DescriptionMake tab capture media stream requests verify that the request came from extension API.
Checking that the security_origin of a getUserMedia call for tab media is an extension is not enough. We want to also verify that the extension has the correct permissions to make the call. This is to prevent extensions from calling getUserMedia({tab-media-params}) directly without going through the extension API.
This CL makes it so that tab media requests will go through the webcam/mic media stream infobar permission check, but we will accept right away after verifying that the request is in the TabCaptureRegistry (this is the change in media_stream_devices_controller.cc).
If the request comes from an extension background page or packaged app, we check that the extension/app has the tab capture permission, and we will approve it right away (these are the changes in extension_host.cc and shell_window.cc).
Patch Set 1 : init #
Total comments: 6
Patch Set 2 : review comments #
Total comments: 20
Patch Set 3 : review #
Total comments: 4
Patch Set 4 : refactor media access permission helper #
Total comments: 4
Patch Set 5 : Fix || and keep webcam/mic disabled in extensions #
Total comments: 2
Patch Set 6 : Rebase and move flag check into extension_host #
Total comments: 4
Patch Set 7 : address comments #
Total comments: 1
Patch Set 8 : rebase #Messages
Total messages: 21 (0 generated)
|