Google Git
Sign in
chromium / chromium / src / c35893ff6747db28481412e2311127ccb4619cbe / . / extensions / browser / renderer_startup_helper.cc
blob: 48bbd33246c3a6bfb783070dbce639735a57a70a [file] [log] [blame]
// Copyright 2014 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "extensions/browser/renderer_startup_helper.h"
#include <utility>
#include <vector>
#include "base/callback_helpers.h"
#include "base/containers/contains.h"
#include "base/debug/dump_without_crashing.h"
#include "base/feature_list.h"
#include "base/strings/string_util.h"
#include "base/values.h"
#include "components/keyed_service/content/browser_context_dependency_manager.h"
#include "content/public/browser/browser_context.h"
#include "content/public/browser/notification_service.h"
#include "content/public/browser/notification_types.h"
#include "content/public/browser/render_process_host.h"
#include "extensions/browser/extension_function_dispatcher.h"
#include "extensions/browser/extension_registry.h"
#include "extensions/browser/extension_util.h"
#include "extensions/browser/extensions_browser_client.h"
#include "extensions/browser/guest_view/web_view/web_view_guest.h"
#include "extensions/browser/service_worker_task_queue.h"
#include "extensions/common/activation_sequence.h"
#include "extensions/common/cors_util.h"
#include "extensions/common/extension_messages.h"
#include "extensions/common/extension_set.h"
#include "extensions/common/extensions_client.h"
#include "extensions/common/features/feature_channel.h"
#include "extensions/common/features/feature_session_type.h"
#include "extensions/common/manifest_handlers/background_info.h"
#include "extensions/common/permissions/permissions_data.h"
#include "ui/base/webui/web_ui_util.h"
#include "url/origin.h"
using content::BrowserContext;
namespace extensions {
namespace {
// Returns the current ActivationSequence of |extension| if the extension is
// Service Worker-based, otherwise returns absl::nullopt.
absl::optional<ActivationSequence> GetWorkerActivationSequence(
BrowserContext* browser_context,
const Extension& extension) {
if (BackgroundInfo::IsServiceWorkerBased(&extension)) {
return ServiceWorkerTaskQueue::Get(browser_context)
->GetCurrentSequence(extension.id());
}
return absl::nullopt;
}
PermissionSet CreatePermissionSet(const PermissionSet& set) {
return PermissionSet(set.apis().Clone(), set.manifest_permissions().Clone(),
set.explicit_hosts().Clone(),
set.scriptable_hosts().Clone());
}
mojom::ExtensionLoadedParamsPtr CreateExtensionLoadedParams(
const Extension& extension,
bool include_tab_permissions,
BrowserContext* browser_context) {
const PermissionsData* permissions_data = extension.permissions_data();
base::flat_map<int, PermissionSet> tab_specific_permissions;
if (include_tab_permissions) {
for (const auto& pair : permissions_data->tab_specific_permissions()) {
tab_specific_permissions[pair.first] = CreatePermissionSet(*pair.second);
}
}
return mojom::ExtensionLoadedParams::New(
static_cast<base::DictionaryValue&&>(
extension.manifest()->value()->Clone()),
extension.location(), extension.path(),
CreatePermissionSet(permissions_data->active_permissions()),
CreatePermissionSet(permissions_data->withheld_permissions()),
std::move(tab_specific_permissions),
permissions_data->policy_blocked_hosts(),
permissions_data->policy_allowed_hosts(),
permissions_data->UsesDefaultPolicyHostRestrictions(), extension.id(),
GetWorkerActivationSequence(browser_context, extension),
extension.creation_flags(), extension.guid());
}
} // namespace
RendererStartupHelper::RendererStartupHelper(BrowserContext* browser_context)
: browser_context_(browser_context) {
DCHECK(browser_context);
}
RendererStartupHelper::~RendererStartupHelper() {
for (auto& process_entry : process_mojo_map_)
process_entry.first->RemoveObserver(this);
}
void RendererStartupHelper::OnRenderProcessHostCreated(
content::RenderProcessHost* host) {
InitializeProcess(host);
}
void RendererStartupHelper::RenderProcessExited(
content::RenderProcessHost* host,
const content::ChildProcessTerminationInfo& info) {
UntrackProcess(host);
}
void RendererStartupHelper::RenderProcessHostDestroyed(
content::RenderProcessHost* host) {
UntrackProcess(host);
}
void RendererStartupHelper::InitializeProcess(
content::RenderProcessHost* process) {
ExtensionsBrowserClient* client = ExtensionsBrowserClient::Get();
if (!client->IsSameContext(browser_context_, process->GetBrowserContext()))
return;
mojom::Renderer* renderer =
process_mojo_map_.emplace(process, BindNewRendererRemote(process))
.first->second.get();
process->AddObserver(this);
bool activity_logging_enabled =
client->IsActivityLoggingEnabled(process->GetBrowserContext());
// We only send the ActivityLoggingEnabled message if it is enabled; otherwise
// the default (not enabled) is correct.
