Rename iframe-security to node-integration.

This commit is contained in:
Cheng Zhao 2014-01-30 23:20:12 +08:00
parent d4929de33c
commit ec00da416f
8 changed files with 44 additions and 23 deletions

View file

@ -63,15 +63,15 @@ bool AtomBrowserClient::ShouldSwapProcessesForNavigation(
void AtomBrowserClient::AppendExtraCommandLineSwitches( void AtomBrowserClient::AppendExtraCommandLineSwitches(
CommandLine* command_line, CommandLine* command_line,
int child_process_id) { int child_process_id) {
// Append --iframe-security to renderer process. // Append --node-integration to renderer process.
WindowList* list = WindowList::GetInstance(); WindowList* list = WindowList::GetInstance();
for (WindowList::const_iterator iter = list->begin(); iter != list->end(); for (WindowList::const_iterator iter = list->begin(); iter != list->end();
++iter) { ++iter) {
NativeWindow* window = *iter; NativeWindow* window = *iter;
int id = window->GetWebContents()->GetRenderProcessHost()->GetID(); int id = window->GetWebContents()->GetRenderProcessHost()->GetID();
if (id == child_process_id) { if (id == child_process_id) {
command_line->AppendSwitchASCII(switches::kIframeSecurity, command_line->AppendSwitchASCII(switches::kNodeIntegration,
window->iframe_security()); window->node_integration());
return; return;
} }
} }

View file

@ -48,7 +48,7 @@ NativeWindow::NativeWindow(content::WebContents* web_contents,
: content::WebContentsObserver(web_contents), : content::WebContentsObserver(web_contents),
has_frame_(true), has_frame_(true),
is_closed_(false), is_closed_(false),
iframe_security_("full"), node_integration_("all"),
weak_factory_(this), weak_factory_(this),
inspectable_web_contents_( inspectable_web_contents_(
brightray::InspectableWebContents::Create(web_contents)) { brightray::InspectableWebContents::Create(web_contents)) {
@ -60,7 +60,7 @@ NativeWindow::NativeWindow(content::WebContents* web_contents,
LOG(ERROR) << "Failed to set icon to " << icon; LOG(ERROR) << "Failed to set icon to " << icon;
// Read iframe security before any navigation. // Read iframe security before any navigation.
options->GetString(switches::kIframeSecurity, &iframe_security_); options->GetString(switches::kNodeIntegration, &node_integration_);
web_contents->SetDelegate(this); web_contents->SetDelegate(this);

View file

@ -140,7 +140,7 @@ class NativeWindow : public brightray::DefaultWebContentsDelegate,
} }
bool has_frame() const { return has_frame_; } bool has_frame() const { return has_frame_; }
std::string iframe_security() const { return iframe_security_; } std::string node_integration() const { return node_integration_; }
protected: protected:
explicit NativeWindow(content::WebContents* web_contents, explicit NativeWindow(content::WebContents* web_contents,
@ -221,7 +221,7 @@ class NativeWindow : public brightray::DefaultWebContentsDelegate,
bool is_closed_; bool is_closed_;
// The security token of iframe. // The security token of iframe.
std::string iframe_security_; std::string node_integration_;
// Closure that would be called when window is unresponsive when closing, // Closure that would be called when window is unresponsive when closing,
// it should be cancelled when we can prove that the window is responsive. // it should be cancelled when we can prove that the window is responsive.

View file

@ -31,7 +31,7 @@ const char kKiosk[] = "kiosk";
// Make windows stays on the top of all other windows. // Make windows stays on the top of all other windows.
const char kAlwaysOnTop[] = "always-on-top"; const char kAlwaysOnTop[] = "always-on-top";
const char kIframeSecurity[] = "iframe-security"; const char kNodeIntegration[] = "node-integration";
} // namespace switches } // namespace switches

View file

@ -26,7 +26,7 @@ extern const char kResizable[];
extern const char kFullscreen[]; extern const char kFullscreen[];
extern const char kKiosk[]; extern const char kKiosk[];
extern const char kAlwaysOnTop[]; extern const char kAlwaysOnTop[];
extern const char kIframeSecurity[]; extern const char kNodeIntegration[];
} // namespace switches } // namespace switches

