1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/plugins/plugin_info_message_filter.h"
8 #include "base/memory/scoped_ptr.h"
9 #include "base/metrics/histogram.h"
10 #include "base/prefs/pref_service.h"
11 #include "base/strings/utf_string_conversions.h"
12 #include "chrome/browser/content_settings/content_settings_utils.h"
13 #include "chrome/browser/content_settings/host_content_settings_map.h"
14 #include "chrome/browser/plugins/chrome_plugin_service_filter.h"
15 #include "chrome/browser/plugins/plugin_finder.h"
16 #include "chrome/browser/plugins/plugin_metadata.h"
17 #include "chrome/browser/plugins/plugin_prefs.h"
18 #include "chrome/browser/profiles/profile.h"
19 #include "chrome/common/pref_names.h"
20 #include "chrome/common/render_messages.h"
21 #include "components/content_settings/core/common/content_settings.h"
22 #include "content/public/browser/browser_thread.h"
23 #include "content/public/browser/plugin_service.h"
24 #include "content/public/browser/plugin_service_filter.h"
27 #include "widevine_cdm_version.h" // In SHARED_INTERMEDIATE_DIR.
29 #if defined(ENABLE_EXTENSIONS)
30 #include "extensions/browser/guest_view/web_view/web_view_renderer_state.h"
34 #include "base/win/metro.h"
37 #if !defined(DISABLE_NACL)
38 #include "components/nacl/common/nacl_constants.h"
41 using content::PluginService;
42 using content::WebPluginInfo;
46 // For certain sandboxed Pepper plugins, use the JavaScript Content Settings.
47 bool ShouldUseJavaScriptSettingForPlugin(const WebPluginInfo& plugin) {
48 if (plugin.type != WebPluginInfo::PLUGIN_TYPE_PEPPER_IN_PROCESS &&
49 plugin.type != WebPluginInfo::PLUGIN_TYPE_PEPPER_OUT_OF_PROCESS) {
53 #if !defined(DISABLE_NACL)
54 // Treat Native Client invocations like JavaScript.
55 if (plugin.name == base::ASCIIToUTF16(nacl::kNaClPluginName))
59 #if defined(WIDEVINE_CDM_AVAILABLE) && defined(ENABLE_PEPPER_CDMS)
60 // Treat CDM invocations like JavaScript.
61 if (plugin.name == base::ASCIIToUTF16(kWidevineCdmDisplayName)) {
62 DCHECK(plugin.type == WebPluginInfo::PLUGIN_TYPE_PEPPER_OUT_OF_PROCESS);
65 #endif // defined(WIDEVINE_CDM_AVAILABLE) && defined(ENABLE_PEPPER_CDMS)
70 #if defined(ENABLE_PEPPER_CDMS)
72 enum PluginAvailabilityStatusForUMA {
73 PLUGIN_NOT_REGISTERED,
76 PLUGIN_AVAILABILITY_STATUS_MAX
79 static void SendPluginAvailabilityUMA(const std::string& mime_type,
80 PluginAvailabilityStatusForUMA status) {
81 #if defined(WIDEVINE_CDM_AVAILABLE)
82 // Only report results for Widevine CDM.
83 if (mime_type != kWidevineCdmPluginMimeType)
86 UMA_HISTOGRAM_ENUMERATION("Plugin.AvailabilityStatus.WidevineCdm",
87 status, PLUGIN_AVAILABILITY_STATUS_MAX);
88 #endif // defined(WIDEVINE_CDM_AVAILABLE)
91 #endif // defined(ENABLE_PEPPER_CDMS)
95 PluginInfoMessageFilter::Context::Context(int render_process_id,
97 : render_process_id_(render_process_id),
98 resource_context_(profile->GetResourceContext()),
99 host_content_settings_map_(profile->GetHostContentSettingsMap()),
100 plugin_prefs_(PluginPrefs::GetForProfile(profile)) {
101 allow_outdated_plugins_.Init(prefs::kPluginsAllowOutdated,
102 profile->GetPrefs());
103 allow_outdated_plugins_.MoveToThread(
104 content::BrowserThread::GetMessageLoopProxyForThread(
105 content::BrowserThread::IO));
106 always_authorize_plugins_.Init(prefs::kPluginsAlwaysAuthorize,
107 profile->GetPrefs());
108 always_authorize_plugins_.MoveToThread(
109 content::BrowserThread::GetMessageLoopProxyForThread(
110 content::BrowserThread::IO));
113 PluginInfoMessageFilter::Context::~Context() {
116 PluginInfoMessageFilter::PluginInfoMessageFilter(
117 int render_process_id,
119 : BrowserMessageFilter(ChromeMsgStart),
120 context_(render_process_id, profile),
121 weak_ptr_factory_(this) {
124 bool PluginInfoMessageFilter::OnMessageReceived(const IPC::Message& message) {
125 IPC_BEGIN_MESSAGE_MAP(PluginInfoMessageFilter, message)
126 IPC_MESSAGE_HANDLER_DELAY_REPLY(ChromeViewHostMsg_GetPluginInfo,
128 #if defined(ENABLE_PEPPER_CDMS)
130 ChromeViewHostMsg_IsInternalPluginAvailableForMimeType,
131 OnIsInternalPluginAvailableForMimeType)
133 IPC_MESSAGE_UNHANDLED(return false)
134 IPC_END_MESSAGE_MAP()
138 void PluginInfoMessageFilter::OnDestruct() const {
139 const_cast<PluginInfoMessageFilter*>(this)->
140 weak_ptr_factory_.InvalidateWeakPtrs();
142 // Destroy on the UI thread because we contain a |PrefMember|.
