OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/permissions/permission_context_base.h" | 5 #include "chrome/browser/permissions/permission_context_base.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 | 8 |
9 #include <string> | 9 #include <string> |
10 #include <utility> | 10 #include <utility> |
(...skipping 17 matching lines...) Expand all Loading... |
28 #include "chrome/browser/safe_browsing/safe_browsing_service.h" | 28 #include "chrome/browser/safe_browsing/safe_browsing_service.h" |
29 #include "chrome/common/chrome_features.h" | 29 #include "chrome/common/chrome_features.h" |
30 #include "chrome/common/pref_names.h" | 30 #include "chrome/common/pref_names.h" |
31 #include "components/content_settings/core/browser/host_content_settings_map.h" | 31 #include "components/content_settings/core/browser/host_content_settings_map.h" |
32 #include "components/prefs/pref_service.h" | 32 #include "components/prefs/pref_service.h" |
33 #include "components/safe_browsing_db/database_manager.h" | 33 #include "components/safe_browsing_db/database_manager.h" |
34 #include "components/variations/variations_associated_data.h" | 34 #include "components/variations/variations_associated_data.h" |
35 #include "content/public/browser/browser_thread.h" | 35 #include "content/public/browser/browser_thread.h" |
36 #include "content/public/browser/render_frame_host.h" | 36 #include "content/public/browser/render_frame_host.h" |
37 #include "content/public/browser/web_contents.h" | 37 #include "content/public/browser/web_contents.h" |
| 38 #include "content/public/common/content_features.h" |
38 #include "content/public/common/origin_util.h" | 39 #include "content/public/common/origin_util.h" |
39 #include "extensions/common/constants.h" | 40 #include "extensions/common/constants.h" |
40 #include "url/gurl.h" | 41 #include "url/gurl.h" |
41 | 42 |
42 #if defined(OS_ANDROID) | 43 #if defined(OS_ANDROID) |
43 #include "chrome/browser/permissions/permission_queue_controller.h" | 44 #include "chrome/browser/permissions/permission_queue_controller.h" |
44 #endif | 45 #endif |
45 | 46 |
46 namespace { | 47 namespace { |
47 | 48 |
(...skipping 28 matching lines...) Expand all Loading... |
76 | 77 |
77 // static | 78 // static |
78 const char PermissionContextBase::kPermissionsKillSwitchFieldStudy[] = | 79 const char PermissionContextBase::kPermissionsKillSwitchFieldStudy[] = |
79 "PermissionsKillSwitch"; | 80 "PermissionsKillSwitch"; |
80 // static | 81 // static |
81 const char PermissionContextBase::kPermissionsKillSwitchBlockedValue[] = | 82 const char PermissionContextBase::kPermissionsKillSwitchBlockedValue[] = |
82 "blocked"; | 83 "blocked"; |
83 | 84 |
84 PermissionContextBase::PermissionContextBase( | 85 PermissionContextBase::PermissionContextBase( |
85 Profile* profile, | 86 Profile* profile, |
86 const ContentSettingsType content_settings_type) | 87 ContentSettingsType content_settings_type, |
| 88 blink::WebFeaturePolicyFeature feature_policy_feature) |
87 : profile_(profile), | 89 : profile_(profile), |
88 content_settings_type_(content_settings_type), | 90 content_settings_type_(content_settings_type), |
| 91 feature_policy_feature_(feature_policy_feature), |
89 weak_factory_(this) { | 92 weak_factory_(this) { |
90 #if defined(OS_ANDROID) | 93 #if defined(OS_ANDROID) |
91 permission_queue_controller_.reset( | 94 permission_queue_controller_.reset( |
92 new PermissionQueueController(profile_, content_settings_type_)); | 95 new PermissionQueueController(profile_, content_settings_type_)); |
93 #endif | 96 #endif |
94 PermissionDecisionAutoBlocker::UpdateFromVariations(); | 97 PermissionDecisionAutoBlocker::UpdateFromVariations(); |
95 } | 98 } |
96 | 99 |
97 PermissionContextBase::~PermissionContextBase() { | 100 PermissionContextBase::~PermissionContextBase() { |
