Chromium Code Reviews| OLD | NEW |
|---|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/media/protected_media_identifier_permission_context.h" | 5 #include "chrome/browser/media/protected_media_identifier_permission_context.h" |
| 6 | 6 |
| 7 #include "base/prefs/pref_service.h" | 7 #include "base/prefs/pref_service.h" |
| 8 #include "chrome/browser/content_settings/tab_specific_content_settings.h" | 8 #include "chrome/browser/content_settings/tab_specific_content_settings.h" |
| 9 #include "chrome/browser/profiles/profile.h" | 9 #include "chrome/browser/profiles/profile.h" |
| 10 #include "chrome/common/pref_names.h" | 10 #include "chrome/common/pref_names.h" |
| 11 #include "components/content_settings/core/common/permission_request_id.h" | 11 #include "components/content_settings/core/common/permission_request_id.h" |
| 12 #include "content/public/browser/browser_thread.h" | 12 #include "content/public/browser/browser_thread.h" |
| 13 #include "content/public/browser/user_metrics.h" | |
| 13 #include "content/public/browser/web_contents.h" | 14 #include "content/public/browser/web_contents.h" |
| 14 | 15 |
| 15 #if defined(OS_CHROMEOS) | 16 #if defined(OS_CHROMEOS) |
| 16 #include <utility> | 17 #include <utility> |
| 17 | 18 |
| 18 #include "chrome/browser/chromeos/attestation/platform_verification_dialog.h" | 19 #include "chrome/browser/chromeos/attestation/platform_verification_dialog.h" |
| 19 #include "chrome/browser/chromeos/settings/cros_settings.h" | 20 #include "chrome/browser/chromeos/settings/cros_settings.h" |
| 20 #include "chromeos/settings/cros_settings_names.h" | 21 #include "chromeos/settings/cros_settings_names.h" |
| 22 #include "components/pref_registry/pref_registry_syncable.h" | |
| 23 #include "components/user_prefs/user_prefs.h" | |
| 21 #include "ui/views/widget/widget.h" | 24 #include "ui/views/widget/widget.h" |
| 22 | 25 |
| 23 using chromeos::attestation::PlatformVerificationDialog; | 26 using chromeos::attestation::PlatformVerificationDialog; |
| 24 using chromeos::attestation::PlatformVerificationFlow; | |
| 25 #endif | 27 #endif |
| 26 | 28 |
| 27 ProtectedMediaIdentifierPermissionContext:: | 29 ProtectedMediaIdentifierPermissionContext:: |
| 28 ProtectedMediaIdentifierPermissionContext(Profile* profile) | 30 ProtectedMediaIdentifierPermissionContext(Profile* profile) |
| 29 : PermissionContextBase(profile, | 31 : PermissionContextBase(profile, |
| 30 CONTENT_SETTINGS_TYPE_PROTECTED_MEDIA_IDENTIFIER) | 32 CONTENT_SETTINGS_TYPE_PROTECTED_MEDIA_IDENTIFIER) |
| 31 #if defined(OS_CHROMEOS) | 33 #if defined(OS_CHROMEOS) |
| 32 , | 34 , |
| 33 weak_factory_(this) | 35 weak_factory_(this) |
| 34 #endif | 36 #endif |
| 35 { | 37 { |
| 36 } | 38 } |
| 37 | 39 |
| 38 ProtectedMediaIdentifierPermissionContext:: | 40 ProtectedMediaIdentifierPermissionContext:: |
| 39 ~ProtectedMediaIdentifierPermissionContext() { | 41 ~ProtectedMediaIdentifierPermissionContext() { |
| 40 } | 42 } |
| 41 | 43 |
| 44 #if defined(OS_CHROMEOS) | |
| 45 // static | |
| 46 void ProtectedMediaIdentifierPermissionContext::RegisterProfilePrefs( | |
| 47 user_prefs::PrefRegistrySyncable* prefs) { | |
| 48 prefs->RegisterBooleanPref(prefs::kRAConsentGranted, | |
| 49 false, // Default value. | |