143 content::BrowserThread::DeleteOnUIThread::Destruct(this);
146 PluginInfoMessageFilter::~PluginInfoMessageFilter() {}
148 struct PluginInfoMessageFilter::GetPluginInfo_Params {
152 std::string mime_type;
155 void PluginInfoMessageFilter::OnGetPluginInfo(
158 const GURL& top_origin_url,
159 const std::string& mime_type,
160 IPC::Message* reply_msg) {
161 GetPluginInfo_Params params = {
167 PluginService::GetInstance()->GetPlugins(
168 base::Bind(&PluginInfoMessageFilter::PluginsLoaded,
169 weak_ptr_factory_.GetWeakPtr(),
173 void PluginInfoMessageFilter::PluginsLoaded(
174 const GetPluginInfo_Params& params,
175 IPC::Message* reply_msg,
176 const std::vector<WebPluginInfo>& plugins) {
177 ChromeViewHostMsg_GetPluginInfo_Output output;
178 // This also fills in |actual_mime_type|.
179 scoped_ptr<PluginMetadata> plugin_metadata;
180 if (context_.FindEnabledPlugin(params.render_frame_id, params.url,
181 params.top_origin_url, params.mime_type,
182 &output.status, &output.plugin,
183 &output.actual_mime_type,
185 context_.DecidePluginStatus(params, output.plugin, plugin_metadata.get(),
189 if (plugin_metadata) {
190 output.group_identifier = plugin_metadata->identifier();
191 output.group_name = plugin_metadata->name();
194 context_.MaybeGrantAccess(output.status, output.plugin.path);
196 ChromeViewHostMsg_GetPluginInfo::WriteReplyParams(reply_msg, output);
200 #if defined(ENABLE_PEPPER_CDMS)
202 void PluginInfoMessageFilter::OnIsInternalPluginAvailableForMimeType(
203 const std::string& mime_type,
205 std::vector<base::string16>* additional_param_names,
206 std::vector<base::string16>* additional_param_values) {
207 std::vector<WebPluginInfo> plugins;
208 PluginService::GetInstance()->GetInternalPlugins(&plugins);
210 bool is_plugin_disabled = false;
211 for (size_t i = 0; i < plugins.size(); ++i) {
212 const WebPluginInfo& plugin = plugins[i];
213 const std::vector<content::WebPluginMimeType>& mime_types =
215 for (size_t j = 0; j < mime_types.size(); ++j) {
216 if (mime_types[j].mime_type == mime_type) {
217 if (!context_.IsPluginEnabled(plugin)) {
218 is_plugin_disabled = true;
222 *is_available = true;
223 *additional_param_names = mime_types[j].additional_param_names;
224 *additional_param_values = mime_types[j].additional_param_values;
225 SendPluginAvailabilityUMA(mime_type, PLUGIN_AVAILABLE);
231 *is_available = false;
232 SendPluginAvailabilityUMA(
233 mime_type, is_plugin_disabled ? PLUGIN_DISABLED : PLUGIN_NOT_REGISTERED);
236 #endif // defined(ENABLE_PEPPER_CDMS)
238 void PluginInfoMessageFilter::Context::DecidePluginStatus(
239 const GetPluginInfo_Params& params,
240 const WebPluginInfo& plugin,
241 const PluginMetadata* plugin_metadata,
242 ChromeViewHostMsg_GetPluginInfo_Status* status) const {
244 if (plugin.type == WebPluginInfo::PLUGIN_TYPE_NPAPI &&
245 base::win::IsMetroProcess()) {
247 ChromeViewHostMsg_GetPluginInfo_Status::kNPAPINotSupported;
251 if (plugin.type == WebPluginInfo::PLUGIN_TYPE_NPAPI) {
252 CHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO));
253 // NPAPI plugins are not supported inside <webview> guests.
