Chromium Code Reviews Chromium Code Reviews
Issue 2385653005:
[DurableStorage] Don't grant durable if origin cannot write cookies. (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/storage/durable_storage_permission_context.h" | 5 #include "chrome/browser/storage/durable_storage_permission_context.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 | 8 |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "chrome/browser/bookmarks/bookmark_model_factory.h" | 10 #include "chrome/browser/bookmarks/bookmark_model_factory.h" |
| 11 #include "chrome/browser/content_settings/cookie_settings_factory.h" | |
| 11 #include "chrome/browser/content_settings/host_content_settings_map_factory.h" | 12 #include "chrome/browser/content_settings/host_content_settings_map_factory.h" |
| 12 #include "chrome/browser/content_settings/tab_specific_content_settings.h" | 13 #include "chrome/browser/content_settings/tab_specific_content_settings.h" |
| 13 #include "chrome/browser/permissions/permission_request_id.h" | 14 #include "chrome/browser/permissions/permission_request_id.h" |
| 14 #include "chrome/browser/profiles/profile.h" | 15 #include "chrome/browser/profiles/profile.h" |
| 15 #include "components/bookmarks/browser/bookmark_model.h" | 16 #include "components/bookmarks/browser/bookmark_model.h" |
| 17 #include "components/content_settings/core/browser/cookie_settings.h" | |
| 16 #include "components/content_settings/core/browser/host_content_settings_map.h" | 18 #include "components/content_settings/core/browser/host_content_settings_map.h" |
| 17 #include "components/content_settings/core/browser/website_settings_registry.h" | 19 #include "components/content_settings/core/browser/website_settings_registry.h" |
| 18 #include "content/public/browser/browser_thread.h" | 20 #include "content/public/browser/browser_thread.h" |
| 19 #include "content/public/browser/child_process_security_policy.h" | 21 #include "content/public/browser/child_process_security_policy.h" |
| 20 #include "content/public/browser/permission_type.h" | 22 #include "content/public/browser/permission_type.h" |
| 21 #include "content/public/common/origin_util.h" | 23 #include "content/public/common/origin_util.h" |
| 22 #include "url/gurl.h" | 24 #include "url/gurl.h" |
| 23 | 25 |
| 24 using bookmarks::BookmarkModel; | 26 using bookmarks::BookmarkModel; |
| 25 | 27 |
| 26 DurableStoragePermissionContext::DurableStoragePermissionContext( | 28 DurableStoragePermissionContext::DurableStoragePermissionContext( |
| 27 Profile* profile) | 29 Profile* profile) |
| 28 : PermissionContextBase(profile, | 30 : PermissionContextBase(profile, |
| 29 content::PermissionType::DURABLE_STORAGE, | 31 content::PermissionType::DURABLE_STORAGE, |
| 30 CONTENT_SETTINGS_TYPE_DURABLE_STORAGE) {} | 32 CONTENT_SETTINGS_TYPE_DURABLE_STORAGE) {} |
| 31 | 33 |
| 32 void DurableStoragePermissionContext::DecidePermission( | 34 void DurableStoragePermissionContext::DecidePermission( |
| 33 content::WebContents* web_contents, | 35 content::WebContents* web_contents, |
| 34 const PermissionRequestID& id, | 36 const PermissionRequestID& id, |
| 35 const GURL& requesting_origin, | 37 const GURL& requesting_origin, |
| 36 const GURL& embedding_origin, | 38 const GURL& embedding_origin, |
| 37 bool user_gesture, | 39 bool user_gesture, |
| 38 const BrowserPermissionCallback& callback) { | 40 const BrowserPermissionCallback& callback) { |
| 39 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); | 41 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); |
|
michaeln
2016/10/05 00:22:40
A comment about how this is only expected to be ca
dmurph
2016/10/05 03:22:36
Done.
