external_protocol_handler.cc revision 5f1c94371a64b3196d4be9466099bb892df9b88e
15821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Copyright (c) 2012 The Chromium Authors. All rights reserved. 25821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 35821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// found in the LICENSE file. 45821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 55821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/browser/external_protocol/external_protocol_handler.h" 65821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 75821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include <set> 85821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 95821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/bind.h" 105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/logging.h" 11ca12bfac764ba476d6cd062bf1dde12cc64c3f40Ben Murdoch#include "base/message_loop/message_loop.h" 122a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "base/prefs/pref_registry_simple.h" 132a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "base/prefs/pref_service.h" 141e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles)#include "base/prefs/scoped_user_pref_update.h" 15868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#include "base/strings/string_util.h" 165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/threading/thread.h" 175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "build/build_config.h" 185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/browser/browser_process.h" 195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/browser/platform_util.h" 205d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/profiles/profile.h" 215d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/tab_contents/tab_util.h" 225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/common/pref_names.h" 235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "content/public/browser/browser_thread.h" 245d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "content/public/browser/web_contents.h" 255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "net/base/escape.h" 26eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch#include "url/gurl.h" 275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)using content::BrowserThread; 295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 305f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)// Whether we accept requests for launching external protocols. This is set to 315f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)// false every time an external protocol is requested, and set back to true on 325f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)// each user gesture. This variable should only be accessed from the UI thread. 335f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)static bool g_accept_requests = true; 345f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) 355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)namespace { 365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Functions enabling unit testing. Using a NULL delegate will use the default 385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// behavior; if a delegate is provided it will be used instead. 395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)ShellIntegration::DefaultProtocolClientWorker* CreateShellWorker( 405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ShellIntegration::DefaultWebClientObserver* observer, 415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const std::string& protocol, 425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ExternalProtocolHandler::Delegate* delegate) { 435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (!delegate) 445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return new ShellIntegration::DefaultProtocolClientWorker(observer, 455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) protocol); 465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return delegate->CreateShellWorker(observer, protocol); 485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)ExternalProtocolHandler::BlockState GetBlockStateWithDelegate( 515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const std::string& scheme, 525f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) ExternalProtocolHandler::Delegate* delegate) { 535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (!delegate) 545f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) return ExternalProtocolHandler::GetBlockState(scheme); 555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 565f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) return delegate->GetBlockState(scheme); 575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void RunExternalProtocolDialogWithDelegate( 605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const GURL& url, 615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) int render_process_host_id, 625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) int routing_id, 635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ExternalProtocolHandler::Delegate* delegate) { 645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (!delegate) { 655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ExternalProtocolHandler::RunExternalProtocolDialog(url, 665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) render_process_host_id, 675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) routing_id); 685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else { 695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) delegate->RunExternalProtocolDialog(url, render_process_host_id, 705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) routing_id); 715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void LaunchUrlWithoutSecurityCheckWithDelegate( 755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const GURL& url, 765d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) int render_process_host_id, 775d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) int tab_contents_id, 785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ExternalProtocolHandler::Delegate* delegate) { 795d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) if (!delegate) { 805d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) ExternalProtocolHandler::LaunchUrlWithoutSecurityCheck( 815d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) url, render_process_host_id, tab_contents_id); 825d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) } else { 835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) delegate->LaunchUrlWithoutSecurityCheck(url); 845d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) } 855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// When we are about to launch a URL with the default OS level application, 885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// we check if that external application will be us. If it is we just ignore 895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// the request. 