254 #if defined(ENABLE_EXTENSIONS)
255 if (extensions::WebViewRendererState::GetInstance()->IsGuest(
256 render_process_id_)) {
258 ChromeViewHostMsg_GetPluginInfo_Status::kNPAPINotSupported;
264 ContentSetting plugin_setting = CONTENT_SETTING_DEFAULT;
265 bool uses_default_content_setting = true;
266 bool is_managed = false;
267 // Check plug-in content settings. The primary URL is the top origin URL and
268 // the secondary URL is the plug-in URL.
269 GetPluginContentSetting(plugin, params.top_origin_url, params.url,
270 plugin_metadata->identifier(), &plugin_setting,
271 &uses_default_content_setting, &is_managed);
272 DCHECK(plugin_setting != CONTENT_SETTING_DEFAULT);
274 PluginMetadata::SecurityStatus plugin_status =
275 plugin_metadata->GetSecurityStatus(plugin);
276 #if defined(ENABLE_PLUGIN_INSTALLATION)
277 // Check if the plug-in is outdated.
278 if (plugin_status == PluginMetadata::SECURITY_STATUS_OUT_OF_DATE &&
279 !allow_outdated_plugins_.GetValue()) {
280 if (allow_outdated_plugins_.IsManaged()) {
282 ChromeViewHostMsg_GetPluginInfo_Status::kOutdatedDisallowed;
284 status->value = ChromeViewHostMsg_GetPluginInfo_Status::kOutdatedBlocked;
289 // Check if the plug-in or its group is enabled by policy.
290 PluginPrefs::PolicyStatus plugin_policy =
291 plugin_prefs_->PolicyStatusForPlugin(plugin.name);
292 PluginPrefs::PolicyStatus group_policy =
293 plugin_prefs_->PolicyStatusForPlugin(plugin_metadata->name());
295 // Check if the plug-in requires authorization.
297 PluginMetadata::SECURITY_STATUS_REQUIRES_AUTHORIZATION &&
298 plugin.type != WebPluginInfo::PLUGIN_TYPE_PEPPER_IN_PROCESS &&
299 plugin.type != WebPluginInfo::PLUGIN_TYPE_PEPPER_OUT_OF_PROCESS &&
300 !always_authorize_plugins_.GetValue() &&
301 plugin_setting != CONTENT_SETTING_BLOCK &&
302 uses_default_content_setting &&
303 plugin_policy != PluginPrefs::POLICY_ENABLED &&
304 group_policy != PluginPrefs::POLICY_ENABLED &&
305 !ChromePluginServiceFilter::GetInstance()->IsPluginRestricted(
307 status->value = ChromeViewHostMsg_GetPluginInfo_Status::kUnauthorized;
311 // Check if the plug-in is crashing too much.
