| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/content_settings/permission_context_base.h" | 5 #include "chrome/browser/content_settings/permission_context_base.h" |
| 6 | 6 |
| 7 #include "base/logging.h" | 7 #include "base/logging.h" |
| 8 #include "base/prefs/pref_service.h" | 8 #include "base/prefs/pref_service.h" |
| 9 #include "chrome/browser/content_settings/permission_bubble_request_impl.h" | 9 #include "chrome/browser/content_settings/permission_bubble_request_impl.h" |
| 10 #include "chrome/browser/content_settings/permission_context_uma_util.h" | 10 #include "chrome/browser/content_settings/permission_context_uma_util.h" |
| 11 #include "chrome/browser/content_settings/permission_queue_controller.h" | 11 #include "chrome/browser/content_settings/permission_queue_controller.h" |
| 12 #include "chrome/browser/profiles/profile.h" | 12 #include "chrome/browser/profiles/profile.h" |
| 13 #include "chrome/browser/ui/website_settings/permission_bubble_manager.h" | 13 #include "chrome/browser/ui/website_settings/permission_bubble_manager.h" |
| 14 #include "chrome/common/pref_names.h" | 14 #include "chrome/common/pref_names.h" |
| 15 #include "components/content_settings/core/browser/content_settings_utils.h" | 15 #include "components/content_settings/core/browser/content_settings_utils.h" |
| 16 #include "components/content_settings/core/browser/host_content_settings_map.h" | 16 #include "components/content_settings/core/browser/host_content_settings_map.h" |
| 17 #include "components/content_settings/core/common/permission_request_id.h" | 17 #include "components/content_settings/core/common/permission_request_id.h" |
| 18 #include "content/public/browser/browser_thread.h" | 18 #include "content/public/browser/browser_thread.h" |
| 19 #include "content/public/browser/web_contents.h" | 19 #include "content/public/browser/web_contents.h" |
| 20 #include "content/public/common/origin_util.h" |
| 20 | 21 |
| 21 PermissionContextBase::PermissionContextBase( | 22 PermissionContextBase::PermissionContextBase( |
| 22 Profile* profile, | 23 Profile* profile, |
| 23 const ContentSettingsType permission_type) | 24 const ContentSettingsType permission_type) |
| 24 : profile_(profile), | 25 : profile_(profile), |
| 25 permission_type_(permission_type), | 26 permission_type_(permission_type), |
| 26 weak_factory_(this) { | 27 weak_factory_(this) { |
| 27 permission_queue_controller_.reset( | 28 permission_queue_controller_.reset( |
| 28 new PermissionQueueController(profile_, permission_type_)); | 29 new PermissionQueueController(profile_, permission_type_)); |
| 29 } | 30 } |
| (...skipping 14 matching lines...) Expand all Loading... |
| 44 id, | 45 id, |
| 45 requesting_frame.GetOrigin(), | 46 requesting_frame.GetOrigin(), |
| 46 web_contents->GetLastCommittedURL().GetOrigin(), | 47 web_contents->GetLastCommittedURL().GetOrigin(), |
| 47 user_gesture, | 48 user_gesture, |
| 48 callback); | 49 callback); |
| 49 } | 50 } |
| 50 | 51 |
| 51 ContentSetting PermissionContextBase::GetPermissionStatus( | 52 ContentSetting PermissionContextBase::GetPermissionStatus( |
| 52 const GURL& requesting_origin, | 53 const GURL& requesting_origin, |
| 53 const GURL& embedding_origin) const { | 54 const GURL& embedding_origin) const { |
| 55 if (RestrictToSecureOrigins() && !content::IsOriginSecure(requesting_origin)) |
| 56 return CONTENT_SETTING_BLOCK; |
| 57 |
| 54 return profile_->GetHostContentSettingsMap()->GetContentSetting( | 58 return profile_->GetHostContentSettingsMap()->GetContentSetting( |
| 55 requesting_origin, embedding_origin, permission_type_, std::string()); | 59 requesting_origin, embedding_origin, permission_type_, std::string()); |
| 56 } | 60 } |
| 57 | 61 |
| 58 void PermissionContextBase::ResetPermission( | 62 void PermissionContextBase::ResetPermission( |
