OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/permissions/permission_context_base.h" | 5 #include "chrome/browser/permissions/permission_context_base.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 | 8 |
9 #include <string> | 9 #include <string> |
10 #include <utility> | 10 #include <utility> |
(...skipping 117 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
128 // Synchronously check the content setting to see if the user has already made | 128 // Synchronously check the content setting to see if the user has already made |
129 // a decision, or if the origin is under embargo. If so, respect that | 129 // a decision, or if the origin is under embargo. If so, respect that |
130 // decision. | 130 // decision. |
131 // TODO(raymes): Pass in the RenderFrameHost of the request here. | 131 // TODO(raymes): Pass in the RenderFrameHost of the request here. |
132 PermissionResult result = GetPermissionStatus( | 132 PermissionResult result = GetPermissionStatus( |
133 nullptr /* render_frame_host */, requesting_origin, embedding_origin); | 133 nullptr /* render_frame_host */, requesting_origin, embedding_origin); |
134 | 134 |
135 if (result.content_setting == CONTENT_SETTING_ALLOW || | 135 if (result.content_setting == CONTENT_SETTING_ALLOW || |
136 result.content_setting == CONTENT_SETTING_BLOCK) { | 136 result.content_setting == CONTENT_SETTING_BLOCK) { |
137 switch (result.source) { | 137 switch (result.source) { |
| 138 case PermissionStatusSource::SAFE_BROWSING_BLACKLIST: |
| 139 LogPermissionBlockedMessage(web_contents, |
| 140 kPermissionBlockedBlacklistMessage, |
| 141 content_settings_type_); |
| 142 break; |
138 case PermissionStatusSource::KILL_SWITCH: | 143 case PermissionStatusSource::KILL_SWITCH: |
139 // Block the request and log to the developer console. | 144 // Block the request and log to the developer console. |
140 LogPermissionBlockedMessage(web_contents, | 145 LogPermissionBlockedMessage(web_contents, |
141 kPermissionBlockedKillSwitchMessage, | 146 kPermissionBlockedKillSwitchMessage, |
142 content_settings_type_); | 147 content_settings_type_); |
143 callback.Run(CONTENT_SETTING_BLOCK); | 148 callback.Run(CONTENT_SETTING_BLOCK); |
144 return; | 149 return; |
145 case PermissionStatusSource::MULTIPLE_DISMISSALS: | 150 case PermissionStatusSource::MULTIPLE_DISMISSALS: |
146 LogPermissionBlockedMessage(web_contents, | 151 LogPermissionBlockedMessage(web_contents, |
147 kPermissionBlockedRepeatedDismissalsMessage, | 152 kPermissionBlockedRepeatedDismissalsMessage, |
148 content_settings_type_); | 153 content_settings_type_); |
149 break; | 154 break; |
150 case PermissionStatusSource::MULTIPLE_IGNORES: | 155 case PermissionStatusSource::MULTIPLE_IGNORES: |
151 LogPermissionBlockedMessage(web_contents, | 156 LogPermissionBlockedMessage(web_contents, |
152 kPermissionBlockedRepeatedIgnoresMessage, | 157 kPermissionBlockedRepeatedIgnoresMessage, |
153 content_settings_type_); | 158 content_settings_type_); |
154 break; | 159 break; |
155 case PermissionStatusSource::SAFE_BROWSING_BLACKLIST: | |
156 LogPermissionBlockedMessage(web_contents, | |
157 kPermissionBlockedBlacklistMessage, | |
158 content_settings_type_); | |
159 break; | |
160 case PermissionStatusSource::UNSPECIFIED: | 160 case PermissionStatusSource::UNSPECIFIED: |
| 161 case PermissionStatusSource::INSECURE_ORIGIN: |
| 162 case PermissionStatusSource::ENTERPRISE_POLICY: |
| 163 case PermissionStatusSource::EXTENSION: |
161 break; | 164 break; |
162 } | 165 } |
163 | 166 |
164 // If we are under embargo, record the embargo reason for which we have | 167 // If we are under embargo, record the embargo reason for which we have |
165 // suppressed the prompt. | 168 // suppressed the prompt. |
166 PermissionUmaUtil::RecordEmbargoPromptSuppressionFromSource(result.source); | 169 PermissionUmaUtil::RecordEmbargoPromptSuppressionFromSource(result.source); |
167 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, | 170 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, |
168 false /* persist */, result.content_setting); | 171 false /* persist */, result.content_setting); |
