == window) {
540 it = throttle_queue->erase(it);
541 } else {
542 it++;
543 }
544 }
545 }
546
547 // Delayed callback for processing throttled messages.
548 // Throttled messages are aggregated globally across all plugins.
549 // static
OnThrottleMessage()550 void WebPluginDelegateImpl::OnThrottleMessage() {
551 // The current algorithm walks the list and processes the first
552 // message it finds for each plugin. It is important to service
553 // all active plugins with each pass through the throttle, otherwise
554 // we see video jankiness. Copy the set to notify before notifying
555 // since we may re-enter OnThrottleMessage from CallWindowProc!
556 ThrottleQueue* throttle_queue = g_throttle_queue.Pointer();
557 ThrottleQueue notify_queue;
558 std::set<HWND> processed;
559
560 ThrottleQueue::iterator it = throttle_queue->begin();
561 while (it != throttle_queue->end()) {
562 const MSG& msg = *it;
563 if (processed.find(msg.hwnd) == processed.end()) {
564 processed.insert(msg.hwnd);
565 notify_queue.push_back(msg);
566 it = throttle_queue->erase(it);
567 } else {
568 it++;
569 }
570 }
571
572 // Due to re-entrancy, we must save our queue state now. Otherwise, we may
573 // self-post below, and *also* start up another delayed task when the first
574 // entry is pushed onto the queue in ThrottleMessage().
575 bool throttle_queue_was_empty = throttle_queue->empty();
576
577 for (it = notify_queue.begin(); it != notify_queue.end(); ++it) {
578 const MSG& msg = *it;
579 WNDPROC proc = reinterpret_cast<WNDPROC>(msg.time);
580 // It is possible that the window was closed after we queued
581 // this message. This is a rare event; just verify the window
582 // is alive. (see also bug 1259488)
583 if (IsWindow(msg.hwnd))
584 CallWindowProc(proc, msg.hwnd, msg.message, msg.wParam, msg.lParam);
585 }
586
587 if (!throttle_queue_was_empty) {
588 base::MessageLoop::current()->PostDelayedTask(
589 FROM_HERE,
590 base::Bind(&WebPluginDelegateImpl::OnThrottleMessage),
591 base::TimeDelta::FromMilliseconds(kFlashWMUSERMessageThrottleDelayMs));
592 }
593 }
594
595 // Schedule a windows message for delivery later.
596 // static
ThrottleMessage(WNDPROC proc,HWND hwnd,UINT message,WPARAM wParam,LPARAM lParam)597 void WebPluginDelegateImpl::ThrottleMessage(WNDPROC proc, HWND hwnd,
598 UINT message, WPARAM wParam,
599 LPARAM lParam) {
600 MSG msg;
601 msg.time = reinterpret_cast<DWORD>(proc);
602 msg.hwnd = hwnd;
603 msg.message = message;
604 msg.wParam = wParam;
605 msg.lParam = lParam;
606
607 ThrottleQueue* throttle_queue = g_throttle_queue.Pointer();
608
609 throttle_queue->push_back(msg);
610
611 if (throttle_queue->size() == 1) {
612 base::MessageLoop::current()->PostDelayedTask(
613 FROM_HERE,
614 base::Bind(&WebPluginDelegateImpl::OnThrottleMessage),
615 base::TimeDelta::FromMilliseconds(kFlashWMUSERMessageThrottleDelayMs));
616 }
617 }
618
619 // We go out of our way to find the hidden windows created by Flash for
620 // windowless plugins. We throttle the rate at which they deliver messages
621 // so that they will not consume outrageous amounts of CPU.
622 // static
FlashWindowlessWndProc(HWND hwnd,UINT message,WPARAM wparam,LPARAM lparam)623 LRESULT CALLBACK WebPluginDelegateImpl::FlashWindowlessWndProc(
624 HWND hwnd, UINT message, WPARAM wparam, LPARAM lparam) {
625 std::map<HWND, WNDPROC>::iterator index =
626 g_window_handle_proc_map.Get().find(hwnd);
627
628 WNDPROC old_proc = (*index).second;
629 DCHECK(old_proc);
630
631 switch (message) {
632 case WM_NCDESTROY: {
633 WebPluginDelegateImpl::ClearThrottleQueueForWindow(hwnd);
634 g_window_handle_proc_map.Get().erase(index);
635 break;
636 }
637 // Flash may flood the message queue with WM_USER+1 message causing 100% CPU
638 // usage. See https://bugzilla.mozilla.org/show_bug.cgi?id=132759. We
639 // prevent this by throttling the messages.
640 case WM_USER + 1: {
641 WebPluginDelegateImpl::ThrottleMessage(old_proc, hwnd, message, wparam,
642 lparam);
643 return TRUE;
644 }
645
646 default: {
647 break;
648 }
649 }
650 return CallWindowProc(old_proc, hwnd, message, wparam, lparam);
651 }
652
DummyWindowProc(HWND hwnd,UINT message,WPARAM w_param,LPARAM l_param)653 LRESULT CALLBACK WebPluginDelegateImpl::DummyWindowProc(
654 HWND hwnd, UINT message, WPARAM w_param, LPARAM l_param) {
655 WebPluginDelegateImpl* delegate = reinterpret_cast<WebPluginDelegateImpl*>(
656 GetProp(hwnd, kWebPluginDelegateProperty));
657 CHECK(delegate);
658 if (message == WM_WINDOWPOSCHANGING) {
659 // We need to know when the dummy window is parented because windowless
660 // plugins need the parent window for things like menus. There's no message
661 // for a parent being changed, but a WM_WINDOWPOSCHANGING is sent so we
662 // check every time we get it.