| 50 user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF); | |
| 51 } | |
| 52 #endif | |
| 53 | |
| 42 void ProtectedMediaIdentifierPermissionContext::RequestPermission( | 54 void ProtectedMediaIdentifierPermissionContext::RequestPermission( |
| 43 content::WebContents* web_contents, | 55 content::WebContents* web_contents, |
| 44 const PermissionRequestID& id, | 56 const PermissionRequestID& id, |
| 45 const GURL& requesting_origin, | 57 const GURL& requesting_origin, |
| 46 bool user_gesture, | 58 bool user_gesture, |
| 47 const BrowserPermissionCallback& callback) { | 59 const BrowserPermissionCallback& callback) { |
| 48 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); | 60 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); |
| 49 | 61 |
| 50 GURL embedding_origin = web_contents->GetLastCommittedURL().GetOrigin(); | 62 GURL embedding_origin = web_contents->GetLastCommittedURL().GetOrigin(); |
| 51 | 63 |
| 64 DVLOG(1) << __FUNCTION__ << ": (" << requesting_origin.spec() << ", " | |
| 65 << embedding_origin.spec() << ")"; | |
| 66 | |
| 52 if (!requesting_origin.is_valid() || !embedding_origin.is_valid() || | 67 if (!requesting_origin.is_valid() || !embedding_origin.is_valid() || |
| 53 !IsProtectedMediaIdentifierEnabled()) { | 68 !IsProtectedMediaIdentifierEnabled()) { |
| 54 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, | 69 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, |
| 55 false /* persist */, CONTENT_SETTING_BLOCK); | 70 false /* persist */, CONTENT_SETTING_BLOCK); |
| 56 return; | 71 return; |
| 57 } | 72 } |
| 58 | 73 |
| 59 #if defined(OS_CHROMEOS) | 74 #if defined(OS_CHROMEOS) |
| 60 // On ChromeOS, we don't use PermissionContextBase::RequestPermission() which | 75 ContentSetting content_setting = PermissionContextBase::GetPermissionStatus( |
| 61 // uses the standard permission infobar/bubble UI. See http://crbug.com/454847 | 76 requesting_origin, embedding_origin); |
| 62 // Instead, we check the content setting and show the existing platform | 77 if (content_setting == CONTENT_SETTING_BLOCK) { |
| 63 // verification UI. | |
| 64 // TODO(xhwang): Remove when http://crbug.com/454847 is fixed. | |
| 65 ContentSetting content_setting = | |
| 66 GetPermissionStatus(requesting_origin, embedding_origin); | |
| 67 | |
| 68 if (content_setting == CONTENT_SETTING_ALLOW || | |
| 69 content_setting == CONTENT_SETTING_BLOCK) { | |
| 70 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, | 78 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, |
| 71 false /* persist */, content_setting); | 79 false /* persist */, CONTENT_SETTING_BLOCK); |
| 72 return; | 80 return; |
| 73 } | 81 } |
| 74 | 82 |
| 83 // Consent granted if user has given consent for this origin, and if user has | |
| 84 // given consent to attestation for content protection on this device. | |
| 85 bool consent_granted = | |
| 86 content_setting == CONTENT_SETTING_ALLOW && | |
| 87 profile()->GetPrefs()->GetBoolean(prefs::kRAConsentGranted); | |
|
ddorwin
2015/03/12 21:38:54
I don't think we need this anymore because this wi
xhwang
2015/03/13 00:54:42
I am not sure I follow your comment. Can you elabo
ddorwin
2015/03/13 17:03:10
I was saying that we don't need the RHS of the &&
xhwang
2015/03/13 21:31:15
Good point. Done.
