• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "content/browser/manifest/manifest_manager_host.h"
6 
7 #include "content/common/manifest_manager_messages.h"
8 #include "content/public/browser/render_frame_host.h"
9 #include "content/public/browser/render_process_host.h"
10 #include "content/public/common/manifest.h"
11 #include "content/public/common/result_codes.h"
12 
13 namespace content {
14 
15 namespace {
16 
KillRenderer(RenderFrameHost * render_frame_host)17 void KillRenderer(RenderFrameHost* render_frame_host) {
18   base::ProcessHandle process_handle =
19       render_frame_host->GetProcess()->GetHandle();
20   if (process_handle == base::kNullProcessHandle)
21     return;
22   base::KillProcess(process_handle, RESULT_CODE_KILLED_BAD_MESSAGE, false);
23 }
24 
25 } // anonymous namespace
26 
ManifestManagerHost(WebContents * web_contents)27 ManifestManagerHost::ManifestManagerHost(WebContents* web_contents)
28   : WebContentsObserver(web_contents) {
29 }
30 
~ManifestManagerHost()31 ManifestManagerHost::~ManifestManagerHost() {
32 }
33 
GetCallbackMapForFrame(RenderFrameHost * render_frame_host)34 ManifestManagerHost::CallbackMap* ManifestManagerHost::GetCallbackMapForFrame(
35     RenderFrameHost* render_frame_host) {
36   FrameCallbackMap::iterator it = pending_callbacks_.find(render_frame_host);
37   return it != pending_callbacks_.end() ? it->second : 0;
38 }
39 
RenderFrameDeleted(RenderFrameHost * render_frame_host)40 void ManifestManagerHost::RenderFrameDeleted(
41     RenderFrameHost* render_frame_host) {
42   CallbackMap* callbacks = GetCallbackMapForFrame(render_frame_host);
43   if (!callbacks)
44     return;
45 
46   // Before deleting the callbacks, make sure they are called with a failure
47   // state.
48   CallbackMap::const_iterator it(callbacks);
49   for (; !it.IsAtEnd(); it.Advance())
50     it.GetCurrentValue()->Run(Manifest());
51 
52   pending_callbacks_.erase(render_frame_host);
53 }
54 
GetManifest(RenderFrameHost * render_frame_host,const GetManifestCallback & callback)55 void ManifestManagerHost::GetManifest(RenderFrameHost* render_frame_host,
56                                       const GetManifestCallback& callback) {
57   CallbackMap* callbacks = GetCallbackMapForFrame(render_frame_host);
58   if (!callbacks) {
59     callbacks = new CallbackMap();
60     pending_callbacks_[render_frame_host] = callbacks;
61   }
62 
63   int request_id = callbacks->Add(new GetManifestCallback(callback));
64 
65   render_frame_host->Send(new ManifestManagerMsg_RequestManifest(
66       render_frame_host->GetRoutingID(), request_id));
67 }
68 
OnMessageReceived(const IPC::Message & message,RenderFrameHost * render_frame_host)69 bool ManifestManagerHost::OnMessageReceived(
70     const IPC::Message& message, RenderFrameHost* render_frame_host) {
71   bool handled = true;
72 
73   IPC_BEGIN_MESSAGE_MAP_WITH_PARAM(ManifestManagerHost, message,
74                                    render_frame_host)
75     IPC_MESSAGE_HANDLER(ManifestManagerHostMsg_RequestManifestResponse,
76                         OnRequestManifestResponse)
77     IPC_MESSAGE_UNHANDLED(handled = false)
78   IPC_END_MESSAGE_MAP()
79 
80   return handled;
81 }
82 
OnRequestManifestResponse(RenderFrameHost * render_frame_host,int request_id,const Manifest & insecure_manifest)83 void ManifestManagerHost::OnRequestManifestResponse(
84     RenderFrameHost* render_frame_host,
85     int request_id,
86     const Manifest& insecure_manifest) {
87   CallbackMap* callbacks = GetCallbackMapForFrame(render_frame_host);
88   if (!callbacks) {
89     DVLOG(1) << "Unexpected RequestManifestResponse to from renderer. "
90                 "Killing renderer.";
91     KillRenderer(render_frame_host);
92     return;
93   }
94 
95   GetManifestCallback* callback = callbacks->Lookup(request_id);
96   if (!callback) {
97     DVLOG(1) << "Received a request_id (" << request_id << ") from renderer "
98                 "with no associated callback. Killing renderer.";
99     KillRenderer(render_frame_host);
100     return;
101   }
102 
103   // When receiving a Manifest, the browser process can't trust that it is
104   // coming from a known and secure source. It must be processed accordingly.
105   Manifest manifest = insecure_manifest;
106   manifest.name = base::NullableString16(
107       manifest.name.string().substr(0, Manifest::kMaxIPCStringLength),
108       manifest.name.is_null());
109   manifest.short_name = base::NullableString16(
110         manifest.short_name.string().substr(0, Manifest::kMaxIPCStringLength),
111         manifest.short_name.is_null());
112   if (!manifest.start_url.is_valid())
113     manifest.start_url = GURL();
114   for (size_t i = 0; i < manifest.icons.size(); ++i) {
115     if (!manifest.icons[i].src.is_valid())
116       manifest.icons[i].src = GURL();
117     manifest.icons[i].type = base::NullableString16(
118         manifest.icons[i].type.string().substr(0,
119                                                Manifest::kMaxIPCStringLength),
120         manifest.icons[i].type.is_null());
121   }
122 
123   callback->Run(manifest);
124   callbacks->Remove(request_id);
125   if (callbacks->IsEmpty()) {
126     delete callbacks;
127     pending_callbacks_.erase(render_frame_host);
128   }
129 }
130 
131 } // namespace content
132