169 return; | 172 return; |
170 } | 173 } |
(...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
225 const GURL& embedding_origin) const { | 228 const GURL& embedding_origin) const { |
226 // If the permission has been disabled through Finch, block all requests. | 229 // If the permission has been disabled through Finch, block all requests. |
227 if (IsPermissionKillSwitchOn()) { | 230 if (IsPermissionKillSwitchOn()) { |
228 return PermissionResult(CONTENT_SETTING_BLOCK, | 231 return PermissionResult(CONTENT_SETTING_BLOCK, |
229 PermissionStatusSource::KILL_SWITCH); | 232 PermissionStatusSource::KILL_SWITCH); |
230 } | 233 } |
231 | 234 |
232 if (IsRestrictedToSecureOrigins()) { | 235 if (IsRestrictedToSecureOrigins()) { |
233 if (!content::IsOriginSecure(requesting_origin)) { | 236 if (!content::IsOriginSecure(requesting_origin)) { |
234 return PermissionResult(CONTENT_SETTING_BLOCK, | 237 return PermissionResult(CONTENT_SETTING_BLOCK, |
235 PermissionStatusSource::UNSPECIFIED); | 238 PermissionStatusSource::INSECURE_ORIGIN); |
236 } | 239 } |
237 | 240 |
238 // TODO(raymes): We should check the entire chain of embedders here whenever | 241 // TODO(raymes): We should check the entire chain of embedders here whenever |
239 // possible as this corresponds to the requirements of the secure contexts | 242 // possible as this corresponds to the requirements of the secure contexts |
240 // spec and matches what is implemented in blink. Right now we just check | 243 // spec and matches what is implemented in blink. Right now we just check |
241 // the top level and requesting origins. Note: chrome-extension:// origins | 244 // the top level and requesting origins. Note: chrome-extension:// origins |
242 // are currently exempt from checking the embedder chain. crbug.com/530507. | 245 // are currently exempt from checking the embedder chain. crbug.com/530507. |
243 if (!requesting_origin.SchemeIs(extensions::kExtensionScheme) && | 246 if (!requesting_origin.SchemeIs(extensions::kExtensionScheme) && |
244 !content::IsOriginSecure(embedding_origin)) { | 247 !content::IsOriginSecure(embedding_origin)) { |
245 return PermissionResult(CONTENT_SETTING_BLOCK, | 248 return PermissionResult(CONTENT_SETTING_BLOCK, |
246 PermissionStatusSource::UNSPECIFIED); | 249 PermissionStatusSource::INSECURE_ORIGIN); |
247 } | 250 } |
248 } | 251 } |
249 | 252 |
250 // Check whether the feature is enabled for the frame by feature policy. We | 253 // Check whether the feature is enabled for the frame by feature policy. We |
251 // can only do this when a RenderFrameHost has been provided. | 254 // can only do this when a RenderFrameHost has been provided. |
252 if (render_frame_host && | 255 if (render_frame_host && |
253 !PermissionAllowedByFeaturePolicy(render_frame_host)) { | 256 !PermissionAllowedByFeaturePolicy(render_frame_host)) { |
254 return PermissionResult(CONTENT_SETTING_BLOCK, | 257 return PermissionResult(CONTENT_SETTING_BLOCK, |
255 PermissionStatusSource::UNSPECIFIED); | 258 PermissionStatusSource::UNSPECIFIED); |
256 } | 259 } |
257 | 260 |
258 ContentSetting content_setting = GetPermissionStatusInternal( | 261 PermissionResult result = GetPermissionStatusInternal( |
259 render_frame_host, requesting_origin, embedding_origin); | 262 render_frame_host, requesting_origin, embedding_origin); |
260 if (content_setting == CONTENT_SETTING_ASK) { | 263 if (result.content_setting == CONTENT_SETTING_ASK) { |
261 PermissionResult result = | 264 result = PermissionDecisionAutoBlocker::GetForProfile(profile_) |
262 PermissionDecisionAutoBlocker::GetForProfile(profile_) | 265 ->GetEmbargoResult(requesting_origin, content_settings_type_); |
263 ->GetEmbargoResult(requesting_origin, content_settings_type_); | |
264 DCHECK(result.content_setting == CONTENT_SETTING_ASK || | 266 DCHECK(result.content_setting == CONTENT_SETTING_ASK || |
265 result.content_setting == CONTENT_SETTING_BLOCK); | 267 result.content_setting == CONTENT_SETTING_BLOCK); |
266 return result; | |
267 } | 268 } |
268 | 269 return result; |
269 return PermissionResult(content_setting, PermissionStatusSource::UNSPECIFIED); | |
