chrome/browser/plugins/chrome_plugin_service_filter.cc - Issue 2378573005: [HBD] Blanket BLOCK on all non-HTTP(s) and non-FILE URLs for Flash.

Unified Diff: chrome/browser/plugins/chrome_plugin_service_filter.cc

Issue 2378573005: [HBD] Blanket BLOCK on all non-HTTP(s) and non-FILE URLs for Flash. (Closed)

Patch Set: Merge branch 'master' of https://chromium.googlesource.com/chromium/src into 293-hbd-implement-blan… Created 4 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « chrome/browser/plugins/chrome_plugin_service_filter.h ('k') | chrome/browser/plugins/chrome_plugin_service_filter_unittest.cc » ('j') | chrome/browser/plugins/plugin_info_message_filter.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: chrome/browser/plugins/chrome_plugin_service_filter.cc

diff --git a/chrome/browser/plugins/chrome_plugin_service_filter.cc b/chrome/browser/plugins/chrome_plugin_service_filter.cc

index 0e8783df8ea58aac46e3e845d72a4d4848df2718..1927cad7d0ff68618bb829625f9787e1a98ff0a6 100644

--- a/chrome/browser/plugins/chrome_plugin_service_filter.cc

+++ b/chrome/browser/plugins/chrome_plugin_service_filter.cc

@@ -28,7 +28,6 @@

#include "content/public/browser/resource_context.h"

#include "content/public/browser/web_contents.h"

#include "content/public/common/content_constants.h"

-#include "url/gurl.h"

using content::BrowserThread;

using content::PluginService;

@@ -167,7 +166,7 @@ bool ChromePluginServiceFilter::IsPluginAvailable(

int render_frame_id,

const void* context,

const GURL& plugin_content_url,

- const GURL& main_url,

+ const url::Origin& main_frame_origin,

content::WebPluginInfo* plugin) {

base::AutoLock auto_lock(lock_);

const ProcessDetails* details = GetProcess(render_process_id);

@@ -204,15 +203,14 @@ bool ChromePluginServiceFilter::IsPluginAvailable(

base::FeatureList::IsEnabled(features::kPreferHtmlOverPlugins)) {

// Check the content setting first, and always respect the ALLOW or BLOCK

// state. When IsPluginAvailable() is called to check whether a plugin

- // should be advertised, |url| has the same value of |policy_url| (i.e. the

- // main frame origin). The intended behavior is that Flash is advertised

- // only if a Flash embed hosted on the same origin as the main frame origin

- // is allowed to run.

+ // should be advertised, |url| has the same origin as |main_frame_origin|.

+ // The intended behavior is that Flash is advertised only if a Flash embed

+ // hosted on the same origin as the main frame origin is allowed to run.

bool is_managed = false;

HostContentSettingsMap* settings_map =

context_info_it->second->host_content_settings_map.get();

ContentSetting flash_setting = PluginUtils::GetFlashPluginContentSetting(

- settings_map, main_url, plugin_content_url, &is_managed);

+ settings_map, main_frame_origin, plugin_content_url, &is_managed);

flash_setting = PluginsFieldTrial::EffectiveContentSetting(

CONTENT_SETTINGS_TYPE_PLUGINS, flash_setting);

if (flash_setting == CONTENT_SETTING_ALLOW)

@@ -225,7 +223,8 @@ bool ChromePluginServiceFilter::IsPluginAvailable(

// This should only happen if the setting isn't being enforced by an

// enterprise policy.

if (is_managed ||

- SiteEngagementService::GetScoreFromSettings(settings_map, main_url) <

+ SiteEngagementService::GetScoreFromSettings(

+ settings_map, GURL(main_frame_origin.Serialize())) <

nasko 2016/10/05 21:14:31 main_frame_origin.GetURL()

tommycli 2016/10/05 21:41:22 Done. I was wondering how I missed that method, bu

PluginsFieldTrial::GetSiteEngagementThresholdForFlash()) {

return false;

}