// Copyright 2023 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include <optional> #include "base/feature_list.h" #include "base/metrics/histogram_functions.h" #include "base/types/optional_util.h" #include "content/public/browser/browser_thread.h" #include "content/public/browser/child_process_security_policy.h" #include "content/public/browser/render_frame_host.h" #include "content/public/browser/render_process_host.h" #include "extensions/browser/api/messaging/channel_endpoint.h" #include "extensions/browser/api/messaging/extension_message_port.h" #include "extensions/browser/api/messaging/message_service.h" #include "extensions/browser/bad_message.h" #include "extensions/browser/extension_util.h" #include "extensions/browser/script_injection_tracker.h" #include "extensions/common/constants.h" #include "extensions/common/extension.h" #include "extensions/common/extension_features.h" #include "extensions/common/trace_util.h" BrowserThread; RenderProcessHost; ChromeTrackEvent; namespace extensions { namespace { // Returns true if `context` corresponds to a sandboxed extension frame. This // can only be true for extension *frames*: extension ServiceWorkers are never // sandboxed, since ServiceWorkers cannot be associated with an opaque origin, // and native contexts cannot be sandboxed since they do not originate from a // renderer process. bool IsPortContextSandboxed(RenderProcessHost& process, const PortContext& context) { … } // Returns true if `source_endpoint` can be legitimately claimed/used by // `process`. Otherwise reports a bad IPC message and returns false (expecting // the caller to not take any action based on the rejected, untrustworthy // `source_endpoint`). `source_context` provides additional information about // the source, such as whether it refers to a frame or a worker. bool IsValidMessagingSource(RenderProcessHost& process, const MessagingEndpoint& source_endpoint, const PortContext& source_context) { … } bool IsValidMessagingTarget(RenderProcessHost& process, const MessagingEndpoint& source_endpoint, const ExtensionId& target_id) { … } // Returns true if `source_context` can be legitimately claimed/used by // `render_process_id`. Otherwise reports a bad IPC message and returns false // (expecting the caller to not take any action based on the rejected, // untrustworthy `source_context`). bool IsValidSourceContext(RenderProcessHost& process, const PortContext& source_context) { … } // Returns true if `source_url` can be legitimately claimed/used by `process`. // Otherwise reports a bad IPC message and returns false (expecting the caller // to not take any action based on the rejected, untrustworthy `source_url`). bool IsValidSourceUrl(content::RenderProcessHost& process, const GURL& source_url, const PortContext& source_context) { … } base::debug::CrashKeyString* GetTargetIdCrashKey() { … } base::debug::CrashKeyString* GetSourceOriginCrashKey() { … } base::debug::CrashKeyString* GetSourceUrlCrashKey() { … } class ScopedExternalConnectionInfoCrashKeys { … }; // Validates whether `source_context` can be legitimately used in the IPC // messages sent from the given renderer `process`. If the validation fails, or // the sender is not associated with an extension, then `nullopt` is returned. // The sender should ignore the IPC when `nullopt` is returned. std::optional<ExtensionId> ValidateSourceContextAndExtractExtensionId( content::RenderProcessHost& process, const PortContext& source_context) { … } } // namespace void MessageService::OpenChannelToExtension( const ChannelEndpoint& source, const PortId& source_port_id, const ExternalConnectionInfo& info, mojom::ChannelType channel_type, const std::string& channel_name, mojo::PendingAssociatedRemote<extensions::mojom::MessagePort> port, mojo::PendingAssociatedReceiver<extensions::mojom::MessagePortHost> port_host) { … } void MessageService::OpenChannelToNativeApp( const ChannelEndpoint& source, const PortId& source_port_id, const std::string& native_app_name, mojo::PendingAssociatedRemote<extensions::mojom::MessagePort> port, mojo::PendingAssociatedReceiver<extensions::mojom::MessagePortHost> port_host) { … } void MessageService::OpenChannelToTab( const ChannelEndpoint& source, const PortId& source_port_id, int tab_id, int frame_id, const std::string& document_id, mojom::ChannelType channel_type, const std::string& channel_name, mojo::PendingAssociatedRemote<extensions::mojom::MessagePort> port, mojo::PendingAssociatedReceiver<extensions::mojom::MessagePortHost> port_host) { … } void MessageService::OpenPort(RenderProcessHost* process, const PortId& port_id, const PortContext& source) { … } void MessageService::ClosePort(RenderProcessHost* process, const PortId& port_id, const PortContext& port_context, bool force_close) { … } void MessageService::NotifyResponsePending(RenderProcessHost* process, const PortId& port_id, const PortContext& port_context) { … } } // namespace extensions
Codebase Browser
chromium