if (activity_logging_enabled)
renderer->SetActivityLoggingEnabled(activity_logging_enabled);
// Extensions need to know the channel and the session type for API
// restrictions. The values are sent to all renderers, as the non-extension
// renderers may have content scripts.
bool is_lock_screen_context =
client->IsLockScreenContext(process->GetBrowserContext());
renderer->SetSessionInfo(GetCurrentChannel(), GetCurrentFeatureSessionType(),
is_lock_screen_context);
// Platform apps need to know the system font.
// TODO(dbeam): this is not the system font in all cases.
renderer->SetSystemFont(webui::GetFontFamily(), webui::GetFontSize());
// Scripting allowlist. This is modified by tests and must be communicated
// to renderers.
renderer->SetScriptingAllowlist(
ExtensionsClient::Get()->GetScriptingAllowlist());
// If the new render process is a WebView guest process, propagate the WebView
// partition ID to it.
std::string webview_partition_id = WebViewGuest::GetPartitionID(process);
if (!webview_partition_id.empty()) {
renderer->SetWebViewPartitionID(webview_partition_id);
}
BrowserContext* renderer_context = process->GetBrowserContext();
// Load default policy_blocked_hosts and policy_allowed_hosts settings, part
// of the ExtensionSettings policy.
int context_id = util::GetBrowserContextId(renderer_context);
renderer->UpdateDefaultPolicyHostRestrictions(
PermissionsData::GetDefaultPolicyBlockedHosts(context_id),
PermissionsData::GetDefaultPolicyAllowedHosts(context_id));
// Loaded extensions.
std::vector<mojom::ExtensionLoadedParamsPtr> loaded_extensions;
const ExtensionSet& extensions =
ExtensionRegistry::Get(browser_context_)->enabled_extensions();
for (const auto& ext : extensions) {
// OnExtensionLoaded should have already been called for the extension.
DCHECK(base::Contains(extension_process_map_, ext->id()));
DCHECK(!base::Contains(extension_process_map_[ext->id()], process));
if (!util::IsExtensionVisibleToContext(*ext, renderer_context))
continue;
// TODO(kalman): Only include tab specific permissions for extension
// processes, no other process needs it, so it's mildly wasteful.
// I am not sure this is possible to know this here, at such a low
// level of the stack. Perhaps site isolation can help.
loaded_extensions.push_back(CreateExtensionLoadedParams(
*ext, true /* include tab permissions*/, renderer_context));
extension_process_map_[ext->id()].insert(process);
}
// Activate pending extensions.
renderer->LoadExtensions(std::move(loaded_extensions));
auto iter = pending_active_extensions_.find(process);
if (iter != pending_active_extensions_.end()) {
for (const ExtensionId& id : iter->second) {
// The extension should be loaded in the process.
DCHECK(extensions.Contains(id));
DCHECK(base::Contains(extension_process_map_, id));
DCHECK(base::Contains(extension_process_map_[id], process));
renderer->ActivateExtension(id);
}
}
pending_active_extensions_.erase(process);
}
void RendererStartupHelper::UntrackProcess(
content::RenderProcessHost* process) {
if (!ExtensionsBrowserClient::Get()->IsSameContext(
browser_context_, process->GetBrowserContext())) {
return;
}
process->RemoveObserver(this);
process_mojo_map_.erase(process);
pending_active_extensions_.erase(process);
for (auto& extension_process_pair : extension_process_map_)
extension_process_pair.second.erase(process);
}
void RendererStartupHelper::ActivateExtensionInProcess(
const Extension& extension,
content::RenderProcessHost* process) {
// The extension should have been loaded already. Dump without crashing to
// debug crbug.com/528026.
if (!base::Contains(extension_process_map_, extension.id())) {
#if DCHECK_IS_ON()
NOTREACHED() << "Extension " << extension.id()
<< "activated before loading";
#else
base::debug::DumpWithoutCrashing();
return;
#endif
}
if (!util::IsExtensionVisibleToContext(extension,
process->GetBrowserContext()))
return;
// Populate NetworkContext's OriginAccessList for this extension.
//
// Doing it in ActivateExtensionInProcess rather than in OnExtensionLoaded
// ensures that we cover both the regular profile and incognito profiles. See
// also https://crbug.com/1197798.
