15821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Copyright (c) 2012 The Chromium Authors. All rights reserved. 25821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 35821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// found in the LICENSE file. 45821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 55821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/browser/external_protocol/external_protocol_handler.h" 65821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 75821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include <set> 85821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 95821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/bind.h" 105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/logging.h" 11ca12bfac764ba476d6cd062bf1dde12cc64c3f40Ben Murdoch#include "base/message_loop/message_loop.h" 122a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "base/prefs/pref_registry_simple.h" 132a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "base/prefs/pref_service.h" 141e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles)#include "base/prefs/scoped_user_pref_update.h" 15868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#include "base/strings/string_util.h" 165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/threading/thread.h" 175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "build/build_config.h" 185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/browser/browser_process.h" 195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/browser/platform_util.h" 20d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles)#include "chrome/browser/profiles/profile.h" 21d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles)#include "chrome/browser/tab_contents/tab_util.h" 225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/common/pref_names.h" 235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "content/public/browser/browser_thread.h" 24d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles)#include "content/public/browser/web_contents.h" 255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "net/base/escape.h" 26eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch#include "url/gurl.h" 275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)using content::BrowserThread; 295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Whether we accept requests for launching external protocols. This is set to 315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// false every time an external protocol is requested, and set back to true on 325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// each user gesture. This variable should only be accessed from the UI thread. 335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)static bool g_accept_requests = true; 345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)namespace { 365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Functions enabling unit testing. Using a NULL delegate will use the default 385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// behavior; if a delegate is provided it will be used instead. 395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)ShellIntegration::DefaultProtocolClientWorker* CreateShellWorker( 405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ShellIntegration::DefaultWebClientObserver* observer, 415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const std::string& protocol, 425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ExternalProtocolHandler::Delegate* delegate) { 435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (!delegate) 445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return new ShellIntegration::DefaultProtocolClientWorker(observer, 455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) protocol); 465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return delegate->CreateShellWorker(observer, protocol); 485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)ExternalProtocolHandler::BlockState GetBlockStateWithDelegate( 515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const std::string& scheme, 525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ExternalProtocolHandler::Delegate* delegate) { 535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (!delegate) 545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return ExternalProtocolHandler::GetBlockState(scheme); 555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return delegate->GetBlockState(scheme); 575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void RunExternalProtocolDialogWithDelegate( 605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const GURL& url, 615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) int render_process_host_id, 625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) int routing_id, 635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ExternalProtocolHandler::Delegate* delegate) { 645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (!delegate) { 655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ExternalProtocolHandler::RunExternalProtocolDialog(url, 665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) render_process_host_id, 675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) routing_id); 685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else { 695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) delegate->RunExternalProtocolDialog(url, render_process_host_id, 705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) routing_id); 715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void LaunchUrlWithoutSecurityCheckWithDelegate( 755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const GURL& url, 76d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles) int render_process_host_id, 77d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles) int tab_contents_id, 785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ExternalProtocolHandler::Delegate* delegate) { 79d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles) if (!delegate) { 80d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles) ExternalProtocolHandler::LaunchUrlWithoutSecurityCheck( 81d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles) url, render_process_host_id, tab_contents_id); 82d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles) } else { 835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) delegate->LaunchUrlWithoutSecurityCheck(url); 84d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles) } 855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// When we are about to launch a URL with the default OS level application, 885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// we check if that external application will be us. If it is we just ignore 895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// the request. 905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)class ExternalDefaultProtocolObserver 915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) : public ShellIntegration::DefaultWebClientObserver { 925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) public: 935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ExternalDefaultProtocolObserver(const GURL& escaped_url, 945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) int render_process_host_id, 955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) int tab_contents_id, 965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool prompt_user, 975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ExternalProtocolHandler::Delegate* delegate) 985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) : delegate_(delegate), 995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) escaped_url_(escaped_url), 1005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) render_process_host_id_(render_process_host_id), 1015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) tab_contents_id_(tab_contents_id), 1025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) prompt_user_(prompt_user) {} 1035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual void SetDefaultWebClientUIState( 