OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/permissions/permission_context_base.h" | 5 #include "chrome/browser/permissions/permission_context_base.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 | 8 |
9 #include <string> | 9 #include <string> |
10 #include <utility> | 10 #include <utility> |
11 | 11 |
12 #include "base/callback.h" | 12 #include "base/callback.h" |
13 #include "base/logging.h" | 13 #include "base/logging.h" |
14 #include "base/memory/ptr_util.h" | 14 #include "base/memory/ptr_util.h" |
15 #include "base/strings/stringprintf.h" | 15 #include "base/strings/stringprintf.h" |
16 #include "base/time/time.h" | |
dominickn
2017/01/11 07:52:13
This include isn't used
meredithl
2017/01/11 23:22:28
Done.
| |
16 #include "build/build_config.h" | 17 #include "build/build_config.h" |
17 #include "chrome/browser/browser_process.h" | 18 #include "chrome/browser/browser_process.h" |
18 #include "chrome/browser/content_settings/host_content_settings_map_factory.h" | 19 #include "chrome/browser/content_settings/host_content_settings_map_factory.h" |
19 #include "chrome/browser/permissions/permission_blacklist_client.h" | |
20 #include "chrome/browser/permissions/permission_decision_auto_blocker.h" | 20 #include "chrome/browser/permissions/permission_decision_auto_blocker.h" |
21 #include "chrome/browser/permissions/permission_request.h" | 21 #include "chrome/browser/permissions/permission_request.h" |
22 #include "chrome/browser/permissions/permission_request_id.h" | 22 #include "chrome/browser/permissions/permission_request_id.h" |
23 #include "chrome/browser/permissions/permission_request_impl.h" | 23 #include "chrome/browser/permissions/permission_request_impl.h" |
24 #include "chrome/browser/permissions/permission_request_manager.h" | 24 #include "chrome/browser/permissions/permission_request_manager.h" |
25 #include "chrome/browser/permissions/permission_uma_util.h" | 25 #include "chrome/browser/permissions/permission_uma_util.h" |
26 #include "chrome/browser/permissions/permission_util.h" | 26 #include "chrome/browser/permissions/permission_util.h" |
27 #include "chrome/browser/profiles/profile.h" | 27 #include "chrome/browser/profiles/profile.h" |
28 #include "chrome/browser/safe_browsing/safe_browsing_service.h" | 28 #include "chrome/browser/safe_browsing/safe_browsing_service.h" |
29 #include "chrome/common/chrome_features.h" | 29 #include "chrome/common/chrome_features.h" |
30 #include "chrome/common/pref_names.h" | 30 #include "chrome/common/pref_names.h" |
31 #include "components/content_settings/core/browser/host_content_settings_map.h" | 31 #include "components/content_settings/core/browser/host_content_settings_map.h" |
32 #include "components/content_settings/core/browser/website_settings_registry.h" | 32 #include "components/content_settings/core/browser/website_settings_registry.h" |
33 #include "components/prefs/pref_service.h" | 33 #include "components/prefs/pref_service.h" |
34 #include "components/safe_browsing_db/database_manager.h" | |
34 #include "components/variations/variations_associated_data.h" | 35 #include "components/variations/variations_associated_data.h" |
35 #include "content/public/browser/browser_thread.h" | 36 #include "content/public/browser/browser_thread.h" |
36 #include "content/public/browser/render_frame_host.h" | 37 #include "content/public/browser/render_frame_host.h" |
37 #include "content/public/browser/web_contents.h" | 38 #include "content/public/browser/web_contents.h" |
38 #include "content/public/common/origin_util.h" | 39 #include "content/public/common/origin_util.h" |
39 #include "url/gurl.h" | 40 #include "url/gurl.h" |
40 | 41 |
41 #if defined(OS_ANDROID) | 42 #if defined(OS_ANDROID) |
42 #include "chrome/browser/permissions/permission_queue_controller.h" | 43 #include "chrome/browser/permissions/permission_queue_controller.h" |
43 #endif | 44 #endif |
(...skipping 29 matching lines...) Expand all Loading... | |
73 PermissionContextBase::~PermissionContextBase() { | 74 PermissionContextBase::~PermissionContextBase() { |
74 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); | 75 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); |
75 } | 76 } |
76 | 77 |
77 void PermissionContextBase::RequestPermission( | 78 void PermissionContextBase::RequestPermission( |
78 content::WebContents* web_contents, | 79 content::WebContents* web_contents, |
79 const PermissionRequestID& id, | 80 const PermissionRequestID& id, |
80 const GURL& requesting_frame, | 81 const GURL& requesting_frame, |
81 bool user_gesture, | 82 bool user_gesture, |
82 const BrowserPermissionCallback& callback) { | 83 const BrowserPermissionCallback& callback) { |
83 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); | 84 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); |
dominickn
2017/01/11 07:52:13
Nit: probably can leave this new line.