| |
| 88 | |
| 89 if (consent_granted) { | |
| 90 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, | |
| 91 false /* persist */, CONTENT_SETTING_ALLOW); | |
| 92 return; | |
| 93 } | |
| 94 | |
| 75 // Since the dialog is modal, we only support one prompt per |web_contents|. | 95 // Since the dialog is modal, we only support one prompt per |web_contents|. |
| 76 // Reject the new one if there is already one pending. See | 96 // Reject the new one if there is already one pending. See |
| 77 // http://crbug.com/447005 | 97 // http://crbug.com/447005 |
| 78 if (pending_requests_.count(web_contents)) { | 98 if (pending_requests_.count(web_contents)) { |
| 79 callback.Run(CONTENT_SETTING_DEFAULT); | 99 callback.Run(CONTENT_SETTING_DEFAULT); |
| 80 return; | 100 return; |
| 81 } | 101 } |
| 82 | 102 |
| 103 // On ChromeOS, we don't use PermissionContextBase::RequestPermission() which | |
| 104 // uses the standard permission infobar/bubble UI. See http://crbug.com/454847 | |
| 105 // Instead, we show the existing platform verification UI. | |
| 106 // TODO(xhwang): Remove when http://crbug.com/454847 is fixed. | |
| 83 views::Widget* widget = PlatformVerificationDialog::ShowDialog( | 107 views::Widget* widget = PlatformVerificationDialog::ShowDialog( |
| 84 web_contents, requesting_origin, | 108 web_contents, requesting_origin, |
| 85 base::Bind(&ProtectedMediaIdentifierPermissionContext:: | 109 base::Bind(&ProtectedMediaIdentifierPermissionContext:: |
| 86 OnPlatformVerificationResult, | 110 OnPlatformVerificationConsentResponse, |
| 87 weak_factory_.GetWeakPtr(), web_contents, id, | 111 weak_factory_.GetWeakPtr(), web_contents, id, |
| 88 requesting_origin, embedding_origin, callback)); | 112 requesting_origin, embedding_origin, callback)); |
| 89 pending_requests_.insert( | 113 pending_requests_.insert( |
| 90 std::make_pair(web_contents, std::make_pair(widget, id))); | 114 std::make_pair(web_contents, std::make_pair(widget, id))); |
| 91 #else | 115 #else |
| 92 PermissionContextBase::RequestPermission(web_contents, id, requesting_origin, | 116 PermissionContextBase::RequestPermission(web_contents, id, requesting_origin, |
| 93 user_gesture, callback); | 117 user_gesture, callback); |
| 94 #endif | 118 #endif |
| 95 } | 119 } |
| 96 | 120 |
| 97 ContentSetting ProtectedMediaIdentifierPermissionContext::GetPermissionStatus( | 121 ContentSetting ProtectedMediaIdentifierPermissionContext::GetPermissionStatus( |
| 98 const GURL& requesting_origin, | 122 const GURL& requesting_origin, |
| 99 const GURL& embedding_origin) const { | 123 const GURL& embedding_origin) const { |
| 124 DVLOG(1) << __FUNCTION__ << ": (" << requesting_origin.spec() << ", " | |
| 125 << embedding_origin.spec() << ")"; | |
| 126 | |
| 100 if (!IsProtectedMediaIdentifierEnabled()) | 127 if (!IsProtectedMediaIdentifierEnabled()) |
| 101 return CONTENT_SETTING_BLOCK; | 128 return CONTENT_SETTING_BLOCK; |
| 102 | 129 |
| 130 #if defined(OS_CHROMEOS) | |
| 131 // Block if user never granted RA consent on this device. It's possible that | |
|
ddorwin
2015/03/12 21:38:53
"Block" is no longer correct?
xhwang
2015/03/13 00:54:42
Done. Also I restructured this function a bit to m
| |
| 132 // user dismissed the dialog triggered by RequestPermission() and the content | |
| 133 // setting is set to "allow" by server sync. In this case, we should ask. | |
|
ddorwin
2015/03/12 21:38:53
It's not clear where all this is called. (I think
xhwang
2015/03/13 00:54:42
Acknowledged.
| |
| 134 if (!profile()->GetPrefs()->GetBoolean(prefs::kRAConsentGranted)) { | |
| 135 DVLOG(1) << "RA consent never granted on this device."; | |
| 136 return CONTENT_SETTING_ASK; | |
| 137 } | |
| 138 #endif | |
| 139 | |
| 103 return PermissionContextBase::GetPermissionStatus(requesting_origin, | 140 return PermissionContextBase::GetPermissionStatus(requesting_origin, |
| 104 embedding_origin); | 141 embedding_origin); |
| 105 } | 142 } |
| 106 | 143 |
| 107 void ProtectedMediaIdentifierPermissionContext::CancelPermissionRequest( | 144 void ProtectedMediaIdentifierPermissionContext::CancelPermissionRequest( |
| 108 content::WebContents* web_contents, | 145 content::WebContents* web_contents, |
