diff options
author | miguelg <miguelg@chromium.org> | 2014-09-24 02:20:24 -0700 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2014-09-24 09:20:42 +0000 |
commit | bdfadb831ade3952a192d2487daebdf73df71ed7 (patch) | |
tree | 2dd01c8bab2cf15a86dce136ff0332e55126b253 | |
parent | 4327ad3ce3504c5ae369855e24883079a67af811 (diff) | |
download | chromium_src-bdfadb831ade3952a192d2487daebdf73df71ed7.zip chromium_src-bdfadb831ade3952a192d2487daebdf73df71ed7.tar.gz chromium_src-bdfadb831ade3952a192d2487daebdf73df71ed7.tar.bz2 |
Restore the iframe behavior of notification permissions
Unlike other permissions, granting notifications for a given domain
will grant them even if such domain happens to be an iframe of
an embedder. Most other permissions are granted only for a combination of
iframe + embedder.
This reverts an unintentional behavioral change, and moves
us back to the situation we currently ship in stable while
we figure out if it is a good idea or not to change the behavior.
BUG=416645
Review URL: https://codereview.chromium.org/593153002
Cr-Commit-Position: refs/heads/master@{#296372}
4 files changed, 36 insertions, 5 deletions
diff --git a/chrome/browser/content_settings/permission_context_base.h b/chrome/browser/content_settings/permission_context_base.h index 1db872b..bb5c68a 100644 --- a/chrome/browser/content_settings/permission_context_base.h +++ b/chrome/browser/content_settings/permission_context_base.h @@ -98,11 +98,14 @@ class PermissionContextBase : public KeyedService { // Return an instance of the infobar queue controller, creating it if needed. PermissionQueueController* GetQueueController(); + // Store the decided permission as a content setting. + // virtual since the permission might be stored with different restrictions + // (for example for desktop notifications). + virtual void UpdateContentSetting(const GURL& requesting_origin, + const GURL& embedder_origin, + bool allowed); + private: - void UpdateContentSetting( - const GURL& requesting_origin, - const GURL& embedder_origin, - bool allowed); // Called when a bubble is no longer used so it can be cleaned up. void CleanUpBubble(const PermissionRequestID& id); diff --git a/chrome/browser/content_settings/permission_queue_controller.cc b/chrome/browser/content_settings/permission_queue_controller.cc index 191e085..c97b625 100644 --- a/chrome/browser/content_settings/permission_queue_controller.cc +++ b/chrome/browser/content_settings/permission_queue_controller.cc @@ -369,9 +369,15 @@ void PermissionQueueController::UpdateContentSetting( ContentSetting content_setting = allowed ? CONTENT_SETTING_ALLOW : CONTENT_SETTING_BLOCK; + + ContentSettingsPattern embedder_pattern = + (type_ == CONTENT_SETTINGS_TYPE_NOTIFICATIONS) ? + ContentSettingsPattern::Wildcard() : + ContentSettingsPattern::FromURLNoWildcard(embedder.GetOrigin()); + profile_->GetHostContentSettingsMap()->SetContentSetting( ContentSettingsPattern::FromURLNoWildcard(requesting_frame.GetOrigin()), - ContentSettingsPattern::FromURLNoWildcard(embedder.GetOrigin()), + embedder_pattern, type_, std::string(), content_setting); diff --git a/chrome/browser/notifications/desktop_notification_service.cc b/chrome/browser/notifications/desktop_notification_service.cc index 8f489b4..9e5c388 100644 --- a/chrome/browser/notifications/desktop_notification_service.cc +++ b/chrome/browser/notifications/desktop_notification_service.cc @@ -317,6 +317,23 @@ void DesktopNotificationService::OnExtensionUninstalled( } #endif +// Unlike other permission types, granting a notification for a given origin +// will not take into account the |embedder_origin|, it will only be based +// on the requesting iframe origin. +// TODO(mukai) Consider why notifications behave differently than +// other permissions. crbug.com/416894 +void DesktopNotificationService::UpdateContentSetting( + const GURL& requesting_origin, + const GURL& embedder_origin, + bool allowed) { + if (allowed) { + DesktopNotificationProfileUtil::GrantPermission( + profile_, requesting_origin); + } else { + DesktopNotificationProfileUtil::DenyPermission(profile_, requesting_origin); + } +} + void DesktopNotificationService::OnNotificationPermissionRequested( const NotificationPermissionCallback& callback, bool allowed) { blink::WebNotificationPermission permission = allowed ? diff --git a/chrome/browser/notifications/desktop_notification_service.h b/chrome/browser/notifications/desktop_notification_service.h index bba760b..62f51c0 100644 --- a/chrome/browser/notifications/desktop_notification_service.h +++ b/chrome/browser/notifications/desktop_notification_service.h @@ -144,6 +144,11 @@ class DesktopNotificationService : public PermissionContextBase extensions::UninstallReason reason) OVERRIDE; #endif + // PermissionContextBase: + virtual void UpdateContentSetting(const GURL& requesting_origin, + const GURL& embedder_origin, + bool allowed) OVERRIDE; + // The profile which owns this object. Profile* profile_; |