meredithl
2017/01/11 23:22:28
Done.
| |
84 | |
85 // First check if this permission has been disabled. | 85 // First check if this permission has been disabled. |
86 if (IsPermissionKillSwitchOn()) { | 86 if (IsPermissionKillSwitchOn()) { |
87 // Log to the developer console. | 87 // Log to the developer console. |
88 web_contents->GetMainFrame()->AddMessageToConsole( | 88 web_contents->GetMainFrame()->AddMessageToConsole( |
89 content::CONSOLE_MESSAGE_LEVEL_LOG, | 89 content::CONSOLE_MESSAGE_LEVEL_LOG, |
90 base::StringPrintf( | 90 base::StringPrintf( |
91 "%s permission has been blocked.", | 91 "%s permission has been blocked.", |
92 PermissionUtil::GetPermissionString(permission_type_).c_str())); | 92 PermissionUtil::GetPermissionString(permission_type_).c_str())); |
93 // The kill switch is enabled for this permission; Block all requests. | 93 // The kill switch is enabled for this permission; Block all requests. |
94 callback.Run(CONTENT_SETTING_BLOCK); | 94 callback.Run(CONTENT_SETTING_BLOCK); |
95 return; | 95 return; |
96 } | 96 } |
97 | 97 |
98 GURL requesting_origin = requesting_frame.GetOrigin(); | 98 GURL requesting_origin = requesting_frame.GetOrigin(); |
99 GURL embedding_origin = web_contents->GetLastCommittedURL().GetOrigin(); | 99 GURL embedding_origin = web_contents->GetLastCommittedURL().GetOrigin(); |
dominickn
2017/01/11 07:52:13
Nit: probably can leave this new line.
meredithl
2017/01/11 23:22:28
Done.
| |
100 | |
101 if (!requesting_origin.is_valid() || !embedding_origin.is_valid()) { | 100 if (!requesting_origin.is_valid() || !embedding_origin.is_valid()) { |
102 std::string type_name = | 101 std::string type_name = |
103 content_settings::WebsiteSettingsRegistry::GetInstance() | 102 content_settings::WebsiteSettingsRegistry::GetInstance() |
104 ->Get(content_settings_type_) | 103 ->Get(content_settings_type_) |
105 ->name(); | 104 ->name(); |
106 | 105 |
107 DVLOG(1) << "Attempt to use " << type_name | 106 DVLOG(1) << "Attempt to use " << type_name |
108 << " from an invalid URL: " << requesting_origin << "," | 107 << " from an invalid URL: " << requesting_origin << "," |
109 << embedding_origin << " (" << type_name | 108 << embedding_origin << " (" << type_name |
110 << " is not supported in popups)"; | 109 << " is not supported in popups)"; |
111 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, | 110 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, |
112 false /* persist */, CONTENT_SETTING_BLOCK); | 111 false /* persist */, CONTENT_SETTING_BLOCK); |
113 return; | 112 return; |
114 } | 113 } |
115 | 114 |
116 if (base::FeatureList::IsEnabled(features::kPermissionsBlacklist)) { | 115 // Check the content setting first before autoblocking. |
dominickn
2017/01/11 07:52:13
Remove "before autoblocking" - it's a bit misleadi
meredithl
2017/01/11 23:22:28
Done.
