Chromium Code Reviews Chromium Code Reviews
Issue 255553007:
Cleanup whitelist for screen capture access in getUserMedia() (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/media/media_capture_devices_dispatcher.h" | 5 #include "chrome/browser/media/media_capture_devices_dispatcher.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "base/prefs/pref_service.h" | 9 #include "base/prefs/pref_service.h" |
| 10 #include "base/prefs/scoped_user_pref_update.h" | 10 #include "base/prefs/scoped_user_pref_update.h" |
| (...skipping 71 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 82 // Once http://crbug.com/292856 is fixed, remove this whitelist. | 82 // Once http://crbug.com/292856 is fixed, remove this whitelist. |
| 83 bool IsMediaRequestWhitelistedForExtension( | 83 bool IsMediaRequestWhitelistedForExtension( |
| 84 const extensions::Extension* extension) { | 84 const extensions::Extension* extension) { |
| 85 return extension->id() == "mppnpdlheglhdfmldimlhpnegondlapf" || | 85 return extension->id() == "mppnpdlheglhdfmldimlhpnegondlapf" || |
| 86 extension->id() == "bepbmhgboaologfdajaanbcjmnhjmhfn" || | 86 extension->id() == "bepbmhgboaologfdajaanbcjmnhjmhfn" || |
| 87 extension->id() == "jokbpnebhdcladagohdnfgjcpejggllo" || | 87 extension->id() == "jokbpnebhdcladagohdnfgjcpejggllo" || |
| 88 extension->id() == "clffjmdilanldobdnedchkdbofoimcgb" || | 88 extension->id() == "clffjmdilanldobdnedchkdbofoimcgb" || |
| 89 extension->id() == "nnckehldicaciogcbchegobnafnjkcne"; | 89 extension->id() == "nnckehldicaciogcbchegobnafnjkcne"; |
| 90 } | 90 } |
| 91 | 91 |
| 92 // This is a short-term solution to allow testing of the the Screen Capture API | 92 bool IsBuiltInExtension(const GURL& origin) { |
| 93 // with Google Hangouts in M27. | 93 return |
| 94 // TODO(sergeyu): Remove this whitelist as soon as possible. | 94 // Feedback Extension. |
| 95 bool IsOriginWhitelistedForScreenCapture(const GURL& origin) { | 95 origin.spec() == "chrome-extension://gfdkimpbcpahaombhbimeihdjnejgicl/"; |
| 96 } | |
| 97 | |
| 98 // Returns true of the security origin is associated with casting. | |
| 99 bool IsOriginForCasting(const GURL& origin) { | |
|
mark a. foltz
2014/04/25 17:28:13
I would say IsOriginOfWhitelistedExtension
Sergey Ulanov
2014/04/25 21:02:27
I'd like to keep the current name (I'm not adding
| |
| 96 #if defined(OFFICIAL_BUILD) | 100 #if defined(OFFICIAL_BUILD) |
| 97 if (// Google Hangouts. | 101 // Whitelisted tab casting extensions. |
|
mark a. foltz
2014/04/25 17:28:13
Can you please add a numbered comment:
1. Dev
2.
Sergey Ulanov
2014/04/25 21:02:27
Done.
| |
| 98 (origin.SchemeIs("https") && | 102 return |
| 99 EndsWith(origin.spec(), ".talkgadget.google.com/", true)) || | |
| 100 origin.spec() == "https://talkgadget.google.com/" || | |
| 101 origin.spec() == "https://plus.google.com/" || | |
| 102 origin.spec() == "chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm/" || | 103 origin.spec() == "chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm/" || |
|
mark a. foltz
2014/04/25 17:28:13
This ID is unused and can be removed.
Can you ple
Sergey Ulanov
2014/04/25 21:02:27
This one wasn't in the list before - do you really
| |
| 103 origin.spec() == "chrome-extension://fmfcbgogabcbclcofgocippekhfcmgfj/" || | 104 origin.spec() == "chrome-extension://fmfcbgogabcbclcofgocippekhfcmgfj/" || |
| 104 origin.spec() == "chrome-extension://hfaagokkkhdbgiakmmlclaapfelnkoah/" || | 105 origin.spec() == "chrome-extension://hfaagokkkhdbgiakmmlclaapfelnkoah/" || |
| 105 origin.spec() == "chrome-extension://boadgeojelhgndaghljhdicfkmllpafd/" || | 106 origin.spec() == "chrome-extension://boadgeojelhgndaghljhdicfkmllpafd/" || |
| 106 origin.spec() == "chrome-extension://gfdkimpbcpahaombhbimeihdjnejgicl/") { | 107 orogin.spec() == "chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm/"; |
|
mark a. foltz
2014/04/25 17:28:13
Typo in origin.