View file

@ -55,6 +55,9 @@ bool AtomRenderViewObserver::OnMessageReceived(const IPC::Message& message) {
void AtomRenderViewObserver::OnBrowserMessage(const string16& channel, void AtomRenderViewObserver::OnBrowserMessage(const string16& channel,
const base::ListValue& args) { const base::ListValue& args) {
if (!render_view()->GetWebView())
return;
WebKit::WebFrame* frame = render_view()->GetWebView()->mainFrame(); WebKit::WebFrame* frame = render_view()->GetWebView()->mainFrame();
if (!renderer_client_->IsNodeBindingEnabled(frame)) if (!renderer_client_->IsNodeBindingEnabled(frame))
return; return;

View file

@ -18,13 +18,17 @@
namespace atom { namespace atom {
AtomRendererClient::AtomRendererClient() AtomRendererClient::AtomRendererClient()
: iframe_security_(FULL) { : node_integration_(ALL),
std::string security = CommandLine::ForCurrentProcess()-> main_frame_(NULL) {
GetSwitchValueASCII(switches::kIframeSecurity); // Translate the token.
if (security == "manual") std::string token = CommandLine::ForCurrentProcess()->
iframe_security_ = MANUAL; GetSwitchValueASCII(switches::kNodeIntegration);
else if (security == "none") if (token == "except-iframe")
iframe_security_ = NONE; node_integration_ = EXCEPT_IFRAME;
else if (token == "manual-enable-iframe")
node_integration_ = MANUAL_ENABLE_IFRAME;
else if (token == "disable")
node_integration_ = DISABLE;
if (IsNodeBindingEnabled()) { if (IsNodeBindingEnabled()) {
node_bindings_.reset(NodeBindings::Create(false)); node_bindings_.reset(NodeBindings::Create(false));
@ -59,6 +63,10 @@ void AtomRendererClient::DidCreateScriptContext(WebKit::WebFrame* frame,
v8::Handle<v8::Context> context, v8::Handle<v8::Context> context,
int extension_group, int extension_group,
int world_id) { int world_id) {
// The first web frame is the main frame.
if (main_frame_ == NULL)
main_frame_ = frame;
if (!IsNodeBindingEnabled(frame)) if (!IsNodeBindingEnabled(frame))
return; return;
@ -131,12 +139,17 @@ bool AtomRendererClient::ShouldFork(WebKit::WebFrame* frame,
} }
bool AtomRendererClient::IsNodeBindingEnabled(WebKit::WebFrame* frame) { bool AtomRendererClient::IsNodeBindingEnabled(WebKit::WebFrame* frame) {
if (iframe_security_ == FULL) if (node_integration_ == DISABLE)
return false; return false;
else if (iframe_security_ == MANUAL && // Node integration is enabled in main frame unless explictly disabled.
else if (frame == main_frame_)
return true;
else if (node_integration_ == MANUAL_ENABLE_IFRAME &&
frame != NULL && frame != NULL &&
frame->uniqueName().utf8().find("-enable-node") == std::string::npos) frame->uniqueName().utf8().find("-enable-node") == std::string::npos)
return false; return false;
else if (node_integration_ == EXCEPT_IFRAME && frame != NULL)
return false;
else else
return true; return true;
} }

View file

@ -28,10 +28,11 @@ class AtomRendererClient : public content::ContentRendererClient {
AtomRendererBindings* atom_bindings() const { return atom_bindings_.get(); } AtomRendererBindings* atom_bindings() const { return atom_bindings_.get(); }
private: private:
enum IframeSecurity { enum NodeIntegration {
FULL, ALL,
MANUAL, EXCEPT_IFRAME,
NONE, MANUAL_ENABLE_IFRAME,
DISABLE,
}; };
virtual void RenderThreadStarted() OVERRIDE; virtual void RenderThreadStarted() OVERRIDE;
@ -55,7 +56,11 @@ class AtomRendererClient : public content::ContentRendererClient {
scoped_ptr<NodeBindings> node_bindings_; scoped_ptr<NodeBindings> node_bindings_;
scoped_ptr<AtomRendererBindings> atom_bindings_; scoped_ptr<AtomRendererBindings> atom_bindings_;
IframeSecurity iframe_security_; // The level of node integration we should support.
NodeIntegration node_integration_;
// The main frame.
WebKit::WebFrame* main_frame_;
DISALLOW_COPY_AND_ASSIGN(AtomRendererClient); DISALLOW_COPY_AND_ASSIGN(AtomRendererClient);
}; };