1055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ShellIntegration::DefaultWebClientUIState state) OVERRIDE { 10690dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) DCHECK_EQ(base::MessageLoop::TYPE_UI, base::MessageLoop::current()->type()); 1075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // If we are still working out if we're the default, or we've found 1095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // out we definately are the default, we end here. 1105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (state == ShellIntegration::STATE_PROCESSING) { 1115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return; 1125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (delegate_) 1155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) delegate_->FinishedProcessingCheck(); 1165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (state == ShellIntegration::STATE_IS_DEFAULT) { 1185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (delegate_) 1195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) delegate_->BlockRequest(); 1205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return; 1215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // If we get here, either we are not the default or we cannot work out 1245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // what the default is, so we proceed. 1255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (prompt_user_) { 1265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Ask the user if they want to allow the protocol. This will call 1275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // LaunchUrlWithoutSecurityCheck if the user decides to accept the 1285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // protocol. 1295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) RunExternalProtocolDialogWithDelegate(escaped_url_, 1305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) render_process_host_id_, tab_contents_id_, delegate_); 1315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return; 1325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 134d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles) LaunchUrlWithoutSecurityCheckWithDelegate( 135d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles) escaped_url_, render_process_host_id_, tab_contents_id_, delegate_); 1365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual bool IsOwnedByWorker() OVERRIDE { return true; } 1395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) private: 1415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ExternalProtocolHandler::Delegate* delegate_; 1425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL escaped_url_; 1435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) int render_process_host_id_; 1445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) int tab_contents_id_; 1455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool prompt_user_; 1465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}; 1475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} // namespace 1495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// static 1515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void ExternalProtocolHandler::PrepopulateDictionary(DictionaryValue* win_pref) { 1525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) static bool is_warm = false; 1535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (is_warm) 1545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return; 1555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) is_warm = true; 1565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) static const char* const denied_schemes[] = { 1585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "afp", 1595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "data", 1605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "disk", 1615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "disks", 1625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // ShellExecuting file:///C:/WINDOWS/system32/notepad.exe will simply 1635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // execute the file specified! Hopefully we won't see any "file" schemes 1645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // because we think of file:// URLs as handled URLs, but better to be safe 1655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // than to let an attacker format the user's hard drive. 1665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "file", 1675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "hcp", 1685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "javascript", 1695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "ms-help", 1705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "nntp", 1715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "shell", 1725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "vbscript", 1735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // view-source is a special case in chrome. When it comes through an 1745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // iframe or a redirect, it looks like an external protocol, but we don't 1755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // want to shellexecute it. 1765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "view-source", 1775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "vnd.ms.radio", 1785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) }; 1795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) static const char* const allowed_schemes[] = { 1815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "mailto", 1825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "news", 1835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "snews", 1842a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#if defined(OS_WIN) 1852a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) "ms-windows-store", 1862a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#endif 1875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) }; 1885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool should_block; 1905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) for (size_t i = 0; i < arraysize(denied_schemes); ++i) { 1915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (!win_pref->GetBoolean(denied_schemes[i], &should_block)) { 1925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) win_pref->SetBoolean(denied_schemes[i], true); 1935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) for (size_t i = 0; i < arraysize(allowed_schemes); ++i) { 1975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (!win_pref->GetBoolean(allowed_schemes[i], &should_block)) { 1985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) win_pref->SetBoolean(allowed_schemes[i], false); 1995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 2005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 2015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 2025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// static 2045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)ExternalProtocolHandler::BlockState ExternalProtocolHandler::GetBlockState( 2055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const std::string& scheme) { 2065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // If we are being carpet bombed, block the request. 2075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (!g_accept_requests) 2085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return BLOCK; 2095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (scheme.length() == 1) { 2115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // We have a URL that looks something like: 2125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // C:/WINDOWS/system32/notepad.exe 2135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // ShellExecuting this URL will cause the specified program to be executed. 2145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return BLOCK; 2155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 2165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Check the stored prefs. 