663 // For non-aura builds, this never changes since RenderWidgetHostViewWin's
664 // window is constant. For aura builds, this changes every time the tab gets
665 // dragged to a new window.
666 HWND parent = GetParent(hwnd);
667 if (parent != delegate->dummy_window_parent_) {
668 delegate->dummy_window_parent_ = parent;
669
670 // Set the containing window handle as the instance window handle. This is
671 // what Safari does. Not having a valid window handle causes subtle bugs
672 // with plugins which retrieve the window handle and use it for things
673 // like context menus. The window handle can be retrieved via
674 // NPN_GetValue of NPNVnetscapeWindow.
675 delegate->instance_->set_window_handle(parent);
676
677 // The plugin caches the result of NPNVnetscapeWindow when we originally
678 // called NPP_SetWindow, so force it to get the new value.
679 delegate->WindowlessSetWindow();
680 }
681 } else if (message == WM_NCDESTROY) {
682 RemoveProp(hwnd, kWebPluginDelegateProperty);
683 }
684 return CallWindowProc(
685 delegate->old_dummy_window_proc_, hwnd, message, w_param, l_param);
686 }
687
688 // Callback for enumerating the Flash windows.
EnumFlashWindows(HWND window,LPARAM arg)689 BOOL CALLBACK EnumFlashWindows(HWND window, LPARAM arg) {
690 WNDPROC wnd_proc = reinterpret_cast<WNDPROC>(arg);
691 TCHAR class_name[1024];
692 if (!RealGetWindowClass(window, class_name,
693 sizeof(class_name)/sizeof(TCHAR))) {
694 LOG(ERROR) << "RealGetWindowClass failure: " << GetLastError();
695 return FALSE;
696 }
697
698 if (wcscmp(class_name, L"SWFlash_PlaceholderX"))
699 return TRUE;
700
701 WNDPROC current_wnd_proc = reinterpret_cast<WNDPROC>(
702 GetWindowLongPtr(window, GWLP_WNDPROC));
703 if (current_wnd_proc != wnd_proc) {
704 WNDPROC old_flash_proc = reinterpret_cast<WNDPROC>(SetWindowLongPtr(
705 window, GWLP_WNDPROC,
706 reinterpret_cast<LONG_PTR>(wnd_proc)));
707 DCHECK(old_flash_proc);
708 g_window_handle_proc_map.Get()[window] = old_flash_proc;
709 }
710
711 return TRUE;
712 }
713
CreateDummyWindowForActivation()714 bool WebPluginDelegateImpl::CreateDummyWindowForActivation() {
715 DCHECK(!dummy_window_for_activation_);
716
717 dummy_window_for_activation_ = CreateWindowEx(
718 0,
719 L"Static",
720 kDummyActivationWindowName,
721 WS_CHILD,
722 0,
723 0,
724 0,
725 0,
726 // We don't know the parent of the dummy window yet, so just set it to the
727 // desktop and it'll get parented by the browser.
728 GetDesktopWindow(),
729 0,
730 GetModuleHandle(NULL),
731 0);
732
733 if (dummy_window_for_activation_ == 0)
734 return false;
735
736 BOOL result = SetProp(dummy_window_for_activation_,
737 kWebPluginDelegateProperty, this);
738 DCHECK(result == TRUE) << "SetProp failed, last error = " << GetLastError();
739 old_dummy_window_proc_ = reinterpret_cast<WNDPROC>(SetWindowLongPtr(
740 dummy_window_for_activation_, GWLP_WNDPROC,
741 reinterpret_cast<LONG_PTR>(DummyWindowProc)));
742
743 // Flash creates background windows which use excessive CPU in our
744 // environment; we wrap these windows and throttle them so that they don't
745 // get out of hand.
746 if (!EnumThreadWindows(::GetCurrentThreadId(), EnumFlashWindows,
747 reinterpret_cast<LPARAM>(
748 &WebPluginDelegateImpl::FlashWindowlessWndProc))) {
749 // Log that this happened. Flash will still work; it just means the
750 // throttle isn't installed (and Flash will use more CPU).
751 NOTREACHED();
752 LOG(ERROR) << "Failed to wrap all windowless Flash windows";
753 }
754 return true;
755 }
756
WindowedReposition(const gfx::Rect & window_rect_in_dip,const gfx::Rect & clip_rect_in_dip)757 bool WebPluginDelegateImpl::WindowedReposition(
758 const gfx::Rect& window_rect_in_dip,
759 const gfx::Rect& clip_rect_in_dip) {
760 if (!windowed_handle_) {
761 NOTREACHED();
762 return false;
763 }
764
765 gfx::Rect window_rect = gfx::win::DIPToScreenRect(window_rect_in_dip);
766 gfx::Rect clip_rect = gfx::win::DIPToScreenRect(clip_rect_in_dip);
767 if (window_rect_ == window_rect && clip_rect_ == clip_rect)
768 return false;
769
770 // We only set the plugin's size here. Its position is moved elsewhere, which
771 // allows the window moves/scrolling/clipping to be synchronized with the page
772 // and other windows.
