Always prompt for permission on fullscreen and mouse lock on file:// URLs

chrome/browser/ui/exclusive_access/fullscreen_controller.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/ui/exclusive_access/fullscreen_controller.h"
 
 #include "base/bind.h"
 #include "base/command_line.h"
 #include "base/message_loop/message_loop.h"
 #include "chrome/browser/app_mode/app_mode_utils.h"
@@ skipping 89 matching lines @@
 }
 
 bool FullscreenController::IsFullscreenCausedByTab() const {
   return state_prior_to_tab_fullscreen_ == STATE_NORMAL;
 }
 
 void FullscreenController::EnterFullscreenModeForTab(WebContents* web_contents,
                                                      const GURL& origin) {
   DCHECK(web_contents);
 
+  // For file:// URLs, asking for permission would not be meaningful:
+  // the preference could be saved for the whole file:// origin, which
+  // is overly permissive, or for an individual file:// URL, which would
+  // not be meaningful because file:// URLs share an origin. So the only
+  // option is to block. This can be revisited when crbug.com/455882 is
+  // fixed.

[meacer, 2015/02/10 01:47:21]

"TODO(estark): Revisit this when crbug.com/455882 is fixed" sounds a bit more
formal :)

+  if (origin.SchemeIsFile()) {
+    return;
+  }

[meacer, 2015/02/10 01:47:21]

Perhaps you could add a browsertest or layout test so that this doesn't regress.
For browsertest you could use fullscreen_controller_browsertest.cc. For layout
test you could use one of the test cases under
third_party/WebKit/LayoutTests/fullscreen/ and use setBaseURL() to change the
document's url to a file url.

[estark, 2015/02/10 17:49:22]

Ah, that was actually a question that I had that I forgotten to ask. I didn't do
a browser test initially because it looked like most (all?) of the fullscreen
browser tests are disabled due to flakiness. I didn't know that layout tests
were an option though -- I'll add one of those (assuming we decide to go forward
with this change.)

+
   if (MaybeToggleFullscreenForCapturedTab(web_contents, true)) {
     // During tab capture of fullscreen-within-tab views, the browser window
     // fullscreen state is unchanged, so return now.
     return;
   }
 
   if (web_contents != browser()->tab_strip_model()->GetActiveWebContents() ||
       IsWindowFullscreenForTabOrPending()) {
       return;
   }
@@ skipping 375 matching lines @@
   extension_caused_fullscreen_ = GURL();
 
   exclusive_access_manager()->UpdateExclusiveAccessExitBubbleContent();
 }
 
 ContentSetting FullscreenController::GetFullscreenSetting() const {
   DCHECK(exclusive_access_tab());
 
   GURL url = GetRequestingOrigin();
 
-  if (IsPrivilegedFullscreenForTab() || url.SchemeIsFile())
+  if (IsPrivilegedFullscreenForTab())
     return CONTENT_SETTING_ALLOW;
 
   // If the permission was granted to the website with no embedder, it should
   // always be allowed, even if embedded.
   if (profile()->GetHostContentSettingsMap()->GetContentSetting(
           url, url, CONTENT_SETTINGS_TYPE_FULLSCREEN, std::string()) ==
       CONTENT_SETTING_ALLOW) {
     return CONTENT_SETTING_ALLOW;
   }
 
@@ skipping 57 matching lines @@
     return fullscreened_origin_;
 
   return exclusive_access_tab()->GetLastCommittedURL();
 }
 
 GURL FullscreenController::GetEmbeddingOrigin() const {
   DCHECK(exclusive_access_tab());
 
   return exclusive_access_tab()->GetLastCommittedURL();
 }