Index: chrome/browser/permissions/permission_decision_auto_blocker.h |
diff --git a/chrome/browser/permissions/permission_decision_auto_blocker.h b/chrome/browser/permissions/permission_decision_auto_blocker.h |
index 89ecfc7f77e2b920d393b9493026a214277a7408..9d93978be4df7998f746784f8b27ea3128d41fb5 100644 |
--- a/chrome/browser/permissions/permission_decision_auto_blocker.h |
+++ b/chrome/browser/permissions/permission_decision_auto_blocker.h |
@@ -5,14 +5,38 @@ |
#ifndef CHROME_BROWSER_PERMISSIONS_PERMISSION_DECISION_AUTO_BLOCKER_H_ |
#define CHROME_BROWSER_PERMISSIONS_PERMISSION_DECISION_AUTO_BLOCKER_H_ |
-#include "base/callback_forward.h" |
+#include "base/callback.h" |
#include "base/macros.h" |
+#include "base/memory/ref_counted.h" |
#include "content/public/browser/permission_type.h" |
#include "url/gurl.h" |
class GURL; |
class Profile; |
+namespace content { |
+class WebContents; |
+} |
+ |
+namespace safe_browsing { |
+class SafeBrowsingDatabaseManager; |
+} |
+ |
+namespace base { |
+class Time; |
+} |
+ |
+class HostContentSettingsMap; |
+ |
+// The PermissionDecisionAutoBlocker decides whether or not a given origin |
+// should be automatically blocked from requesting a permission. When an origin |
+// is blocked, it is placed under an "embargo". Until the embargo expires, any |
+// requests made by the origin are automatically blocked. Once the embargo is |
+// lifted, the origin will be permitted to request a permission again, which may |
+// result in it being placed under embargo again. Currently, an origin can be |
+// placed under embargo if it appears on Safe Browsing's API blacklist, or if it |
+// has a number of prior dismissals greater than the threshold specified either |
+// through variations or |g_prompt_dismissals_before_block|. |
raymes
2017/01/18 23:35:00
nit: I would leave out the |g_prompt_dismissals_be
meredithl
2017/01/19 02:11:43
Done.
|
class PermissionDecisionAutoBlocker { |
public: |
// Removes any recorded counts for urls which match |filter| under |profile|. |
@@ -31,10 +55,14 @@ class PermissionDecisionAutoBlocker { |
content::PermissionType permission, |
Profile* profile); |
- // Records that a dismissal of a prompt for |permission| was made. |
- static int RecordDismiss(const GURL& url, |
- content::PermissionType permission, |
- Profile* profile); |
+ // Records that a dismissal of a prompt for |permission| was made. If the |
+ // total number of dismissals exceeds |g_prompt_dismissals_before_block| and |
raymes
2017/01/18 23:35:00
nit: same here
meredithl
2017/01/19 02:11:43
Done.
|
+ // features::kBlockPromptsIfDismissedOften is enabled it will place |url| |
+ // under embargo for |permission|. |
+ static bool RecordDismissAndEmbargo(const GURL& url, |
+ content::PermissionType permission, |
+ Profile* profile, |
+ base::Time current_time); |
// Records that an ignore of a prompt for |permission| was made. |
static int RecordIgnore(const GURL& url, |
@@ -43,6 +71,7 @@ class PermissionDecisionAutoBlocker { |
// Records that a dismissal of a prompt for |permission| was made, and returns |
// true if this dismissal should be considered a block. False otherwise. |
+ // TODO(meredithl): Remove in favour of embargoing on repeated dismissals. |
static bool ShouldChangeDismissalToBlock(const GURL& url, |
content::PermissionType permission, |
Profile* profile); |
@@ -50,12 +79,57 @@ class PermissionDecisionAutoBlocker { |
// Updates the threshold to start blocking prompts from the field trial. |
static void UpdateFromVariations(); |
+ // Checks if |request_origin| is under embargo for |permission|. Internally, |
+ // this will make a call to IsUnderEmbargo to check the content setting first, |
+ // but may also make a call to Safe Browsing to check if |request_origin| is |
+ // blacklisted for |permission|, which is performed asynchronously. |
+ static void UpdateEmbargoedStatus( |
+ scoped_refptr<safe_browsing::SafeBrowsingDatabaseManager> db_manager, |
+ content::PermissionType permission, |
+ const GURL& request_origin, |
+ content::WebContents* web_contents, |
+ int timeout, |
+ Profile* profile, |
+ base::Time current_time, |
+ base::Callback<void(bool)> callback); |
+ |
+ // Checks the status of the content setting to determine if |request_origin| |
+ // is under embargo for |permission|. This checks both embargo for Permissions |
+ // Blacklisting and repeated dismissals. |
+ static bool IsUnderEmbargo(content::PermissionType permission, |
+ Profile* profile, |
+ const GURL& request_origin, |
+ base::Time current_time); |
+ |
private: |
friend class PermissionContextBaseTests; |
+ friend class PermissionDecisionAutoBlockerUnitTest; |
+ |
+ static void CheckSafeBrowsingResult(content::PermissionType permission, |
+ Profile* profile, |
+ const GURL& request_origin, |
+ base::Time current_time, |
+ base::Callback<void(bool)> callback, |
+ bool should_be_embargoed); |
+ |
+ // Sets the embargo status of |request_origin| inside |permission| dictionary |
+ // for testing. |
+ static void PlaceUnderEmbargoForTest(content::PermissionType permission, |
+ const GURL& request_origin, |
+ HostContentSettingsMap* map, |
+ base::Time current_time); |
+ |
+ // Gets the embargo status of the |request_origin| inside the |permission| |
+ // dictionary for testing. |
+ static bool GetEmbargoStatusForTest(content::PermissionType permission, |
+ const GURL& request_origin, |
+ HostContentSettingsMap* map); |
// Keys used for storing count data in a website setting. |
static const char kPromptDismissCountKey[]; |
static const char kPromptIgnoreCountKey[]; |
+ static const char kPermissionDismissalEmbargoKey[]; |
+ static const char kPermissionBlacklistEmbargoKey[]; |
DISALLOW_IMPLICIT_CONSTRUCTORS(PermissionDecisionAutoBlocker); |
}; |