Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(335)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/media/webrtc/media_stream_devices_controller_browsertest.cc

Issue 2880503002: Block insecure pepper requests (Closed)
Patch Set: Block insecure pepper requests Created 3 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/media/webrtc/media_stream_device_permission_context_unittest.cc ('k') | chrome/browser/permissions/permission_context_base.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/media/webrtc/media_stream_devices_controller_browsertest.cc
diff --git a/chrome/browser/media/webrtc/media_stream_devices_controller_browsertest.cc b/chrome/browser/media/webrtc/media_stream_devices_controller_browsertest.cc
index 6900dba6da5ca31faf0fa8add3bf1dc44f72ed98..0abf365d2e05d53c736ac0369e786e57d9fe99de 100644
--- a/chrome/browser/media/webrtc/media_stream_devices_controller_browsertest.cc
+++ b/chrome/browser/media/webrtc/media_stream_devices_controller_browsertest.cc
@@ -31,6 +31,7 @@
#include "components/prefs/pref_service.h"
#include "components/variations/variations_associated_data.h"
#include "content/public/browser/render_frame_host.h"
+#include "content/public/common/content_features.h"
#include "content/public/common/media_stream_request.h"
#include "content/public/test/mock_render_process_host.h"
#include "testing/gtest/include/gtest/gtest.h"
@@ -847,7 +848,8 @@ IN_PROC_BROWSER_TEST_P(MediaStreamDevicesControllerTest,
IN_PROC_BROWSER_TEST_P(MediaStreamDevicesControllerTest,
PepperRequestInsecure) {
InitWithUrl(GURL("http://www.example.com"));
- SetContentSettings(CONTENT_SETTING_ALLOW, CONTENT_SETTING_ALLOW);
+
+ SetPromptResponseType(PermissionRequestManager::ACCEPT_ALL);
RequestPermissions(
GetWebContents(),
@@ -855,7 +857,29 @@ IN_PROC_BROWSER_TEST_P(MediaStreamDevicesControllerTest,
content::MEDIA_OPEN_DEVICE_PEPPER_ONLY),
base::Bind(&MediaStreamDevicesControllerTest::OnMediaStreamResponse,
base::Unretained(this)));
+ ASSERT_EQ(2u, TotalPromptRequestCount());
+
+ ASSERT_EQ(content::MEDIA_DEVICE_OK, media_stream_result());
+ ASSERT_TRUE(CheckDevicesListContains(content::MEDIA_DEVICE_AUDIO_CAPTURE));
+ ASSERT_FALSE(CheckDevicesListContains(content::MEDIA_DEVICE_VIDEO_CAPTURE));
+
+ // Test that with the kRequireSecureOriginsForPepperMediaRequests flag enabled
+ // that permission will be denied.
+ ResetPromptCounters();
+ base::test::ScopedFeatureList scoped_feature_list;
+ scoped_feature_list.InitAndEnableFeature(
+ features::kRequireSecureOriginsForPepperMediaRequests);
+ RequestPermissions(
+ GetWebContents(),
+ CreateRequestWithType(example_audio_id(), example_video_id(),
+ content::MEDIA_OPEN_DEVICE_PEPPER_ONLY),
+ base::Bind(&MediaStreamDevicesControllerTest::OnMediaStreamResponse,
+ base::Unretained(this)));
ASSERT_EQ(0u, TotalPromptRequestCount());
+
+ ASSERT_EQ(content::MEDIA_DEVICE_PERMISSION_DENIED, media_stream_result());
+ ASSERT_FALSE(CheckDevicesListContains(content::MEDIA_DEVICE_AUDIO_CAPTURE));
+ ASSERT_FALSE(CheckDevicesListContains(content::MEDIA_DEVICE_VIDEO_CAPTURE));
}
// Request and block microphone and camera access with kill switch.
« no previous file with comments | « chrome/browser/media/webrtc/media_stream_device_permission_context_unittest.cc ('k') | chrome/browser/permissions/permission_context_base.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698