Report if video capturing meets output protection requirement.

chrome/browser/media/capture_access_handler_base.h

Index: chrome/browser/media/capture_access_handler_base.h
diff --git a/chrome/browser/media/capture_access_handler_base.h b/chrome/browser/media/capture_access_handler_base.h
new file mode 100644
index 0000000000000000000000000000000000000000..73c291e97eff1b14f0fb5cca6952ec60652f4dd2
--- /dev/null
+++ b/chrome/browser/media/capture_access_handler_base.h
@@ -0,0 +1,82 @@
+// Copyright 2016 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CHROME_BROWSER_MEDIA_CAPTURE_ACCESS_HANDLER_BASE_H_
+#define CHROME_BROWSER_MEDIA_CAPTURE_ACCESS_HANDLER_BASE_H_
+
+#include <list>
+
+#include "base/callback.h"
+#include "chrome/browser/media/media_access_handler.h"
+#include "content/public/browser/media_request_state.h"
+#include "content/public/common/media_stream_request.h"
+
+// Base class for DesktopCaptureAccessHandler and TabCaptureAccessHandler. This
+// class tracks active capturing sessions, and provides API to check if there is
+// ongoing insecure video capturing.
+class CaptureAccessHandlerBase : public MediaAccessHandler {
+ public:
+  CaptureAccessHandlerBase();
+  ~CaptureAccessHandlerBase() override;
+
+  // MediaAccessHandler implementation.
+  void UpdateMediaRequestState(int render_process_id,
+                               int render_frame_id,
+                               int page_request_id,
+                               content::MediaStreamType stream_type,
+                               content::MediaRequestState state) override;
+
+  // Return true if there is any ongoing insecured capturing. The capturing is
+  // deemed secure if all connected video sinks are reported secure and the
+  // connections to the sinks are being managed by a trusted extension.
+  bool IsInsecureCapturingInProgress(int render_process_id,
+                                     int render_frame_id);
+
+  void UpdateCapturingLinkSecured(int render_process_id,
+                                  int render_frame_id,
+                                  int page_request_id,
+                                  bool is_secure);
+
+ protected:
+  static bool IsExtensionWhitelistedForScreenCapture(
+      const extensions::Extension* extension);
+
+  static bool IsBuiltInExtension(const GURL& origin);
+
+  void UpdateExtensionTrusted(const content::MediaStreamRequest& request,
+                              const extensions::Extension* extension);
+
+ private:
+  // Tracks MEDIA_DESKTOP/TAB_VIDEO_CAPTURE sessions. Sessions are removed when
+  // MEDIA_REQUEST_STATE_CLOSING is encountered.
+  struct Session {
+    int render_process_id;
+    int render_frame_id;
+    int page_request_id;
+    // Extensions control the routing of the captured MediaStream content.
+    // Therefore, only built-in extensions (and certain whitelisted ones) can be
+    // trusted to set-up secure links.
+    bool is_extension_trusted;
+
+    // This is true only if all connected video sinks are reported secure.
+    bool is_capturing_link_secure;
+  };
+
+  void AddCaptureSession(int render_process_id,
+                         int render_frame_id,
+                         int page_request_id,
+                         bool is_extension_trusted);
+
+  void RemoveCaptureSession(int render_process_id,
+                            int render_frame_id,
+                            int page_request_id);
+
+  std::list<Session>::iterator FindSession(int render_process_id,
+                                           int render_frame_id,
+                                           int page_request_id);
+
+  std::list<Session> sessions_;
+};
+
+#endif  // CHROME_BROWSER_MEDIA_CAPTURE_ACCESS_HANDLER_BASE_H_