773 // If the plugin window has no parent, then don't focus it because it isn't
774 // being displayed anywhere. See:
775 // http://code.google.com/p/chromium/issues/detail?id=32658
776 if (window_rect.size() != window_rect_.size()) {
777 UINT flags = SWP_NOMOVE | SWP_NOZORDER;
778 if (!GetParent(windowed_handle_))
779 flags |= SWP_NOACTIVATE;
780 ::SetWindowPos(windowed_handle_,
781 NULL,
782 0,
783 0,
784 window_rect.width(),
785 window_rect.height(),
786 flags);
787 }
788
789 window_rect_ = window_rect;
790 clip_rect_ = clip_rect;
791
792 // Ensure that the entire window gets repainted.
793 ::InvalidateRect(windowed_handle_, NULL, FALSE);
794
795 return true;
796 }
797
WindowedSetWindow()798 void WebPluginDelegateImpl::WindowedSetWindow() {
799 if (!instance_)
800 return;
801
802 if (!windowed_handle_) {
803 NOTREACHED();
804 return;
805 }
806
807 instance()->set_window_handle(windowed_handle_);
808
809 DCHECK(!instance()->windowless());
810
811 window_.clipRect.top = std::max(0, clip_rect_.y());
812 window_.clipRect.left = std::max(0, clip_rect_.x());
813 window_.clipRect.bottom = std::max(0, clip_rect_.y() + clip_rect_.height());
814 window_.clipRect.right = std::max(0, clip_rect_.x() + clip_rect_.width());
815 window_.height = window_rect_.height();
816 window_.width = window_rect_.width();
817 window_.x = 0;
818 window_.y = 0;
819
820 window_.window = windowed_handle_;
821 window_.type = NPWindowTypeWindow;
822
823 // Reset this flag before entering the instance in case of side-effects.
824 windowed_did_set_window_ = true;
825
826 NPError err = instance()->NPP_SetWindow(&window_);
827 if (quirks_ & PLUGIN_QUIRK_SETWINDOW_TWICE)
828 instance()->NPP_SetWindow(&window_);
829
830 WNDPROC current_wnd_proc = reinterpret_cast<WNDPROC>(
831 GetWindowLongPtr(windowed_handle_, GWLP_WNDPROC));
832 if (current_wnd_proc != NativeWndProc) {
833 plugin_wnd_proc_ = reinterpret_cast<WNDPROC>(
834 SetWindowLongPtr(windowed_handle_,
835 GWLP_WNDPROC,
836 reinterpret_cast<LONG_PTR>(NativeWndProc)));
837 }
838 }
839
RegisterNativeWindowClass()840 ATOM WebPluginDelegateImpl::RegisterNativeWindowClass() {
841 static bool have_registered_window_class = false;
842 if (have_registered_window_class == true)
843 return true;
844
845 have_registered_window_class = true;
846
847 WNDCLASSEX wcex;
848 wcex.cbSize = sizeof(WNDCLASSEX);
849 wcex.style = CS_DBLCLKS;
850 wcex.lpfnWndProc = WrapperWindowProc;
851 wcex.cbClsExtra = 0;
852 wcex.cbWndExtra = 0;
853 wcex.hInstance = GetModuleHandle(NULL);
854 wcex.hIcon = 0;
855 wcex.hCursor = 0;
856 // Some plugins like windows media player 11 create child windows parented
857 // by our plugin window, where the media content is rendered. These plugins
858 // dont implement WM_ERASEBKGND, which causes painting issues, when the
859 // window where the media is rendered is moved around. DefWindowProc does
860 // implement WM_ERASEBKGND correctly if we have a valid background brush.
861 wcex.hbrBackground = reinterpret_cast<HBRUSH>(COLOR_WINDOW+1);
862 wcex.lpszMenuName = 0;
863 wcex.lpszClassName = kNativeWindowClassName;
864 wcex.hIconSm = 0;
865
866 return RegisterClassEx(&wcex);
867 }
868
WrapperWindowProc(HWND hWnd,UINT message,WPARAM wParam,LPARAM lParam)869 LRESULT CALLBACK WebPluginDelegateImpl::WrapperWindowProc(
870 HWND hWnd, UINT message, WPARAM wParam, LPARAM lParam) {
871 // This is another workaround for Issue 2673 in chromium "Flash: IME not
872 // available". Somehow, the CallWindowProc() function does not dispatch
873 // window messages when its first parameter is a handle representing the
874 // DefWindowProc() function. To avoid this problem, this code creates a
875 // wrapper function which just encapsulates the DefWindowProc() function
876 // and set it as the window procedure of a windowed plug-in.
877 return DefWindowProc(hWnd, message, wParam, lParam);
878 }
879
880 // Returns true if the message passed in corresponds to a user gesture.
IsUserGestureMessage(unsigned int message)881 static bool IsUserGestureMessage(unsigned int message) {
882 switch (message) {
883 case WM_LBUTTONDOWN:
884 case WM_LBUTTONUP:
885 case WM_RBUTTONDOWN:
886 case WM_RBUTTONUP:
887 case WM_MBUTTONDOWN:
888 case WM_MBUTTONUP:
889 case WM_KEYDOWN:
890 case WM_KEYUP:
891 return true;
892
893 default:
894 break;
895 }
896
897 return false;
898 }
899
NativeWndProc(HWND hwnd,UINT message,WPARAM wparam,LPARAM lparam)900 LRESULT CALLBACK WebPluginDelegateImpl::NativeWndProc(
901 HWND hwnd, UINT message, WPARAM wparam, LPARAM lparam) {
902 WebPluginDelegateImpl* delegate = reinterpret_cast<WebPluginDelegateImpl*>(
903 GetProp(hwnd, kWebPluginDelegateProperty));
904 if (!delegate) {
905 NOTREACHED();
906 return 0;
907 }
908
909 if (message == delegate->last_message_ &&
910 delegate->GetQuirks() & PLUGIN_QUIRK_DONT_CALL_WND_PROC_RECURSIVELY &&
911 delegate->is_calling_wndproc) {
912 // Real may go into a state where it recursively dispatches the same event
913 // when subclassed. See https://bugzilla.mozilla.org/show_bug.cgi?id=192914
914 // We only do the recursive check for Real because it's possible and valid
915 // for a plugin to synchronously dispatch a message to itself such that it
916 // looks like it's in recursion.
