Use IsOriginSecure when checking Web MIDI SYSEX capability.

chrome/browser/content_settings/permission_context_base.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/content_settings/permission_context_base.h"
 
 #include "base/logging.h"
 #include "base/prefs/pref_service.h"
 #include "chrome/browser/content_settings/permission_bubble_request_impl.h"
 #include "chrome/browser/content_settings/permission_context_uma_util.h"
 #include "chrome/browser/content_settings/permission_queue_controller.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/ui/website_settings/permission_bubble_manager.h"
+#include "chrome/common/origin_util.h"
 #include "chrome/common/pref_names.h"
 #include "components/content_settings/core/browser/content_settings_utils.h"
 #include "components/content_settings/core/browser/host_content_settings_map.h"
 #include "components/content_settings/core/common/permission_request_id.h"
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/web_contents.h"
-#include "net/base/net_util.h"
 
 PermissionContextBase::PermissionContextBase(
     Profile* profile,
     const ContentSettingsType permission_type)
     : profile_(profile),
       permission_type_(permission_type),
       weak_factory_(this) {
   permission_queue_controller_.reset(
       new PermissionQueueController(profile_, permission_type_));
 }
@@ skipping 67 matching lines @@
         << "Attempt to use " << content_settings::GetTypeName(permission_type_)
         << " from an invalid URL: " << requesting_origin
         << "," << embedding_origin
         << " (" << content_settings::GetTypeName(permission_type_)
         << " is not supported in popups)";
     NotifyPermissionSet(id, requesting_origin, embedding_origin, callback,
                         false /* persist */, CONTENT_SETTING_BLOCK);
     return;
   }
 
-  // The Web MIDI API is not available for origin with non secure schemes.
-  // Access to the MIDI API is blocked.
-  // TODO(crbug.com/362214): Use a standard way to check the secure origin.
+  // The Web MIDI SYSEX API is only available to secure origins.
   if (permission_type_ == CONTENT_SETTINGS_TYPE_MIDI_SYSEX &&
-      !requesting_origin.SchemeIsSecure() &&
-      !net::IsLocalhost(requesting_origin.host())) {
+      !IsOriginSecure(requesting_origin)) {
     NotifyPermissionSet(id, requesting_origin, embedding_origin, callback,
                         false /* persist */, CONTENT_SETTING_BLOCK);
     return;
   }
 
   ContentSetting content_setting =
       profile_->GetHostContentSettingsMap()
           ->GetContentSettingAndMaybeUpdateLastUsage(
               requesting_origin, embedding_origin, permission_type_,
               std::string());
@@ skipping 122 matching lines @@
   DCHECK_EQ(requesting_origin, requesting_origin.GetOrigin());
   DCHECK_EQ(embedding_origin, embedding_origin.GetOrigin());
   DCHECK(content_setting == CONTENT_SETTING_ALLOW ||
          content_setting == CONTENT_SETTING_BLOCK);
 
   profile_->GetHostContentSettingsMap()->SetContentSetting(
       ContentSettingsPattern::FromURLNoWildcard(requesting_origin),
       ContentSettingsPattern::FromURLNoWildcard(embedding_origin),
       permission_type_, std::string(), content_setting);
 }