98 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); | 101 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); |
(...skipping 138 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
237 // spec and matches what is implemented in blink. Right now we just check | 240 // spec and matches what is implemented in blink. Right now we just check |
238 // the top level and requesting origins. Note: chrome-extension:// origins | 241 // the top level and requesting origins. Note: chrome-extension:// origins |
239 // are currently exempt from checking the embedder chain. crbug.com/530507. | 242 // are currently exempt from checking the embedder chain. crbug.com/530507. |
240 if (!requesting_origin.SchemeIs(extensions::kExtensionScheme) && | 243 if (!requesting_origin.SchemeIs(extensions::kExtensionScheme) && |
241 !content::IsOriginSecure(embedding_origin)) { | 244 !content::IsOriginSecure(embedding_origin)) { |
242 return PermissionResult(CONTENT_SETTING_BLOCK, | 245 return PermissionResult(CONTENT_SETTING_BLOCK, |
243 PermissionStatusSource::UNSPECIFIED); | 246 PermissionStatusSource::UNSPECIFIED); |
244 } | 247 } |
245 } | 248 } |
246 | 249 |
| 250 // Check whether the feature is enabled for the frame by feature policy. We |
| 251 // can only do this when a RenderFrameHost has been provided. |
| 252 if (render_frame_host && |
| 253 !PermissionAllowedByFeaturePolicy(render_frame_host)) { |
| 254 return PermissionResult(CONTENT_SETTING_BLOCK, |
| 255 PermissionStatusSource::UNSPECIFIED); |
| 256 } |
| 257 |
247 ContentSetting content_setting = GetPermissionStatusInternal( | 258 ContentSetting content_setting = GetPermissionStatusInternal( |
248 render_frame_host, requesting_origin, embedding_origin); | 259 render_frame_host, requesting_origin, embedding_origin); |
249 if (content_setting == CONTENT_SETTING_ASK) { | 260 if (content_setting == CONTENT_SETTING_ASK) { |
250 PermissionResult result = | 261 PermissionResult result = |
251 PermissionDecisionAutoBlocker::GetForProfile(profile_) | 262 PermissionDecisionAutoBlocker::GetForProfile(profile_) |
252 ->GetEmbargoResult(requesting_origin, content_settings_type_); | 263 ->GetEmbargoResult(requesting_origin, content_settings_type_); |
253 DCHECK(result.content_setting == CONTENT_SETTING_ASK || | 264 DCHECK(result.content_setting == CONTENT_SETTING_ASK || |
254 result.content_setting == CONTENT_SETTING_BLOCK); | 265 result.content_setting == CONTENT_SETTING_BLOCK); |
255 return result; | 266 return result; |
256 } | 267 } |
(...skipping 199 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
456 content_settings_storage_type(), | 467 content_settings_storage_type(), |
457 std::string(), content_setting); | 468 std::string(), content_setting); |
458 } | 469 } |
459 | 470 |
460 ContentSettingsType PermissionContextBase::content_settings_storage_type() | 471 ContentSettingsType PermissionContextBase::content_settings_storage_type() |
461 const { | 472 const { |
462 if (content_settings_type_ == CONTENT_SETTINGS_TYPE_PUSH_MESSAGING) | 473 if (content_settings_type_ == CONTENT_SETTINGS_TYPE_PUSH_MESSAGING) |
463 return CONTENT_SETTINGS_TYPE_NOTIFICATIONS; | 474 return CONTENT_SETTINGS_TYPE_NOTIFICATIONS; |
464 return content_settings_type_; | 475 return content_settings_type_; |
465 } | 476 } |
| 477 |
| 478 bool PermissionContextBase::PermissionAllowedByFeaturePolicy( |
| 479 content::RenderFrameHost* rfh) const { |
| 480 if (!base::FeatureList::IsEnabled( |
| 481 features::kUseFeaturePolicyForPermissions)) { |
| 482 // Default to ignoring the feature policy. |
| 483 return true; |
| 484 } |
| 485 |
| 486 // Some features don't have an associated feature policy yet. Allow those. |
| 487 if (feature_policy_feature_ == blink::WebFeaturePolicyFeature::kNotFound) |
| 488 return true; |
| 489 |
| 490 return rfh->IsFeatureEnabled(feature_policy_feature_); |
| 491 } |
OLD | NEW |