File: api_response_validator.cc

package info (click to toggle)
chromium 139.0.7258.127-1
  • links: PTS, VCS
  • area: main
  • in suites:
  • size: 6,122,068 kB
  • sloc: cpp: 35,100,771; ansic: 7,163,530; javascript: 4,103,002; python: 1,436,920; asm: 946,517; xml: 746,709; pascal: 187,653; perl: 88,691; sh: 88,436; objc: 79,953; sql: 51,488; cs: 44,583; fortran: 24,137; makefile: 22,147; tcl: 15,277; php: 13,980; yacc: 8,984; ruby: 7,485; awk: 3,720; lisp: 3,096; lex: 1,327; ada: 727; jsp: 228; sed: 36
file content (156 lines) | stat: -rw-r--r-- 4,958 bytes parent folder | download | duplicates (6) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
 
// Copyright 2018 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "extensions/renderer/bindings/api_response_validator.h"

#include <algorithm>
#include <ostream>

#include "base/containers/contains.h"
#include "extensions/renderer/bindings/api_binding_util.h"
#include "extensions/renderer/bindings/api_signature.h"
#include "extensions/renderer/bindings/api_type_reference_map.h"

namespace extensions {

namespace {

APIResponseValidator::TestHandler* g_handler_for_testing = nullptr;

}  // namespace

APIResponseValidator::TestHandler::TestHandler(HandlerMethod method)
    : method_(method) {
  DCHECK(!g_handler_for_testing)
      << "Only one TestHandler is allowed at a time.";
  g_handler_for_testing = this;
}

APIResponseValidator::TestHandler::~TestHandler() {
  DCHECK_EQ(this, g_handler_for_testing);
  g_handler_for_testing = nullptr;
}

void APIResponseValidator::TestHandler::IgnoreSignature(std::string signature) {
  signatures_to_ignore_.insert(std::move(signature));
}

void APIResponseValidator::TestHandler::HandleFailure(
    const std::string& signature_name,
    const std::string& error) {
  method_.Run(signature_name, error);
}

bool APIResponseValidator::TestHandler::ShouldIgnoreSignature(
    const std::string& signature_name) const {
  return base::Contains(signatures_to_ignore_, signature_name);
}

APIResponseValidator::APIResponseValidator(const APITypeReferenceMap* type_refs)
    : type_refs_(type_refs) {}

APIResponseValidator::~APIResponseValidator() = default;

void APIResponseValidator::ValidateResponse(
    v8::Local<v8::Context> context,
    const std::string& method_name,
    const v8::LocalVector<v8::Value>& response_arguments,
    const std::string& api_error,
    CallbackType callback_type) {
  DCHECK(binding::IsResponseValidationEnabled());

  // If the callback is API-provided, the response can't be validated against
  // the expected schema because the callback may modify the arguments.
  if (callback_type == CallbackType::kAPIProvided)
    return;

  // If the call failed, there are no expected arguments.
  if (!api_error.empty()) {
    // TODO(devlin): It would be really nice to validate that
    // |response_arguments| is empty here, but some functions both set an error
    // and supply arguments.
    return;
  }

  const APISignature* signature =
      type_refs_->GetAsyncResponseSignature(method_name);
  // If there's no corresponding signature, don't validate. This can
  // legitimately happen with APIs that create custom requests.
  if (!signature || !signature->has_async_return_signature())
    return;

  std::string error;
  if (signature->ValidateResponse(context, response_arguments, *type_refs_,
                                  &error)) {
    // Response was valid.
    return;
  }

  // The response did not match the expected schema.
  if (g_handler_for_testing) {
    g_handler_for_testing->HandleFailure(method_name, error);
  } else {
    NOTREACHED() << "Error validating response to `" << method_name
                 << "`: " << error;
  }
}

void APIResponseValidator::ValidateEvent(
    v8::Local<v8::Context> context,
    const std::string& event_name,
    const v8::LocalVector<v8::Value>& event_args) {
  DCHECK(binding::IsResponseValidationEnabled());

  const APISignature* signature = type_refs_->GetEventSignature(event_name);
  // If there's no corresponding signature, don't validate. This can
  // legitimately happen with APIs that create custom requests.
  if (!signature)
    return;

  if (g_handler_for_testing &&
      g_handler_for_testing->ShouldIgnoreSignature(event_name))
    return;

  // The following signatures are incorrect (the parameters dispatched to the
  // event don't match the schema's event definition). These should be fixed
  // and then validated.
  // TODO(crbug.com/40226845): Eliminate this list.
  static constexpr char const* kBrokenSignaturesToIgnore[] = {
      "automationInternal.onAccessibilityEvent",
      "chromeWebViewInternal.onClicked",
      "input.ime.onFocus",
      "inputMethodPrivate.onFocus",
      "test.onMessage",

      // https://crbug.com/1343611.
      "runtime.onMessage",
      "runtime.onConnect",
      "contextMenus.onClicked",

      // https://crbug.com/1375903.
      "downloads.onCreated",
  };

  if (std::ranges::find(kBrokenSignaturesToIgnore, event_name) !=
      std::end(kBrokenSignaturesToIgnore)) {
    return;
  }

  std::string error;
  if (signature->ValidateCall(context, event_args, *type_refs_, &error)) {
    // Response was valid.
    return;
  }

  // The response did not match the expected schema.
  // Pull to helper method.
  if (g_handler_for_testing) {
    g_handler_for_testing->HandleFailure(event_name, error);
  } else {
    NOTREACHED() << "Error validating event arguments to `" << event_name
                 << "`: " << error;
  }
}

}  // namespace extensions