| 59 const GURL& requesting_origin, | 63 const GURL& requesting_origin, |
| 60 const GURL& embedding_origin) { | 64 const GURL& embedding_origin) { |
| 61 profile_->GetHostContentSettingsMap()->SetContentSetting( | 65 profile_->GetHostContentSettingsMap()->SetContentSetting( |
| 62 ContentSettingsPattern::FromURLNoWildcard(requesting_origin), | 66 ContentSettingsPattern::FromURLNoWildcard(requesting_origin), |
| 63 ContentSettingsPattern::FromURLNoWildcard(embedding_origin), | 67 ContentSettingsPattern::FromURLNoWildcard(embedding_origin), |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 97 << "Attempt to use " << content_settings::GetTypeName(permission_type_) | 101 << "Attempt to use " << content_settings::GetTypeName(permission_type_) |
| 98 << " from an invalid URL: " << requesting_origin | 102 << " from an invalid URL: " << requesting_origin |
| 99 << "," << embedding_origin | 103 << "," << embedding_origin |
| 100 << " (" << content_settings::GetTypeName(permission_type_) | 104 << " (" << content_settings::GetTypeName(permission_type_) |
| 101 << " is not supported in popups)"; | 105 << " is not supported in popups)"; |
| 102 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, | 106 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, |
| 103 false /* persist */, CONTENT_SETTING_BLOCK); | 107 false /* persist */, CONTENT_SETTING_BLOCK); |
| 104 return; | 108 return; |
| 105 } | 109 } |
| 106 | 110 |
| 111 if (RestrictToSecureOrigins() && |
| 112 !content::IsOriginSecure(requesting_origin)) { |
| 113 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, |
| 114 false /* persist */, CONTENT_SETTING_BLOCK); |
| 115 return; |
| 116 } |
| 117 |
| 107 ContentSetting content_setting = | 118 ContentSetting content_setting = |
| 108 profile_->GetHostContentSettingsMap() | 119 profile_->GetHostContentSettingsMap() |
| 109 ->GetContentSettingAndMaybeUpdateLastUsage( | 120 ->GetContentSettingAndMaybeUpdateLastUsage( |
| 110 requesting_origin, embedding_origin, permission_type_, | 121 requesting_origin, embedding_origin, permission_type_, |
| 111 std::string()); | 122 std::string()); |
| 112 | 123 |
| 113 if (content_setting == CONTENT_SETTING_ALLOW || | 124 if (content_setting == CONTENT_SETTING_ALLOW || |
| 114 content_setting == CONTENT_SETTING_BLOCK) { | 125 content_setting == CONTENT_SETTING_BLOCK) { |
| 115 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, | 126 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, |
| 116 false /* persist */, content_setting); | 127 false /* persist */, content_setting); |
| (...skipping 117 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 234 DCHECK_EQ(requesting_origin, requesting_origin.GetOrigin()); | 245 DCHECK_EQ(requesting_origin, requesting_origin.GetOrigin()); |
| 235 DCHECK_EQ(embedding_origin, embedding_origin.GetOrigin()); | 246 DCHECK_EQ(embedding_origin, embedding_origin.GetOrigin()); |
| 236 DCHECK(content_setting == CONTENT_SETTING_ALLOW || | 247 DCHECK(content_setting == CONTENT_SETTING_ALLOW || |
| 237 content_setting == CONTENT_SETTING_BLOCK); | 248 content_setting == CONTENT_SETTING_BLOCK); |
| 238 | 249 |
| 239 profile_->GetHostContentSettingsMap()->SetContentSetting( | 250 profile_->GetHostContentSettingsMap()->SetContentSetting( |
| 240 ContentSettingsPattern::FromURLNoWildcard(requesting_origin), | 251 ContentSettingsPattern::FromURLNoWildcard(requesting_origin), |
| 241 ContentSettingsPattern::FromURLNoWildcard(embedding_origin), | 252 ContentSettingsPattern::FromURLNoWildcard(embedding_origin), |
| 242 permission_type_, std::string(), content_setting); | 253 permission_type_, std::string(), content_setting); |
| 243 } | 254 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1153873003:
Add way for PermissionContext to be automatically restricted to secure origins. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@midi_permission_sysex