917 return TRUE;
918 }
919
920 // Flash may flood the message queue with WM_USER+1 message causing 100% CPU
921 // usage. See https://bugzilla.mozilla.org/show_bug.cgi?id=132759. We
922 // prevent this by throttling the messages.
923 if (message == WM_USER + 1 &&
924 delegate->GetQuirks() & PLUGIN_QUIRK_THROTTLE_WM_USER_PLUS_ONE) {
925 WebPluginDelegateImpl::ThrottleMessage(delegate->plugin_wnd_proc_, hwnd,
926 message, wparam, lparam);
927 return FALSE;
928 }
929
930 LRESULT result;
931 uint32 old_message = delegate->last_message_;
932 delegate->last_message_ = message;
933
934 static UINT custom_msg = RegisterWindowMessage(kPaintMessageName);
935 if (message == custom_msg) {
936 // Get the invalid rect which is in screen coordinates and convert to
937 // window coordinates.
938 gfx::Rect invalid_rect;
939 invalid_rect.set_x(static_cast<short>(LOWORD(wparam)));
940 invalid_rect.set_y(static_cast<short>(HIWORD(wparam)));
941 invalid_rect.set_width(static_cast<short>(LOWORD(lparam)));
942 invalid_rect.set_height(static_cast<short>(HIWORD(lparam)));
943
944 RECT window_rect;
945 GetWindowRect(hwnd, &window_rect);
946 invalid_rect.Offset(-window_rect.left, -window_rect.top);
947
948 // The plugin window might have non-client area. If we don't pass in
949 // RDW_FRAME then the children don't receive WM_NCPAINT messages while
950 // scrolling, which causes painting problems (http://b/issue?id=923945).
951 uint32 flags = RDW_INVALIDATE | RDW_ALLCHILDREN | RDW_FRAME;
952
953 // If a plugin (like Google Earth or Java) has child windows that are hosted
954 // in a different process, then RedrawWindow with UPDATENOW will
955 // synchronously wait for this call to complete. Some messages are pumped
956 // but not others, which could lead to a deadlock. So avoid reentrancy by
957 // only synchronously calling RedrawWindow once at a time.
958 if (old_message != custom_msg)
959 flags |= RDW_UPDATENOW;
960 RECT rect = invalid_rect.ToRECT();
961 RedrawWindow(hwnd, &rect, NULL, flags);
962 result = FALSE;
963 } else {
964 delegate->is_calling_wndproc = true;
965
966 if (!delegate->user_gesture_message_posted_ &&
967 IsUserGestureMessage(message)) {
968 delegate->user_gesture_message_posted_ = true;
969
970 delegate->instance()->PushPopupsEnabledState(true);
971
972 base::MessageLoop::current()->PostDelayedTask(
973 FROM_HERE,
974 base::Bind(&WebPluginDelegateImpl::OnUserGestureEnd,
975 delegate->user_gesture_msg_factory_.GetWeakPtr()),
976 base::TimeDelta::FromMilliseconds(kWindowedPluginPopupTimerMs));
977 }
978
979 HandleCaptureForMessage(hwnd, message);
980
981 // Maintain a local/global stack for the g_current_plugin_instance variable
982 // as this may be a nested invocation.
983 WebPluginDelegateImpl* last_plugin_instance = g_current_plugin_instance;
984
985 g_current_plugin_instance = delegate;
986
987 result = CallWindowProc(
988 delegate->plugin_wnd_proc_, hwnd, message, wparam, lparam);
989
990 // The plugin instance may have been destroyed in the CallWindowProc call
991 // above. This will also destroy the plugin window. Before attempting to
992 // access the WebPluginDelegateImpl instance we validate if the window is
993 // still valid.
994 if (::IsWindow(hwnd))
995 delegate->is_calling_wndproc = false;
996
997 g_current_plugin_instance = last_plugin_instance;
998
999 if (message == WM_NCDESTROY) {
1000 RemoveProp(hwnd, kWebPluginDelegateProperty);
1001 ClearThrottleQueueForWindow(hwnd);
1002 }
1003 }
1004 if (::IsWindow(hwnd))
1005 delegate->last_message_ = old_message;
1006 return result;
1007 }
1008
WindowlessUpdateGeometry(const gfx::Rect & window_rect,const gfx::Rect & clip_rect)1009 void WebPluginDelegateImpl::WindowlessUpdateGeometry(
1010 const gfx::Rect& window_rect,
1011 const gfx::Rect& clip_rect) {
1012 bool window_rect_changed = (window_rect_ != window_rect);
1013 // Only resend to the instance if the geometry has changed.
