Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(840)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/permissions/permission_context_base.cc

Issue 2880503002: Block insecure pepper requests (Closed)
Patch Set: Block insecure pepper requests Created 3 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/media/webrtc/media_stream_devices_controller_browsertest.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/permissions/permission_context_base.h" 5 #include "chrome/browser/permissions/permission_context_base.h"
6 6
7 #include <stddef.h> 7 #include <stddef.h>
8 8
9 #include <string> 9 #include <string>
10 #include <utility> 10 #include <utility>
(...skipping 207 matching lines...) Expand 10 before | Expand all | Expand 10 after
218 PermissionResult PermissionContextBase::GetPermissionStatus( 218 PermissionResult PermissionContextBase::GetPermissionStatus(
219 content::RenderFrameHost* render_frame_host, 219 content::RenderFrameHost* render_frame_host,
220 const GURL& requesting_origin, 220 const GURL& requesting_origin,
221 const GURL& embedding_origin) const { 221 const GURL& embedding_origin) const {
222 // If the permission has been disabled through Finch, block all requests. 222 // If the permission has been disabled through Finch, block all requests.
223 if (IsPermissionKillSwitchOn()) { 223 if (IsPermissionKillSwitchOn()) {
224 return PermissionResult(CONTENT_SETTING_BLOCK, 224 return PermissionResult(CONTENT_SETTING_BLOCK,
225 PermissionStatusSource::KILL_SWITCH); 225 PermissionStatusSource::KILL_SWITCH);
226 } 226 }
227 227
228 if (IsRestrictedToSecureOrigins() && 228 if (IsRestrictedToSecureOrigins()) {
229 !content::IsOriginSecure(requesting_origin)) { 229 // TODO(raymes): We should check the entire chain of embedders here whenever
230 return PermissionResult(CONTENT_SETTING_BLOCK, 230 // possible as this corresponds to the requirements of the secure contexts
231 PermissionStatusSource::UNSPECIFIED); 231 // spec and matches what is implemented in blink.
232 if (!content::IsOriginSecure(requesting_origin) ||
233 !content::IsOriginSecure(embedding_origin)) {
234 return PermissionResult(CONTENT_SETTING_BLOCK,
235 PermissionStatusSource::UNSPECIFIED);
236 }
232 } 237 }
233 238
234 ContentSetting content_setting = GetPermissionStatusInternal( 239 ContentSetting content_setting = GetPermissionStatusInternal(
235 render_frame_host, requesting_origin, embedding_origin); 240 render_frame_host, requesting_origin, embedding_origin);
236 if (content_setting == CONTENT_SETTING_ASK) { 241 if (content_setting == CONTENT_SETTING_ASK) {
237 PermissionResult result = 242 PermissionResult result =
238 PermissionDecisionAutoBlocker::GetForProfile(profile_) 243 PermissionDecisionAutoBlocker::GetForProfile(profile_)
239 ->GetEmbargoResult(requesting_origin, content_settings_type_); 244 ->GetEmbargoResult(requesting_origin, content_settings_type_);
240 DCHECK(result.content_setting == CONTENT_SETTING_ASK || 245 DCHECK(result.content_setting == CONTENT_SETTING_ASK ||
241 result.content_setting == CONTENT_SETTING_BLOCK); 246 result.content_setting == CONTENT_SETTING_BLOCK);
(...skipping 201 matching lines...) Expand 10 before | Expand all | Expand 10 after
443 content_settings_storage_type(), 448 content_settings_storage_type(),
444 std::string(), content_setting); 449 std::string(), content_setting);
445 } 450 }
446 451
447 ContentSettingsType PermissionContextBase::content_settings_storage_type() 452 ContentSettingsType PermissionContextBase::content_settings_storage_type()
448 const { 453 const {
449 if (content_settings_type_ == CONTENT_SETTINGS_TYPE_PUSH_MESSAGING) 454 if (content_settings_type_ == CONTENT_SETTINGS_TYPE_PUSH_MESSAGING)
450 return CONTENT_SETTINGS_TYPE_NOTIFICATIONS; 455 return CONTENT_SETTINGS_TYPE_NOTIFICATIONS;
451 return content_settings_type_; 456 return content_settings_type_;
452 } 457 }
OLDNEW
« no previous file with comments | « chrome/browser/media/webrtc/media_stream_devices_controller_browsertest.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698