Chromium Code Reviews Chromium Code Reviews
Issue 408873004:
Fix for cross-origin video check for webgl on android (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: content/renderer/media/android/webmediaplayer_android.cc |
| diff --git a/content/renderer/media/android/webmediaplayer_android.cc b/content/renderer/media/android/webmediaplayer_android.cc |
| index 804ab3aa497ad68cb43e94294d9d7a30ba8c4811..93a2f656db7be58f8a50476f7a8d8791c72ae304 100644 |
| --- a/content/renderer/media/android/webmediaplayer_android.cc |
| +++ b/content/renderer/media/android/webmediaplayer_android.cc |
| @@ -6,6 +6,7 @@ |
| #include <limits> |
| +#include "base/android/build_info.h" |
| #include "base/bind.h" |
| #include "base/callback_helpers.h" |
| #include "base/command_line.h" |
| @@ -54,6 +55,7 @@ |
| #include "ui/gfx/image/image.h" |
| static const uint32 kGLTextureExternalOES = 0x8D65; |
| +static const int kSDKVersionToSupportSecurityOriginCheck = 20; |
| using blink::WebMediaPlayer; |
| using blink::WebSize; |
| @@ -137,6 +139,7 @@ WebMediaPlayerAndroid::WebMediaPlayerAndroid( |
| is_remote_(false), |
| media_log_(media_log), |
| web_cdm_(NULL), |
| + allow_stored_credentials_(false), |
| weak_factory_(this) { |
| DCHECK(player_manager_); |
| DCHECK(cdm_manager_); |
| @@ -230,7 +233,8 @@ void WebMediaPlayerAndroid::load(LoadType load_type, |
| weak_factory_.GetWeakPtr()), |
| base::Bind(&WebMediaPlayerAndroid::OnDurationChanged, |
| weak_factory_.GetWeakPtr())); |
| - InitializePlayer(demuxer_client_id); |
| + InitializePlayer(url_, frame_->document().firstPartyForCookies(), |
| + true, demuxer_client_id); |
| } |
| } else { |
| info_loader_.reset( |
| @@ -239,11 +243,6 @@ void WebMediaPlayerAndroid::load(LoadType load_type, |
| cors_mode, |
| base::Bind(&WebMediaPlayerAndroid::DidLoadMediaInfo, |
| weak_factory_.GetWeakPtr()))); |
| - // TODO(qinmin): The url might be redirected when android media player |
| - // requests the stream. As a result, we cannot guarantee there is only |
| - // a single origin. Remove the following line when b/12573548 is fixed. |
| - // Check http://crbug.com/334204. |
| - info_loader_->set_single_origin(false); |
| info_loader_->Start(frame_); |
| } |
| @@ -254,7 +253,11 @@ void WebMediaPlayerAndroid::load(LoadType load_type, |
| UpdateReadyState(WebMediaPlayer::ReadyStateHaveNothing); |
| } |
| -void WebMediaPlayerAndroid::DidLoadMediaInfo(MediaInfoLoader::Status status) { |
| +void WebMediaPlayerAndroid::DidLoadMediaInfo( |
| + MediaInfoLoader::Status status, |
| + const GURL& redirected_url, |
| + const GURL& fist_party_for_cookies, |
|
Ken Russell (switch to Gerrit)
2014/07/30 20:44:05
typo: first_party_for_cookies
qinmin
2014/07/30 23:46:05
Done.
|
| + bool allow_stored_credentials) { |
| DCHECK(!media_source_delegate_); |
| if (status == MediaInfoLoader::kFailed) { |
| info_loader_.reset(); |
| @@ -262,7 +265,8 @@ void WebMediaPlayerAndroid::DidLoadMediaInfo(MediaInfoLoader::Status status) { |
| return; |
| } |
| - InitializePlayer(0); |
| + InitializePlayer( |
| + redirected_url, fist_party_for_cookies, allow_stored_credentials, 0); |
| UpdateNetworkState(WebMediaPlayer::NetworkStateIdle); |
| } |
| @@ -535,12 +539,21 @@ bool WebMediaPlayerAndroid::copyVideoTextureToPlatformTexture( |
| } |
| bool WebMediaPlayerAndroid::hasSingleSecurityOrigin() const { |
| - if (info_loader_) |
| - return info_loader_->HasSingleOrigin(); |
| - // The info loader may have failed. |
| - if (player_type_ == MEDIA_PLAYER_TYPE_URL) |
| - return false; |
| - return true; |
| + bool ret = HasSingleSecurityOriginInternal(); |
| + // TODO(qinmin): The url might be redirected when android media player |
| + // requests the stream. As a result, we cannot guarantee there is only |
| + // a single origin. Only if the credential information is not requested by the |
| + // destination, we will honor the return value from |
|
Ken Russell (switch to Gerrit)
2014/07/30 20:44:05
"Only if the HTTP request was made without credent
qinmin
2014/07/30 23:46:05
Done.
|
| + // HasSingleSecurityOriginInternal() in pre-L android versions. |
| + // Check http://crbug.com/334204. |
| + if (!ret || player_type_ != MEDIA_PLAYER_TYPE_URL) |
| + return ret; |
| + |
| + if (!allow_stored_credentials_) |
| + return true; |
| + |
| + return base::android::BuildInfo::GetInstance()->sdk_int() >= |
| + kSDKVersionToSupportSecurityOriginCheck; |
| } |
| bool WebMediaPlayerAndroid::didPassCORSAccessCheck() const { |
| @@ -870,11 +883,15 @@ void WebMediaPlayerAndroid::OnDestruct() { |
| } |
| void WebMediaPlayerAndroid::InitializePlayer( |
| + const GURL& url, |
| + const GURL& first_party_for_cookies, |
| + bool allow_stored_credentials, |
| int demuxer_client_id) { |
| - GURL first_party_url = frame_->document().firstPartyForCookies(); |
| + allow_stored_credentials_ = allow_stored_credentials; |
| player_manager_->Initialize( |
| - player_type_, player_id_, url_, first_party_url, demuxer_client_id, |
| - frame_->document().url()); |
| + player_type_, player_id_, url, first_party_for_cookies, demuxer_client_id, |
| + frame_->document().url(), HasSingleSecurityOriginInternal(), |
| + allow_stored_credentials); |
| } |
| void WebMediaPlayerAndroid::Pause(bool is_media_related_action) { |
| @@ -1241,6 +1258,15 @@ bool WebMediaPlayerAndroid::IsKeySystemSupported( |
| IsConcreteSupportedKeySystem(key_system); |
| } |
| +bool WebMediaPlayerAndroid::HasSingleSecurityOriginInternal() const { |
| + if (info_loader_) |
| + return info_loader_->HasSingleOrigin(); |
| + // The info loader may have failed. |
| + if (player_type_ == MEDIA_PLAYER_TYPE_URL) |
| + return false; |
| + return true; |
| +} |
| + |
| WebMediaPlayer::MediaKeyException WebMediaPlayerAndroid::generateKeyRequest( |
| const WebString& key_system, |
| const unsigned char* init_data, |
