OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/content_settings/permission_context_base.h" | 5 #include "chrome/browser/content_settings/permission_context_base.h" |
6 | 6 |
7 #include "base/logging.h" | 7 #include "base/logging.h" |
8 #include "base/prefs/pref_service.h" | 8 #include "base/prefs/pref_service.h" |
9 #include "chrome/browser/content_settings/permission_bubble_request_impl.h" | 9 #include "chrome/browser/content_settings/permission_bubble_request_impl.h" |
10 #include "chrome/browser/content_settings/permission_context_uma_util.h" | 10 #include "chrome/browser/content_settings/permission_context_uma_util.h" |
11 #include "chrome/browser/content_settings/permission_queue_controller.h" | 11 #include "chrome/browser/content_settings/permission_queue_controller.h" |
12 #include "chrome/browser/profiles/profile.h" | 12 #include "chrome/browser/profiles/profile.h" |
13 #include "chrome/browser/ui/website_settings/permission_bubble_manager.h" | 13 #include "chrome/browser/ui/website_settings/permission_bubble_manager.h" |
14 #include "chrome/common/pref_names.h" | 14 #include "chrome/common/pref_names.h" |
15 #include "components/content_settings/core/browser/content_settings_utils.h" | 15 #include "components/content_settings/core/browser/content_settings_utils.h" |
16 #include "components/content_settings/core/browser/host_content_settings_map.h" | 16 #include "components/content_settings/core/browser/host_content_settings_map.h" |
17 #include "components/content_settings/core/common/permission_request_id.h" | 17 #include "components/content_settings/core/common/permission_request_id.h" |
18 #include "content/public/browser/browser_thread.h" | 18 #include "content/public/browser/browser_thread.h" |
19 #include "content/public/browser/web_contents.h" | 19 #include "content/public/browser/web_contents.h" |
20 | 20 |
21 namespace { | |
22 bool IsHTTPLocalhost(const GURL& url) { | |
markusheintz_
2015/04/01 13:31:31
Have you checked of there is not already a utility
felt
2015/04/01 18:04:30
You should use net::IsLocalhost here
| |
23 return url.is_valid() && url.SchemeIs(url::kHttpScheme) && | |
24 (!url.host().compare("localhost") || !url.host().compare("127.0.0.1")); | |
msramek
2015/04/01 12:59:16
How about IPv6 and other options?
https://code.go
| |
25 } | |
26 } // namespace | |
27 | |
21 PermissionContextBase::PermissionContextBase( | 28 PermissionContextBase::PermissionContextBase( |
22 Profile* profile, | 29 Profile* profile, |
23 const ContentSettingsType permission_type) | 30 const ContentSettingsType permission_type) |
24 : profile_(profile), | 31 : profile_(profile), |
25 permission_type_(permission_type), | 32 permission_type_(permission_type), |
26 weak_factory_(this) { | 33 weak_factory_(this) { |
27 permission_queue_controller_.reset( | 34 permission_queue_controller_.reset( |
28 new PermissionQueueController(profile_, permission_type_)); | 35 new PermissionQueueController(profile_, permission_type_)); |
29 } | 36 } |
30 | 37 |
(...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
100 << " (" << content_settings::GetTypeName(permission_type_) | 107 << " (" << content_settings::GetTypeName(permission_type_) |
101 << " is not supported in popups)"; | 108 << " is not supported in popups)"; |
102 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, | 109 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, |
103 false /* persist */, CONTENT_SETTING_BLOCK); | 110 false /* persist */, CONTENT_SETTING_BLOCK); |
104 return; | 111 return; |
105 } | 112 } |
106 | 113 |
107 // The Web MIDI API is not available for origin with non secure schemes. | 114 // The Web MIDI API is not available for origin with non secure schemes. |
108 // Access to the MIDI API is blocked. | 115 // Access to the MIDI API is blocked. |
109 if (permission_type_ == CONTENT_SETTINGS_TYPE_MIDI_SYSEX && | 116 if (permission_type_ == CONTENT_SETTINGS_TYPE_MIDI_SYSEX && |
110 !requesting_origin.SchemeIsSecure()) { | 117 !requesting_origin.SchemeIsSecure() && |
118 !IsHTTPLocalhost(requesting_origin)) { | |
111 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, | 119 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, |
112 false /* persist */, CONTENT_SETTING_BLOCK); | 120 false /* persist */, CONTENT_SETTING_BLOCK); |
113 return; | 121 return; |
114 } | 122 } |
115 | 123 |
116 ContentSetting content_setting = | 124 ContentSetting content_setting = |
117 profile_->GetHostContentSettingsMap() | 125 profile_->GetHostContentSettingsMap() |
118 ->GetContentSettingAndMaybeUpdateLastUsage( | 126 ->GetContentSettingAndMaybeUpdateLastUsage( |
119 requesting_origin, embedding_origin, permission_type_, | 127 requesting_origin, embedding_origin, permission_type_, |
120 std::string()); | 128 std::string()); |
(...skipping 122 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
243 DCHECK_EQ(requesting_origin, requesting_origin.GetOrigin()); | 251 DCHECK_EQ(requesting_origin, requesting_origin.GetOrigin()); |
244 DCHECK_EQ(embedding_origin, embedding_origin.GetOrigin()); | 252 DCHECK_EQ(embedding_origin, embedding_origin.GetOrigin()); |
245 DCHECK(content_setting == CONTENT_SETTING_ALLOW || | 253 DCHECK(content_setting == CONTENT_SETTING_ALLOW || |
246 content_setting == CONTENT_SETTING_BLOCK); | 254 content_setting == CONTENT_SETTING_BLOCK); |
247 | 255 |
248 profile_->GetHostContentSettingsMap()->SetContentSetting( | 256 profile_->GetHostContentSettingsMap()->SetContentSetting( |
249 ContentSettingsPattern::FromURLNoWildcard(requesting_origin), | 257 ContentSettingsPattern::FromURLNoWildcard(requesting_origin), |
250 ContentSettingsPattern::FromURLNoWildcard(embedding_origin), | 258 ContentSettingsPattern::FromURLNoWildcard(embedding_origin), |
251 permission_type_, std::string(), content_setting); | 259 permission_type_, std::string(), content_setting); |
252 } | 260 } |
OLD | NEW |