| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/permissions/permission_context_base.h" | 5 #include "chrome/browser/permissions/permission_context_base.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 | 8 |
| 9 #include <string> | 9 #include <string> |
| 10 #include <utility> | 10 #include <utility> |
| (...skipping 17 matching lines...) Expand all Loading... |
| 28 #include "chrome/browser/safe_browsing/safe_browsing_service.h" | 28 #include "chrome/browser/safe_browsing/safe_browsing_service.h" |
| 29 #include "chrome/common/chrome_features.h" | 29 #include "chrome/common/chrome_features.h" |
| 30 #include "chrome/common/pref_names.h" | 30 #include "chrome/common/pref_names.h" |
| 31 #include "components/content_settings/core/browser/host_content_settings_map.h" | 31 #include "components/content_settings/core/browser/host_content_settings_map.h" |
| 32 #include "components/prefs/pref_service.h" | 32 #include "components/prefs/pref_service.h" |
| 33 #include "components/safe_browsing_db/database_manager.h" | 33 #include "components/safe_browsing_db/database_manager.h" |
| 34 #include "components/variations/variations_associated_data.h" | 34 #include "components/variations/variations_associated_data.h" |
| 35 #include "content/public/browser/browser_thread.h" | 35 #include "content/public/browser/browser_thread.h" |
| 36 #include "content/public/browser/render_frame_host.h" | 36 #include "content/public/browser/render_frame_host.h" |
| 37 #include "content/public/browser/web_contents.h" | 37 #include "content/public/browser/web_contents.h" |
| 38 #include "content/public/common/content_features.h" |
| 38 #include "content/public/common/origin_util.h" | 39 #include "content/public/common/origin_util.h" |
| 39 #include "extensions/common/constants.h" | 40 #include "extensions/common/constants.h" |
| 40 #include "url/gurl.h" | 41 #include "url/gurl.h" |
| 41 | 42 |
| 42 #if defined(OS_ANDROID) | 43 #if defined(OS_ANDROID) |
| 43 #include "chrome/browser/permissions/permission_queue_controller.h" | 44 #include "chrome/browser/permissions/permission_queue_controller.h" |
| 44 #endif | 45 #endif |
| 45 | 46 |
| 46 namespace { | 47 namespace { |
| 47 | 48 |
| (...skipping 28 matching lines...) Expand all Loading... |
| 76 | 77 |
| 77 // static | 78 // static |
| 78 const char PermissionContextBase::kPermissionsKillSwitchFieldStudy[] = | 79 const char PermissionContextBase::kPermissionsKillSwitchFieldStudy[] = |
| 79 "PermissionsKillSwitch"; | 80 "PermissionsKillSwitch"; |
| 80 // static | 81 // static |
| 81 const char PermissionContextBase::kPermissionsKillSwitchBlockedValue[] = | 82 const char PermissionContextBase::kPermissionsKillSwitchBlockedValue[] = |
| 82 "blocked"; | 83 "blocked"; |
| 83 | 84 |
| 84 PermissionContextBase::PermissionContextBase( | 85 PermissionContextBase::PermissionContextBase( |
| 85 Profile* profile, | 86 Profile* profile, |
| 86 const ContentSettingsType content_settings_type) | 87 ContentSettingsType content_settings_type, |
| 88 blink::WebFeaturePolicyFeature feature_policy_feature) |
| 87 : profile_(profile), | 89 : profile_(profile), |
| 88 content_settings_type_(content_settings_type), | 90 content_settings_type_(content_settings_type), |
| 91 feature_policy_feature_(feature_policy_feature), |
| 89 weak_factory_(this) { | 92 weak_factory_(this) { |
| 90 #if defined(OS_ANDROID) | 93 #if defined(OS_ANDROID) |
| 91 permission_queue_controller_.reset( | 94 permission_queue_controller_.reset( |
| 92 new PermissionQueueController(profile_, content_settings_type_)); | 95 new PermissionQueueController(profile_, content_settings_type_)); |
| 93 #endif | 96 #endif |
| 94 PermissionDecisionAutoBlocker::UpdateFromVariations(); | 97 PermissionDecisionAutoBlocker::UpdateFromVariations(); |
| 95 } | 98 } |
| 96 | 99 |
| 97 PermissionContextBase::~PermissionContextBase() { | 100 PermissionContextBase::~PermissionContextBase() { |
| 98 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); | 101 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); |
