Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1714)

Unified Diff: content/renderer/pepper/pepper_media_device_manager.cc

Issue 2882133002: Block insecure pepper media requests in the renderer (Closed)
Patch Set: Block insecure pepper media requests Created 3 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: content/renderer/pepper/pepper_media_device_manager.cc
diff --git a/content/renderer/pepper/pepper_media_device_manager.cc b/content/renderer/pepper/pepper_media_device_manager.cc
index 731a3093fcb811594cfe6852afa53b23abbd9ebb..af5a5d9cc7406b1907a447f870c739d9241797c9 100644
--- a/content/renderer/pepper/pepper_media_device_manager.cc
+++ b/content/renderer/pepper/pepper_media_device_manager.cc
@@ -4,12 +4,16 @@
#include "content/renderer/pepper/pepper_media_device_manager.h"
+#include "base/feature_list.h"
#include "base/location.h"
#include "base/logging.h"
#include "base/single_thread_task_runner.h"
#include "base/threading/thread_task_runner_handle.h"
+#include "content/public/common/console_message_level.h"
+#include "content/public/common/content_features.h"
#include "content/renderer/media/media_devices_event_dispatcher.h"
#include "content/renderer/media/media_stream_dispatcher.h"
+#include "content/renderer/pepper/renderer_ppapi_host_impl.h"
#include "content/renderer/render_frame_impl.h"
#include "media/media_features.h"
#include "ppapi/shared_impl/ppb_device_ref_shared.h"
@@ -19,6 +23,12 @@ namespace content {
namespace {
+const char kPepperInsecureOriginMessage[] =
+ "Microphone and Camera access no longer works on insecure origins. To use "
+ "this feature, you should consider switching your application to a "
+ "secure origin, such as HTTPS. See https://goo.gl/rStTGz for more "
+ "details.";
+
PP_DeviceType_Dev FromMediaDeviceType(MediaDeviceType type) {
switch (type) {
case MEDIA_DEVICE_TYPE_AUDIO_INPUT:
@@ -129,16 +139,32 @@ void PepperMediaDeviceManager::StopMonitoringDevices(PP_DeviceType_Dev type,
int PepperMediaDeviceManager::OpenDevice(PP_DeviceType_Dev type,
const std::string& device_id,
- const GURL& document_url,
+ PP_Instance pp_instance,
const OpenDeviceCallback& callback) {
open_callbacks_[next_id_] = callback;
int request_id = next_id_++;
+ RendererPpapiHostImpl* host =
+ RendererPpapiHostImpl::GetForPPInstance(pp_instance);
+ if (base::FeatureList::IsEnabled(
+ features::kRequireSecureOriginsForPepperMediaRequests) &&
+ !host->IsSecureContext(pp_instance)) {
+ RenderFrame* render_frame = host->GetRenderFrameForInstance(pp_instance);
+ if (render_frame) {
+ render_frame->AddMessageToConsole(CONSOLE_MESSAGE_LEVEL_WARNING,
+ kPepperInsecureOriginMessage);
+ }
+ base::ThreadTaskRunnerHandle::Get()->PostTask(
+ FROM_HERE, base::Bind(&PepperMediaDeviceManager::OnDeviceOpenFailed,
+ AsWeakPtr(), request_id));
+ return request_id;
+ }
+
#if BUILDFLAG(ENABLE_WEBRTC)
GetMediaStreamDispatcher()->OpenDevice(
request_id, AsWeakPtr(), device_id,
PepperMediaDeviceManager::FromPepperDeviceType(type),
- url::Origin(document_url.GetOrigin()));
+ url::Origin(host->GetDocumentURL(pp_instance).GetOrigin()));
#else
base::ThreadTaskRunnerHandle::Get()->PostTask(
FROM_HERE, base::Bind(&PepperMediaDeviceManager::OnDeviceOpenFailed,
« no previous file with comments | « content/renderer/pepper/pepper_media_device_manager.h ('k') | content/renderer/pepper/pepper_platform_audio_input.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698