Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1682)

Unified Diff: chrome/browser/permissions/permission_decision_auto_blocker.h

Issue 2622983003: Implement embargo in PermissionDecisionAutoBlocker (Closed)
Patch Set: Testing clean up and nits Created 3 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: chrome/browser/permissions/permission_decision_auto_blocker.h
diff --git a/chrome/browser/permissions/permission_decision_auto_blocker.h b/chrome/browser/permissions/permission_decision_auto_blocker.h
index 89ecfc7f77e2b920d393b9493026a214277a7408..a84a5f90d73f79dabc553c18afa44b16b0c171f4 100644
--- a/chrome/browser/permissions/permission_decision_auto_blocker.h
+++ b/chrome/browser/permissions/permission_decision_auto_blocker.h
@@ -5,14 +5,37 @@
#ifndef CHROME_BROWSER_PERMISSIONS_PERMISSION_DECISION_AUTO_BLOCKER_H_
#define CHROME_BROWSER_PERMISSIONS_PERMISSION_DECISION_AUTO_BLOCKER_H_
-#include "base/callback_forward.h"
+#include "base/callback.h"
#include "base/macros.h"
+#include "base/memory/ref_counted.h"
#include "content/public/browser/permission_type.h"
#include "url/gurl.h"
class GURL;
class Profile;
+namespace content {
+class WebContents;
+}
+
+namespace safe_browsing {
+class SafeBrowsingDatabaseManager;
+}
+
+namespace base {
+class Time;
+}
+
+class HostContentSettingsMap;
+
+// The PermissionDecisionAutoBlocker decides whether or not a given origin
+// should be automatically blocked from requesting a permission. When an origin
+// is blocked, it is placed under an "embargo". Until the embargo expires, any
+// requests made by the origin are automatically blocked. Once the embargo is
+// lifted, the origin will be permitted to request a permission again, which may
+// result in it being placed under embargo again. Currently, an origin can be
+// placed under embargo if it appears on Safe Browsing's API blacklist, or if it
+// has a number of prior dismissals greater than a threshold.
class PermissionDecisionAutoBlocker {
public:
// Removes any recorded counts for urls which match |filter| under |profile|.
@@ -31,10 +54,14 @@ class PermissionDecisionAutoBlocker {
content::PermissionType permission,
Profile* profile);
- // Records that a dismissal of a prompt for |permission| was made.
- static int RecordDismiss(const GURL& url,
- content::PermissionType permission,
- Profile* profile);
+ // Records that a dismissal of a prompt for |permission| was made. If the
+ // total number of dismissals exceeds a threshhold and
+ // features::kBlockPromptsIfDismissedOften is enabled it will place |url|
+ // under embargo for |permission|.
+ static bool RecordDismissAndEmbargo(const GURL& url,
+ content::PermissionType permission,
+ Profile* profile,
+ base::Time current_time);
// Records that an ignore of a prompt for |permission| was made.
static int RecordIgnore(const GURL& url,
@@ -43,6 +70,7 @@ class PermissionDecisionAutoBlocker {
// Records that a dismissal of a prompt for |permission| was made, and returns
// true if this dismissal should be considered a block. False otherwise.
+ // TODO(meredithl): Remove in favour of embargoing on repeated dismissals.
static bool ShouldChangeDismissalToBlock(const GURL& url,
content::PermissionType permission,
Profile* profile);
@@ -50,12 +78,50 @@ class PermissionDecisionAutoBlocker {
// Updates the threshold to start blocking prompts from the field trial.
static void UpdateFromVariations();
+ // Checks if |request_origin| is under embargo for |permission|. Internally,
+ // this will make a call to IsUnderEmbargo to check the content setting first,
+ // but may also make a call to Safe Browsing to check if |request_origin| is
+ // blacklisted for |permission|, which is performed asynchronously.
+ static void UpdateEmbargoedStatus(
+ scoped_refptr<safe_browsing::SafeBrowsingDatabaseManager> db_manager,
+ content::PermissionType permission,
+ const GURL& request_origin,
+ content::WebContents* web_contents,
+ int timeout,
+ Profile* profile,
+ base::Time current_time,
+ base::Callback<void(bool)> callback);
+
+ // Checks the status of the content setting to determine if |request_origin|
+ // is under embargo for |permission|. This checks both embargo for Permissions
+ // Blacklisting and repeated dismissals.
+ static bool IsUnderEmbargo(content::PermissionType permission,
+ Profile* profile,
+ const GURL& request_origin,
+ base::Time current_time);
+
private:
friend class PermissionContextBaseTests;
+ friend class PermissionDecisionAutoBlockerUnitTest;
+
+ static void CheckSafeBrowsingResult(content::PermissionType permission,
+ Profile* profile,
+ const GURL& request_origin,
+ base::Time current_time,
+ base::Callback<void(bool)> callback,
+ bool should_be_embargoed);
+
+ static void PlaceUnderEmbargo(content::PermissionType permission,
+ const GURL& request_origin,
+ HostContentSettingsMap* map,
+ base::Time current_time,
+ const char* key);
// Keys used for storing count data in a website setting.
static const char kPromptDismissCountKey[];
static const char kPromptIgnoreCountKey[];
+ static const char kPermissionDismissalEmbargoKey[];
+ static const char kPermissionBlacklistEmbargoKey[];
DISALLOW_IMPLICIT_CONSTRUCTORS(PermissionDecisionAutoBlocker);
};

Powered by Google App Engine
This is Rietveld 408576698