2012-09-06 14:52:17 +09:00
|
|
|
/*
|
|
|
|
Copyright 2012 Mozilla Foundation
|
|
|
|
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
you may not use this file except in compliance with the License.
|
|
|
|
You may obtain a copy of the License at
|
|
|
|
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
See the License for the specific language governing permissions and
|
|
|
|
limitations under the License.
|
|
|
|
*/
|
2015-03-10 23:22:32 +09:00
|
|
|
/* globals chrome, Features, saveReferer */
|
2013-02-03 08:37:16 +09:00
|
|
|
|
|
|
|
'use strict';
|
2012-09-06 14:52:17 +09:00
|
|
|
|
2013-10-02 05:16:28 +09:00
|
|
|
var VIEWER_URL = chrome.extension.getURL('content/web/viewer.html');
|
|
|
|
|
|
|
|
function getViewerURL(pdf_url) {
|
|
|
|
return VIEWER_URL + '?file=' + encodeURIComponent(pdf_url);
|
|
|
|
}
|
|
|
|
|
2013-07-02 01:38:41 +09:00
|
|
|
/**
|
|
|
|
* @param {Object} details First argument of the webRequest.onHeadersReceived
|
|
|
|
* event. The property "url" is read.
|
2013-07-02 02:09:53 +09:00
|
|
|
* @return {boolean} True if the PDF file should be downloaded.
|
2013-07-02 01:38:41 +09:00
|
|
|
*/
|
2012-09-06 14:52:17 +09:00
|
|
|
function isPdfDownloadable(details) {
|
2014-03-10 07:12:12 +09:00
|
|
|
if (details.url.indexOf('pdfjs.action=download') >= 0) {
|
2013-07-02 02:09:53 +09:00
|
|
|
return true;
|
2014-03-10 07:12:12 +09:00
|
|
|
}
|
2015-07-07 00:13:44 +09:00
|
|
|
// Display the PDF viewer regardless of the Content-Disposition header if the
|
|
|
|
// file is displayed in the main frame, since most often users want to view
|
|
|
|
// a PDF, and servers are often misconfigured.
|
|
|
|
// If the query string contains "=download", do not unconditionally force the
|
|
|
|
// viewer to open the PDF, but first check whether the Content-Disposition
|
|
|
|
// header specifies an attachment. This allows sites like Google Drive to
|
|
|
|
// operate correctly (#6106).
|
|
|
|
if (details.type === 'main_frame' &&
|
|
|
|
details.url.indexOf('=download') === -1) {
|
2013-07-02 02:09:53 +09:00
|
|
|
return false;
|
2014-03-10 07:12:12 +09:00
|
|
|
}
|
|
|
|
var cdHeader = (details.responseHeaders &&
|
|
|
|
getHeaderFromHeaders(details.responseHeaders, 'content-disposition'));
|
|
|
|
return (cdHeader && /^attachment/i.test(cdHeader.value));
|
2012-09-06 14:52:17 +09:00
|
|
|
}
|
|
|
|
|
2013-07-02 01:38:41 +09:00
|
|
|
/**
|
|
|
|
* Get the header from the list of headers for a given name.
|
|
|
|
* @param {Array} headers responseHeaders of webRequest.onHeadersReceived
|
|
|
|
* @return {undefined|{name: string, value: string}} The header, if found.
|
|
|
|
*/
|
|
|
|
function getHeaderFromHeaders(headers, headerName) {
|
2016-12-11 18:43:09 +09:00
|
|
|
for (var i = 0; i < headers.length; ++i) {
|
2013-07-02 01:38:41 +09:00
|
|
|
var header = headers[i];
|
|
|
|
if (header.name.toLowerCase() === headerName) {
|
|
|
|
return header;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Check if the request is a PDF file.
|
|
|
|
* @param {Object} details First argument of the webRequest.onHeadersReceived
|
|
|
|
* event. The properties "responseHeaders" and "url"
|
|
|
|
* are read.
|
|
|
|
* @return {boolean} True if the resource is a PDF file.
|
|
|
|
*/
|
|
|
|
function isPdfFile(details) {
|
|
|
|
var header = getHeaderFromHeaders(details.responseHeaders, 'content-type');
|
|
|
|
if (header) {
|
2016-12-11 03:58:36 +09:00
|
|
|
var headerValue = header.value.toLowerCase().split(';', 1)[0].trim();
|
2016-09-18 14:21:24 +09:00
|
|
|
if (headerValue === 'application/pdf') {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
if (headerValue === 'application/octet-stream') {
|
|
|
|
if (details.url.toLowerCase().indexOf('.pdf') > 0) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
var cdHeader =
|
|
|
|
getHeaderFromHeaders(details.responseHeaders, 'content-disposition');
|
|
|
|
if (cdHeader && /\.pdf(["']|$)/i.test(cdHeader.value)) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
}
|
2013-07-02 01:38:41 +09:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Takes a set of headers, and set "Content-Disposition: attachment".
