[DurableStorage] Don't grant durable if origin cannot write cookies.

chrome/browser/storage/durable_storage_permission_context.cc

Index: chrome/browser/storage/durable_storage_permission_context.cc
diff --git a/chrome/browser/storage/durable_storage_permission_context.cc b/chrome/browser/storage/durable_storage_permission_context.cc
index 7eac71f09f7bd38afc7452a8ef6e209229900b31..a3528b0ec0b58cac524fa51ab8e16a6ee83b4e11 100644
--- a/chrome/browser/storage/durable_storage_permission_context.cc
+++ b/chrome/browser/storage/durable_storage_permission_context.cc
@@ -8,11 +8,13 @@
 
 #include "base/logging.h"
 #include "chrome/browser/bookmarks/bookmark_model_factory.h"
+#include "chrome/browser/content_settings/cookie_settings_factory.h"
 #include "chrome/browser/content_settings/host_content_settings_map_factory.h"
 #include "chrome/browser/content_settings/tab_specific_content_settings.h"
 #include "chrome/browser/permissions/permission_request_id.h"
 #include "chrome/browser/profiles/profile.h"
 #include "components/bookmarks/browser/bookmark_model.h"
+#include "components/content_settings/core/browser/cookie_settings.h"
 #include "components/content_settings/core/browser/host_content_settings_map.h"
 #include "components/content_settings/core/browser/website_settings_registry.h"
 #include "content/public/browser/browser_thread.h"
@@ -38,6 +40,17 @@ void DurableStoragePermissionContext::DecidePermission(
     const BrowserPermissionCallback& callback) {
   DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI));
 
+  scoped_refptr<content_settings::CookieSettings> cookie_settings =
+      CookieSettingsFactory::GetForProfile(profile());
+
+  // Don't grant durable if we can't write cookies.
+  if (!cookie_settings->IsSettingCookieAllowed(requesting_origin,
+                                               embedding_origin)) {

[michaeln, 2016/09/30 22:19:03]

The comment in the .h file says "or already granted", but i don't see any code
for that?

"Durability" is an attribute of an origin's stored data, but
IsSettingCookieAllowed() is dependent on the cross-origin-ness of a documents
parent document. True and False can't be the right answer at the same time.

If the permission has already been granted for an origin. I'm not sure a call
from a nested iframe should result in its revocation?

I think it probably makes sense that a call from a nested iframe can't initially
establish the permission.

[michaeln, 2016/09/30 22:21:21]

just read the bug... maybe use IsSettingCookiesAllowed(requesting_origin,
requesting_origin) to eliminate 3rd party considerations

[jww, 2016/10/01 04:46:20]

I don't know what dmurph@'s actually intent here, but if you're referring to
https://crbug.com/521183, it does say that the permission decision should match
the decision for cookies, so I don't think 3rd party considerations should
necessarily be eliminated.

Note that this isn't just for the "First-party cookie" attribute, but it is also
used for things like Web UI.

[dmurph, 2016/10/04 22:00:45]

Ok, so I'm now also blocking granting this permission if we're in an embedded
frame, so this should solve both cases. (This is what the push notification
permission does).

[dmurph, 2016/10/04 22:00:45]

This comment was wrong - we only call this if the content setting is DEFAULT -
if we're block or allow, we don't call this. See:
https://cs.chromium.org/chromium/src/chrome/browser/permissions/permission_co...

+    NotifyPermissionSet(id, requesting_origin, embedding_origin, callback,
+                        false /* persist */, CONTENT_SETTING_DEFAULT);
+    return;
+  }
+
   // TODO(dgrogan): Remove bookmarks check in favor of site engagement. In the
   // meantime maybe grant permission to A2HS origins as well.
   BookmarkModel* model =