Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(3415)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/content_settings/permission_context_base.cc

Issue 1153873003: Add way for PermissionContext to be automatically restricted to secure origins. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@midi_permission_sysex
Patch Set: typo Created 5 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/content_settings/permission_context_base.h ('k') | chrome/browser/content_settings/permission_context_base_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/content_settings/permission_context_base.cc
diff --git a/chrome/browser/content_settings/permission_context_base.cc b/chrome/browser/content_settings/permission_context_base.cc
index d4d5322e4649b89fc745f74b43849acde32dcae8..d80f3d413cc9b0b6fe91eae2028f3765f8c91b34 100644
--- a/chrome/browser/content_settings/permission_context_base.cc
+++ b/chrome/browser/content_settings/permission_context_base.cc
@@ -17,6 +17,7 @@
#include "components/content_settings/core/common/permission_request_id.h"
#include "content/public/browser/browser_thread.h"
#include "content/public/browser/web_contents.h"
+#include "content/public/common/origin_util.h"
PermissionContextBase::PermissionContextBase(
Profile* profile,
@@ -51,6 +52,11 @@ void PermissionContextBase::RequestPermission(
ContentSetting PermissionContextBase::GetPermissionStatus(
const GURL& requesting_origin,
const GURL& embedding_origin) const {
+ if (IsRestrictedToSecureOrigins() &&
+ !content::IsOriginSecure(requesting_origin)) {
+ return CONTENT_SETTING_BLOCK;
+ }
+
return profile_->GetHostContentSettingsMap()->GetContentSetting(
requesting_origin, embedding_origin, permission_type_, std::string());
}
@@ -104,6 +110,13 @@ void PermissionContextBase::DecidePermission(
return;
}
+ if (IsRestrictedToSecureOrigins() &&
+ !content::IsOriginSecure(requesting_origin)) {
+ NotifyPermissionSet(id, requesting_origin, embedding_origin, callback,
+ false /* persist */, CONTENT_SETTING_BLOCK);
+ return;
+ }
+
ContentSetting content_setting =
profile_->GetHostContentSettingsMap()
->GetContentSettingAndMaybeUpdateLastUsage(
« no previous file with comments | « chrome/browser/content_settings/permission_context_base.h ('k') | chrome/browser/content_settings/permission_context_base_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698