OLD | NEW |
---|---|
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/permissions/permission_decision_auto_blocker.h" | 5 #include "chrome/browser/permissions/permission_decision_auto_blocker.h" |
6 | 6 |
7 #include <memory> | 7 #include <memory> |
8 | 8 |
9 #include "base/feature_list.h" | 9 #include "base/feature_list.h" |
10 #include "base/logging.h" | 10 #include "base/logging.h" |
11 #include "base/memory/ptr_util.h" | 11 #include "base/memory/ptr_util.h" |
12 #include "base/strings/string_number_conversions.h" | 12 #include "base/strings/string_number_conversions.h" |
13 #include "base/time/time.h" | |
13 #include "base/values.h" | 14 #include "base/values.h" |
14 #include "chrome/browser/content_settings/host_content_settings_map_factory.h" | 15 #include "chrome/browser/content_settings/host_content_settings_map_factory.h" |
16 #include "chrome/browser/permissions/permission_blacklist_client.h" | |
15 #include "chrome/browser/permissions/permission_util.h" | 17 #include "chrome/browser/permissions/permission_util.h" |
16 #include "chrome/common/chrome_features.h" | 18 #include "chrome/common/chrome_features.h" |
17 #include "components/content_settings/core/browser/host_content_settings_map.h" | 19 #include "components/content_settings/core/browser/host_content_settings_map.h" |
18 #include "components/variations/variations_associated_data.h" | 20 #include "components/variations/variations_associated_data.h" |
19 #include "content/public/browser/permission_type.h" | 21 #include "content/public/browser/permission_type.h" |
22 #include "content/public/browser/web_contents.h" | |
20 #include "url/gurl.h" | 23 #include "url/gurl.h" |
21 | 24 |
22 namespace { | 25 namespace { |
23 | 26 |
24 // The number of times that users may explicitly dismiss a permission prompt | 27 // The number of times that users may explicitly dismiss a permission prompt |
25 // from an origin before it is automatically blocked. | 28 // from an origin before it is automatically blocked. |
26 int g_prompt_dismissals_before_block = 3; | 29 int g_prompt_dismissals_before_block = 3; |
27 | 30 |
31 // The number of days that an origin will stay under embargo for a requested | |
32 // permission due to blacklisting. | |
33 int g_blacklist_embargo_days = 7; | |
34 | |
35 // The number of days that an origin will stay under embargo for a requested | |
36 // permission due to repeated dismissals. | |
37 int g_dismissal_embargo_days = 7; | |
38 | |
28 std::unique_ptr<base::DictionaryValue> GetOriginDict( | 39 std::unique_ptr<base::DictionaryValue> GetOriginDict( |
29 HostContentSettingsMap* settings, | 40 HostContentSettingsMap* settings, |
30 const GURL& origin_url) { | 41 const GURL& origin_url) { |
31 std::unique_ptr<base::DictionaryValue> dict = | 42 std::unique_ptr<base::DictionaryValue> dict = |
32 base::DictionaryValue::From(settings->GetWebsiteSetting( | 43 base::DictionaryValue::From(settings->GetWebsiteSetting( |
33 origin_url, origin_url, | 44 origin_url, GURL(), CONTENT_SETTINGS_TYPE_PROMPT_NO_DECISION_COUNT, |
34 CONTENT_SETTINGS_TYPE_PROMPT_NO_DECISION_COUNT, std::string(), | 45 std::string(), nullptr)); |
35 nullptr)); | |
36 if (!dict) | 46 if (!dict) |
37 return base::MakeUnique<base::DictionaryValue>(); | 47 return base::MakeUnique<base::DictionaryValue>(); |
38 | 48 |
39 return dict; | 49 return dict; |
40 } | 50 } |
41 | 51 |
42 base::DictionaryValue* GetOrCreatePermissionDict( | 52 base::DictionaryValue* GetOrCreatePermissionDict( |
43 base::DictionaryValue* origin_dict, | 53 base::DictionaryValue* origin_dict, |
44 const std::string& permission) { | 54 const std::string& permission) { |
