Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1498)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/content_settings/permission_context_base.cc

Issue 1039123002: Web MIDI API: reject sysex permissions on non-secure schemes (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: test fix Created 5 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | chrome/browser/content_settings/permission_context_base_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/content_settings/permission_context_base.h" 5 #include "chrome/browser/content_settings/permission_context_base.h"
6 6
7 #include "base/logging.h" 7 #include "base/logging.h"
8 #include "base/prefs/pref_service.h" 8 #include "base/prefs/pref_service.h"
9 #include "chrome/browser/content_settings/permission_bubble_request_impl.h" 9 #include "chrome/browser/content_settings/permission_bubble_request_impl.h"
10 #include "chrome/browser/content_settings/permission_context_uma_util.h" 10 #include "chrome/browser/content_settings/permission_context_uma_util.h"
(...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after
97 << "Attempt to use " << content_settings::GetTypeName(permission_type_) 97 << "Attempt to use " << content_settings::GetTypeName(permission_type_)
98 << " from an invalid URL: " << requesting_origin 98 << " from an invalid URL: " << requesting_origin
99 << "," << embedding_origin 99 << "," << embedding_origin
100 << " (" << content_settings::GetTypeName(permission_type_) 100 << " (" << content_settings::GetTypeName(permission_type_)
101 << " is not supported in popups)"; 101 << " is not supported in popups)";
102 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, 102 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback,
103 false /* persist */, CONTENT_SETTING_BLOCK); 103 false /* persist */, CONTENT_SETTING_BLOCK);
104 return; 104 return;
105 } 105 }
106 106
107 // Web MIDI API does not allow any permissions for non secure schemes.
markusheintz_ 2015/03/30 09:27:23 The Web MIDI API is not available for origin with
Takashi Toyoshima 2015/03/30 09:47:26 Done.
108 if (permission_type_ == CONTENT_SETTINGS_TYPE_MIDI_SYSEX &&
109 !requesting_origin.SchemeIsSecure()) {
110 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback,
111 false /* persist */, CONTENT_SETTING_BLOCK);
112 return;
113 }
114
107 ContentSetting content_setting = 115 ContentSetting content_setting =
108 profile_->GetHostContentSettingsMap() 116 profile_->GetHostContentSettingsMap()
109 ->GetContentSettingAndMaybeUpdateLastUsage( 117 ->GetContentSettingAndMaybeUpdateLastUsage(
110 requesting_origin, embedding_origin, permission_type_, 118 requesting_origin, embedding_origin, permission_type_,
111 std::string()); 119 std::string());
112 120
113 if (content_setting == CONTENT_SETTING_ALLOW || 121 if (content_setting == CONTENT_SETTING_ALLOW ||
114 content_setting == CONTENT_SETTING_BLOCK) { 122 content_setting == CONTENT_SETTING_BLOCK) {
115 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, 123 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback,
116 false /* persist */, content_setting); 124 false /* persist */, content_setting);
(...skipping 117 matching lines...) Expand 10 before | Expand all | Expand 10 after
234 DCHECK_EQ(requesting_origin, requesting_origin.GetOrigin()); 242 DCHECK_EQ(requesting_origin, requesting_origin.GetOrigin());
235 DCHECK_EQ(embedding_origin, embedding_origin.GetOrigin()); 243 DCHECK_EQ(embedding_origin, embedding_origin.GetOrigin());
236 DCHECK(content_setting == CONTENT_SETTING_ALLOW || 244 DCHECK(content_setting == CONTENT_SETTING_ALLOW ||
237 content_setting == CONTENT_SETTING_BLOCK); 245 content_setting == CONTENT_SETTING_BLOCK);
238 246
239 profile_->GetHostContentSettingsMap()->SetContentSetting( 247 profile_->GetHostContentSettingsMap()->SetContentSetting(
240 ContentSettingsPattern::FromURLNoWildcard(requesting_origin), 248 ContentSettingsPattern::FromURLNoWildcard(requesting_origin),
241 ContentSettingsPattern::FromURLNoWildcard(embedding_origin), 249 ContentSettingsPattern::FromURLNoWildcard(embedding_origin),
242 permission_type_, std::string(), content_setting); 250 permission_type_, std::string(), content_setting);
243 } 251 }
OLDNEW
« no previous file with comments | « no previous file | chrome/browser/content_settings/permission_context_base_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698