Sergey Ulanov
2014/04/25 21:02:27
Done.
| |
| 107 return true; | |
| 108 } | |
| 109 // Check against hashed origins. | |
| 110 // TODO(hshi): remove this when trusted tester becomes public. | |
| 111 const std::string origin_hash = base::SHA1HashString(origin.spec()); | |
| 112 DCHECK_EQ(origin_hash.length(), base::kSHA1Length); | |
| 113 const std::string hexencoded_origin_hash = | |
| 114 base::HexEncode(origin_hash.data(), origin_hash.length()); | |
| 115 return | |
| 116 hexencoded_origin_hash == "3C2705BC432E7C51CA8553FDC5BEE873FF2468EE"; | |
| 117 #else | 108 #else |
| 118 return false; | 109 return false; |
| 119 #endif | 110 #endif |
| 120 } | 111 } |
| 121 | 112 |
| 122 #if defined(OS_CHROMEOS) | |
| 123 // Returns true of the security origin is associated with casting. | |
| 124 bool IsOriginForCasting(const GURL& origin) { | |
| 125 #if defined(OFFICIAL_BUILD) | |
| 126 // Whitelisted tab casting extensions. | |
| 127 if (origin.spec() == "chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm/" || | |
| 128 origin.spec() == "chrome-extension://fmfcbgogabcbclcofgocippekhfcmgfj/" || | |
| 129 origin.spec() == "chrome-extension://hfaagokkkhdbgiakmmlclaapfelnkoah/" || | |
| 130 origin.spec() == "chrome-extension://boadgeojelhgndaghljhdicfkmllpafd/") { | |
| 131 return true; | |
| 132 } | |
| 133 // Check against hashed origins. | |
| 134 // TODO(hshi): remove this when trusted tester becomes public. | |
| 135 const std::string origin_hash = base::SHA1HashString(origin.spec()); | |
| 136 DCHECK_EQ(origin_hash.length(), base::kSHA1Length); | |
| 137 const std::string hexencoded_origin_hash = | |
| 138 base::HexEncode(origin_hash.data(), origin_hash.length()); | |
| 139 return | |
| 140 hexencoded_origin_hash == "3C2705BC432E7C51CA8553FDC5BEE873FF2468EE"; | |
| 141 #else | |
| 142 return false; | |
| 143 #endif | |
| 144 } | |
| 145 #endif | |
| 146 | |
| 147 // Helper to get title of the calling application shown in the screen capture | 113 // Helper to get title of the calling application shown in the screen capture |
| 148 // notification. | 114 // notification. |
| 149 base::string16 GetApplicationTitle(content::WebContents* web_contents, | 115 base::string16 GetApplicationTitle(content::WebContents* web_contents, |
| 150 const extensions::Extension* extension) { | 116 const extensions::Extension* extension) { |
| 151 // Use extension name as title for extensions and host/origin for drive-by | 117 // Use extension name as title for extensions and host/origin for drive-by |
| 152 // web. | 118 // web. |
| 153 std::string title; | 119 std::string title; |
| 154 if (extension) { | 120 if (extension) { |
| 155 title = extension->name(); | 121 title = extension->name(); |
| 156 } else { | 122 } else { |
| (...skipping 271 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 428 // Currently loopback audio capture is supported only on Windows and ChromeOS. | 394 // Currently loopback audio capture is supported only on Windows and ChromeOS. |
| 429 loopback_audio_supported = true; | 395 loopback_audio_supported = true; |
| 430 #endif | 396 #endif |
| 431 | 397 |
| 432 const bool component_extension = | 398 const bool component_extension = |
| 433 extension && extension->location() == extensions::Manifest::COMPONENT; | 399 extension && extension->location() == extensions::Manifest::COMPONENT; |
| 434 | 400 |
| 435 const bool screen_capture_enabled = | 401 const bool screen_capture_enabled = |
| 436 CommandLine::ForCurrentProcess()->HasSwitch( | 402 CommandLine::ForCurrentProcess()->HasSwitch( |
| 437 switches::kEnableUserMediaScreenCapturing) || | 403 switches::kEnableUserMediaScreenCapturing) || |
| 438 IsOriginWhitelistedForScreenCapture(request.security_origin); | 404 IsOriginForCasting(request.security_origin) || |
| 405 IsBuiltInExtension(request.security_origin); | |
| 439 | 406 |
| 440 const bool origin_is_secure = | 407 const bool origin_is_secure = |
| 441 request.security_origin.SchemeIsSecure() || | 408 request.security_origin.SchemeIsSecure() || |
| 442 request.security_origin.SchemeIs(extensions::kExtensionScheme) || | 409 request.security_origin.SchemeIs(extensions::kExtensionScheme) || |
| 443 CommandLine::ForCurrentProcess()->HasSwitch( | 410 CommandLine::ForCurrentProcess()->HasSwitch( |
| 444 switches::kAllowHttpScreenCapture); | 411 switches::kAllowHttpScreenCapture); |
| 445 | 412 |
| 446 // Approve request only when the following conditions are met: | 413 // Approve request only when the following conditions are met: |
| 447 // 1. Screen capturing is enabled via command line switch or white-listed for | 414 // 1. Screen capturing is enabled via command line switch or white-listed for |
| 448 // the given origin. | 415 // the given origin. |
| (...skipping 495 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 944 | 911 |
| 945 void MediaCaptureDevicesDispatcher::SetTestAudioCaptureDevices( | 912 void MediaCaptureDevicesDispatcher::SetTestAudioCaptureDevices( |
| 946 const MediaStreamDevices& devices) { | 913 const MediaStreamDevices& devices) { |
| 947 test_audio_devices_ = devices; | 914 test_audio_devices_ = devices; |
| 948 } | 915 } |
| 949 | 916 |
| 950 void MediaCaptureDevicesDispatcher::SetTestVideoCaptureDevices( | 917 void MediaCaptureDevicesDispatcher::SetTestVideoCaptureDevices( |
| 951 const MediaStreamDevices& devices) { | 918 const MediaStreamDevices& devices) { |
| 952 test_video_devices_ = devices; | 919 test_video_devices_ = devices; |
| 953 } | 920 } |
| OLD | NEW |