905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)class ExternalDefaultProtocolObserver 915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) : public ShellIntegration::DefaultWebClientObserver { 925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) public: 935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ExternalDefaultProtocolObserver(const GURL& escaped_url, 945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) int render_process_host_id, 955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) int tab_contents_id, 965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool prompt_user, 975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ExternalProtocolHandler::Delegate* delegate) 985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) : delegate_(delegate), 995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) escaped_url_(escaped_url), 1005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) render_process_host_id_(render_process_host_id), 1015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) tab_contents_id_(tab_contents_id), 1025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) prompt_user_(prompt_user) {} 1035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual void SetDefaultWebClientUIState( 1055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ShellIntegration::DefaultWebClientUIState state) OVERRIDE { 1065d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) DCHECK(base::MessageLoopForUI::IsCurrent()); 1075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // If we are still working out if we're the default, or we've found 1095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // out we definately are the default, we end here. 1105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (state == ShellIntegration::STATE_PROCESSING) { 1115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return; 1125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (delegate_) 1155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) delegate_->FinishedProcessingCheck(); 1165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (state == ShellIntegration::STATE_IS_DEFAULT) { 1185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (delegate_) 1195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) delegate_->BlockRequest(); 1205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return; 1215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // If we get here, either we are not the default or we cannot work out 1245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // what the default is, so we proceed. 1255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (prompt_user_) { 1265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Ask the user if they want to allow the protocol. This will call 1275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // LaunchUrlWithoutSecurityCheck if the user decides to accept the 1285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // protocol. 1295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) RunExternalProtocolDialogWithDelegate(escaped_url_, 1305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) render_process_host_id_, tab_contents_id_, delegate_); 1315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return; 1325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1345d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) LaunchUrlWithoutSecurityCheckWithDelegate( 1355d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) escaped_url_, render_process_host_id_, tab_contents_id_, delegate_); 1365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual bool IsOwnedByWorker() OVERRIDE { return true; } 1395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) private: 1415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ExternalProtocolHandler::Delegate* delegate_; 1425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL escaped_url_; 1435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) int render_process_host_id_; 1445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) int tab_contents_id_; 1455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool prompt_user_; 1465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}; 1475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} // namespace 1495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// static 1515d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)void ExternalProtocolHandler::PrepopulateDictionary( 1525d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) base::DictionaryValue* win_pref) { 1535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) static bool is_warm = false; 1545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (is_warm) 1555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return; 1565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) is_warm = true; 1575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) static const char* const denied_schemes[] = { 1595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "afp", 1605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "data", 1615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "disk", 1625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "disks", 1635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // ShellExecuting file:///C:/WINDOWS/system32/notepad.exe will simply 1645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // execute the file specified! Hopefully we won't see any "file" schemes 1655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // because we think of file:// URLs as handled URLs, but better to be safe 1665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // than to let an attacker format the user's hard drive. 1675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "file", 1685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "hcp", 1695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "javascript", 1705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "ms-help", 1715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "nntp", 1725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "shell", 1735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "vbscript", 1745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // view-source is a special case in chrome. When it comes through an 1755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // iframe or a redirect, it looks like an external protocol, but we don't 1765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // want to shellexecute it. 1775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "view-source", 1785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "vnd.ms.radio", 1795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) }; 1805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) static const char* const allowed_schemes[] = { 1825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "mailto", 1835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "news", 1845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "snews", 1852a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#if defined(OS_WIN) 1862a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) "ms-windows-store", 1872a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#endif 1885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) }; 1895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool should_block; 1915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) for (size_t i = 0; i < arraysize(denied_schemes); ++i) { 1925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (!win_pref->GetBoolean(denied_schemes[i], &should_block)) { 1935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) win_pref->SetBoolean(denied_schemes[i], true); 1945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) for (size_t i = 0; i < arraysize(allowed_schemes); ++i) { 1985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (!win_pref->GetBoolean(allowed_schemes[i], &should_block)) { 1995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) win_pref->SetBoolean(allowed_schemes[i], false); 2005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 2015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 2025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 2035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// static 2055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)ExternalProtocolHandler::BlockState ExternalProtocolHandler::GetBlockState( 2065f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) const std::string& scheme) { 2075f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // If we are being carpet bombed, block the request. 2085f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) if (!g_accept_requests) 2095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return BLOCK; 2105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (scheme.length() == 1) { 2125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // We have a URL that looks something like: 2135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // C:/WINDOWS/system32/notepad.exe 2145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // ShellExecuting this URL will cause the specified program to be executed. 2155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return BLOCK; 2165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 2175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Check the stored prefs. 