45 base::DictionaryValue* permission_dict = nullptr; | 55 base::DictionaryValue* permission_dict = nullptr; |
(...skipping 29 matching lines...) Expand all Loading... | |
75 return current_count; | 85 return current_count; |
76 } | 86 } |
77 | 87 |
78 int GetActionCount(const GURL& url, | 88 int GetActionCount(const GURL& url, |
79 content::PermissionType permission, | 89 content::PermissionType permission, |
80 const char* key, | 90 const char* key, |
81 Profile* profile) { | 91 Profile* profile) { |
82 HostContentSettingsMap* map = | 92 HostContentSettingsMap* map = |
83 HostContentSettingsMapFactory::GetForProfile(profile); | 93 HostContentSettingsMapFactory::GetForProfile(profile); |
84 std::unique_ptr<base::DictionaryValue> dict = GetOriginDict(map, url); | 94 std::unique_ptr<base::DictionaryValue> dict = GetOriginDict(map, url); |
85 | |
86 base::DictionaryValue* permission_dict = GetOrCreatePermissionDict( | 95 base::DictionaryValue* permission_dict = GetOrCreatePermissionDict( |
87 dict.get(), PermissionUtil::GetPermissionString(permission)); | 96 dict.get(), PermissionUtil::GetPermissionString(permission)); |
88 | 97 |
89 int current_count = 0; | 98 int current_count = 0; |
90 permission_dict->GetInteger(key, ¤t_count); | 99 permission_dict->GetInteger(key, ¤t_count); |
91 return current_count; | 100 return current_count; |
92 } | 101 } |
93 | 102 |
103 void PlaceUnderEmbargo(content::PermissionType permission, | |
104 const GURL& request_origin, | |
105 HostContentSettingsMap* map, | |
106 base::Time current_time, | |
107 const char* key) { | |
108 std::unique_ptr<base::DictionaryValue> dict = | |
109 GetOriginDict(map, request_origin); | |
110 base::DictionaryValue* permission_dict = GetOrCreatePermissionDict( | |
111 dict.get(), PermissionUtil::GetPermissionString(permission)); | |
112 permission_dict->SetDouble(key, current_time.ToInternalValue()); | |
113 map->SetWebsiteSettingDefaultScope( | |
114 request_origin, GURL(), CONTENT_SETTINGS_TYPE_PROMPT_NO_DECISION_COUNT, | |
115 std::string(), std::move(dict)); | |
116 } | |
117 | |
94 } // namespace | 118 } // namespace |
95 | 119 |
96 // static | 120 // static |
97 const char PermissionDecisionAutoBlocker::kPromptDismissCountKey[] = | 121 const char PermissionDecisionAutoBlocker::kPromptDismissCountKey[] = |
98 "dismiss_count"; | 122 "dismiss_count"; |
99 | 123 |
100 // static | 124 // static |
101 const char PermissionDecisionAutoBlocker::kPromptIgnoreCountKey[] = | 125 const char PermissionDecisionAutoBlocker::kPromptIgnoreCountKey[] = |
102 "ignore_count"; | 126 "ignore_count"; |
103 | 127 |
104 // static | 128 // static |
129 const char PermissionDecisionAutoBlocker::kPermissionBlacklistEmbargoKey[] = | |
130 "blacklisting_embargo_days"; | |
131 | |
132 // static | |
133 const char PermissionDecisionAutoBlocker::kPermissionDismissalEmbargoKey[] = | |
134 "dismissal_embargo_days"; | |
135 | |
136 // static | |
105 void PermissionDecisionAutoBlocker::RemoveCountsByUrl( | 137 void PermissionDecisionAutoBlocker::RemoveCountsByUrl( |
106 Profile* profile, | 138 Profile* profile, |
107 base::Callback<bool(const GURL& url)> filter) { | 139 base::Callback<bool(const GURL& url)> filter) { |
108 HostContentSettingsMap* map = | 140 HostContentSettingsMap* map = |
109 HostContentSettingsMapFactory::GetForProfile(profile); | 141 HostContentSettingsMapFactory::GetForProfile(profile); |
110 | 142 |
111 std::unique_ptr<ContentSettingsForOneType> settings( | 143 std::unique_ptr<ContentSettingsForOneType> settings( |
112 new ContentSettingsForOneType); | 144 new ContentSettingsForOneType); |
