Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(130)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/storage/durable_storage_permission_context.cc

Issue 2385653005: [DurableStorage] Don't grant durable if origin cannot write cookies. (Closed)
Patch Set: removed incognito restriction, as per browser test Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/storage/durable_storage_permission_context.h ('k') | chrome/browser/storage/durable_storage_permission_context_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/storage/durable_storage_permission_context.cc
diff --git a/chrome/browser/storage/durable_storage_permission_context.cc b/chrome/browser/storage/durable_storage_permission_context.cc
index 7eac71f09f7bd38afc7452a8ef6e209229900b31..8254deb53a0860309995ce76fbab0ed0de592530 100644
--- a/chrome/browser/storage/durable_storage_permission_context.cc
+++ b/chrome/browser/storage/durable_storage_permission_context.cc
@@ -8,11 +8,13 @@
#include "base/logging.h"
#include "chrome/browser/bookmarks/bookmark_model_factory.h"
+#include "chrome/browser/content_settings/cookie_settings_factory.h"
#include "chrome/browser/content_settings/host_content_settings_map_factory.h"
#include "chrome/browser/content_settings/tab_specific_content_settings.h"
#include "chrome/browser/permissions/permission_request_id.h"
#include "chrome/browser/profiles/profile.h"
#include "components/bookmarks/browser/bookmark_model.h"
+#include "components/content_settings/core/browser/cookie_settings.h"
#include "components/content_settings/core/browser/host_content_settings_map.h"
#include "components/content_settings/core/browser/website_settings_registry.h"
#include "content/public/browser/browser_thread.h"
@@ -38,8 +40,24 @@ void DurableStoragePermissionContext::DecidePermission(
const BrowserPermissionCallback& callback) {
DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI));
- // TODO(dgrogan): Remove bookmarks check in favor of site engagement. In the
- // meantime maybe grant permission to A2HS origins as well.
+ // Durable is only allowed to be granted on top-level origins.
jww 2016/10/05 00:19:40 Just to clarify what you want to do here, this all
dmurph 2016/10/05 03:22:37 It can happen at the top level origin or in a fram
+ if (requesting_origin != embedding_origin) {
+ NotifyPermissionSet(id, requesting_origin, embedding_origin, callback,
+ false /* persist */, CONTENT_SETTING_DEFAULT);
+ return;
+ }
+
+ // Don't grant durable if we can't write cookies.
+ scoped_refptr<content_settings::CookieSettings> cookie_settings =
+ CookieSettingsFactory::GetForProfile(profile());
+ if (!cookie_settings->IsSettingCookieAllowed(requesting_origin,
+ requesting_origin)) {
+ NotifyPermissionSet(id, requesting_origin, embedding_origin, callback,
+ false /* persist */, CONTENT_SETTING_DEFAULT);
+ return;
+ }
+
+ // TODO(dmurph): Remove bookmarks check in favor of important sites.
BookmarkModel* model =
BookmarkModelFactory::GetForBrowserContextIfExists(profile());
if (model) {
« no previous file with comments | « chrome/browser/storage/durable_storage_permission_context.h ('k') | chrome/browser/storage/durable_storage_permission_context_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698