Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1263)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/content_settings/permission_context_base.cc

Issue 1039123002: Web MIDI API: reject sysex permissions on non-secure schemes (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: update test comment Created 5 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | chrome/browser/content_settings/permission_context_base_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/content_settings/permission_context_base.h" 5 #include "chrome/browser/content_settings/permission_context_base.h"
6 6
7 #include "base/logging.h" 7 #include "base/logging.h"
8 #include "base/prefs/pref_service.h" 8 #include "base/prefs/pref_service.h"
9 #include "chrome/browser/content_settings/permission_bubble_request_impl.h" 9 #include "chrome/browser/content_settings/permission_bubble_request_impl.h"
10 #include "chrome/browser/content_settings/permission_context_uma_util.h" 10 #include "chrome/browser/content_settings/permission_context_uma_util.h"
(...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after
97 << "Attempt to use " << content_settings::GetTypeName(permission_type_) 97 << "Attempt to use " << content_settings::GetTypeName(permission_type_)
98 << " from an invalid URL: " << requesting_origin 98 << " from an invalid URL: " << requesting_origin
99 << "," << embedding_origin 99 << "," << embedding_origin
100 << " (" << content_settings::GetTypeName(permission_type_) 100 << " (" << content_settings::GetTypeName(permission_type_)
101 << " is not supported in popups)"; 101 << " is not supported in popups)";
102 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, 102 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback,
103 false /* persist */, CONTENT_SETTING_BLOCK); 103 false /* persist */, CONTENT_SETTING_BLOCK);
104 return; 104 return;
105 } 105 }
106 106
107 // The Web MIDI API is not available for origin with non secure schemes.
108 // Access to the MIDI API is blocked.
109 if (permission_type_ == CONTENT_SETTINGS_TYPE_MIDI_SYSEX &&
110 !requesting_origin.SchemeIsSecure()) {
111 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback,
112 false /* persist */, CONTENT_SETTING_BLOCK);
113 return;
114 }
115
107 ContentSetting content_setting = 116 ContentSetting content_setting =
108 profile_->GetHostContentSettingsMap() 117 profile_->GetHostContentSettingsMap()
109 ->GetContentSettingAndMaybeUpdateLastUsage( 118 ->GetContentSettingAndMaybeUpdateLastUsage(
110 requesting_origin, embedding_origin, permission_type_, 119 requesting_origin, embedding_origin, permission_type_,
111 std::string()); 120 std::string());
112 121
113 if (content_setting == CONTENT_SETTING_ALLOW || 122 if (content_setting == CONTENT_SETTING_ALLOW ||
114 content_setting == CONTENT_SETTING_BLOCK) { 123 content_setting == CONTENT_SETTING_BLOCK) {
115 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, 124 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback,
116 false /* persist */, content_setting); 125 false /* persist */, content_setting);
(...skipping 117 matching lines...) Expand 10 before | Expand all | Expand 10 after
234 DCHECK_EQ(requesting_origin, requesting_origin.GetOrigin()); 243 DCHECK_EQ(requesting_origin, requesting_origin.GetOrigin());
235 DCHECK_EQ(embedding_origin, embedding_origin.GetOrigin()); 244 DCHECK_EQ(embedding_origin, embedding_origin.GetOrigin());
236 DCHECK(content_setting == CONTENT_SETTING_ALLOW || 245 DCHECK(content_setting == CONTENT_SETTING_ALLOW ||
237 content_setting == CONTENT_SETTING_BLOCK); 246 content_setting == CONTENT_SETTING_BLOCK);
238 247
239 profile_->GetHostContentSettingsMap()->SetContentSetting( 248 profile_->GetHostContentSettingsMap()->SetContentSetting(
240 ContentSettingsPattern::FromURLNoWildcard(requesting_origin), 249 ContentSettingsPattern::FromURLNoWildcard(requesting_origin),
241 ContentSettingsPattern::FromURLNoWildcard(embedding_origin), 250 ContentSettingsPattern::FromURLNoWildcard(embedding_origin),
242 permission_type_, std::string(), content_setting); 251 permission_type_, std::string(), content_setting);
243 } 252 }
OLDNEW
« no previous file with comments | « no previous file | chrome/browser/content_settings/permission_context_base_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698