113 map->GetSettingsForOneType(CONTENT_SETTINGS_TYPE_PROMPT_NO_DECISION_COUNT, | 145 map->GetSettingsForOneType(CONTENT_SETTINGS_TYPE_PROMPT_NO_DECISION_COUNT, |
114 std::string(), settings.get()); | 146 std::string(), settings.get()); |
(...skipping 19 matching lines...) Expand all Loading... | |
134 | 166 |
135 // static | 167 // static |
136 int PermissionDecisionAutoBlocker::GetIgnoreCount( | 168 int PermissionDecisionAutoBlocker::GetIgnoreCount( |
137 const GURL& url, | 169 const GURL& url, |
138 content::PermissionType permission, | 170 content::PermissionType permission, |
139 Profile* profile) { | 171 Profile* profile) { |
140 return GetActionCount(url, permission, kPromptIgnoreCountKey, profile); | 172 return GetActionCount(url, permission, kPromptIgnoreCountKey, profile); |
141 } | 173 } |
142 | 174 |
143 // static | 175 // static |
144 int PermissionDecisionAutoBlocker::RecordDismiss( | 176 bool PermissionDecisionAutoBlocker::RecordDismissAndEmbargo( |
145 const GURL& url, | 177 const GURL& url, |
146 content::PermissionType permission, | 178 content::PermissionType permission, |
147 Profile* profile) { | 179 Profile* profile, |
148 return RecordActionInWebsiteSettings(url, permission, kPromptDismissCountKey, | 180 base::Time current_time) { |
149 profile); | 181 int current_dismissal_count = RecordActionInWebsiteSettings( |
182 url, permission, kPromptDismissCountKey, profile); | |
183 if (base::FeatureList::IsEnabled(features::kBlockPromptsIfDismissedOften) && | |
184 current_dismissal_count >= g_prompt_dismissals_before_block) { | |
185 HostContentSettingsMap* map = | |
186 HostContentSettingsMapFactory::GetForProfile(profile); | |
187 PlaceUnderEmbargo(permission, url, map, current_time, | |
188 kPermissionDismissalEmbargoKey); | |
189 return true; | |
190 } | |
191 return false; | |
150 } | 192 } |
151 | 193 |
152 // static | 194 // static |
153 int PermissionDecisionAutoBlocker::RecordIgnore( | 195 int PermissionDecisionAutoBlocker::RecordIgnore( |
154 const GURL& url, | 196 const GURL& url, |
155 content::PermissionType permission, | 197 content::PermissionType permission, |
156 Profile* profile) { | 198 Profile* profile) { |
157 return RecordActionInWebsiteSettings(url, permission, kPromptIgnoreCountKey, | 199 return RecordActionInWebsiteSettings(url, permission, kPromptIgnoreCountKey, |
158 profile); | 200 profile); |
159 } | 201 } |
160 | 202 |
161 // static | 203 // static |
162 bool PermissionDecisionAutoBlocker::ShouldChangeDismissalToBlock( | 204 bool PermissionDecisionAutoBlocker::ShouldChangeDismissalToBlock( |
163 const GURL& url, | 205 const GURL& url, |
164 content::PermissionType permission, | 206 content::PermissionType permission, |
165 Profile* profile) { | 207 Profile* profile) { |
166 int current_dismissal_count = RecordDismiss(url, permission, profile); | 208 int current_dismissal_count = |
209 RecordDismissAndEmbargo(url, permission, profile, base::Time::Now()); | |
167 | 210 |
168 if (!base::FeatureList::IsEnabled(features::kBlockPromptsIfDismissedOften)) | 211 if (!base::FeatureList::IsEnabled(features::kBlockPromptsIfDismissedOften)) |
169 return false; | 212 return false; |
170 | 213 |
171 return current_dismissal_count >= g_prompt_dismissals_before_block; | 214 return current_dismissal_count >= g_prompt_dismissals_before_block; |
172 } | 215 } |
173 | 216 |
174 // static | 217 // static |
175 void PermissionDecisionAutoBlocker::UpdateFromVariations() { | 218 void PermissionDecisionAutoBlocker::UpdateFromVariations() { |
176 int prompt_dismissals = -1; | 219 int prompt_dismissals = -1; |