2195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // TODO(pkasting): http://b/1119651 This kind of thing should go in the 2205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // preferences on the profile, not in the local state. 2215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) PrefService* pref = g_browser_process->local_state(); 2225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (pref) { // May be NULL during testing. 2235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) DictionaryPrefUpdate update_excluded_schemas(pref, prefs::kExcludedSchemes); 2245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Warm up the dictionary if needed. 2265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) PrepopulateDictionary(update_excluded_schemas.Get()); 2275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool should_block; 2295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (update_excluded_schemas->GetBoolean(scheme, &should_block)) 2305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return should_block ? BLOCK : DONT_BLOCK; 2315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 2325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return UNKNOWN; 2345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 2355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// static 2375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void ExternalProtocolHandler::SetBlockState(const std::string& scheme, 2385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) BlockState state) { 2395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Set in the stored prefs. 2405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // TODO(pkasting): http://b/1119651 This kind of thing should go in the 2415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // preferences on the profile, not in the local state. 2425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) PrefService* pref = g_browser_process->local_state(); 2435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (pref) { // May be NULL during testing. 2445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) DictionaryPrefUpdate update_excluded_schemas(pref, prefs::kExcludedSchemes); 2455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (state == UNKNOWN) { 2475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) update_excluded_schemas->Remove(scheme, NULL); 2485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } else { 2495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) update_excluded_schemas->SetBoolean(scheme, (state == BLOCK)); 2505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 2515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 2525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 2535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// static 2555f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)void ExternalProtocolHandler::LaunchUrlWithDelegate(const GURL& url, 2565f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) int render_process_host_id, 2575f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) int tab_contents_id, 2585f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) Delegate* delegate) { 2595d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) DCHECK(base::MessageLoopForUI::IsCurrent()); 2605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Escape the input scheme to be sure that the command does not 2625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // have parameters unexpected by the external program. 2635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string escaped_url_string = net::EscapeExternalHandlerValue(url.spec()); 2645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL escaped_url(escaped_url_string); 2655f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) BlockState block_state = 2665f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) GetBlockStateWithDelegate(escaped_url.scheme(), delegate); 2675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (block_state == BLOCK) { 2685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (delegate) 2695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) delegate->BlockRequest(); 2705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return; 2715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 2725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2735f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) g_accept_requests = false; 2745f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) 2755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // The worker creates tasks with references to itself and puts them into 2765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // message loops. When no tasks are left it will delete the observer and 2775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // eventually be deleted itself. 2785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ShellIntegration::DefaultWebClientObserver* observer = 2795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) new ExternalDefaultProtocolObserver(url, 2805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) render_process_host_id, 2815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) tab_contents_id, 2825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) block_state == UNKNOWN, 2835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) delegate); 2845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) scoped_refptr<ShellIntegration::DefaultProtocolClientWorker> worker = 2855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) CreateShellWorker(observer, escaped_url.scheme(), delegate); 2865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Start the check process running. This will send tasks to the FILE thread 2885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // and when the answer is known will send the result back to the observer on 2895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // the UI thread. 2905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) worker->StartCheckIsDefault(); 2915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 2925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// static 2945d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)void ExternalProtocolHandler::LaunchUrlWithoutSecurityCheck( 2955d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) const GURL& url, 2965d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) int render_process_host_id, 2975d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) int tab_contents_id) { 2985d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) content::WebContents* web_contents = tab_util::GetWebContentsByID( 2995d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) render_process_host_id, tab_contents_id); 3005d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) if (!web_contents) 3015d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return; 3025d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 3035d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) platform_util::OpenExternal( 3045d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) Profile::FromBrowserContext(web_contents->GetBrowserContext()), url); 3055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 3065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 3075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// static 3082a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)void ExternalProtocolHandler::RegisterPrefs(PrefRegistrySimple* registry) { 3092a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) registry->RegisterDictionaryPref(prefs::kExcludedSchemes); 3105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 3115f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) 3125f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)// static 3135f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)void ExternalProtocolHandler::PermitLaunchUrl() { 3145f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) DCHECK(base::MessageLoopForUI::IsCurrent()); 3155f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) g_accept_requests = true; 3165f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)} 317