| 109 const PermissionRequestID& id) { | 146 const PermissionRequestID& id) { |
| 110 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); | 147 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); |
| 111 | 148 |
| 112 #if defined(OS_CHROMEOS) | 149 #if defined(OS_CHROMEOS) |
| 113 PendingRequestMap::iterator request = pending_requests_.find(web_contents); | 150 PendingRequestMap::iterator request = pending_requests_.find(web_contents); |
| 114 if (request == pending_requests_.end() || !request->second.second.Equals(id)) | 151 if (request == pending_requests_.end() || !request->second.second.Equals(id)) |
| 115 return; | 152 return; |
| 116 | 153 |
| 117 // Close the |widget_|. OnPlatformVerificationResult() will be fired | 154 // Close the |widget_|. OnPlatformVerificationConsentResponse() will be fired |
| 118 // during this process, but since |web_contents| is removed from | 155 // during this process, but since |web_contents| is removed from |
| 119 // |pending_requests_|, the callback will simply be dropped. | 156 // |pending_requests_|, the callback will simply be dropped. |
| 120 views::Widget* widget = request->second.first; | 157 views::Widget* widget = request->second.first; |
| 121 pending_requests_.erase(request); | 158 pending_requests_.erase(request); |
| 122 widget->Close(); | 159 widget->Close(); |
| 123 #else | 160 #else |
| 124 PermissionContextBase::CancelPermissionRequest(web_contents, id); | 161 PermissionContextBase::CancelPermissionRequest(web_contents, id); |
| 125 #endif | 162 #endif |
| 126 } | 163 } |
| 127 | 164 |
| (...skipping 10 matching lines...) Expand all Loading... | |
| 138 if (content_settings) { | 175 if (content_settings) { |
| 139 content_settings->OnProtectedMediaIdentifierPermissionSet( | 176 content_settings->OnProtectedMediaIdentifierPermissionSet( |
| 140 requesting_frame.GetOrigin(), allowed); | 177 requesting_frame.GetOrigin(), allowed); |
| 141 } | 178 } |
| 142 } | 179 } |
| 143 | 180 |
| 144 // TODO(xhwang): We should consolidate the "protected content" related pref | 181 // TODO(xhwang): We should consolidate the "protected content" related pref |
| 145 // across platforms. | 182 // across platforms. |
| 146 bool ProtectedMediaIdentifierPermissionContext:: | 183 bool ProtectedMediaIdentifierPermissionContext:: |
| 147 IsProtectedMediaIdentifierEnabled() const { | 184 IsProtectedMediaIdentifierEnabled() const { |
| 148 bool enabled = false; | 185 #if defined(OS_ANDROID) |
| 186 if (!profile()->GetPrefs()->GetBoolean( | |
| 187 prefs::kProtectedMediaIdentifierEnabled)) { | |
| 188 DVLOG(1) << "Protected media identifier disabled by a user master switch."; | |
| 189 return false; | |
| 190 } | |
| 191 #elif defined(OS_CHROMEOS) | |
| 192 // Platform verification is not allowed in incognito or guest mode. | |
| 193 if (profile()->IsOffTheRecord() || profile()->IsGuestSession()) { | |
| 194 DVLOG(1) << "Protected media identifier disabled in incognito or guest " | |
| 195 "mode."; | |
| 196 return false; | |
| 197 } | |
| 149 | 198 |
| 150 #if defined(OS_ANDROID) | 199 // This could be disabled by the device policy or by user's master switch. |
| 151 enabled = profile()->GetPrefs()->GetBoolean( | 200 bool enabled_for_device = false; |
| 152 prefs::kProtectedMediaIdentifierEnabled); | 201 if (!chromeos::CrosSettings::Get()->GetBoolean( |
| 202 chromeos::kAttestationForContentProtectionEnabled, | |
| 203 &enabled_for_device) || | |
| 204 !enabled_for_device || | |
| 205 !profile()->GetPrefs()->GetBoolean(prefs::kEnableDRM)) { | |
| 206 DVLOG(1) << "Protected media identifier disabled by the user or by device " | |
| 207 "policy."; | |
| 208 return false; | |
| 209 } | |
| 153 #endif | 210 #endif |
| 154 | 211 |
| 155 #if defined(OS_CHROMEOS) | 212 return true; |
| 156 // This could be disabled by the device policy. | |
| 157 bool enabled_for_device = false; | |
| 158 enabled = chromeos::CrosSettings::Get()->GetBoolean( | |
| 159 chromeos::kAttestationForContentProtectionEnabled, | |
| 160 &enabled_for_device) && | |
| 161 enabled_for_device && | |
| 162 profile()->GetPrefs()->GetBoolean(prefs::kEnableDRM); | |