177 std::string value = variations::GetVariationParamValueByFeature( | 220 int blacklist_embargo_days = -1; |
221 int dismissal_embargo_days = -1; | |
222 std::string dismissals_value = variations::GetVariationParamValueByFeature( | |
178 features::kBlockPromptsIfDismissedOften, kPromptDismissCountKey); | 223 features::kBlockPromptsIfDismissedOften, kPromptDismissCountKey); |
224 std::string blacklist_embargo_value = | |
225 variations::GetVariationParamValueByFeature( | |
226 features::kPermissionsBlacklist, kPermissionBlacklistEmbargoKey); | |
227 std::string dismissal_embargo_value = | |
228 variations::GetVariationParamValueByFeature( | |
229 features::kBlockPromptsIfDismissedOften, | |
230 kPermissionDismissalEmbargoKey); | |
231 // If converting the value fails, stick with the current value. | |
232 if (base::StringToInt(dismissals_value, &prompt_dismissals) && | |
233 prompt_dismissals > 0) { | |
234 g_prompt_dismissals_before_block = prompt_dismissals; | |
235 } | |
236 if (base::StringToInt(blacklist_embargo_value, &blacklist_embargo_days) && | |
237 blacklist_embargo_days > 0) { | |
238 g_blacklist_embargo_days = blacklist_embargo_days; | |
239 } | |
240 if (base::StringToInt(dismissal_embargo_value, &dismissal_embargo_days) && | |
241 dismissal_embargo_days > 0) { | |
242 g_dismissal_embargo_days = dismissal_embargo_days; | |
243 } | |
244 } | |
179 | 245 |
180 // If converting the value fails, stick with the current value. | 246 // static |
181 if (base::StringToInt(value, &prompt_dismissals) && prompt_dismissals > 0) | 247 // TODO(meredithl): Have PermissionDecisionAutoBlocker handle the database |
182 g_prompt_dismissals_before_block = prompt_dismissals; | 248 // manager, rather than passing it in. |
249 void PermissionDecisionAutoBlocker::UpdateEmbargoedStatus( | |
250 scoped_refptr<safe_browsing::SafeBrowsingDatabaseManager> db_manager, | |
251 content::PermissionType permission, | |
252 const GURL& request_origin, | |
253 content::WebContents* web_contents, | |
254 int timeout, | |
255 Profile* profile, | |
256 base::Time current_time, | |
257 base::Callback<void(bool)> callback) { | |
258 // Check if origin is currently under embargo for the requested permission. | |
259 if (IsUnderEmbargo(permission, profile, request_origin, current_time)) { | |
260 callback.Run(true /* permission_blocked */); | |
261 return; | |
262 } | |
263 | |
264 if (base::FeatureList::IsEnabled(features::kPermissionsBlacklist) && | |
265 db_manager) { | |
266 PermissionBlacklistClient::CheckSafeBrowsingBlacklist( | |
267 db_manager, permission, request_origin, web_contents, timeout, | |
268 base::Bind(&PermissionDecisionAutoBlocker::CheckSafeBrowsingResult, | |
269 permission, profile, request_origin, current_time, | |
270 callback)); | |
271 } | |
272 | |
273 callback.Run(false /* permission blocked */); | |
183 } | 274 } |
275 | |
276 // static | |
277 bool PermissionDecisionAutoBlocker::IsUnderEmbargo( | |
278 content::PermissionType permission, | |
279 Profile* profile, | |
280 const GURL& request_origin, | |
281 base::Time current_time) { | |
282 HostContentSettingsMap* map = | |
283 HostContentSettingsMapFactory::GetForProfile(profile); | |
284 std::unique_ptr<base::DictionaryValue> dict = | |
285 GetOriginDict(map, request_origin); | |
286 base::DictionaryValue* permission_dict = GetOrCreatePermissionDict( | |
287 dict.get(), PermissionUtil::GetPermissionString(permission)); | |
288 double embargo_date = -1; | |
289 bool is_under_dismiss_embargo = false, is_under_blacklist_embargo = false; | |
raymes
2017/01/18 23:35:00
nit: Put each declaration on a new line.
