| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/media/media_stream_devices_controller.h" | 5 #include "chrome/browser/media/media_stream_devices_controller.h" |
| 6 | 6 |
| 7 #include "base/metrics/histogram.h" | 7 #include "base/metrics/histogram.h" |
| 8 #include "base/prefs/scoped_user_pref_update.h" | 8 #include "base/prefs/scoped_user_pref_update.h" |
| 9 #include "base/strings/utf_string_conversions.h" | 9 #include "base/strings/utf_string_conversions.h" |
| 10 #include "base/values.h" | 10 #include "base/values.h" |
| (...skipping 480 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 491 UMA_HISTOGRAM_ENUMERATION("Media.DevicePermissionActions", | 491 UMA_HISTOGRAM_ENUMERATION("Media.DevicePermissionActions", |
| 492 kCancel, kPermissionActionsMax); | 492 kCancel, kPermissionActionsMax); |
| 493 Deny(false, content::MEDIA_DEVICE_PERMISSION_DISMISSED); | 493 Deny(false, content::MEDIA_DEVICE_PERMISSION_DISMISSED); |
| 494 } | 494 } |
| 495 | 495 |
| 496 void MediaStreamDevicesController::RequestFinished() { | 496 void MediaStreamDevicesController::RequestFinished() { |
| 497 delete this; | 497 delete this; |
| 498 } | 498 } |
| 499 | 499 |
| 500 bool MediaStreamDevicesController::IsRequestAllowedByDefault() const { | 500 bool MediaStreamDevicesController::IsRequestAllowedByDefault() const { |
| 501 // If not all ancestors of the requesting frame have the same origin, do not |
| 502 // allow the request per default. |
| 503 if (!request_.all_ancestors_have_same_origin) |
| 504 return false; |
| 505 |
| 501 // The request from internal objects like chrome://URLs is always allowed. | 506 // The request from internal objects like chrome://URLs is always allowed. |
| 502 if (CheckAllowAllMediaStreamContentForOrigin(profile_, | 507 if (CheckAllowAllMediaStreamContentForOrigin(profile_, |
| 503 request_.security_origin)) { | 508 request_.security_origin)) { |
| 504 return true; | 509 return true; |
| 505 } | 510 } |
| 506 | 511 |
| 507 struct { | 512 struct { |
| 508 bool has_capability; | 513 bool has_capability; |
| 509 const char* policy_name; | 514 const char* policy_name; |
| 510 const char* list_policy_name; | 515 const char* list_policy_name; |
| (...skipping 165 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 676 } | 681 } |
| 677 | 682 |
| 678 bool MediaStreamDevicesController::IsCaptureDeviceRequestAllowed() const { | 683 bool MediaStreamDevicesController::IsCaptureDeviceRequestAllowed() const { |
| 679 #if defined(OS_ANDROID) | 684 #if defined(OS_ANDROID) |
| 680 // Don't approve device requests if the tab was hidden. | 685 // Don't approve device requests if the tab was hidden. |
| 681 // TODO(qinmin): Add a test for this. http://crbug.com/396869. | 686 // TODO(qinmin): Add a test for this. http://crbug.com/396869. |
| 682 return web_contents_->GetRenderWidgetHostView()->IsShowing(); | 687 return web_contents_->GetRenderWidgetHostView()->IsShowing(); |
| 683 #endif | 688 #endif |
| 684 return true; | 689 return true; |
| 685 } | 690 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 795703003:
Don't auto allow access to media devices unless a the security origin of the requester is the same … (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master