Add iframe-security support.

This commit is contained in:
Cheng Zhao 2014-01-30 22:47:21 +08:00
parent a0b15661ed
commit d4929de33c
3 changed files with 51 additions and 2 deletions

View file

@ -5,12 +5,14 @@
#include "renderer/atom_render_view_observer.h"
#include "common/api/api_messages.h"
#include "content/public/renderer/render_view.h"
#include "ipc/ipc_message_macros.h"
#include "renderer/api/atom_renderer_bindings.h"
#include "renderer/atom_renderer_client.h"
#include "third_party/WebKit/public/web/WebDraggableRegion.h"
#include "third_party/WebKit/public/web/WebDocument.h"
#include "third_party/WebKit/public/web/WebFrame.h"
#include "third_party/WebKit/public/web/WebView.h"
#include "common/v8/node_common.h"
@ -53,6 +55,10 @@ bool AtomRenderViewObserver::OnMessageReceived(const IPC::Message& message) {
void AtomRenderViewObserver::OnBrowserMessage(const string16& channel,
const base::ListValue& args) {
WebKit::WebFrame* frame = render_view()->GetWebView()->mainFrame();
if (!renderer_client_->IsNodeBindingEnabled(frame))
return;
renderer_client_->atom_bindings()->OnBrowserMessage(
render_view(), channel, args);
}

View file

@ -6,23 +6,39 @@
#include <algorithm>
#include "base/command_line.h"
#include "common/node_bindings.h"
#include "common/options_switches.h"
#include "renderer/api/atom_renderer_bindings.h"
#include "renderer/atom_render_view_observer.h"
#include "third_party/WebKit/public/web/WebFrame.h"
#include "common/v8/node_common.h"
namespace atom {
AtomRendererClient::AtomRendererClient()
: node_bindings_(NodeBindings::Create(false)),
atom_bindings_(new AtomRendererBindings) {
: iframe_security_(FULL) {
std::string security = CommandLine::ForCurrentProcess()->
GetSwitchValueASCII(switches::kIframeSecurity);
if (security == "manual")
iframe_security_ = MANUAL;
else if (security == "none")
iframe_security_ = NONE;
if (IsNodeBindingEnabled()) {
node_bindings_.reset(NodeBindings::Create(false));
atom_bindings_.reset(new AtomRendererBindings);
}
}
AtomRendererClient::~AtomRendererClient() {
}
void AtomRendererClient::RenderThreadStarted() {
if (!IsNodeBindingEnabled())
return;
node_bindings_->Initialize();
node_bindings_->PrepareMessageLoop();
@ -43,6 +59,9 @@ void AtomRendererClient::DidCreateScriptContext(WebKit::WebFrame* frame,
v8::Handle<v8::Context> context,
int extension_group,
int world_id) {
if (!IsNodeBindingEnabled(frame))
return;
v8::Context::Scope scope(context);
// Check the existance of process object to prevent duplicate initialization.
@ -70,6 +89,9 @@ void AtomRendererClient::WillReleaseScriptContext(
WebKit::WebFrame* frame,
v8::Handle<v8::Context> context,
int world_id) {
if (!IsNodeBindingEnabled(frame))
return;
node::Environment* env = node::Environment::GetCurrent(context);
if (env == NULL) {
LOG(ERROR) << "Encounter a non-node context when releasing script context";
@ -108,4 +130,15 @@ bool AtomRendererClient::ShouldFork(WebKit::WebFrame* frame,
return true;
}
bool AtomRendererClient::IsNodeBindingEnabled(WebKit::WebFrame* frame) {
if (iframe_security_ == FULL)
return false;
else if (iframe_security_ == MANUAL &&
frame != NULL &&
frame->uniqueName().utf8().find("-enable-node") == std::string::npos)
return false;
else
return true;
}
} // namespace atom

View file

@ -23,9 +23,17 @@ class AtomRendererClient : public content::ContentRendererClient {
AtomRendererClient();
virtual ~AtomRendererClient();
bool IsNodeBindingEnabled(WebKit::WebFrame* frame = NULL);
AtomRendererBindings* atom_bindings() const { return atom_bindings_.get(); }
private:
enum IframeSecurity {
FULL,
MANUAL,
NONE,
};
virtual void RenderThreadStarted() OVERRIDE;
virtual void RenderViewCreated(content::RenderView*) OVERRIDE;
virtual void DidCreateScriptContext(WebKit::WebFrame* frame,
@ -47,6 +55,8 @@ class AtomRendererClient : public content::ContentRendererClient {
scoped_ptr<NodeBindings> node_bindings_;
scoped_ptr<AtomRendererBindings> atom_bindings_;
IframeSecurity iframe_security_;
DISALLOW_COPY_AND_ASSIGN(AtomRendererClient);
};