Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(722)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/storage/durable_storage_permission_context.cc

Issue 2385653005: [DurableStorage] Don't grant durable if origin cannot write cookies. (Closed)
Patch Set: removed incognito restriction, as per browser test Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/storage/durable_storage_permission_context.h ('k') | chrome/browser/storage/durable_storage_permission_context_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/storage/durable_storage_permission_context.h" 5 #include "chrome/browser/storage/durable_storage_permission_context.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 8
9 #include "base/logging.h" 9 #include "base/logging.h"
10 #include "chrome/browser/bookmarks/bookmark_model_factory.h" 10 #include "chrome/browser/bookmarks/bookmark_model_factory.h"
11 #include "chrome/browser/content_settings/cookie_settings_factory.h"
11 #include "chrome/browser/content_settings/host_content_settings_map_factory.h" 12 #include "chrome/browser/content_settings/host_content_settings_map_factory.h"
12 #include "chrome/browser/content_settings/tab_specific_content_settings.h" 13 #include "chrome/browser/content_settings/tab_specific_content_settings.h"
13 #include "chrome/browser/permissions/permission_request_id.h" 14 #include "chrome/browser/permissions/permission_request_id.h"
14 #include "chrome/browser/profiles/profile.h" 15 #include "chrome/browser/profiles/profile.h"
15 #include "components/bookmarks/browser/bookmark_model.h" 16 #include "components/bookmarks/browser/bookmark_model.h"
17 #include "components/content_settings/core/browser/cookie_settings.h"
16 #include "components/content_settings/core/browser/host_content_settings_map.h" 18 #include "components/content_settings/core/browser/host_content_settings_map.h"
17 #include "components/content_settings/core/browser/website_settings_registry.h" 19 #include "components/content_settings/core/browser/website_settings_registry.h"
18 #include "content/public/browser/browser_thread.h" 20 #include "content/public/browser/browser_thread.h"
19 #include "content/public/browser/child_process_security_policy.h" 21 #include "content/public/browser/child_process_security_policy.h"
20 #include "content/public/browser/permission_type.h" 22 #include "content/public/browser/permission_type.h"
21 #include "content/public/common/origin_util.h" 23 #include "content/public/common/origin_util.h"
22 #include "url/gurl.h" 24 #include "url/gurl.h"
23 25
24 using bookmarks::BookmarkModel; 26 using bookmarks::BookmarkModel;
25 27
26 DurableStoragePermissionContext::DurableStoragePermissionContext( 28 DurableStoragePermissionContext::DurableStoragePermissionContext(
27 Profile* profile) 29 Profile* profile)
28 : PermissionContextBase(profile, 30 : PermissionContextBase(profile,
29 content::PermissionType::DURABLE_STORAGE, 31 content::PermissionType::DURABLE_STORAGE,
30 CONTENT_SETTINGS_TYPE_DURABLE_STORAGE) {} 32 CONTENT_SETTINGS_TYPE_DURABLE_STORAGE) {}
31 33
32 void DurableStoragePermissionContext::DecidePermission( 34 void DurableStoragePermissionContext::DecidePermission(
33 content::WebContents* web_contents, 35 content::WebContents* web_contents,
34 const PermissionRequestID& id, 36 const PermissionRequestID& id,
35 const GURL& requesting_origin, 37 const GURL& requesting_origin,
36 const GURL& embedding_origin, 38 const GURL& embedding_origin,
37 bool user_gesture, 39 bool user_gesture,
38 const BrowserPermissionCallback& callback) { 40 const BrowserPermissionCallback& callback) {
39 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); 41 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI));
40 42
41 // TODO(dgrogan): Remove bookmarks check in favor of site engagement. In the 43 // Durable is only allowed to be granted on top-level origins.
jww 2016/10/05 00:19:40 Just to clarify what you want to do here, this all
dmurph 2016/10/05 03:22:37 It can happen at the top level origin or in a fram
42 // meantime maybe grant permission to A2HS origins as well. 44 if (requesting_origin != embedding_origin) {
45 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback,
46 false /* persist */, CONTENT_SETTING_DEFAULT);
47 return;
48 }
49
50 // Don't grant durable if we can't write cookies.
51 scoped_refptr<content_settings::CookieSettings> cookie_settings =
52 CookieSettingsFactory::GetForProfile(profile());
53 if (!cookie_settings->IsSettingCookieAllowed(requesting_origin,
54 requesting_origin)) {
55 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback,
56 false /* persist */, CONTENT_SETTING_DEFAULT);
57 return;
58 }
59
60 // TODO(dmurph): Remove bookmarks check in favor of important sites.
43 BookmarkModel* model = 61 BookmarkModel* model =
44 BookmarkModelFactory::GetForBrowserContextIfExists(profile()); 62 BookmarkModelFactory::GetForBrowserContextIfExists(profile());
45 if (model) { 63 if (model) {
46 std::vector<bookmarks::BookmarkModel::URLAndTitle> bookmarks; 64 std::vector<bookmarks::BookmarkModel::URLAndTitle> bookmarks;
47 model->GetBookmarks(&bookmarks); 65 model->GetBookmarks(&bookmarks);
48 if (IsOriginBookmarked(bookmarks, requesting_origin)) { 66 if (IsOriginBookmarked(bookmarks, requesting_origin)) {
49 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, 67 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback,
50 true /* persist */, CONTENT_SETTING_ALLOW); 68 true /* persist */, CONTENT_SETTING_ALLOW);
51 return; 69 return;
52 } 70 }
(...skipping 26 matching lines...) Expand all
79 const std::vector<bookmarks::BookmarkModel::URLAndTitle>& bookmarks, 97 const std::vector<bookmarks::BookmarkModel::URLAndTitle>& bookmarks,
80 const GURL& origin) { 98 const GURL& origin) {
81 BookmarkModel::URLAndTitle looking_for; 99 BookmarkModel::URLAndTitle looking_for;
82 looking_for.url = origin; 100 looking_for.url = origin;
83 return std::binary_search(bookmarks.begin(), bookmarks.end(), looking_for, 101 return std::binary_search(bookmarks.begin(), bookmarks.end(), looking_for,
84 [](const BookmarkModel::URLAndTitle& a, 102 [](const BookmarkModel::URLAndTitle& a,
85 const BookmarkModel::URLAndTitle& b) { 103 const BookmarkModel::URLAndTitle& b) {
86 return a.url.GetOrigin() < b.url.GetOrigin(); 104 return a.url.GetOrigin() < b.url.GetOrigin();
87 }); 105 });
88 } 106 }
OLDNEW
« no previous file with comments | « chrome/browser/storage/durable_storage_permission_context.h ('k') | chrome/browser/storage/durable_storage_permission_context_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698