1014 if (!window_rect_changed && clip_rect == clip_rect_)
1015 return;
1016
1017 clip_rect_ = clip_rect;
1018 window_rect_ = window_rect;
1019
1020 WindowlessSetWindow();
1021
1022 if (window_rect_changed) {
1023 WINDOWPOS win_pos = {0};
1024 win_pos.x = window_rect_.x();
1025 win_pos.y = window_rect_.y();
1026 win_pos.cx = window_rect_.width();
1027 win_pos.cy = window_rect_.height();
1028
1029 NPEvent pos_changed_event;
1030 pos_changed_event.event = WM_WINDOWPOSCHANGED;
1031 pos_changed_event.wParam = 0;
1032 pos_changed_event.lParam = reinterpret_cast<uintptr_t>(&win_pos);
1033
1034 instance()->NPP_HandleEvent(&pos_changed_event);
1035 }
1036 }
1037
WindowlessPaint(HDC hdc,const gfx::Rect & damage_rect)1038 void WebPluginDelegateImpl::WindowlessPaint(HDC hdc,
1039 const gfx::Rect& damage_rect) {
1040 DCHECK(hdc);
1041
1042 RECT damage_rect_win;
1043 damage_rect_win.left = damage_rect.x(); // + window_rect_.x();
1044 damage_rect_win.top = damage_rect.y(); // + window_rect_.y();
1045 damage_rect_win.right = damage_rect_win.left + damage_rect.width();
1046 damage_rect_win.bottom = damage_rect_win.top + damage_rect.height();
1047
1048 // Save away the old HDC as this could be a nested invocation.
1049 void* old_dc = window_.window;
1050 window_.window = hdc;
1051
1052 NPEvent paint_event;
1053 paint_event.event = WM_PAINT;
1054 paint_event.wParam = PtrToUlong(hdc);
1055 paint_event.lParam = reinterpret_cast<uintptr_t>(&damage_rect_win);
1056 base::StatsRate plugin_paint("Plugin.Paint");
1057 base::StatsScope<base::StatsRate> scope(plugin_paint);
1058 instance()->NPP_HandleEvent(&paint_event);
1059 window_.window = old_dc;
1060 }
1061
WindowlessSetWindow()1062 void WebPluginDelegateImpl::WindowlessSetWindow() {
1063 if (!instance())
1064 return;
1065
1066 if (window_rect_.IsEmpty()) // wait for geometry to be set.
1067 return;
1068
1069 DCHECK(instance()->windowless());
1070
1071 window_.clipRect.top = clip_rect_.y();
1072 window_.clipRect.left = clip_rect_.x();
1073 window_.clipRect.bottom = clip_rect_.y() + clip_rect_.height();
1074 window_.clipRect.right = clip_rect_.x() + clip_rect_.width();
1075 window_.height = window_rect_.height();
1076 window_.width = window_rect_.width();
1077 window_.x = window_rect_.x();
1078 window_.y = window_rect_.y();
1079 window_.type = NPWindowTypeDrawable;
1080 DrawableContextEnforcer enforcer(&window_);
1081
1082 NPError err = instance()->NPP_SetWindow(&window_);
1083 DCHECK(err == NPERR_NO_ERROR);
1084 }
1085
PlatformSetPluginHasFocus(bool focused)1086 bool WebPluginDelegateImpl::PlatformSetPluginHasFocus(bool focused) {
1087 DCHECK(instance()->windowless());
1088
1089 NPEvent focus_event;
1090 focus_event.event = focused ? WM_SETFOCUS : WM_KILLFOCUS;
1091 focus_event.wParam = 0;
1092 focus_event.lParam = 0;
1093
1094 instance()->NPP_HandleEvent(&focus_event);
1095 return true;
1096 }
1097
NPEventFromWebMouseEvent(const WebMouseEvent & event,NPEvent * np_event)1098 static bool NPEventFromWebMouseEvent(const WebMouseEvent& event,
1099 NPEvent* np_event) {
1100 np_event->lParam = static_cast<uint32>(MAKELPARAM(event.windowX,
1101 event.windowY));
1102 np_event->wParam = 0;
1103
1104 if (event.modifiers & WebInputEvent::ControlKey)
1105 np_event->wParam |= MK_CONTROL;
1106 if (event.modifiers & WebInputEvent::ShiftKey)
1107 np_event->wParam |= MK_SHIFT;
1108 if (event.modifiers & WebInputEvent::LeftButtonDown)
1109 np_event->wParam |= MK_LBUTTON;
1110 if (event.modifiers & WebInputEvent::MiddleButtonDown)
1111 np_event->wParam |= MK_MBUTTON;
1112 if (event.modifiers & WebInputEvent::RightButtonDown)
1113 np_event->wParam |= MK_RBUTTON;
1114
1115 switch (event.type) {
1116 case WebInputEvent::MouseMove:
1117 case WebInputEvent::MouseLeave:
1118 case WebInputEvent::MouseEnter:
1119 np_event->event = WM_MOUSEMOVE;
1120 return true;
1121 case WebInputEvent::MouseDown:
1122 switch (event.button) {
1123 case WebMouseEvent::ButtonLeft:
1124 np_event->event = WM_LBUTTONDOWN;
1125 break;
1126 case WebMouseEvent::ButtonMiddle:
1127 np_event->event = WM_MBUTTONDOWN;
1128 break;
1129 case WebMouseEvent::ButtonRight:
1130 np_event->event = WM_RBUTTONDOWN;
1131 break;
1132 }
1133 return true;
1134 case WebInputEvent::MouseUp:
1135 switch (event.button) {
1136 case WebMouseEvent::ButtonLeft:
1137 np_event->event = WM_LBUTTONUP;
1138 break;
1139 case WebMouseEvent::ButtonMiddle:
1140 np_event->event = WM_MBUTTONUP;
1141 break;
1142 case WebMouseEvent::ButtonRight:
1143 np_event->event = WM_RBUTTONUP;
1144 break;
1145 }
1146 return true;
1147 default:
1148 NOTREACHED();
1149 return false;
1150 }
1151 }
1152