| |
117 if (!db_manager_) { | 116 ContentSetting content_setting = |
118 safe_browsing::SafeBrowsingService* sb_service = | 117 GetPermissionStatus(requesting_origin, embedding_origin); |
119 g_browser_process->safe_browsing_service(); | 118 if (content_setting == CONTENT_SETTING_ALLOW) { |
120 if (sb_service) | 119 HostContentSettingsMapFactory::GetForProfile(profile_)->UpdateLastUsage( |
121 db_manager_ = sb_service->database_manager(); | 120 requesting_origin, embedding_origin, content_settings_type_); |
122 } | 121 } |
123 | 122 |
124 // The client contacts Safe Browsing, and runs the callback with the result. | 123 if (content_setting == CONTENT_SETTING_ALLOW || |
125 PermissionBlacklistClient::CheckSafeBrowsingBlacklist( | 124 content_setting == CONTENT_SETTING_BLOCK) { |
126 db_manager_, permission_type_, requesting_origin, web_contents, | 125 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, |
127 safe_browsing_timeout_, | 126 false /* persist */, content_setting); |
128 base::Bind(&PermissionContextBase::ContinueRequestPermission, | 127 return; |
129 weak_factory_.GetWeakPtr(), web_contents, id, | |
130 requesting_origin, embedding_origin, user_gesture, | |
131 callback)); | |
132 } else { | |
133 // TODO(meredithl): Add UMA metrics here. | |
134 ContinueRequestPermission(web_contents, id, requesting_origin, | |
135 embedding_origin, user_gesture, callback, | |
136 false /* permission blocked */); | |
137 } | 128 } |
129 | |
130 if (!db_manager_) { | |
131 safe_browsing::SafeBrowsingService* sb_service = | |
132 g_browser_process->safe_browsing_service(); | |
133 if (sb_service) | |
134 db_manager_ = sb_service->database_manager(); | |
135 } | |
136 | |
137 PermissionDecisionAutoBlocker::ShouldAutomaticallyBlock( | |
dominickn
2017/01/11 07:52:13
db_manager_ could still be null here (e.g. if sb_s
meredithl
2017/01/11 23:22:28
For now should I move this inside an if statement
dominickn
2017/01/12 00:22:33
It should be fine given that this will move soon (
| |
138 db_manager_, permission_type_, requesting_origin, web_contents, | |
139 safe_browsing_timeout_, profile_, base::Time::Now(), | |
140 base::Bind(&PermissionContextBase::ContinueRequestPermission, | |
141 weak_factory_.GetWeakPtr(), web_contents, id, | |
142 requesting_origin, embedding_origin, user_gesture, callback)); | |
138 } | 143 } |
139 | 144 |
140 void PermissionContextBase::ContinueRequestPermission( | 145 void PermissionContextBase::ContinueRequestPermission( |
141 content::WebContents* web_contents, | 146 content::WebContents* web_contents, |
142 const PermissionRequestID& id, | 147 const PermissionRequestID& id, |
143 const GURL& requesting_origin, | 148 const GURL& requesting_origin, |
144 const GURL& embedding_origin, | 149 const GURL& embedding_origin, |
145 bool user_gesture, | 150 bool user_gesture, |
146 const BrowserPermissionCallback& callback, | 151 const BrowserPermissionCallback& callback, |
147 bool permission_blocked) { | 152 bool permission_blocked) { |
148 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); | 153 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); |
149 if (permission_blocked) { | 154 if (permission_blocked) { |
150 // TODO(meredithl): Add UMA metrics here. | 155 // TODO(meredithl): Add UMA metrics here. |
151 web_contents->GetMainFrame()->AddMessageToConsole( | 156 web_contents->GetMainFrame()->AddMessageToConsole( |
152 content::CONSOLE_MESSAGE_LEVEL_LOG, | 157 content::CONSOLE_MESSAGE_LEVEL_LOG, |
153 base::StringPrintf( | 158 base::StringPrintf( |
154 "%s permission has been auto-blocked.", | 159 "%s permission has been auto-blocked.", |
155 PermissionUtil::GetPermissionString(permission_type_).c_str())); | 160 PermissionUtil::GetPermissionString(permission_type_).c_str())); |
156 // Permission has been blacklisted, block the request. | 161 // Permission has been blacklisted, block the request. |
157 // TODO(meredithl): Consider setting the content setting and persisting | 162 // TODO(meredithl): Consider setting the content setting and persisting |
158 // the decision to block. | 163 // the decision to block. |
159 callback.Run(CONTENT_SETTING_BLOCK); | 164 callback.Run(CONTENT_SETTING_BLOCK); |
160 return; | 165 return; |