312 if (PluginService::GetInstance()->IsPluginUnstable(plugin.path) &&
313 !always_authorize_plugins_.GetValue() &&
314 plugin_setting != CONTENT_SETTING_BLOCK &&
315 uses_default_content_setting) {
316 status->value = ChromeViewHostMsg_GetPluginInfo_Status::kUnauthorized;
320 if (plugin_setting == CONTENT_SETTING_ASK) {
321 status->value = ChromeViewHostMsg_GetPluginInfo_Status::kClickToPlay;
322 } else if (plugin_setting == CONTENT_SETTING_BLOCK) {
324 is_managed ? ChromeViewHostMsg_GetPluginInfo_Status::kBlockedByPolicy
325 : ChromeViewHostMsg_GetPluginInfo_Status::kBlocked;
328 if (status->value == ChromeViewHostMsg_GetPluginInfo_Status::kAllowed) {
329 // Allow an embedder of <webview> to block a plugin from being loaded inside
330 // the guest. In order to do this, set the status to 'Unauthorized' here,
331 // and update the status as appropriate depending on the response from the
333 #if defined(ENABLE_EXTENSIONS)
334 if (extensions::WebViewRendererState::GetInstance()->IsGuest(
336 status->value = ChromeViewHostMsg_GetPluginInfo_Status::kUnauthorized;
342 bool PluginInfoMessageFilter::Context::FindEnabledPlugin(
345 const GURL& top_origin_url,
346 const std::string& mime_type,
347 ChromeViewHostMsg_GetPluginInfo_Status* status,
348 WebPluginInfo* plugin,
349 std::string* actual_mime_type,
350 scoped_ptr<PluginMetadata>* plugin_metadata) const {
351 bool allow_wildcard = true;
352 std::vector<WebPluginInfo> matching_plugins;
353 std::vector<std::string> mime_types;
354 PluginService::GetInstance()->GetPluginInfoArray(
355 url, mime_type, allow_wildcard, &matching_plugins, &mime_types);
356 if (matching_plugins.empty()) {
357 status->value = ChromeViewHostMsg_GetPluginInfo_Status::kNotFound;
361 content::PluginServiceFilter* filter =
362 PluginService::GetInstance()->GetFilter();
364 for (; i < matching_plugins.size(); ++i) {
365 if (!filter || filter->IsPluginAvailable(render_process_id_,
370 &matching_plugins[i])) {
375 // If we broke out of the loop, we have found an enabled plug-in.
376 bool enabled = i < matching_plugins.size();
378 // Otherwise, we only found disabled plug-ins, so we take the first one.
380 status->value = ChromeViewHostMsg_GetPluginInfo_Status::kDisabled;
383 *plugin = matching_plugins[i];
384 *actual_mime_type = mime_types[i];
386 *plugin_metadata = PluginFinder::GetInstance()->GetPluginMetadata(*plugin);
391 void PluginInfoMessageFilter::Context::GetPluginContentSetting(
392 const WebPluginInfo& plugin,
393 const GURL& policy_url,
394 const GURL& plugin_url,
395 const std::string& resource,
396 ContentSetting* setting,
397 bool* uses_default_content_setting,
398 bool* is_managed) const {
399 scoped_ptr<base::Value> value;
400 content_settings::SettingInfo info;
401 bool uses_plugin_specific_setting = false;
402 if (ShouldUseJavaScriptSettingForPlugin(plugin)) {
403 value = host_content_settings_map_->GetWebsiteSetting(
406 CONTENT_SETTINGS_TYPE_JAVASCRIPT,
410 content_settings::SettingInfo specific_info;
411 scoped_ptr<base::Value> specific_setting =
412 host_content_settings_map_->GetWebsiteSetting(
415 CONTENT_SETTINGS_TYPE_PLUGINS,
418 content_settings::SettingInfo general_info;
419 scoped_ptr<base::Value> general_setting =
420 host_content_settings_map_->GetWebsiteSetting(
423 CONTENT_SETTINGS_TYPE_PLUGINS,
427 // If there is a plugin-specific setting, we use it, unless the general
428 // setting was set by policy, in which case it takes precedence.
429 uses_plugin_specific_setting = specific_setting &&
430 (general_info.source != content_settings::SETTING_SOURCE_POLICY);
431 if (uses_plugin_specific_setting) {
432 value = specific_setting.Pass();
433 info = specific_info;
435 value = general_setting.Pass();
439 *setting = content_settings::ValueToContentSetting(value.get());
440 *uses_default_content_setting =
441 !uses_plugin_specific_setting &&
442 info.primary_pattern == ContentSettingsPattern::Wildcard() &&
443 info.secondary_pattern == ContentSettingsPattern::Wildcard();
444 *is_managed = info.source == content_settings::SETTING_SOURCE_POLICY;
447 void PluginInfoMessageFilter::Context::MaybeGrantAccess(
448 const ChromeViewHostMsg_GetPluginInfo_Status& status,
449 const base::FilePath& path) const {
450 if (status.value == ChromeViewHostMsg_GetPluginInfo_Status::kAllowed ||
451 status.value == ChromeViewHostMsg_GetPluginInfo_Status::kClickToPlay) {
452 ChromePluginServiceFilter::GetInstance()->AuthorizePlugin(
453 render_process_id_, path);
457 bool PluginInfoMessageFilter::Context::IsPluginEnabled(
458 const content::WebPluginInfo& plugin) const {
459 return plugin_prefs_->IsPluginEnabled(plugin);