| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/content_settings/permission_context_base.h" | 5 #include "chrome/browser/content_settings/permission_context_base.h" |
| 6 | 6 |
| 7 #include "base/logging.h" | 7 #include "base/logging.h" |
| 8 #include "base/prefs/pref_service.h" | 8 #include "base/prefs/pref_service.h" |
| 9 #include "chrome/browser/content_settings/permission_bubble_request_impl.h" | 9 #include "chrome/browser/content_settings/permission_bubble_request_impl.h" |
| 10 #include "chrome/browser/content_settings/permission_context_uma_util.h" | 10 #include "chrome/browser/content_settings/permission_context_uma_util.h" |
| 11 #include "chrome/browser/content_settings/permission_queue_controller.h" | 11 #include "chrome/browser/content_settings/permission_queue_controller.h" |
| 12 #include "chrome/browser/profiles/profile.h" | 12 #include "chrome/browser/profiles/profile.h" |
| 13 #include "chrome/browser/ui/website_settings/permission_bubble_manager.h" | 13 #include "chrome/browser/ui/website_settings/permission_bubble_manager.h" |
| 14 #include "chrome/common/pref_names.h" | 14 #include "chrome/common/pref_names.h" |
| 15 #include "components/content_settings/core/browser/content_settings_utils.h" | 15 #include "components/content_settings/core/browser/content_settings_utils.h" |
| 16 #include "components/content_settings/core/browser/host_content_settings_map.h" | 16 #include "components/content_settings/core/browser/host_content_settings_map.h" |
| 17 #include "components/content_settings/core/common/permission_request_id.h" | 17 #include "components/content_settings/core/common/permission_request_id.h" |
| 18 #include "content/public/browser/browser_thread.h" | 18 #include "content/public/browser/browser_thread.h" |
| 19 #include "content/public/browser/web_contents.h" | 19 #include "content/public/browser/web_contents.h" |
| 20 #include "content/public/common/origin_util.h" |
| 20 | 21 |
| 21 PermissionContextBase::PermissionContextBase( | 22 PermissionContextBase::PermissionContextBase( |
| 22 Profile* profile, | 23 Profile* profile, |
| 23 const ContentSettingsType permission_type) | 24 const ContentSettingsType permission_type) |
| 24 : profile_(profile), | 25 : profile_(profile), |
| 25 permission_type_(permission_type), | 26 permission_type_(permission_type), |
| 26 weak_factory_(this) { | 27 weak_factory_(this) { |
| 27 permission_queue_controller_.reset( | 28 permission_queue_controller_.reset( |
| 28 new PermissionQueueController(profile_, permission_type_)); | 29 new PermissionQueueController(profile_, permission_type_)); |
| 29 } | 30 } |
| (...skipping 14 matching lines...) Expand all Loading... |
| 44 id, | 45 id, |
| 45 requesting_frame.GetOrigin(), | 46 requesting_frame.GetOrigin(), |
| 46 web_contents->GetLastCommittedURL().GetOrigin(), | 47 web_contents->GetLastCommittedURL().GetOrigin(), |
| 47 user_gesture, | 48 user_gesture, |
| 48 callback); | 49 callback); |
| 49 } | 50 } |
| 50 | 51 |
| 51 ContentSetting PermissionContextBase::GetPermissionStatus( | 52 ContentSetting PermissionContextBase::GetPermissionStatus( |
| 52 const GURL& requesting_origin, | 53 const GURL& requesting_origin, |
| 53 const GURL& embedding_origin) const { | 54 const GURL& embedding_origin) const { |
| 55 if (IsRestrictedToSecureOrigins() && |
| 56 !content::IsOriginSecure(requesting_origin)) { |
| 57 return CONTENT_SETTING_BLOCK; |
| 58 } |
| 59 |
| 54 return profile_->GetHostContentSettingsMap()->GetContentSetting( | 60 return profile_->GetHostContentSettingsMap()->GetContentSetting( |
| 55 requesting_origin, embedding_origin, permission_type_, std::string()); | 61 requesting_origin, embedding_origin, permission_type_, std::string()); |
| 56 } | 62 } |
| 57 | 63 |
| 58 void PermissionContextBase::ResetPermission( | 64 void PermissionContextBase::ResetPermission( |