NPEventFromWebKeyboardEvent(const WebKeyboardEvent & event,NPEvent * np_event)1153 static bool NPEventFromWebKeyboardEvent(const WebKeyboardEvent& event,
1154 NPEvent* np_event) {
1155 np_event->wParam = event.windowsKeyCode;
1156
1157 switch (event.type) {
1158 case WebInputEvent::KeyDown:
1159 np_event->event = WM_KEYDOWN;
1160 np_event->lParam = 0;
1161 return true;
1162 case WebInputEvent::Char:
1163 np_event->event = WM_CHAR;
1164 np_event->lParam = 0;
1165 return true;
1166 case WebInputEvent::KeyUp:
1167 np_event->event = WM_KEYUP;
1168 np_event->lParam = 0x8000;
1169 return true;
1170 default:
1171 NOTREACHED();
1172 return false;
1173 }
1174 }
1175
NPEventFromWebInputEvent(const WebInputEvent & event,NPEvent * np_event)1176 static bool NPEventFromWebInputEvent(const WebInputEvent& event,
1177 NPEvent* np_event) {
1178 switch (event.type) {
1179 case WebInputEvent::MouseMove:
1180 case WebInputEvent::MouseLeave:
1181 case WebInputEvent::MouseEnter:
1182 case WebInputEvent::MouseDown:
1183 case WebInputEvent::MouseUp:
1184 if (event.size < sizeof(WebMouseEvent)) {
1185 NOTREACHED();
1186 return false;
1187 }
1188 return NPEventFromWebMouseEvent(
1189 *static_cast<const WebMouseEvent*>(&event), np_event);
1190 case WebInputEvent::KeyDown:
1191 case WebInputEvent::Char:
1192 case WebInputEvent::KeyUp:
1193 if (event.size < sizeof(WebKeyboardEvent)) {
1194 NOTREACHED();
1195 return false;
1196 }
1197 return NPEventFromWebKeyboardEvent(
1198 *static_cast<const WebKeyboardEvent*>(&event), np_event);
1199 default:
1200 return false;
1201 }
1202 }
1203
PlatformHandleInputEvent(const WebInputEvent & event,WebCursor::CursorInfo * cursor_info)1204 bool WebPluginDelegateImpl::PlatformHandleInputEvent(
1205 const WebInputEvent& event, WebCursor::CursorInfo* cursor_info) {
1206 DCHECK(cursor_info != NULL);
1207
1208 NPEvent np_event;
1209 if (!NPEventFromWebInputEvent(event, &np_event)) {
1210 return false;
1211 }
1212
1213 // Allow this plug-in to access this IME emulator through IMM32 API while the
1214 // plug-in is processing this event.
1215 if (GetQuirks() & PLUGIN_QUIRK_EMULATE_IME) {
1216 if (!plugin_ime_)
1217 plugin_ime_.reset(new WebPluginIMEWin);
1218 }
1219 WebPluginIMEWin::ScopedLock lock(
1220 event.isKeyboardEventType(event.type) ? plugin_ime_.get() : NULL);
1221
1222 HWND last_focus_window = NULL;
1223
1224 if (ShouldTrackEventForModalLoops(&np_event)) {
1225 // A windowless plugin can enter a modal loop in a NPP_HandleEvent call.
1226 // For e.g. Flash puts up a context menu when we right click on the
1227 // windowless plugin area. We detect this by setting up a message filter
1228 // hook pror to calling NPP_HandleEvent on the plugin and unhook on
1229 // return from NPP_HandleEvent. If the plugin does enter a modal loop
1230 // in that context we unhook on receiving the first notification in
1231 // the message filter hook.
1232 handle_event_message_filter_hook_ =
1233 SetWindowsHookEx(WH_MSGFILTER, HandleEventMessageFilterHook, NULL,
1234 GetCurrentThreadId());
1235 // To ensure that the plugin receives keyboard events we set focus to the
1236 // dummy window.
1237 // TODO(iyengar) We need a framework in the renderer to identify which
1238 // windowless plugin is under the mouse and to handle this. This would
1239 // also require some changes in RenderWidgetHost to detect this in the
1240 // WM_MOUSEACTIVATE handler and inform the renderer accordingly.
1241 bool valid = GetParent(dummy_window_for_activation_) != GetDesktopWindow();
1242 if (valid) {
1243 last_focus_window = ::SetFocus(dummy_window_for_activation_);
1244 } else {
1245 NOTREACHED() << "Dummy window not parented";
1246 }
1247 }
1248
1249 bool old_task_reentrancy_state =
1250 base::MessageLoop::current()->NestableTasksAllowed();
1251
1252 // Maintain a local/global stack for the g_current_plugin_instance variable
1253 // as this may be a nested invocation.
1254 WebPluginDelegateImpl* last_plugin_instance = g_current_plugin_instance;
1255
1256 g_current_plugin_instance = this;
1257
1258 handle_event_depth_++;
1259
1260 bool popups_enabled = false;
1261
1262 if (IsUserGestureMessage(np_event.event)) {
1263 instance()->PushPopupsEnabledState(true);
1264 popups_enabled = true;
1265 }
1266
1267 bool ret = instance()->NPP_HandleEvent(&np_event) != 0;
1268
1269 if (popups_enabled) {
1270 instance()->PopPopupsEnabledState();
1271 }
1272
1273 // Flash and SilverLight always return false, even when they swallow the
1274 // event. Flash does this because it passes the event to its window proc,
1275 // which is supposed to return 0 if an event was handled. There are few
1276 // exceptions, such as IME, where it sometimes returns true.