| (...skipping 138 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 237 // spec and matches what is implemented in blink. Right now we just check | 240 // spec and matches what is implemented in blink. Right now we just check |
| 238 // the top level and requesting origins. Note: chrome-extension:// origins | 241 // the top level and requesting origins. Note: chrome-extension:// origins |
| 239 // are currently exempt from checking the embedder chain. crbug.com/530507. | 242 // are currently exempt from checking the embedder chain. crbug.com/530507. |
| 240 if (!requesting_origin.SchemeIs(extensions::kExtensionScheme) && | 243 if (!requesting_origin.SchemeIs(extensions::kExtensionScheme) && |
| 241 !content::IsOriginSecure(embedding_origin)) { | 244 !content::IsOriginSecure(embedding_origin)) { |
| 242 return PermissionResult(CONTENT_SETTING_BLOCK, | 245 return PermissionResult(CONTENT_SETTING_BLOCK, |
| 243 PermissionStatusSource::UNSPECIFIED); | 246 PermissionStatusSource::UNSPECIFIED); |
| 244 } | 247 } |
| 245 } | 248 } |
| 246 | 249 |
| 250 // Check whether the feature is enabled for the frame by feature policy. We |
| 251 // can only do this when a RenderFrameHost has been provided. |
| 252 if (render_frame_host && |
| 253 !PermissionAllowedByFeaturePolicy(render_frame_host)) { |
| 254 return PermissionResult(CONTENT_SETTING_BLOCK, |
| 255 PermissionStatusSource::UNSPECIFIED); |
| 256 } |
| 257 |
| 247 ContentSetting content_setting = GetPermissionStatusInternal( | 258 ContentSetting content_setting = GetPermissionStatusInternal( |
| 248 render_frame_host, requesting_origin, embedding_origin); | 259 render_frame_host, requesting_origin, embedding_origin); |
| 249 if (content_setting == CONTENT_SETTING_ASK) { | 260 if (content_setting == CONTENT_SETTING_ASK) { |
| 250 PermissionResult result = | 261 PermissionResult result = |
| 251 PermissionDecisionAutoBlocker::GetForProfile(profile_) | 262 PermissionDecisionAutoBlocker::GetForProfile(profile_) |
| 252 ->GetEmbargoResult(requesting_origin, content_settings_type_); | 263 ->GetEmbargoResult(requesting_origin, content_settings_type_); |
| 253 DCHECK(result.content_setting == CONTENT_SETTING_ASK || | 264 DCHECK(result.content_setting == CONTENT_SETTING_ASK || |
| 254 result.content_setting == CONTENT_SETTING_BLOCK); | 265 result.content_setting == CONTENT_SETTING_BLOCK); |
| 255 return result; | 266 return result; |
| 256 } | 267 } |
| (...skipping 199 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 456 content_settings_storage_type(), | 467 content_settings_storage_type(), |
| 457 std::string(), content_setting); | 468 std::string(), content_setting); |
| 458 } | 469 } |
| 459 | 470 |
| 460 ContentSettingsType PermissionContextBase::content_settings_storage_type() | 471 ContentSettingsType PermissionContextBase::content_settings_storage_type() |
| 461 const { | 472 const { |
| 462 if (content_settings_type_ == CONTENT_SETTINGS_TYPE_PUSH_MESSAGING) | 473 if (content_settings_type_ == CONTENT_SETTINGS_TYPE_PUSH_MESSAGING) |
| 463 return CONTENT_SETTINGS_TYPE_NOTIFICATIONS; | 474 return CONTENT_SETTINGS_TYPE_NOTIFICATIONS; |
| 464 return content_settings_type_; | 475 return content_settings_type_; |
| 465 } | 476 } |
| 477 |
| 478 bool PermissionContextBase::PermissionAllowedByFeaturePolicy( |
| 479 content::RenderFrameHost* rfh) const { |
| 480 if (!base::FeatureList::IsEnabled( |
| 481 features::kUseFeaturePolicyForPermissions)) { |
| 482 // Default to ignoring the feature policy. |
| 483 return true; |
| 484 } |
| 485 |
| 486 // Some features don't have an associated feature policy yet. Allow those. |
| 487 if (feature_policy_feature_ == blink::WebFeaturePolicyFeature::kNotFound) |
| 488 return true; |
| 489 |
| 490 return rfh->IsFeatureEnabled(feature_policy_feature_); |
| 491 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2898663002:
Implement feature policy checks in the browser process (Closed)