| 59 const GURL& requesting_origin, | 65 const GURL& requesting_origin, |
| 60 const GURL& embedding_origin) { | 66 const GURL& embedding_origin) { |
| 61 profile_->GetHostContentSettingsMap()->SetContentSetting( | 67 profile_->GetHostContentSettingsMap()->SetContentSetting( |
| 62 ContentSettingsPattern::FromURLNoWildcard(requesting_origin), | 68 ContentSettingsPattern::FromURLNoWildcard(requesting_origin), |
| 63 ContentSettingsPattern::FromURLNoWildcard(embedding_origin), | 69 ContentSettingsPattern::FromURLNoWildcard(embedding_origin), |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 97 << "Attempt to use " << content_settings::GetTypeName(permission_type_) | 103 << "Attempt to use " << content_settings::GetTypeName(permission_type_) |
| 98 << " from an invalid URL: " << requesting_origin | 104 << " from an invalid URL: " << requesting_origin |
| 99 << "," << embedding_origin | 105 << "," << embedding_origin |
| 100 << " (" << content_settings::GetTypeName(permission_type_) | 106 << " (" << content_settings::GetTypeName(permission_type_) |
| 101 << " is not supported in popups)"; | 107 << " is not supported in popups)"; |
| 102 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, | 108 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, |
| 103 false /* persist */, CONTENT_SETTING_BLOCK); | 109 false /* persist */, CONTENT_SETTING_BLOCK); |
| 104 return; | 110 return; |
| 105 } | 111 } |
| 106 | 112 |
| 113 if (IsRestrictedToSecureOrigins() && |
| 114 !content::IsOriginSecure(requesting_origin)) { |
| 115 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, |
| 116 false /* persist */, CONTENT_SETTING_BLOCK); |
| 117 return; |
| 118 } |
| 119 |
| 107 ContentSetting content_setting = | 120 ContentSetting content_setting = |
| 108 profile_->GetHostContentSettingsMap() | 121 profile_->GetHostContentSettingsMap() |
| 109 ->GetContentSettingAndMaybeUpdateLastUsage( | 122 ->GetContentSettingAndMaybeUpdateLastUsage( |
| 110 requesting_origin, embedding_origin, permission_type_, | 123 requesting_origin, embedding_origin, permission_type_, |
| 111 std::string()); | 124 std::string()); |
| 112 | 125 |
| 113 if (content_setting == CONTENT_SETTING_ALLOW || | 126 if (content_setting == CONTENT_SETTING_ALLOW || |
| 114 content_setting == CONTENT_SETTING_BLOCK) { | 127 content_setting == CONTENT_SETTING_BLOCK) { |
| 115 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, | 128 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, |
| 116 false /* persist */, content_setting); | 129 false /* persist */, content_setting); |
| (...skipping 117 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 234 DCHECK_EQ(requesting_origin, requesting_origin.GetOrigin()); | 247 DCHECK_EQ(requesting_origin, requesting_origin.GetOrigin()); |
| 235 DCHECK_EQ(embedding_origin, embedding_origin.GetOrigin()); | 248 DCHECK_EQ(embedding_origin, embedding_origin.GetOrigin()); |
| 236 DCHECK(content_setting == CONTENT_SETTING_ALLOW || | 249 DCHECK(content_setting == CONTENT_SETTING_ALLOW || |
| 237 content_setting == CONTENT_SETTING_BLOCK); | 250 content_setting == CONTENT_SETTING_BLOCK); |
| 238 | 251 |
| 239 profile_->GetHostContentSettingsMap()->SetContentSetting( | 252 profile_->GetHostContentSettingsMap()->SetContentSetting( |
| 240 ContentSettingsPattern::FromURLNoWildcard(requesting_origin), | 253 ContentSettingsPattern::FromURLNoWildcard(requesting_origin), |
| 241 ContentSettingsPattern::FromURLNoWildcard(embedding_origin), | 254 ContentSettingsPattern::FromURLNoWildcard(embedding_origin), |
| 242 permission_type_, std::string(), content_setting); | 255 permission_type_, std::string(), content_setting); |
| 243 } | 256 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1153873003:
Add way for PermissionContext to be automatically restricted to secure origins. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@midi_permission_sysex