Chromium Code Reviews Chromium Code Reviews
Issue 11198044:
Make tab capture media stream requests verify that the request came from extension API (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/media/media_stream_devices_controller.h" | 5 #include "chrome/browser/media/media_stream_devices_controller.h" |
| 6 | 6 |
| 7 #include "base/values.h" | 7 #include "base/values.h" |
| 8 #include "chrome/browser/content_settings/content_settings_provider.h" | 8 #include "chrome/browser/content_settings/content_settings_provider.h" |
| 9 #include "chrome/browser/content_settings/host_content_settings_map.h" | 9 #include "chrome/browser/content_settings/host_content_settings_map.h" |
| 10 #include "chrome/browser/extensions/api/tab_capture/tab_capture_registry.h" | |
| 11 #include "chrome/browser/extensions/api/tab_capture/tab_capture_registry_factory .h" | |
| 10 #include "chrome/browser/prefs/scoped_user_pref_update.h" | 12 #include "chrome/browser/prefs/scoped_user_pref_update.h" |
| 11 #include "chrome/browser/profiles/profile.h" | 13 #include "chrome/browser/profiles/profile.h" |
| 12 #include "chrome/browser/ui/browser.h" | 14 #include "chrome/browser/ui/browser.h" |
| 13 #include "chrome/common/content_settings.h" | 15 #include "chrome/common/content_settings.h" |
| 14 #include "chrome/common/pref_names.h" | 16 #include "chrome/common/pref_names.h" |
| 15 #include "content/public/common/media_stream_request.h" | 17 #include "content/public/common/media_stream_request.h" |
| 16 | 18 |
| 17 using content::BrowserThread; | 19 using content::BrowserThread; |
| 18 | 20 |
| 19 namespace { | 21 namespace { |
| (...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 55 has_audio_ |= !it->second.empty(); | 57 has_audio_ |= !it->second.empty(); |
| 56 } else if (content::IsVideoMediaType(it->first)) { | 58 } else if (content::IsVideoMediaType(it->first)) { |
| 57 has_video_ |= !it->second.empty(); | 59 has_video_ |= !it->second.empty(); |
| 58 } | 60 } |
| 59 } | 61 } |
| 60 } | 62 } |
| 61 | 63 |
| 62 MediaStreamDevicesController::~MediaStreamDevicesController() {} | 64 MediaStreamDevicesController::~MediaStreamDevicesController() {} |
| 63 | 65 |
| 64 bool MediaStreamDevicesController::DismissInfoBarAndTakeActionOnSettings() { | 66 bool MediaStreamDevicesController::DismissInfoBarAndTakeActionOnSettings() { |
| 67 // For tab media requests, we need to make sure the request came from the | |
| 68 // extension API, so we check the registry here. | |
| 69 content::MediaStreamDeviceMap::const_iterator tab_video = | |
| 70 request_.devices.find(content::MEDIA_TAB_VIDEO_CAPTURE); | |
| 71 content::MediaStreamDeviceMap::const_iterator tab_audio = | |
| 72 request_.devices.find(content::MEDIA_TAB_VIDEO_CAPTURE); | |
|
wjia(left Chromium)
2012/10/18 04:54:27
MEDIA_TAB_AUDIO_CAPTURE?
justinlin
2012/10/18 07:05:47
Done. Thanks.
| |
| 73 if (tab_video != request_.devices.end() || | |
| 74 tab_audio != request_.devices.end()) { | |
| 75 extensions::TabCaptureRegistry* registry = | |
| 76 extensions::TabCaptureRegistryFactory::GetForProfile(profile_); | |
| 77 | |
| 78 DCHECK(tab_audio->second.size() || tab_video->second.size()); | |
| 79 std::string audio_device_id; | |
| 80 std::string video_device_id; | |
| 81 | |
| 82 if (tab_audio->second.size()) | |
| 83 audio_device_id = tab_audio->second[0].device_id; | |
| 84 if (tab_video->second.size()) | |
| 85 video_device_id = tab_video->second[0].device_id; | |
| 86 | |
| 87 if (!registry->VerifyRequest(!video_device_id.empty() ? | |
| 88 video_device_id : audio_device_id)) | |
| 89 Deny(); | |
| 90 else | |
| 91 Accept(audio_device_id, video_device_id, | |
| 92 false); | |
|
wjia(left Chromium)
2012/10/18 04:54:27
nit: this fits in one line.
justinlin
2012/10/18 07:05:47
Done.
| |
| 93 | |
| 94 return true; | |
|
wjia(left Chromium)
2012/10/18 04:54:27
It seems always returning true. Do you really need
justinlin
2012/10/18 07:05:47
There seems to be 1 case below where it returns fa
| |
| 95 } | |
| 96 | |
| 65 // Deny the request if the security origin is empty, this happens with | 97 // Deny the request if the security origin is empty, this happens with |
| 66 // file access without |--allow-file-access-from-files| flag. | 98 // file access without |--allow-file-access-from-files| flag. |
| 67 if (request_.security_origin.is_empty()) { | 99 if (request_.security_origin.is_empty()) { |
| 68 Deny(); | 100 Deny(); |
| 69 return true; | 101 return true; |
| 70 } | 102 } |
| 71 | 103 |
| 72 // Deny the request and don't show the infobar if there is no devices. | 104 // Deny the request and don't show the infobar if there is no devices. |
| 73 if (!has_audio_ && !has_video_) { | 105 if (!has_audio_ && !has_video_) { |
| 74 // TODO(xians): We should detect this in a early state, and post a callback | 106 // TODO(xians): We should detect this in a early state, and post a callback |
| (...skipping 246 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 321 for (content::MediaStreamDevices::const_iterator device_it = | 353 for (content::MediaStreamDevices::const_iterator device_it = |
| 322 it->second.begin(); | 354 it->second.begin(); |
| 323 device_it != it->second.end(); ++device_it) { | 355 device_it != it->second.end(); ++device_it) { |
| 324 const content::MediaStreamDevice& candidate = *device_it; | 356 const content::MediaStreamDevice& candidate = *device_it; |
| 325 if (candidate.device_id == device_id) | 357 if (candidate.device_id == device_id) |
| 326 return &candidate; | 358 return &candidate; |
| 327 } | 359 } |
| 328 } | 360 } |
| 329 return NULL; | 361 return NULL; |
| 330 } | 362 } |
| OLD | NEW |
