diff options
Diffstat (limited to 'Source/WebKit2/PluginProcess')
4 files changed, 49 insertions, 0 deletions
diff --git a/Source/WebKit2/PluginProcess/PluginControllerProxy.cpp b/Source/WebKit2/PluginProcess/PluginControllerProxy.cpp index 2ad41daa5..31a5d61a6 100644 --- a/Source/WebKit2/PluginProcess/PluginControllerProxy.cpp +++ b/Source/WebKit2/PluginProcess/PluginControllerProxy.cpp @@ -563,6 +563,14 @@ void PluginControllerProxy::getPluginScriptableNPObject(uint64_t& pluginScriptab releaseNPObject(pluginScriptableNPObject); } +void PluginControllerProxy::storageBlockingStateChanged(bool isStorageBlockingEnabled) +{ + if (m_storageBlockingEnabled != isStorageBlockingEnabled) { + m_storageBlockingEnabled = isStorageBlockingEnabled; + m_plugin->storageBlockingStateChanged(m_storageBlockingEnabled); + } +} + void PluginControllerProxy::privateBrowsingStateChanged(bool isPrivateBrowsingEnabled) { m_isPrivateBrowsingEnabled = isPrivateBrowsingEnabled; diff --git a/Source/WebKit2/PluginProcess/PluginControllerProxy.h b/Source/WebKit2/PluginProcess/PluginControllerProxy.h index a9d35a663..b4a40673e 100644 --- a/Source/WebKit2/PluginProcess/PluginControllerProxy.h +++ b/Source/WebKit2/PluginProcess/PluginControllerProxy.h @@ -35,6 +35,7 @@ #include "ShareableBitmap.h" #include "WebProcessConnectionMessages.h" #include <WebCore/RunLoop.h> +#include <WebCore/SecurityOrigin.h> #include <wtf/Noncopyable.h> namespace CoreIPC { @@ -152,6 +153,7 @@ private: void updateLayerHostingContext(LayerHostingMode); #endif + void storageBlockingStateChanged(bool); void privateBrowsingStateChanged(bool); void getFormValue(bool& returnValue, String& formValue); @@ -163,6 +165,7 @@ private: uint64_t m_pluginInstanceID; String m_userAgent; + bool m_storageBlockingEnabled; bool m_isPrivateBrowsingEnabled; bool m_isAcceleratedCompositingEnabled; bool m_isInitializing; diff --git a/Source/WebKit2/PluginProcess/PluginControllerProxy.messages.in b/Source/WebKit2/PluginProcess/PluginControllerProxy.messages.in index 371bee237..d7c2d02b2 100644 --- a/Source/WebKit2/PluginProcess/PluginControllerProxy.messages.in +++ b/Source/WebKit2/PluginProcess/PluginControllerProxy.messages.in @@ -106,6 +106,9 @@ messages -> PluginControllerProxy { # Return a snapshot of the plugin Snapshot() -> (WebKit::ShareableBitmap::Handle backingStoreHandle) + # Sent when storage blocking policy changes + StorageBlockingStateChanged(bool storageBlockingEnabled) + # Sent when private browsing is enabled or disabled PrivateBrowsingStateChanged(bool isPrivateBrowsingEnabled) diff --git a/Source/WebKit2/PluginProcess/mac/PluginProcessMac.mm b/Source/WebKit2/PluginProcess/mac/PluginProcessMac.mm index f4e834c57..7a8cb35f4 100644 --- a/Source/WebKit2/PluginProcess/mac/PluginProcessMac.mm +++ b/Source/WebKit2/PluginProcess/mac/PluginProcessMac.mm @@ -39,6 +39,10 @@ #import <objc/runtime.h> #import <wtf/HashSet.h> +#if __MAC_OS_X_VERSION_MIN_REQUIRED >= 1070 +#import "NetscapeSandboxFunctions.h" +#endif + namespace WebKit { static pthread_once_t shouldCallRealDebuggerOnce = PTHREAD_ONCE_INIT; @@ -262,6 +266,33 @@ void PluginProcess::setFullscreenWindowIsShowing(bool fullscreenWindowIsShowing) m_connection->send(Messages::PluginProcessProxy::SetFullscreenWindowIsShowing(fullscreenWindowIsShowing), 0); } +#if __MAC_OS_X_VERSION_MIN_REQUIRED >= 1070 +static void initializeSandbox(const String& pluginPath) +{ + RetainPtr<CFStringRef> cfPluginPath = adoptCF(pluginPath.createCFString()); + RetainPtr<CFURLRef> pluginURL = adoptCF(CFURLCreateWithFileSystemPath(0, cfPluginPath.get(), kCFURLPOSIXPathStyle, false)); + if (!pluginURL) + return; + + RetainPtr<CFBundleRef> pluginBundle = adoptCF(CFBundleCreate(kCFAllocatorDefault, pluginURL.get())); + if (!pluginBundle) + return; + + CFStringRef bundleIdentifier = CFBundleGetIdentifier(pluginBundle.get()); + if (!bundleIdentifier) + return; + + RetainPtr<CFStringRef> sandboxFileName = CFStringCreateWithFormat(0, 0, CFSTR("%@.sb"), bundleIdentifier); + RetainPtr<CFURLRef> pluginSandboxDirectory = adoptCF(CFURLCreateWithFileSystemPath(0, CFSTR("/usr/share/sandbox/"), kCFURLPOSIXPathStyle, YES)); + RetainPtr<CFURLRef> sandboxURL = adoptCF(CFURLCreateWithFileSystemPathRelativeToBase(0, sandboxFileName.get(), kCFURLPOSIXPathStyle, FALSE, pluginSandboxDirectory.get())); + RetainPtr<NSString> profileString = [[NSString alloc] initWithContentsOfURL:(NSURL *)sandboxURL.get() encoding:NSUTF8StringEncoding error:NULL]; + if (!profileString) + return; + + enterSandbox([profileString.get() UTF8String], 0, 0); +} +#endif + void PluginProcess::platformInitialize(const PluginProcessCreationParameters& parameters) { m_compositingRenderServerPort = parameters.acceleratedCompositingPort.port(); @@ -273,6 +304,10 @@ void PluginProcess::platformInitialize(const PluginProcessCreationParameters& pa (NSString *)parameters.parentProcessName]; WKSetVisibleApplicationName((CFStringRef)applicationName); + +#if __MAC_OS_X_VERSION_MIN_REQUIRED >= 1070 + initializeSandbox(m_pluginPath); +#endif } } // namespace WebKit |