270 } | 270 } |
271 | 271 |
272 PermissionResult PermissionContextBase::UpdatePermissionStatusWithDeviceStatus( | 272 PermissionResult PermissionContextBase::UpdatePermissionStatusWithDeviceStatus( |
273 PermissionResult result, | 273 PermissionResult result, |
274 const GURL& requesting_origin, | 274 const GURL& requesting_origin, |
275 const GURL& embedding_origin) const { | 275 const GURL& embedding_origin) const { |
276 return result; | 276 return result; |
277 } | 277 } |
278 | 278 |
279 void PermissionContextBase::ResetPermission(const GURL& requesting_origin, | 279 void PermissionContextBase::ResetPermission(const GURL& requesting_origin, |
(...skipping 26 matching lines...) Expand all Loading... |
306 } | 306 } |
307 | 307 |
308 bool PermissionContextBase::IsPermissionKillSwitchOn() const { | 308 bool PermissionContextBase::IsPermissionKillSwitchOn() const { |
309 const std::string param = variations::GetVariationParamValue( | 309 const std::string param = variations::GetVariationParamValue( |
310 kPermissionsKillSwitchFieldStudy, | 310 kPermissionsKillSwitchFieldStudy, |
311 PermissionUtil::GetPermissionString(content_settings_type_)); | 311 PermissionUtil::GetPermissionString(content_settings_type_)); |
312 | 312 |
313 return param == kPermissionsKillSwitchBlockedValue; | 313 return param == kPermissionsKillSwitchBlockedValue; |
314 } | 314 } |
315 | 315 |
316 ContentSetting PermissionContextBase::GetPermissionStatusInternal( | 316 PermissionResult PermissionContextBase::GetPermissionStatusInternal( |
317 content::RenderFrameHost* render_frame_host, | 317 content::RenderFrameHost* render_frame_host, |
318 const GURL& requesting_origin, | 318 const GURL& requesting_origin, |
319 const GURL& embedding_origin) const { | 319 const GURL& embedding_origin) const { |
320 return HostContentSettingsMapFactory::GetForProfile(profile_) | 320 content_settings::SettingInfo info; |
321 ->GetContentSetting(requesting_origin, embedding_origin, | 321 std::unique_ptr<base::Value> value = |
322 content_settings_storage_type(), std::string()); | 322 HostContentSettingsMapFactory::GetForProfile(profile_)->GetWebsiteSetting( |
| 323 requesting_origin, embedding_origin, content_settings_storage_type(), |
| 324 std::string(), &info); |
| 325 ContentSetting content_setting = CONTENT_SETTING_DEFAULT; |
| 326 DCHECK(value.get()); |
| 327 DCHECK_EQ(base::Value::Type::INTEGER, value->GetType()); |
| 328 content_setting = content_settings::ValueToContentSetting(value.get()); |
| 329 return PermissionResult( |
| 330 content_setting, |
| 331 PermissionUtil::ConvertSettingSourceToPermissionStatusSource( |
| 332 info.source)); |
323 } | 333 } |
324 | 334 |
325 void PermissionContextBase::DecidePermission( | 335 void PermissionContextBase::DecidePermission( |
326 content::WebContents* web_contents, | 336 content::WebContents* web_contents, |
327 const PermissionRequestID& id, | 337 const PermissionRequestID& id, |
328 const GURL& requesting_origin, | 338 const GURL& requesting_origin, |
329 const GURL& embedding_origin, | 339 const GURL& embedding_origin, |
330 bool user_gesture, | 340 bool user_gesture, |
331 const BrowserPermissionCallback& callback) { | 341 const BrowserPermissionCallback& callback) { |
332 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); | 342 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); |
(...skipping 149 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
482 // Default to ignoring the feature policy. | 492 // Default to ignoring the feature policy. |
483 return true; | 493 return true; |
484 } | 494 } |
485 | 495 |
486 // Some features don't have an associated feature policy yet. Allow those. | 496 // Some features don't have an associated feature policy yet. Allow those. |
487 if (feature_policy_feature_ == blink::WebFeaturePolicyFeature::kNotFound) | 497 if (feature_policy_feature_ == blink::WebFeaturePolicyFeature::kNotFound) |
488 return true; | 498 return true; |
489 | 499 |
490 return rfh->IsFeatureEnabled(feature_policy_feature_); | 500 return rfh->IsFeatureEnabled(feature_policy_feature_); |
491 } | 501 } |
OLD | NEW |