Index: chrome/browser/plugins/plugin_utils.cc |
diff --git a/chrome/browser/plugins/plugin_utils.cc b/chrome/browser/plugins/plugin_utils.cc |
index 582d098b1380424bcca1aa64cad2f0986093c9c5..728166032199c8cbe298fe2f29316fad51edff72 100644 |
--- a/chrome/browser/plugins/plugin_utils.cc |
+++ b/chrome/browser/plugins/plugin_utils.cc |
@@ -5,10 +5,12 @@ |
#include "chrome/browser/plugins/plugin_utils.h" |
#include "base/values.h" |
+#include "chrome/common/chrome_features.h" |
#include "chrome/common/plugin_utils.h" |
#include "components/content_settings/core/browser/host_content_settings_map.h" |
#include "content/public/common/webplugininfo.h" |
#include "url/gurl.h" |
+#include "url/origin.h" |
namespace { |
@@ -17,12 +19,15 @@ const char kFlashPluginID[] = "adobe-flash-player"; |
void GetPluginContentSettingInternal( |
const HostContentSettingsMap* host_content_settings_map, |
bool use_javascript_setting, |
- const GURL& policy_url, |
+ const url::Origin& policy_origin, |
const GURL& plugin_url, |
const std::string& resource, |
ContentSetting* setting, |
bool* uses_default_content_setting, |
bool* is_managed) { |
+ GURL policy_url = |
+ policy_origin.unique() ? GURL() : GURL(policy_origin.Serialize()); |
+ |
std::unique_ptr<base::Value> value; |
content_settings::SettingInfo info; |
bool uses_plugin_specific_setting = false; |
@@ -31,6 +36,18 @@ void GetPluginContentSettingInternal( |
policy_url, policy_url, CONTENT_SETTINGS_TYPE_JAVASCRIPT, std::string(), |
&info); |
} else { |
+ // For non-JavaScript treated plugins (Flash), always return BLOCK if the |
+ // top level origin is any scheme other HTTP, HTTPS, or FILE. |
+ if (base::FeatureList::IsEnabled(features::kPreferHtmlOverPlugins) && |
+ !policy_url.SchemeIsHTTPOrHTTPS() && !policy_url.SchemeIsFile()) { |
+ *setting = CONTENT_SETTING_BLOCK; |
+ if (uses_default_content_setting) |
+ *uses_default_content_setting = true; |
+ if (is_managed) |
+ *is_managed = true; |
+ return; |
+ } |
+ |
content_settings::SettingInfo specific_info; |
std::unique_ptr<base::Value> specific_setting = |
host_content_settings_map->GetWebsiteSetting( |
@@ -55,6 +72,7 @@ void GetPluginContentSettingInternal( |
} |
} |
*setting = content_settings::ValueToContentSetting(value.get()); |
+ |
if (uses_default_content_setting) { |
*uses_default_content_setting = |
!uses_plugin_specific_setting && |
@@ -71,7 +89,7 @@ void GetPluginContentSettingInternal( |
void PluginUtils::GetPluginContentSetting( |
const HostContentSettingsMap* host_content_settings_map, |
const content::WebPluginInfo& plugin, |
- const GURL& policy_url, |
+ const url::Origin& policy_url, |
const GURL& plugin_url, |
const std::string& resource, |
ContentSetting* setting, |
@@ -86,7 +104,7 @@ void PluginUtils::GetPluginContentSetting( |
// static |
ContentSetting PluginUtils::GetFlashPluginContentSetting( |
const HostContentSettingsMap* host_content_settings_map, |
- const GURL& policy_url, |
+ const url::Origin& policy_url, |
const GURL& plugin_url, |
bool* is_managed) { |
ContentSetting plugin_setting = CONTENT_SETTING_DEFAULT; |