1/* 2 * Copyright (C) 2011 Google Inc. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions are 6 * met: 7 * 8 * * Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * * Redistributions in binary form must reproduce the above 11 * copyright notice, this list of conditions and the following disclaimer 12 * in the documentation and/or other materials provided with the 13 * distribution. 14 * * Neither the name of Google Inc. nor the names of its 15 * contributors may be used to endorse or promote products derived from 16 * this software without specific prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 22 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 29 */ 30 31#ifndef WebPermissionClient_h 32#define WebPermissionClient_h 33 34#define WEBPERMISSIONCLIENT_USES_FRAME_FOR_ALL_METHODS 35 36namespace blink { 37 38class WebDocument; 39class WebFrame; 40class WebSecurityOrigin; 41class WebString; 42class WebURL; 43 44class WebPermissionClient { 45public: 46 // Controls whether access to Web Databases is allowed for this frame. 47 virtual bool allowDatabase(WebFrame*, const WebString& name, const WebString& displayName, unsigned long estimatedSize) { return true; } 48 49 // Controls whether access to File System is allowed for this frame. 50 virtual bool allowFileSystem(WebFrame*) { return true; } 51 52 // Controls whether images are allowed for this frame. 53 virtual bool allowImage(WebFrame* frame, bool enabledPerSettings, const WebURL& imageURL) { return enabledPerSettings; } 54 55 // Controls whether access to Indexed DB are allowed for this frame. 56 virtual bool allowIndexedDB(WebFrame*, const WebString& name, const WebSecurityOrigin&) { return true; } 57 58 // Controls whether plugins are allowed for this frame. 59 virtual bool allowPlugins(WebFrame*, bool enabledPerSettings) { return enabledPerSettings; } 60 61 // Controls whether scripts are allowed to execute for this frame. 62 virtual bool allowScript(WebFrame*, bool enabledPerSettings) { return enabledPerSettings; } 63 64 // Controls whether scripts loaded from the given URL are allowed to execute for this frame. 65 virtual bool allowScriptFromSource(WebFrame*, bool enabledPerSettings, const WebURL& scriptURL) { return enabledPerSettings; } 66 67 // Controls whether insecrure content is allowed to display for this frame. 68 virtual bool allowDisplayingInsecureContent(WebFrame*, bool enabledPerSettings, const WebSecurityOrigin&, const WebURL&) { return enabledPerSettings; } 69 70 // Controls whether insecrure scripts are allowed to execute for this frame. 71 virtual bool allowRunningInsecureContent(WebFrame*, bool enabledPerSettings, const WebSecurityOrigin&, const WebURL&) { return enabledPerSettings; } 72 73 // Controls whether the given script extension should run in a new script 74 // context in this frame. If extensionGroup is 0, the script context is the 75 // frame's main context. Otherwise, it is a context created by 76 // WebFrame::executeScriptInIsolatedWorld with that same extensionGroup 77 // value. 78 virtual bool allowScriptExtension(WebFrame*, const WebString& extensionName, int extensionGroup) { return true; } 79 80 virtual bool allowScriptExtension(WebFrame* webFrame, const WebString& extensionName, int extensionGroup, int worldId) 81 { 82 return allowScriptExtension(webFrame, extensionName, extensionGroup); 83 } 84 85 // Controls whether HTML5 Web Storage is allowed for this frame. 86 // If local is true, then this is for local storage, otherwise it's for session storage. 87 virtual bool allowStorage(WebFrame*, bool local) { return true; } 88 89 // Controls whether access to read the clipboard is allowed for this frame. 90 virtual bool allowReadFromClipboard(WebFrame*, bool defaultValue) { return defaultValue; } 91 92 // Controls whether access to write the clipboard is allowed for this frame. 93 virtual bool allowWriteToClipboard(WebFrame*, bool defaultValue) { return defaultValue; } 94 95#if defined(WEBPERMISSIONCLIENT_USES_FRAME_FOR_ALL_METHODS) 96 // Controls whether enabling Web Components API for this frame. 97 virtual bool allowWebComponents(WebFrame*, bool defaultValue) { return defaultValue; } 98 99 // Controls whether to enable MutationEvents for this frame. 100 // The common use case of this method is actually to selectively disable MutationEvents, 101 // but it's been named for consistency with the rest of the interface. 102 virtual bool allowMutationEvents(WebFrame*, bool defaultValue) { return defaultValue; } 103 104 // Controls whether pushState and related History APIs are enabled for this frame. 105 virtual bool allowPushState(WebFrame*) { return true; } 106#else 107 // These methods are deprecated and will be removed after Chrome uses the new versions above. 108 virtual bool allowWebComponents(const WebDocument&, bool defaultValue) { return defaultValue; } 109 virtual bool allowMutationEvents(const WebDocument&, bool defaultValue) { return defaultValue; } 110 virtual bool allowPushState(const WebDocument&) { return true; } 111#endif 112 113 // Controls whether WebGL extension WEBGL_debug_renderer_info is allowed for this frame. 114 virtual bool allowWebGLDebugRendererInfo(WebFrame*) { return false; } 115 116 // Notifies the client that the frame would have instantiated a plug-in if plug-ins were enabled. 117 virtual void didNotAllowPlugins(WebFrame*) { } 118 119 // Notifies the client that the frame would have executed script if script were enabled. 120 virtual void didNotAllowScript(WebFrame*) { } 121 122protected: 123 ~WebPermissionClient() { } 124}; 125 126} // namespace blink 127 128#endif 129