| |
| 40 | 42 |
| 41 // TODO(dgrogan): Remove bookmarks check in favor of site engagement. In the | 43 // Don't grant durable if we're off the record. |
| 42 // meantime maybe grant permission to A2HS origins as well. | 44 if (profile()->IsOffTheRecord()) { |
| 45 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, | |
| 46 false /* persist */, CONTENT_SETTING_DEFAULT); | |
| 47 return; | |
| 48 } | |
| 49 | |
| 50 // Durable is only allowed to be granted on top-level origins. | |
| 51 if (requesting_origin != embedding_origin) { | |
| 52 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, | |
| 53 false /* persist */, CONTENT_SETTING_DEFAULT); | |
| 54 return; | |
| 55 } | |
| 56 | |
| 57 // Don't grant durable if we can't write cookies. | |
| 58 scoped_refptr<content_settings::CookieSettings> cookie_settings = | |
| 59 CookieSettingsFactory::GetForProfile(profile()); | |
| 60 if (!cookie_settings->IsSettingCookieAllowed(requesting_origin, | |
| 61 requesting_origin)) { | |
| 62 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, | |
| 63 false /* persist */, CONTENT_SETTING_DEFAULT); | |
|
michaeln
2016/10/05 00:22:40
Yup, DEFAULT seems right here, as a sticky BLOCK s
dmurph
2016/10/05 03:22:36
Acknowledged.
| |
| 64 return; | |
| 65 } | |
| 66 | |
| 67 // TODO(dmurph): Remove bookmarks check in favor of important sites. | |
| 43 BookmarkModel* model = | 68 BookmarkModel* model = |
| 44 BookmarkModelFactory::GetForBrowserContextIfExists(profile()); | 69 BookmarkModelFactory::GetForBrowserContextIfExists(profile()); |
| 45 if (model) { | 70 if (model) { |
| 46 std::vector<bookmarks::BookmarkModel::URLAndTitle> bookmarks; | 71 std::vector<bookmarks::BookmarkModel::URLAndTitle> bookmarks; |
| 47 model->GetBookmarks(&bookmarks); | 72 model->GetBookmarks(&bookmarks); |
| 48 if (IsOriginBookmarked(bookmarks, requesting_origin)) { | 73 if (IsOriginBookmarked(bookmarks, requesting_origin)) { |
| 49 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, | 74 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, |
| 50 true /* persist */, CONTENT_SETTING_ALLOW); | 75 true /* persist */, CONTENT_SETTING_ALLOW); |
|
michaeln
2016/10/05 00:22:40
Q: Not about this CL specifically, but does unbook
dmurph
2016/10/05 03:22:36
Nope, we currently give it forever, until the user
| |
| 51 return; | 76 return; |
| 52 } | 77 } |
| 53 } | 78 } |
| 54 | 79 |
| 55 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, | 80 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, |
| 56 false /* persist */, CONTENT_SETTING_DEFAULT); | 81 false /* persist */, CONTENT_SETTING_DEFAULT); |
| 57 } | 82 } |
| 58 | 83 |
| 59 void DurableStoragePermissionContext::UpdateContentSetting( | 84 void DurableStoragePermissionContext::UpdateContentSetting( |
| 60 const GURL& requesting_origin, | 85 const GURL& requesting_origin, |
| (...skipping 18 matching lines...) Expand all Loading... | |
| 79 const std::vector<bookmarks::BookmarkModel::URLAndTitle>& bookmarks, | 104 const std::vector<bookmarks::BookmarkModel::URLAndTitle>& bookmarks, |
| 80 const GURL& origin) { | 105 const GURL& origin) { |
| 81 BookmarkModel::URLAndTitle looking_for; | 106 BookmarkModel::URLAndTitle looking_for; |
| 82 looking_for.url = origin; | 107 looking_for.url = origin; |
| 83 return std::binary_search(bookmarks.begin(), bookmarks.end(), looking_for, | 108 return std::binary_search(bookmarks.begin(), bookmarks.end(), looking_for, |
| 84 [](const BookmarkModel::URLAndTitle& a, | 109 [](const BookmarkModel::URLAndTitle& a, |
| 85 const BookmarkModel::URLAndTitle& b) { | 110 const BookmarkModel::URLAndTitle& b) { |
| 86 return a.url.GetOrigin() < b.url.GetOrigin(); | 111 return a.url.GetOrigin() < b.url.GetOrigin(); |
| 87 }); | 112 }); |
| 88 } | 113 } |
| OLD | NEW |