2185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // TODO(pkasting): http://b/1119651 This kind of thing should go in the 2195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // preferences on the profile, not in the local state. 2205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) PrefService* pref = g_browser_process->local_state(); 2215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (pref) { // May be NULL during testing. 2225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) DictionaryPrefUpdate update_excluded_schemas(pref, prefs::kExcludedSchemes); 2235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Warm up the dictionary if needed. 2255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) PrepopulateDictionary(update_excluded_schemas.Get()); 2265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool should_block; 2285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (update_excluded_schemas->GetBoolean(scheme, &should_block)) 2295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return should_block ? BLOCK : DONT_BLOCK; 2305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 2315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return UNKNOWN; 2335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 2345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// static 2365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void ExternalProtocolHandler::SetBlockState(const std::string& scheme, 2375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) BlockState state) { 2385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Set in the stored prefs. 2395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // TODO(pkasting): http://b/1119651 This kind of thing should go in the 2405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // preferences on the profile, not in the local state. 2415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) PrefService* pref = g_browser_process->local_state(); 2425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (pref) { // May be NULL during testing. 2435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) DictionaryPrefUpdate update_excluded_schemas(pref, prefs::kExcludedSchemes); 2445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (state == UNKNOWN) { 2465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) update_excluded_schemas->Remove(scheme, NULL); 2475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else { 2485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) update_excluded_schemas->SetBoolean(scheme, (state == BLOCK)); 2495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 2505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 2515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 2525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// static 2545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void ExternalProtocolHandler::LaunchUrlWithDelegate(const GURL& url, 2555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) int render_process_host_id, 2565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) int tab_contents_id, 2575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) Delegate* delegate) { 25890dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) DCHECK_EQ(base::MessageLoop::TYPE_UI, base::MessageLoop::current()->type()); 2595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Escape the input scheme to be sure that the command does not 2615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // have parameters unexpected by the external program. 2625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string escaped_url_string = net::EscapeExternalHandlerValue(url.spec()); 2635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL escaped_url(escaped_url_string); 2645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) BlockState block_state = GetBlockStateWithDelegate(escaped_url.scheme(), 2655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) delegate); 2665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (block_state == BLOCK) { 2675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (delegate) 2685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) delegate->BlockRequest(); 2695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return; 2705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 2715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) g_accept_requests = false; 2735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // The worker creates tasks with references to itself and puts them into 2755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // message loops. When no tasks are left it will delete the observer and 2765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // eventually be deleted itself. 2775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ShellIntegration::DefaultWebClientObserver* observer = 2785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) new ExternalDefaultProtocolObserver(url, 2795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) render_process_host_id, 2805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) tab_contents_id, 2815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) block_state == UNKNOWN, 2825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) delegate); 2835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) scoped_refptr<ShellIntegration::DefaultProtocolClientWorker> worker = 2845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) CreateShellWorker(observer, escaped_url.scheme(), delegate); 2855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Start the check process running. This will send tasks to the FILE thread 2875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // and when the answer is known will send the result back to the observer on 2885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // the UI thread. 2895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) worker->StartCheckIsDefault(); 2905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 2915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// static 293d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles)void ExternalProtocolHandler::LaunchUrlWithoutSecurityCheck( 294d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles) const GURL& url, 295d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles) int render_process_host_id, 296d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles) int tab_contents_id) { 297d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles) content::WebContents* web_contents = tab_util::GetWebContentsByID( 298d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles) render_process_host_id, tab_contents_id); 299d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles) if (!web_contents) 300d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles) return; 301d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles) 302d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles) platform_util::OpenExternal( 303d57369da7c6519fef57db42085f7b42d4c8845c1Torne (Richard Coles) Profile::FromBrowserContext(web_contents->GetBrowserContext()), url); 3045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 3055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 3065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// static 3072a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)void ExternalProtocolHandler::RegisterPrefs(PrefRegistrySimple* registry) { 3082a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) registry->RegisterDictionaryPref(prefs::kExcludedSchemes); 3095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 3105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 3115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// static 3125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void ExternalProtocolHandler::PermitLaunchUrl() { 31390dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) DCHECK_EQ(base::MessageLoop::TYPE_UI, base::MessageLoop::current()->type()); 3145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) g_accept_requests = true; 3155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 316