meredithl
2017/01/19 02:11:43
Done.
| |
290 if (base::FeatureList::IsEnabled(features::kPermissionsBlacklist) && | |
291 permission_dict->GetDouble(kPermissionBlacklistEmbargoKey, | |
292 &embargo_date)) { | |
293 if (current_time < | |
294 base::Time::FromInternalValue(embargo_date) + | |
295 base::TimeDelta::FromDays(g_blacklist_embargo_days)) { | |
296 is_under_blacklist_embargo = true; | |
297 } | |
298 } | |
299 | |
300 if (base::FeatureList::IsEnabled(features::kBlockPromptsIfDismissedOften) && | |
301 permission_dict->GetDouble(kPermissionDismissalEmbargoKey, | |
302 &embargo_date)) { | |
303 if (current_time < | |
304 base::Time::FromInternalValue(embargo_date) + | |
305 base::TimeDelta::FromDays(g_dismissal_embargo_days)) { | |
306 is_under_dismiss_embargo = true; | |
307 } | |
308 } | |
309 // If either embargoes are still in effect, return true. | |
raymes
2017/01/18 23:35:00
nit: // If either of the embargoes is still in eff
meredithl
2017/01/19 02:11:43
Done.
| |
310 return is_under_dismiss_embargo || is_under_blacklist_embargo; | |
311 } | |
312 | |
313 // static | |
314 void PermissionDecisionAutoBlocker::CheckSafeBrowsingResult( | |
315 content::PermissionType permission, | |
316 Profile* profile, | |
317 const GURL& request_origin, | |
318 base::Time current_time, | |
319 base::Callback<void(bool)> callback, | |
320 bool should_be_embargoed) { | |
321 if (should_be_embargoed) { | |
322 // Requesting site is blacklisted for this permission, update the content | |
323 // setting to place it under embargo. | |
324 PlaceUnderEmbargo(permission, request_origin, | |
325 HostContentSettingsMapFactory::GetForProfile(profile), | |
326 current_time, kPermissionBlacklistEmbargoKey); | |
327 } | |
328 callback.Run(should_be_embargoed /* permission blocked */); | |
329 } | |
330 | |
331 // static | |
332 void PermissionDecisionAutoBlocker::PlaceUnderEmbargoForTest( | |
333 content::PermissionType permission, | |
334 const GURL& request_origin, | |
335 HostContentSettingsMap* map, | |
336 base::Time current_time) { | |
337 PlaceUnderEmbargo(permission, request_origin, map, current_time, | |
338 kPermissionBlacklistEmbargoKey); | |
339 } | |
340 | |
341 // static | |
342 bool PermissionDecisionAutoBlocker::GetEmbargoStatusForTest( | |
343 content::PermissionType permission, | |
344 const GURL& request_origin, | |
345 HostContentSettingsMap* map) { | |
346 std::unique_ptr<base::DictionaryValue> dict = | |
347 GetOriginDict(map, request_origin); | |
348 base::DictionaryValue* permission_dict = GetOrCreatePermissionDict( | |
349 dict.get(), PermissionUtil::GetPermissionString(permission)); | |
350 return permission_dict->GetDouble(kPermissionBlacklistEmbargoKey, nullptr); | |
351 } | |
OLD | NEW |