//
// This is guaranteed to happen before the extension can make any network
// requests (so there is no race) because ActivateExtensionInProcess will
// always be called before creating URLLoaderFactory for any extension frames
// that might be eventually hosted inside the renderer `process` (this
// Browser-side ordering will be replicated within the NetworkService because
// SetCorsOriginAccessListsForOrigin and CreateURLLoaderFactory are 2 methods
// of the same mojom::NetworkContext interface).
util::SetCorsOriginAccessListForExtension({process->GetBrowserContext()},
extension, base::DoNothing::Once());
auto remote = process_mojo_map_.find(process);
if (remote != process_mojo_map_.end()) {
DCHECK(base::Contains(extension_process_map_[extension.id()], process));
remote->second->ActivateExtension(extension.id());
} else {
pending_active_extensions_[process].insert(extension.id());
}
}
void RendererStartupHelper::OnExtensionLoaded(const Extension& extension) {
// Extension was already loaded.
// TODO(crbug.com/708230): Ensure that clients don't call this for an
// already loaded extension and change this to a DCHECK.
if (base::Contains(extension_process_map_, extension.id()))
return;
// Mark the extension as loaded.
std::set<content::RenderProcessHost*>& loaded_process_set =
extension_process_map_[extension.id()];
// util::IsExtensionVisibleToContext() would filter out themes, but we choose
// to return early for performance reasons.
if (extension.is_theme())
return;
for (auto& process_entry : process_mojo_map_) {
content::RenderProcessHost* process = process_entry.first;
if (!util::IsExtensionVisibleToContext(extension,
process->GetBrowserContext()))
continue;
// We don't need to include tab permissions here, since the extension
// was just loaded.
// Uninitialized renderers will be informed of the extension load during the
// first batch of messages.
std::vector<mojom::ExtensionLoadedParamsPtr> params;
params.emplace_back(CreateExtensionLoadedParams(
extension, false /* no tab permissions */, browser_context_));
mojom::Renderer* renderer = GetRenderer(process);
if (renderer)
renderer->LoadExtensions(std::move(params));
loaded_process_set.insert(process);
}
}
void RendererStartupHelper::OnExtensionUnloaded(const Extension& extension) {
// Extension is not loaded.
// TODO(crbug.com/708230): Ensure that clients call this for a loaded
// extension only and change this to a DCHECK.
if (!base::Contains(extension_process_map_, extension.id()))
return;
const std::set<content::RenderProcessHost*>& loaded_process_set =
extension_process_map_[extension.id()];
for (content::RenderProcessHost* process : loaded_process_set) {
mojom::Renderer* renderer = GetRenderer(process);
if (renderer)
renderer->UnloadExtension(extension.id());
}
// Resets registered origin access lists in the BrowserContext asynchronously.
util::ResetCorsOriginAccessListForExtension(browser_context_, extension);
for (auto& process_extensions_pair : pending_active_extensions_)
process_extensions_pair.second.erase(extension.id());
// Mark the extension as unloaded.
extension_process_map_.erase(extension.id());
}
mojo::PendingAssociatedRemote<mojom::Renderer>
RendererStartupHelper::BindNewRendererRemote(
content::RenderProcessHost* process) {
mojo::AssociatedRemote<mojom::Renderer> renderer_interface;
process->GetChannel()->GetRemoteAssociatedInterface(&renderer_interface);
return renderer_interface.Unbind();
}
mojom::Renderer* RendererStartupHelper::GetRenderer(
content::RenderProcessHost* process) {
auto it = process_mojo_map_.find(process);
if (it == process_mojo_map_.end())
return nullptr;
return it->second.get();
}
//////////////////////////////////////////////////////////////////////////////
// static
RendererStartupHelper* RendererStartupHelperFactory::GetForBrowserContext(
BrowserContext* context) {
return static_cast<RendererStartupHelper*>(
GetInstance()->GetServiceForBrowserContext(context, true));
}
// static
RendererStartupHelperFactory* RendererStartupHelperFactory::GetInstance() {
return base::Singleton<RendererStartupHelperFactory>::get();
}
RendererStartupHelperFactory::RendererStartupHelperFactory()
: BrowserContextKeyedServiceFactory(
"RendererStartupHelper",
BrowserContextDependencyManager::GetInstance()) {
// No dependencies on other services.
}
RendererStartupHelperFactory::~RendererStartupHelperFactory() {}
KeyedService* RendererStartupHelperFactory::BuildServiceInstanceFor(
content::BrowserContext* context) const {
return new RendererStartupHelper(context);
}
BrowserContext* RendererStartupHelperFactory::GetBrowserContextToUse(
BrowserContext* context) const {
// Redirected in incognito.
return ExtensionsBrowserClient::Get()->GetOriginalContext(context);
}
bool RendererStartupHelperFactory::ServiceIsCreatedWithBrowserContext() const {
return true;
}
} // namespace extensions