|
|
|
|
* @param {Object} details First argument of the webRequest.onHeadersReceived
|
|
|
|
* event. The property "responseHeaders" is read and
|
|
|
|
* modified if needed.
|
|
|
|
* @return {Object|undefined} The return value for the onHeadersReceived event.
|
|
|
|
* Object with key "responseHeaders" if the headers
|
|
|
|
* have been modified, undefined otherwise.
|
|
|
|
*/
|
|
|
|
function getHeadersWithContentDispositionAttachment(details) {
|
2014-03-10 07:12:12 +09:00
|
|
|
var headers = details.responseHeaders;
|
|
|
|
var cdHeader = getHeaderFromHeaders(headers, 'content-disposition');
|
|
|
|
if (!cdHeader) {
|
|
|
|
cdHeader = {name: 'Content-Disposition'};
|
|
|
|
headers.push(cdHeader);
|
|
|
|
}
|
|
|
|
if (!/^attachment/i.test(cdHeader.value)) {
|
|
|
|
cdHeader.value = 'attachment' + cdHeader.value.replace(/^[^;]+/i, '');
|
|
|
|
return { responseHeaders: headers };
|
|
|
|
}
|
2013-07-02 01:38:41 +09:00
|
|
|
}
|
|
|
|
|
|
|
|
chrome.webRequest.onHeadersReceived.addListener(
|
|
|
|
function(details) {
|
2013-07-27 18:26:55 +09:00
|
|
|
if (details.method !== 'GET') {
|
|
|
|
// Don't intercept POST requests until http://crbug.com/104058 is fixed.
|
|
|
|
return;
|
|
|
|
}
|
2014-03-10 07:12:12 +09:00
|
|
|
if (!isPdfFile(details)) {
|
2012-09-06 14:52:17 +09:00
|
|
|
return;
|
2014-03-10 07:12:12 +09:00
|
|
|
}
|
2013-04-04 07:28:45 +09:00
|
|
|
if (isPdfDownloadable(details)) {
|
|
|
|
// Force download by ensuring that Content-Disposition: attachment is set
|
2013-07-02 01:38:41 +09:00
|
|
|
return getHeadersWithContentDispositionAttachment(details);
|
2013-04-04 07:28:45 +09:00
|
|
|
}
|
|
|
|
|
2013-10-02 05:16:28 +09:00
|
|
|
var viewerUrl = getViewerURL(details.url);
|
|
|
|
|
2015-03-10 23:22:32 +09:00
|
|
|
// Implemented in preserve-referer.js
|
|
|
|
saveReferer(details);
|
|
|
|
|
2013-10-02 05:16:28 +09:00
|
|
|
// Replace frame with viewer
|
2014-03-30 08:25:37 +09:00
|
|
|
if (Features.webRequestRedirectUrl) {
|
|
|
|
return { redirectUrl: viewerUrl };
|
|
|
|
}
|
|
|
|
// Aww.. redirectUrl is not yet supported, so we have to use a different
|
|
|
|
// method as fallback (Chromium <35).
|
2013-10-02 05:16:28 +09:00
|
|
|
|
|
|
|
if (details.frameId === 0) {
|
|
|
|
// Main frame. Just replace the tab and be done!
|
|
|
|
chrome.tabs.update(details.tabId, {
|
|
|
|
url: viewerUrl
|
|
|
|
});
|
|
|
|
return { cancel: true };
|
|
|
|
}
|
2016-12-16 21:05:33 +09:00
|
|
|
console.warn('Child frames are not supported in ancient Chrome builds!');
|
2012-09-06 14:52:17 +09:00
|
|
|
},
|
|
|
|
{
|
|
|
|
urls: [
|
2013-04-04 07:28:45 +09:00
|
|
|
'<all_urls>'
|
2012-09-06 14:52:17 +09:00
|
|
|
],
|
2013-04-04 07:28:45 +09:00
|
|
|
types: ['main_frame', 'sub_frame']
|
2012-09-06 14:52:17 +09:00
|
|
|
},
|
2016-12-11 03:58:36 +09:00
|
|
|
['blocking', 'responseHeaders']);
|
2013-10-02 05:25:13 +09:00
|
|
|
|
2014-03-30 08:08:02 +09:00
|
|
|
chrome.webRequest.onBeforeRequest.addListener(
|
|
|
|
function onBeforeRequestForFTP(details) {
|
|
|
|
if (!Features.extensionSupportsFTP) {
|
|
|
|
chrome.webRequest.onBeforeRequest.removeListener(onBeforeRequestForFTP);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
if (isPdfDownloadable(details)) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
var viewerUrl = getViewerURL(details.url);
|
|
|
|
return { redirectUrl: viewerUrl };
|
|
|
|
},
|
|
|
|
{
|
|
|
|
urls: [
|
|
|
|
'ftp://*/*.pdf',
|
|
|
|
'ftp://*/*.PDF'
|
|
|
|
],
|
|
|
|
types: ['main_frame', 'sub_frame']
|
|
|
|
},
|
|
|
|
['blocking']);
|
|
|
|
|
2013-10-02 05:25:13 +09:00
|
|
|
chrome.webRequest.onBeforeRequest.addListener(
|
|
|
|