161 } | 166 } |
167 | |
162 // Site is not blacklisted by Safe Browsing for the requested permission. | 168 // Site is not blacklisted by Safe Browsing for the requested permission. |
163 ContentSetting content_setting = | |
164 GetPermissionStatus(requesting_origin, embedding_origin); | |
165 if (content_setting == CONTENT_SETTING_ALLOW) { | |
166 HostContentSettingsMapFactory::GetForProfile(profile_)->UpdateLastUsage( | |
167 requesting_origin, embedding_origin, content_settings_type_); | |
168 } | |
169 | |
170 if (content_setting == CONTENT_SETTING_ALLOW || | |
171 content_setting == CONTENT_SETTING_BLOCK) { | |
172 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, | |
173 false /* persist */, content_setting); | |
174 return; | |
175 } | |
176 | |
177 PermissionUmaUtil::PermissionRequested(permission_type_, requesting_origin, | 169 PermissionUmaUtil::PermissionRequested(permission_type_, requesting_origin, |
178 embedding_origin, profile_); | 170 embedding_origin, profile_); |
179 | 171 |
180 DecidePermission(web_contents, id, requesting_origin, embedding_origin, | 172 DecidePermission(web_contents, id, requesting_origin, embedding_origin, |
181 user_gesture, callback); | 173 user_gesture, callback); |
182 } | 174 } |
183 | 175 |
184 ContentSetting PermissionContextBase::GetPermissionStatus( | 176 ContentSetting PermissionContextBase::GetPermissionStatus( |
185 const GURL& requesting_origin, | 177 const GURL& requesting_origin, |
186 const GURL& embedding_origin) const { | 178 const GURL& embedding_origin) const { |
187 // If the permission has been disabled through Finch, block all requests. | 179 // If the permission has been disabled through Finch, block all requests. |
188 if (IsPermissionKillSwitchOn()) | 180 if (IsPermissionKillSwitchOn()) |
189 return CONTENT_SETTING_BLOCK; | 181 return CONTENT_SETTING_BLOCK; |
190 | 182 |
191 if (IsRestrictedToSecureOrigins() && | 183 if (IsRestrictedToSecureOrigins() && |
192 !content::IsOriginSecure(requesting_origin)) { | 184 !content::IsOriginSecure(requesting_origin)) { |
193 return CONTENT_SETTING_BLOCK; | 185 return CONTENT_SETTING_BLOCK; |
194 } | 186 } |
195 | 187 |
196 return GetPermissionStatusInternal(requesting_origin, embedding_origin); | 188 ContentSetting content_setting = |
189 GetPermissionStatusInternal(requesting_origin, embedding_origin); | |
190 if (content_setting == CONTENT_SETTING_ASK) { | |
dominickn
2017/01/11 07:52:13
Nit: combine the two if statements using &&
meredithl
2017/01/11 23:22:28
Done.
| |
191 if (PermissionDecisionAutoBlocker::IsUnderEmbargo( | |
192 permission_type_, profile_, requesting_origin, base::Time::Now())) { | |
193 return CONTENT_SETTING_BLOCK; | |
194 } | |
195 } | |
196 return content_setting; | |
197 } | 197 } |
198 | 198 |
199 void PermissionContextBase::ResetPermission( | 199 void PermissionContextBase::ResetPermission( |
200 const GURL& requesting_origin, | 200 const GURL& requesting_origin, |
201 const GURL& embedding_origin) { | 201 const GURL& embedding_origin) { |
202 HostContentSettingsMapFactory::GetForProfile(profile_) | 202 HostContentSettingsMapFactory::GetForProfile(profile_) |
203 ->SetContentSettingDefaultScope(requesting_origin, embedding_origin, | 203 ->SetContentSettingDefaultScope(requesting_origin, embedding_origin, |
204 content_settings_type_, std::string(), | 204 content_settings_type_, std::string(), |
205 CONTENT_SETTING_DEFAULT); | 205 CONTENT_SETTING_DEFAULT); |
206 } | 206 } |
(...skipping 178 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
385 content_settings_type_, std::string(), | 385 content_settings_type_, std::string(), |
386 content_setting); | 386 content_setting); |
387 } | 387 } |
388 | 388 |
389 void PermissionContextBase::SetSafeBrowsingDatabaseManagerAndTimeoutForTest( | 389 void PermissionContextBase::SetSafeBrowsingDatabaseManagerAndTimeoutForTest( |
390 scoped_refptr<safe_browsing::SafeBrowsingDatabaseManager> db_manager, | 390 scoped_refptr<safe_browsing::SafeBrowsingDatabaseManager> db_manager, |
391 int timeout) { | 391 int timeout) { |
392 db_manager_ = db_manager; | 392 db_manager_ = db_manager; |
393 safe_browsing_timeout_ = timeout; | 393 safe_browsing_timeout_ = timeout; |
394 } | 394 } |
OLD | NEW |