content/renderer/pepper/pepper_media_device_manager.cc - Issue 2882133002: Block insecure pepper media requests in the renderer

Unified Diff: content/renderer/pepper/pepper_media_device_manager.cc

Issue 2882133002: Block insecure pepper media requests in the renderer (Closed)

Patch Set: Block insecure pepper media requests Created 3 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« no previous file with comments | « content/renderer/pepper/pepper_media_device_manager.h ('k') | content/renderer/pepper/pepper_platform_audio_input.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: content/renderer/pepper/pepper_media_device_manager.cc

diff --git a/content/renderer/pepper/pepper_media_device_manager.cc b/content/renderer/pepper/pepper_media_device_manager.cc

index 731a3093fcb811594cfe6852afa53b23abbd9ebb..af5a5d9cc7406b1907a447f870c739d9241797c9 100644

--- a/content/renderer/pepper/pepper_media_device_manager.cc

+++ b/content/renderer/pepper/pepper_media_device_manager.cc

@@ -4,12 +4,16 @@

#include "content/renderer/pepper/pepper_media_device_manager.h"

+#include "base/feature_list.h"

#include "base/location.h"

#include "base/logging.h"

#include "base/single_thread_task_runner.h"

#include "base/threading/thread_task_runner_handle.h"

+#include "content/public/common/console_message_level.h"

+#include "content/public/common/content_features.h"

#include "content/renderer/media/media_devices_event_dispatcher.h"

#include "content/renderer/media/media_stream_dispatcher.h"

+#include "content/renderer/pepper/renderer_ppapi_host_impl.h"

#include "content/renderer/render_frame_impl.h"

#include "media/media_features.h"

#include "ppapi/shared_impl/ppb_device_ref_shared.h"

@@ -19,6 +23,12 @@ namespace content {

namespace {

+const char kPepperInsecureOriginMessage[] =

+ "Microphone and Camera access no longer works on insecure origins. To use "

+ "this feature, you should consider switching your application to a "

+ "secure origin, such as HTTPS. See https://goo.gl/rStTGz for more "

+ "details.";

PP_DeviceType_Dev FromMediaDeviceType(MediaDeviceType type) {

switch (type) {

case MEDIA_DEVICE_TYPE_AUDIO_INPUT:

@@ -129,16 +139,32 @@ void PepperMediaDeviceManager::StopMonitoringDevices(PP_DeviceType_Dev type,

int PepperMediaDeviceManager::OpenDevice(PP_DeviceType_Dev type,

const std::string& device_id,

- const GURL& document_url,

+ PP_Instance pp_instance,

const OpenDeviceCallback& callback) {

open_callbacks_[next_id_] = callback;

int request_id = next_id_++;

+ RendererPpapiHostImpl* host =

+ RendererPpapiHostImpl::GetForPPInstance(pp_instance);

+ if (base::FeatureList::IsEnabled(

+ features::kRequireSecureOriginsForPepperMediaRequests) &&

+ !host->IsSecureContext(pp_instance)) {

+ RenderFrame* render_frame = host->GetRenderFrameForInstance(pp_instance);

+ if (render_frame) {

+ render_frame->AddMessageToConsole(CONSOLE_MESSAGE_LEVEL_WARNING,

+ kPepperInsecureOriginMessage);

+ }

+ base::ThreadTaskRunnerHandle::Get()->PostTask(

+ FROM_HERE, base::Bind(&PepperMediaDeviceManager::OnDeviceOpenFailed,

+ AsWeakPtr(), request_id));

+ return request_id;

+ }

#if BUILDFLAG(ENABLE_WEBRTC)

GetMediaStreamDispatcher()->OpenDevice(

request_id, AsWeakPtr(), device_id,

PepperMediaDeviceManager::FromPepperDeviceType(type),

- url::Origin(document_url.GetOrigin()));

+ url::Origin(host->GetDocumentURL(pp_instance).GetOrigin()));

#else

base::ThreadTaskRunnerHandle::Get()->PostTask(

FROM_HERE, base::Bind(&PepperMediaDeviceManager::OnDeviceOpenFailed,

« no previous file with comments | « content/renderer/pepper/pepper_media_device_manager.h ('k') | content/renderer/pepper/pepper_platform_audio_input.h » ('j') | no next file with comments »