OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/content_settings/permission_context_base.h" | 5 #include "chrome/browser/content_settings/permission_context_base.h" |
6 | 6 |
7 #include "base/logging.h" | 7 #include "base/logging.h" |
8 #include "base/prefs/pref_service.h" | 8 #include "base/prefs/pref_service.h" |
9 #include "chrome/browser/content_settings/permission_bubble_request_impl.h" | 9 #include "chrome/browser/content_settings/permission_bubble_request_impl.h" |
10 #include "chrome/browser/content_settings/permission_context_uma_util.h" | 10 #include "chrome/browser/content_settings/permission_context_uma_util.h" |
11 #include "chrome/browser/content_settings/permission_queue_controller.h" | 11 #include "chrome/browser/content_settings/permission_queue_controller.h" |
12 #include "chrome/browser/profiles/profile.h" | 12 #include "chrome/browser/profiles/profile.h" |
13 #include "chrome/browser/ui/website_settings/permission_bubble_manager.h" | 13 #include "chrome/browser/ui/website_settings/permission_bubble_manager.h" |
| 14 #include "chrome/common/origin_util.h" |
14 #include "chrome/common/pref_names.h" | 15 #include "chrome/common/pref_names.h" |
15 #include "components/content_settings/core/browser/content_settings_utils.h" | 16 #include "components/content_settings/core/browser/content_settings_utils.h" |
16 #include "components/content_settings/core/browser/host_content_settings_map.h" | 17 #include "components/content_settings/core/browser/host_content_settings_map.h" |
17 #include "components/content_settings/core/common/permission_request_id.h" | 18 #include "components/content_settings/core/common/permission_request_id.h" |
18 #include "content/public/browser/browser_thread.h" | 19 #include "content/public/browser/browser_thread.h" |
19 #include "content/public/browser/web_contents.h" | 20 #include "content/public/browser/web_contents.h" |
20 #include "net/base/net_util.h" | |
21 | 21 |
22 PermissionContextBase::PermissionContextBase( | 22 PermissionContextBase::PermissionContextBase( |
23 Profile* profile, | 23 Profile* profile, |
24 const ContentSettingsType permission_type) | 24 const ContentSettingsType permission_type) |
25 : profile_(profile), | 25 : profile_(profile), |
26 permission_type_(permission_type), | 26 permission_type_(permission_type), |
27 weak_factory_(this) { | 27 weak_factory_(this) { |
28 permission_queue_controller_.reset( | 28 permission_queue_controller_.reset( |
29 new PermissionQueueController(profile_, permission_type_)); | 29 new PermissionQueueController(profile_, permission_type_)); |
30 } | 30 } |
(...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
98 << "Attempt to use " << content_settings::GetTypeName(permission_type_) | 98 << "Attempt to use " << content_settings::GetTypeName(permission_type_) |
99 << " from an invalid URL: " << requesting_origin | 99 << " from an invalid URL: " << requesting_origin |
100 << "," << embedding_origin | 100 << "," << embedding_origin |
101 << " (" << content_settings::GetTypeName(permission_type_) | 101 << " (" << content_settings::GetTypeName(permission_type_) |
102 << " is not supported in popups)"; | 102 << " is not supported in popups)"; |
103 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, | 103 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, |
104 false /* persist */, CONTENT_SETTING_BLOCK); | 104 false /* persist */, CONTENT_SETTING_BLOCK); |
105 return; | 105 return; |
106 } | 106 } |
107 | 107 |
108 // The Web MIDI API is not available for origin with non secure schemes. | 108 // The Web MIDI SYSEX API is only available to secure origins. |
109 // Access to the MIDI API is blocked. | |
110 // TODO(crbug.com/362214): Use a standard way to check the secure origin. | |
111 if (permission_type_ == CONTENT_SETTINGS_TYPE_MIDI_SYSEX && | 109 if (permission_type_ == CONTENT_SETTINGS_TYPE_MIDI_SYSEX && |
112 !requesting_origin.SchemeIsSecure() && | 110 !IsOriginSecure(requesting_origin)) { |
113 !net::IsLocalhost(requesting_origin.host())) { | |
114 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, | 111 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, |
115 false /* persist */, CONTENT_SETTING_BLOCK); | 112 false /* persist */, CONTENT_SETTING_BLOCK); |
116 return; | 113 return; |
117 } | 114 } |
118 | 115 |
119 ContentSetting content_setting = | 116 ContentSetting content_setting = |
120 profile_->GetHostContentSettingsMap() | 117 profile_->GetHostContentSettingsMap() |
121 ->GetContentSettingAndMaybeUpdateLastUsage( | 118 ->GetContentSettingAndMaybeUpdateLastUsage( |
122 requesting_origin, embedding_origin, permission_type_, | 119 requesting_origin, embedding_origin, permission_type_, |
123 std::string()); | 120 std::string()); |
(...skipping 122 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
246 DCHECK_EQ(requesting_origin, requesting_origin.GetOrigin()); | 243 DCHECK_EQ(requesting_origin, requesting_origin.GetOrigin()); |
247 DCHECK_EQ(embedding_origin, embedding_origin.GetOrigin()); | 244 DCHECK_EQ(embedding_origin, embedding_origin.GetOrigin()); |
248 DCHECK(content_setting == CONTENT_SETTING_ALLOW || | 245 DCHECK(content_setting == CONTENT_SETTING_ALLOW || |
249 content_setting == CONTENT_SETTING_BLOCK); | 246 content_setting == CONTENT_SETTING_BLOCK); |
250 | 247 |
251 profile_->GetHostContentSettingsMap()->SetContentSetting( | 248 profile_->GetHostContentSettingsMap()->SetContentSetting( |
252 ContentSettingsPattern::FromURLNoWildcard(requesting_origin), | 249 ContentSettingsPattern::FromURLNoWildcard(requesting_origin), |
253 ContentSettingsPattern::FromURLNoWildcard(embedding_origin), | 250 ContentSettingsPattern::FromURLNoWildcard(embedding_origin), |
254 permission_type_, std::string(), content_setting); | 251 permission_type_, std::string(), content_setting); |
255 } | 252 } |
OLD | NEW |