OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/permissions/permission_context_base.h" | 5 #include "chrome/browser/permissions/permission_context_base.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 | 8 |
9 #include <string> | 9 #include <string> |
10 #include <utility> | 10 #include <utility> |
(...skipping 18 matching lines...) Expand all Loading... | |
29 #include "chrome/common/chrome_features.h" | 29 #include "chrome/common/chrome_features.h" |
30 #include "chrome/common/pref_names.h" | 30 #include "chrome/common/pref_names.h" |
31 #include "components/content_settings/core/browser/host_content_settings_map.h" | 31 #include "components/content_settings/core/browser/host_content_settings_map.h" |
32 #include "components/prefs/pref_service.h" | 32 #include "components/prefs/pref_service.h" |
33 #include "components/safe_browsing_db/database_manager.h" | 33 #include "components/safe_browsing_db/database_manager.h" |
34 #include "components/variations/variations_associated_data.h" | 34 #include "components/variations/variations_associated_data.h" |
35 #include "content/public/browser/browser_thread.h" | 35 #include "content/public/browser/browser_thread.h" |
36 #include "content/public/browser/render_frame_host.h" | 36 #include "content/public/browser/render_frame_host.h" |
37 #include "content/public/browser/web_contents.h" | 37 #include "content/public/browser/web_contents.h" |
38 #include "content/public/common/origin_util.h" | 38 #include "content/public/common/origin_util.h" |
39 #include "extensions/common/constants.h" | |
39 #include "url/gurl.h" | 40 #include "url/gurl.h" |
40 | 41 |
41 #if defined(OS_ANDROID) | 42 #if defined(OS_ANDROID) |
42 #include "chrome/browser/permissions/permission_queue_controller.h" | 43 #include "chrome/browser/permissions/permission_queue_controller.h" |
43 #endif | 44 #endif |
44 | 45 |
45 namespace { | 46 namespace { |
46 | 47 |
47 const char kPermissionBlockedKillSwitchMessage[] = | 48 const char kPermissionBlockedKillSwitchMessage[] = |
48 "%s permission has been blocked."; | 49 "%s permission has been blocked."; |
(...skipping 170 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
219 content::RenderFrameHost* render_frame_host, | 220 content::RenderFrameHost* render_frame_host, |
220 const GURL& requesting_origin, | 221 const GURL& requesting_origin, |
221 const GURL& embedding_origin) const { | 222 const GURL& embedding_origin) const { |
222 // If the permission has been disabled through Finch, block all requests. | 223 // If the permission has been disabled through Finch, block all requests. |
223 if (IsPermissionKillSwitchOn()) { | 224 if (IsPermissionKillSwitchOn()) { |
224 return PermissionResult(CONTENT_SETTING_BLOCK, | 225 return PermissionResult(CONTENT_SETTING_BLOCK, |
225 PermissionStatusSource::KILL_SWITCH); | 226 PermissionStatusSource::KILL_SWITCH); |
226 } | 227 } |
227 | 228 |
228 if (IsRestrictedToSecureOrigins()) { | 229 if (IsRestrictedToSecureOrigins()) { |
230 if (!content::IsOriginSecure(requesting_origin)) { | |
231 return PermissionResult(CONTENT_SETTING_BLOCK, | |
232 PermissionStatusSource::UNSPECIFIED); | |
233 } | |
234 | |
229 // TODO(raymes): We should check the entire chain of embedders here whenever | 235 // TODO(raymes): We should check the entire chain of embedders here whenever |
230 // possible as this corresponds to the requirements of the secure contexts | 236 // possible as this corresponds to the requirements of the secure contexts |
231 // spec and matches what is implemented in blink. | 237 // spec and matches what is implemented in blink. Right now we just check |
232 if (!content::IsOriginSecure(requesting_origin) || | 238 // the top level and requesting origins. Note: chrome-extension:// origins |
239 // are currently exempt from checking the embedder chain. crbug.com/530507. | |
240 if (!requesting_origin.SchemeIs(extensions::kExtensionScheme) && | |
raymes
2017/05/22 04:09:39
timloh: I had to add this exception to make tests
Timothy Loh
2017/05/22 04:31:18
Seems reasonable.
| |
233 !content::IsOriginSecure(embedding_origin)) { | 241 !content::IsOriginSecure(embedding_origin)) { |
234 return PermissionResult(CONTENT_SETTING_BLOCK, | 242 return PermissionResult(CONTENT_SETTING_BLOCK, |
235 PermissionStatusSource::UNSPECIFIED); | 243 PermissionStatusSource::UNSPECIFIED); |
236 } | 244 } |
237 } | 245 } |
238 | 246 |
239 ContentSetting content_setting = GetPermissionStatusInternal( | 247 ContentSetting content_setting = GetPermissionStatusInternal( |
240 render_frame_host, requesting_origin, embedding_origin); | 248 render_frame_host, requesting_origin, embedding_origin); |
241 if (content_setting == CONTENT_SETTING_ASK) { | 249 if (content_setting == CONTENT_SETTING_ASK) { |
242 PermissionResult result = | 250 PermissionResult result = |
(...skipping 205 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
448 content_settings_storage_type(), | 456 content_settings_storage_type(), |
449 std::string(), content_setting); | 457 std::string(), content_setting); |
450 } | 458 } |
451 | 459 |
452 ContentSettingsType PermissionContextBase::content_settings_storage_type() | 460 ContentSettingsType PermissionContextBase::content_settings_storage_type() |
453 const { | 461 const { |
454 if (content_settings_type_ == CONTENT_SETTINGS_TYPE_PUSH_MESSAGING) | 462 if (content_settings_type_ == CONTENT_SETTINGS_TYPE_PUSH_MESSAGING) |
455 return CONTENT_SETTINGS_TYPE_NOTIFICATIONS; | 463 return CONTENT_SETTINGS_TYPE_NOTIFICATIONS; |
456 return content_settings_type_; | 464 return content_settings_type_; |
457 } | 465 } |
OLD | NEW |