1277 ret = true;
1278
1279 if (np_event.event == WM_MOUSEMOVE) {
1280 current_windowless_cursor_.InitFromExternalCursor(GetCursor());
1281 // Snag a reference to the current cursor ASAP in case the plugin modified
1282 // it. There is a nasty race condition here with the multiprocess browser
1283 // as someone might be setting the cursor in the main process as well.
1284 current_windowless_cursor_.GetCursorInfo(cursor_info);
1285 }
1286
1287 handle_event_depth_--;
1288
1289 g_current_plugin_instance = last_plugin_instance;
1290
1291 // We could have multiple NPP_HandleEvent calls nested together in case
1292 // the plugin enters a modal loop. Reset the pump messages event when
1293 // the outermost NPP_HandleEvent call unwinds.
1294 if (handle_event_depth_ == 0) {
1295 ResetEvent(handle_event_pump_messages_event_);
1296 }
1297
1298 // If we didn't enter a modal loop, need to unhook the filter.
1299 if (handle_event_message_filter_hook_) {
1300 UnhookWindowsHookEx(handle_event_message_filter_hook_);
1301 handle_event_message_filter_hook_ = NULL;
1302 }
1303
1304 if (::IsWindow(last_focus_window)) {
1305 // Restore the nestable tasks allowed state in the message loop and reset
1306 // the os modal loop state as the plugin returned from the TrackPopupMenu
1307 // API call.
1308 base::MessageLoop::current()->SetNestableTasksAllowed(
1309 old_task_reentrancy_state);
1310 base::MessageLoop::current()->set_os_modal_loop(false);
1311 // The Flash plugin at times sets focus to its hidden top level window
1312 // with class name SWFlash_PlaceholderX. This causes the chrome browser
1313 // window to receive a WM_ACTIVATEAPP message as a top level window from
1314 // another thread is now active. We end up in a state where the chrome
1315 // browser window is not active even though the user clicked on it.
1316 // Our workaround for this is to send over a raw
1317 // WM_LBUTTONDOWN/WM_LBUTTONUP combination to the last focus window, which
1318 // does the trick.
1319 if (dummy_window_for_activation_ != ::GetFocus()) {
1320 INPUT input_info = {0};
1321 input_info.type = INPUT_MOUSE;
1322 input_info.mi.dwFlags = MOUSEEVENTF_LEFTDOWN;
1323 ::SendInput(1, &input_info, sizeof(INPUT));
1324
1325 input_info.type = INPUT_MOUSE;
1326 input_info.mi.dwFlags = MOUSEEVENTF_LEFTUP;
1327 ::SendInput(1, &input_info, sizeof(INPUT));
1328 } else {
1329 ::SetFocus(last_focus_window);
1330 }
1331 }
1332 return ret;
1333 }
1334
1335
OnModalLoopEntered()1336 void WebPluginDelegateImpl::OnModalLoopEntered() {
1337 DCHECK(handle_event_pump_messages_event_ != NULL);
1338 SetEvent(handle_event_pump_messages_event_);
1339
1340 base::MessageLoop::current()->SetNestableTasksAllowed(true);
1341 base::MessageLoop::current()->set_os_modal_loop(true);
1342
1343 UnhookWindowsHookEx(handle_event_message_filter_hook_);
1344 handle_event_message_filter_hook_ = NULL;
1345 }
1346
ShouldTrackEventForModalLoops(NPEvent * event)1347 bool WebPluginDelegateImpl::ShouldTrackEventForModalLoops(NPEvent* event) {
1348 if (event->event == WM_RBUTTONDOWN)
1349 return true;
1350 return false;
1351 }
1352
OnUserGestureEnd()1353 void WebPluginDelegateImpl::OnUserGestureEnd() {
1354 user_gesture_message_posted_ = false;
1355 instance()->PopPopupsEnabledState();
1356 }
1357
TrackPopupMenuPatch(HMENU menu,unsigned int flags,int x,int y,int reserved,HWND window,const RECT * rect)1358 BOOL WINAPI WebPluginDelegateImpl::TrackPopupMenuPatch(
1359 HMENU menu, unsigned int flags, int x, int y, int reserved,
1360 HWND window, const RECT* rect) {
1361
1362 if (g_current_plugin_instance) {
1363 unsigned long window_process_id = 0;
1364 unsigned long window_thread_id =
1365 GetWindowThreadProcessId(window, &window_process_id);
1366 // TrackPopupMenu fails if the window passed in belongs to a different
1367 // thread.
1368 if (::GetCurrentThreadId() != window_thread_id) {
1369 bool valid =
1370 GetParent(g_current_plugin_instance->dummy_window_for_activation_) !=
1371 GetDesktopWindow();
1372 if (valid) {
1373 window = g_current_plugin_instance->dummy_window_for_activation_;
1374 } else {
1375 NOTREACHED() << "Dummy window not parented";
1376 }
1377 }
1378 }
1379
1380 BOOL result = TrackPopupMenu(menu, flags, x, y, reserved, window, rect);
1381 return result;
1382 }
1383
SetCursorPatch(HCURSOR cursor)1384 HCURSOR WINAPI WebPluginDelegateImpl::SetCursorPatch(HCURSOR cursor) {
1385 // The windowless flash plugin periodically calls SetCursor in a wndproc
1386 // instantiated on the plugin thread. This causes annoying cursor flicker
1387 // when the mouse is moved on a foreground tab, with a windowless plugin
1388 // instance in a background tab. We just ignore the call here.
