Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(66)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/media/media_stream_device_permissions.cc

Issue 1828803003: Media permissions: Remove plumbing for insecure pepper requests in Chrome (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Address comments and fix tests Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/media/media_stream_device_permissions.h ('k') | chrome/browser/media/media_stream_devices_controller.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/media/media_stream_device_permissions.h" 5 #include "chrome/browser/media/media_stream_device_permissions.h"
6 6
7 #include <stddef.h> 7 #include <stddef.h>
8 8
9 #include "base/values.h" 9 #include "base/values.h"
10 #include "chrome/browser/profiles/profile.h" 10 #include "chrome/browser/profiles/profile.h"
11 #include "components/content_settings/core/browser/host_content_settings_map.h" 11 #include "components/content_settings/core/browser/host_content_settings_map.h"
12 #include "components/content_settings/core/common/content_settings_pattern.h" 12 #include "components/content_settings/core/common/content_settings_pattern.h"
13 #include "components/prefs/pref_service.h" 13 #include "components/prefs/pref_service.h"
14 #include "content/public/browser/browser_thread.h" 14 #include "content/public/browser/browser_thread.h"
15 #include "content/public/common/origin_util.h" 15 #include "content/public/common/origin_util.h"
16 #include "extensions/common/constants.h" 16 #include "extensions/common/constants.h"
17 #include "url/gurl.h" 17 #include "url/gurl.h"
18 18
19 bool ShouldPersistContentSetting(ContentSetting setting,
20 const GURL& origin,
21 bool is_pepper_request) {
22 // When the request is from an invalid scheme we don't persist it.
23 if (!ContentSettingsPattern::FromURLNoWildcard(origin).IsValid())
24 return false;
25
26 // It's safe to persist block settings all the time.
27 if (setting == CONTENT_SETTING_BLOCK)
28 return true;
29
30 // Pepper requests should always be persisted to prevent annoying users of
31 // plugins.
32 if (is_pepper_request)
33 return true;
34
35 // We persist requests from secure origins.
36 if (content::IsOriginSecure(origin))
37 return true;
38
39 return false;
40 }
41
42 MediaStreamDevicePolicy GetDevicePolicy(const Profile* profile, 19 MediaStreamDevicePolicy GetDevicePolicy(const Profile* profile,
43 const GURL& security_origin, 20 const GURL& security_origin,
44 const char* policy_name, 21 const char* policy_name,
45 const char* whitelist_policy_name) { 22 const char* whitelist_policy_name) {
46 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); 23 DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
47 24
48 // If the security origin policy matches a value in the whitelist, allow it. 25 // If the security origin policy matches a value in the whitelist, allow it.
49 // Otherwise, check the |policy_name| master switch for the default behavior. 26 // Otherwise, check the |policy_name| master switch for the default behavior.
50 27
51 const PrefService* prefs = profile->GetPrefs(); 28 const PrefService* prefs = profile->GetPrefs();
(...skipping 16 matching lines...) Expand all
68 45
69 // If a match was not found, check if audio capture is otherwise disallowed 46 // If a match was not found, check if audio capture is otherwise disallowed
70 // or if the user should be prompted. Setting the policy value to "true" 47 // or if the user should be prompted. Setting the policy value to "true"
71 // is equal to not setting it at all, so from hereon out, we will return 48 // is equal to not setting it at all, so from hereon out, we will return
72 // either POLICY_NOT_SET (prompt) or ALWAYS_DENY (no prompt, no access). 49 // either POLICY_NOT_SET (prompt) or ALWAYS_DENY (no prompt, no access).
73 if (!prefs->GetBoolean(policy_name)) 50 if (!prefs->GetBoolean(policy_name))
74 return ALWAYS_DENY; 51 return ALWAYS_DENY;
75 52
76 return POLICY_NOT_SET; 53 return POLICY_NOT_SET;
77 } 54 }
OLDNEW
« no previous file with comments | « chrome/browser/media/media_stream_device_permissions.h ('k') | chrome/browser/media/media_stream_devices_controller.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698