chrome/browser/usb/usb_tab_helper.cc - Issue 2815003005: Integrate WebUSB with Feature Policy

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: chrome/browser/usb/usb_tab_helper.cc

Issue 2815003005: Integrate WebUSB with Feature Policy (Closed)

Patch Set: Rebased Created 3 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: chrome/browser/usb/usb_tab_helper.cc

diff --git a/chrome/browser/usb/usb_tab_helper.cc b/chrome/browser/usb/usb_tab_helper.cc

index 539e8787286bf26323895048f0251cc35e68c3e7..a3ab205fd932a031cab9edeaeab403df425cdc2b 100644

--- a/chrome/browser/usb/usb_tab_helper.cc

+++ b/chrome/browser/usb/usb_tab_helper.cc

@@ -10,7 +10,11 @@

#include "chrome/browser/ui/browser_finder.h"

#include "chrome/browser/ui/tabs/tab_strip_model.h"

#include "chrome/browser/usb/web_usb_permission_provider.h"

+#include "content/public/browser/render_frame_host.h"

+#include "content/public/common/content_features.h"

#include "device/usb/mojo/device_manager_impl.h"

+#include "mojo/public/cpp/bindings/message.h"

+#include "third_party/WebKit/public/platform/WebFeaturePolicyFeature.h"

#if defined(OS_ANDROID)

#include "chrome/browser/android/usb/web_usb_chooser_service_android.h"

@@ -21,6 +25,15 @@

using content::RenderFrameHost;

using content::WebContents;

+namespace {

+// The renderer performs its own feature policy checks so a request that gets

+// to the browser process indicates malicous code.

+const char kFeaturePolicyViolation[] =

+ "Feature policy blocks access to WebUSB.";

+} // namespace

DEFINE_WEB_CONTENTS_USER_DATA_KEY(UsbTabHelper);

struct FrameUsbServices {

@@ -49,7 +62,10 @@ UsbTabHelper::~UsbTabHelper() {}

void UsbTabHelper::CreateDeviceManager(

RenderFrameHost* render_frame_host,

mojo::InterfaceRequest<device::mojom::UsbDeviceManager> request) {

- DCHECK(WebContents::FromRenderFrameHost(render_frame_host) == web_contents());

+ if (!AllowedByFeaturePolicy(render_frame_host)) {

+ mojo::ReportBadMessage(kFeaturePolicyViolation);

+ return;

+ }

device::usb::DeviceManagerImpl::Create(

GetPermissionProvider(render_frame_host), std::move(request));

}

@@ -57,6 +73,10 @@ void UsbTabHelper::CreateDeviceManager(

void UsbTabHelper::CreateChooserService(

content::RenderFrameHost* render_frame_host,

mojo::InterfaceRequest<device::mojom::UsbChooserService> request) {

+ if (!AllowedByFeaturePolicy(render_frame_host)) {

+ mojo::ReportBadMessage(kFeaturePolicyViolation);

+ return;

+ }

GetChooserService(render_frame_host, std::move(request));

}

@@ -144,3 +164,13 @@ void UsbTabHelper::NotifyTabStateChanged() const {

}

#endif

}

+bool UsbTabHelper::AllowedByFeaturePolicy(

+ RenderFrameHost* render_frame_host) const {

+ DCHECK(WebContents::FromRenderFrameHost(render_frame_host) == web_contents());

+ if (base::FeatureList::IsEnabled(features::kFeaturePolicy)) {

+ return render_frame_host->IsFeatureEnabled(

+ blink::WebFeaturePolicyFeature::kUsb);

+ }

+ return web_contents()->GetMainFrame() == render_frame_host;

« no previous file with comments | « chrome/browser/usb/usb_tab_helper.h ('k') | chrome/browser/usb/web_usb_permission_provider.h » ('j') | no next file with comments »