1389 if (!g_current_plugin_instance) {
1390 HCURSOR current_cursor = GetCursor();
1391 if (current_cursor != cursor) {
1392 ::SetCursor(cursor);
1393 }
1394 return current_cursor;
1395 }
1396 return ::SetCursor(cursor);
1397 }
1398
RegEnumKeyExWPatch(HKEY key,DWORD index,LPWSTR name,LPDWORD name_size,LPDWORD reserved,LPWSTR class_name,LPDWORD class_size,PFILETIME last_write_time)1399 LONG WINAPI WebPluginDelegateImpl::RegEnumKeyExWPatch(
1400 HKEY key, DWORD index, LPWSTR name, LPDWORD name_size, LPDWORD reserved,
1401 LPWSTR class_name, LPDWORD class_size, PFILETIME last_write_time) {
1402 DWORD orig_size = *name_size;
1403 LONG rv = RegEnumKeyExW(key, index, name, name_size, reserved, class_name,
1404 class_size, last_write_time);
1405 if (rv == ERROR_SUCCESS &&
1406 GetKeyPath(key).find(L"Microsoft\\MediaPlayer\\ShimInclusionList") !=
1407 std::wstring::npos) {
1408 static const wchar_t kChromeExeName[] = L"chrome.exe";
1409 wcsncpy_s(name, orig_size, kChromeExeName, arraysize(kChromeExeName));
1410 *name_size =
1411 std::min(orig_size, static_cast<DWORD>(arraysize(kChromeExeName)));
1412 }
1413
1414 return rv;
1415 }
1416
ImeCompositionUpdated(const base::string16 & text,const std::vector<int> & clauses,const std::vector<int> & target,int cursor_position)1417 void WebPluginDelegateImpl::ImeCompositionUpdated(
1418 const base::string16& text,
1419 const std::vector<int>& clauses,
1420 const std::vector<int>& target,
1421 int cursor_position) {
1422 if (!plugin_ime_)
1423 plugin_ime_.reset(new WebPluginIMEWin);
1424
1425 plugin_ime_->CompositionUpdated(text, clauses, target, cursor_position);
1426 plugin_ime_->SendEvents(instance());
1427 }
1428
ImeCompositionCompleted(const base::string16 & text)1429 void WebPluginDelegateImpl::ImeCompositionCompleted(
1430 const base::string16& text) {
1431 if (!plugin_ime_)
1432 plugin_ime_.reset(new WebPluginIMEWin);
1433 plugin_ime_->CompositionCompleted(text);
1434 plugin_ime_->SendEvents(instance());
1435 }
1436
GetIMEStatus(int * input_type,gfx::Rect * caret_rect)1437 bool WebPluginDelegateImpl::GetIMEStatus(int* input_type,
1438 gfx::Rect* caret_rect) {
1439 if (!plugin_ime_)
1440 return false;
1441 return plugin_ime_->GetStatus(input_type, caret_rect);
1442 }
1443
1444 // static
GetProcAddressPatch(HMODULE module,LPCSTR name)1445 FARPROC WINAPI WebPluginDelegateImpl::GetProcAddressPatch(HMODULE module,
1446 LPCSTR name) {
1447 FARPROC imm_function = WebPluginIMEWin::GetProcAddress(name);
1448 if (imm_function)
1449 return imm_function;
1450 return ::GetProcAddress(module, name);
1451 }
1452
WindowFromPointPatch(POINT point)1453 HWND WINAPI WebPluginDelegateImpl::WindowFromPointPatch(POINT point) {
1454 HWND window = WindowFromPoint(point);
1455 if (::ScreenToClient(window, &point)) {
1456 HWND child = ChildWindowFromPoint(window, point);
1457 if (::IsWindow(child) &&
1458 ::GetProp(child, content::kPluginDummyParentProperty))
1459 return child;
1460 }
1461 return window;
1462 }
1463
HandleCaptureForMessage(HWND window,UINT message)1464 void WebPluginDelegateImpl::HandleCaptureForMessage(HWND window,
1465 UINT message) {
1466 if (gfx::GetClassName(window) != base::string16(kNativeWindowClassName))
1467 return;
1468
1469 switch (message) {
1470 case WM_LBUTTONDOWN:
1471 case WM_MBUTTONDOWN:
1472 case WM_RBUTTONDOWN:
1473 ::SetCapture(window);
1474 // As per documentation the WM_PARENTNOTIFY message is sent to the parent
1475 // window chain if mouse input is received by the child window. However
1476 // the parent receives the WM_PARENTNOTIFY message only if we doubleclick
1477 // on the window. We send the WM_PARENTNOTIFY message for mouse input
1478 // messages to the parent to indicate that user action is expected.
1479 ::SendMessage(::GetParent(window), WM_PARENTNOTIFY, message, 0);
1480 break;
1481
1482 case WM_LBUTTONUP:
1483 case WM_MBUTTONUP:
1484 case WM_RBUTTONUP:
1485 ::ReleaseCapture();
1486 break;
1487
1488 default:
1489 break;
1490 }
1491 }
1492
1493 } // namespace content
1494