Always prompt for permission on fullscreen and mouse lock on file:// URLs

chrome/browser/ui/exclusive_access/mouse_lock_controller.cc

Index: chrome/browser/ui/exclusive_access/mouse_lock_controller.cc
diff --git a/chrome/browser/ui/exclusive_access/mouse_lock_controller.cc b/chrome/browser/ui/exclusive_access/mouse_lock_controller.cc
index a053b859ee9353bbfd878534b8cf2f65b8fa358c..ce6a2ec4cbcd44aab0692ff0862ab2a88cc143e9 100644
--- a/chrome/browser/ui/exclusive_access/mouse_lock_controller.cc
+++ b/chrome/browser/ui/exclusive_access/mouse_lock_controller.cc
@@ -222,10 +222,18 @@ void MouseLockController::UnlockMouse() {
 }
 
 ContentSetting MouseLockController::GetMouseLockSetting(const GURL& url) const {
+  // For file:// URLs, asking for permission would not be meaningful:
+  // the preference could be saved for the whole file:// origin, which
+  // is overly permissive, or for an individual file:// URL, which would
+  // not be meaningful because file:// URLs share an origin. So the only
+  // option is to block. This can be revisited when crbug.com/455882 is
+  // fixed.
+  if (url.SchemeIsFile())
+    return CONTENT_SETTING_BLOCK;

[meacer, 2015/02/10 01:47:21]

Blocking this outright makes the fullscreen and pointer lock permissions in the
page info bubble moot for file:// urls, but I guess that's OK for now.

+
   if (exclusive_access_manager()
           ->fullscreen_controller()
-          ->IsPrivilegedFullscreenForTab() ||
-      url.SchemeIsFile())
+          ->IsPrivilegedFullscreenForTab())
     return CONTENT_SETTING_ALLOW;
 
   HostContentSettingsMap* settings_map = profile()->GetHostContentSettingsMap();