function(details) {
|
2014-03-10 07:12:12 +09:00
|
|
|
if (isPdfDownloadable(details)) {
|
2013-10-02 05:25:13 +09:00
|
|
|
return;
|
2014-03-10 07:12:12 +09:00
|
|
|
}
|
2013-10-02 05:25:13 +09:00
|
|
|
|
|
|
|
// NOTE: The manifest file has declared an empty content script
|
|
|
|
// at file://*/* to make sure that the viewer can load the PDF file
|
|
|
|
// through XMLHttpRequest. Necessary to deal with http://crbug.com/302548
|
|
|
|
var viewerUrl = getViewerURL(details.url);
|
|
|
|
|
|
|
|
return { redirectUrl: viewerUrl };
|
|
|
|
},
|
|
|
|
{
|
|
|
|
urls: [
|
|
|
|
'file://*/*.pdf',
|
|
|
|
'file://*/*.PDF'
|
|
|
|
],
|
|
|
|
types: ['main_frame', 'sub_frame']
|
|
|
|
},
|
|
|
|
['blocking']);
|
2015-07-19 00:11:33 +09:00
|
|
|
|
|
|
|
chrome.extension.isAllowedFileSchemeAccess(function(isAllowedAccess) {
|
|
|
|
if (isAllowedAccess) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
// If the user has not granted access to file:-URLs, then the webRequest API
|
|
|
|
// will not catch the request. It is still visible through the webNavigation
|
|
|
|
// API though, and we can replace the tab with the viewer.
|
|
|
|
// The viewer will detect that it has no access to file:-URLs, and prompt the
|
|
|
|
// user to activate file permissions.
|
|
|
|
chrome.webNavigation.onBeforeNavigate.addListener(function(details) {
|
|
|
|
if (details.frameId === 0 && !isPdfDownloadable(details)) {
|
|
|
|
chrome.tabs.update(details.tabId, {
|
|
|
|
url: getViewerURL(details.url)
|
|
|
|
});
|
|
|
|
}
|
|
|
|
}, {
|
|
|
|
url: [{
|
|
|
|
urlPrefix: 'file://',
|
|
|
|
pathSuffix: '.pdf'
|
|
|
|
}, {
|
|
|
|
urlPrefix: 'file://',
|
|
|
|
pathSuffix: '.PDF'
|
|
|
|
}]
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
chrome.runtime.onMessage.addListener(function(message, sender, sendResponse) {
|
2016-01-30 22:21:54 +09:00
|
|
|
if (message && message.action === 'getParentOrigin') {
|
|
|
|
// getParentOrigin is used to determine whether it is safe to embed a
|
|
|
|
// sensitive (local) file in a frame.
|
|
|
|
if (!sender.tab) {
|
|
|
|
sendResponse('');
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
// TODO: This should be the URL of the parent frame, not the tab. But
|
|
|
|
// chrome-extension:-URLs are not visible in the webNavigation API
|
|
|
|
// (https://crbug.com/326768), so the next best thing is using the tab's URL
|
|
|
|
// for making security decisions.
|
|
|
|
var parentUrl = sender.tab.url;
|
|
|
|
if (!parentUrl) {
|
|
|
|
sendResponse('');
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
if (parentUrl.lastIndexOf('file:', 0) === 0) {
|
|
|
|
sendResponse('file://');
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
// The regexp should always match for valid URLs, but in case it doesn't,
|
|
|
|
// just give the full URL (e.g. data URLs).
|
|
|
|
var origin = /^[^:]+:\/\/[^/]+/.exec(parentUrl);
|
|
|
|
sendResponse(origin ? origin[1] : parentUrl);
|
|
|
|
return true;
|
|
|
|
}
|
2015-07-19 00:11:33 +09:00
|
|
|
if (message && message.action === 'isAllowedFileSchemeAccess') {
|
|
|
|
chrome.extension.isAllowedFileSchemeAccess(sendResponse);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
if (message && message.action === 'openExtensionsPageForFileAccess') {
|
|
|
|
var url = 'chrome://extensions/?id=' + chrome.runtime.id;
|
|
|
|
if (message.data.newTab) {
|
|
|
|
chrome.tabs.create({
|
|
|
|
windowId: sender.tab.windowId,
|
|
|
|
index: sender.tab.index + 1,
|
|
|
|
url: url,
|
|
|
|
openerTabId: sender.tab.id
|
|
|
|
});
|
|
|
|
} else {
|
|
|
|
chrome.tabs.update(sender.tab.id, {
|
|
|
|
url: url
|
|
|
|
});
|
|
|
|
}
|
|
|
|
}
|
|
|
|
});
|