Index: chrome/browser/permissions/permission_context_base.cc |
diff --git a/chrome/browser/permissions/permission_context_base.cc b/chrome/browser/permissions/permission_context_base.cc |
index 35af53f6364a197a3a2139ad9cd4e767efe427b2..3f263c4ca169d9d0f5dac2f99414c3ff97bc1f63 100644 |
--- a/chrome/browser/permissions/permission_context_base.cc |
+++ b/chrome/browser/permissions/permission_context_base.cc |
@@ -35,6 +35,7 @@ |
#include "content/public/browser/browser_thread.h" |
#include "content/public/browser/render_frame_host.h" |
#include "content/public/browser/web_contents.h" |
+#include "content/public/common/content_features.h" |
#include "content/public/common/origin_util.h" |
#include "extensions/common/constants.h" |
#include "url/gurl.h" |
@@ -83,9 +84,11 @@ const char PermissionContextBase::kPermissionsKillSwitchBlockedValue[] = |
PermissionContextBase::PermissionContextBase( |
Profile* profile, |
- const ContentSettingsType content_settings_type) |
+ ContentSettingsType content_settings_type, |
+ blink::WebFeaturePolicyFeature feature_policy_feature) |
: profile_(profile), |
content_settings_type_(content_settings_type), |
+ feature_policy_feature_(feature_policy_feature), |
weak_factory_(this) { |
#if defined(OS_ANDROID) |
permission_queue_controller_.reset( |
@@ -244,6 +247,14 @@ PermissionResult PermissionContextBase::GetPermissionStatus( |
} |
} |
+ // Check whether the feature is enabled for the frame by feature policy. We |
+ // can only do this when a RenderFrameHost has been provided. |
+ if (render_frame_host && |
+ !PermissionAllowedByFeaturePolicy(render_frame_host)) { |
+ return PermissionResult(CONTENT_SETTING_BLOCK, |
+ PermissionStatusSource::UNSPECIFIED); |
+ } |
+ |
ContentSetting content_setting = GetPermissionStatusInternal( |
render_frame_host, requesting_origin, embedding_origin); |
if (content_setting == CONTENT_SETTING_ASK) { |
@@ -463,3 +474,18 @@ ContentSettingsType PermissionContextBase::content_settings_storage_type() |
return CONTENT_SETTINGS_TYPE_NOTIFICATIONS; |
return content_settings_type_; |
} |
+ |
+bool PermissionContextBase::PermissionAllowedByFeaturePolicy( |
+ content::RenderFrameHost* rfh) const { |
+ if (!base::FeatureList::IsEnabled( |
+ features::kUseFeaturePolicyForPermissions)) { |
+ // Default to ignoring the feature policy. |
+ return true; |
+ } |
+ |
+ // Some features don't have an associated feature policy yet. Allow those. |
+ if (feature_policy_feature_ == blink::WebFeaturePolicyFeature::kNotFound) |
+ return true; |
+ |
+ return rfh->IsFeatureEnabled(feature_policy_feature_); |
+} |