| 163 #endif | |
| 164 | |
| 165 DVLOG_IF(1, !enabled) | |
| 166 << "Protected media identifier disabled by the user or by device policy."; | |
| 167 return enabled; | |
| 168 } | 213 } |
| 169 | 214 |
| 170 #if defined(OS_CHROMEOS) | 215 #if defined(OS_CHROMEOS) |
| 171 void ProtectedMediaIdentifierPermissionContext::OnPlatformVerificationResult( | 216 static void RecordRAConsentGranted(content::WebContents* web_contents) { |
| 172 content::WebContents* web_contents, | 217 PrefService* pref_service = |
| 173 const PermissionRequestID& id, | 218 user_prefs::UserPrefs::Get(web_contents->GetBrowserContext()); |
| 174 const GURL& requesting_origin, | 219 if (!pref_service) { |
| 175 const GURL& embedding_origin, | 220 LOG(ERROR) << "Failed to get user prefs."; |
| 176 const BrowserPermissionCallback& callback, | 221 return; |
| 177 chromeos::attestation::PlatformVerificationFlow::ConsentResponse response) { | 222 } |
| 223 pref_service->SetBoolean(prefs::kRAConsentGranted, true); | |
| 224 } | |
| 225 | |
| 226 void ProtectedMediaIdentifierPermissionContext:: | |
| 227 OnPlatformVerificationConsentResponse( | |
| 228 content::WebContents* web_contents, | |
| 229 const PermissionRequestID& id, | |
| 230 const GURL& requesting_origin, | |
| 231 const GURL& embedding_origin, | |
| 232 const BrowserPermissionCallback& callback, | |
| 233 chromeos::attestation::PlatformVerificationDialog::ConsentResponse | |
| 234 response) { | |
| 178 // The request may have been canceled. Drop the callback in that case. | 235 // The request may have been canceled. Drop the callback in that case. |
| 179 PendingRequestMap::iterator request = pending_requests_.find(web_contents); | 236 PendingRequestMap::iterator request = pending_requests_.find(web_contents); |
| 180 if (request == pending_requests_.end()) | 237 if (request == pending_requests_.end()) |
| 181 return; | 238 return; |
| 182 | 239 |
| 183 DCHECK(request->second.second.Equals(id)); | 240 DCHECK(request->second.second.Equals(id)); |
| 184 pending_requests_.erase(request); | 241 pending_requests_.erase(request); |
| 185 | 242 |
| 186 ContentSetting content_setting = CONTENT_SETTING_DEFAULT; | 243 ContentSetting content_setting = CONTENT_SETTING_DEFAULT; |
| 187 bool persist = false; // Whether the ContentSetting should be saved. | 244 bool persist = false; // Whether the ContentSetting should be saved. |
| 188 switch (response) { | 245 switch (response) { |
| 189 case PlatformVerificationFlow::CONSENT_RESPONSE_NONE: | 246 case PlatformVerificationDialog::CONSENT_RESPONSE_NONE: |
|
ddorwin
2015/03/12 21:38:54
Let's please bottom out on the histogram decision
xhwang
2015/03/13 00:54:42
+Darren.
| |
| 190 content_setting = CONTENT_SETTING_DEFAULT; | 247 content_setting = CONTENT_SETTING_DEFAULT; |
| 191 persist = false; | 248 persist = false; |
| 192 break; | 249 break; |
| 193 case PlatformVerificationFlow::CONSENT_RESPONSE_ALLOW: | 250 case PlatformVerificationDialog::CONSENT_RESPONSE_ALLOW: |
| 251 VLOG(1) << "Platform verification accepted by user."; | |
| 252 content::RecordAction( | |
| 253 base::UserMetricsAction("PlatformVerificationAccepted")); | |
| 254 RecordRAConsentGranted(web_contents); | |
| 194 content_setting = CONTENT_SETTING_ALLOW; | 255 content_setting = CONTENT_SETTING_ALLOW; |
| 195 persist = true; | 256 persist = true; |
| 196 break; | 257 break; |
| 197 case PlatformVerificationFlow::CONSENT_RESPONSE_DENY: | 258 case PlatformVerificationDialog::CONSENT_RESPONSE_DENY: |
| 259 VLOG(1) << "Platform verification denied by user."; | |
| 260 content::RecordAction( | |
| 261 base::UserMetricsAction("PlatformVerificationRejected")); | |
| 198 content_setting = CONTENT_SETTING_BLOCK; | 262 content_setting = CONTENT_SETTING_BLOCK; |
| 199 persist = true; | 263 persist = true; |
| 200 break; | 264 break; |
| 201 } | 265 } |
| 202 | 266 |
| 203 NotifyPermissionSet( | 267 NotifyPermissionSet( |
| 204 id, requesting_origin, embedding_origin, callback, | 268 id, requesting_origin, embedding_origin, callback, |
| 205 persist, content_setting); | 269 persist, content_setting); |
| 206 } | 270 } |
| 207 #endif | 271 #endif |
| OLD | NEW |