diff options
| author | David Benjamin <davidben@chromium.org> | 2016-01-25 13:25:25 -0500 |
|---|---|---|
| committer | David Benjamin <davidben@chromium.org> | 2016-01-25 18:28:00 +0000 |
| commit | 9f9a12367ace897fbbda7afe826f6a4a178bbca2 (patch) | |
| tree | f5125622374120d033fc3cb43c72465764c584c9 | |
| parent | 5738e9f308a7b4f32c97c42a60532496eb886333 (diff) | |
| download | chromium_src-9f9a12367ace897fbbda7afe826f6a4a178bbca2.zip chromium_src-9f9a12367ace897fbbda7afe826f6a4a178bbca2.tar.gz chromium_src-9f9a12367ace897fbbda7afe826f6a4a178bbca2.tar.bz2 | |
Adding Keygen to Policy List
Adding the Keygen setting to the Policy Configuration list.
BUG=514767
Review URL: https://codereview.chromium.org/1587653002
Cr-Commit-Position: refs/heads/master@{#370343}
(cherry picked from commit b4ac7fc14dfc0e46607defb902cad59623cef55b)
Review URL: https://codereview.chromium.org/1638453003 .
Cr-Commit-Position: refs/branch-heads/2623@{#118}
Cr-Branched-From: 92d77538a86529ca35f9220bd3cd512cbea1f086-refs/heads/master@{#369907}
5 files changed, 146 insertions, 3 deletions
diff --git a/chrome/browser/policy/configuration_policy_handler_list_factory.cc b/chrome/browser/policy/configuration_policy_handler_list_factory.cc index 0551859..4dde865 100644 --- a/chrome/browser/policy/configuration_policy_handler_list_factory.cc +++ b/chrome/browser/policy/configuration_policy_handler_list_factory.cc @@ -170,6 +170,9 @@ const PolicyToPreferenceMapEntry kSimplePolicyMap[] = { { key::kDefaultPopupsSetting, prefs::kManagedDefaultPopupsSetting, base::Value::TYPE_INTEGER }, + { key::kDefaultKeygenSetting, + prefs::kManagedDefaultKeygenSetting, + base::Value::TYPE_INTEGER }, { key::kAutoSelectCertificateForUrls, prefs::kManagedAutoSelectCertificateForUrls, base::Value::TYPE_LIST }, @@ -206,6 +209,12 @@ const PolicyToPreferenceMapEntry kSimplePolicyMap[] = { { key::kPopupsBlockedForUrls, prefs::kManagedPopupsBlockedForUrls, base::Value::TYPE_LIST }, + { key::kKeygenAllowedForUrls, + prefs::kManagedKeygenAllowedForUrls, + base::Value::TYPE_LIST }, + { key::kKeygenBlockedForUrls, + prefs::kManagedKeygenBlockedForUrls, + base::Value::TYPE_LIST }, { key::kNotificationsAllowedForUrls, prefs::kManagedNotificationsAllowedForUrls, base::Value::TYPE_LIST }, diff --git a/chrome/test/data/chromeos/enterprise/policies b/chrome/test/data/chromeos/enterprise/policies index 35bb3d1..fad3993 100644 --- a/chrome/test/data/chromeos/enterprise/policies +++ b/chrome/test/data/chromeos/enterprise/policies @@ -22,6 +22,7 @@ u'DefaultGeolocationSetting': 2, u'DefaultImagesSetting': 2, u'DefaultJavaScriptSetting': 2, + u'DefaultKeygenSetting': 2, u'DefaultNotificationsSetting': 2, u'DefaultPluginsSetting': 2, u'DefaultPopupsSetting': 2, @@ -83,6 +84,7 @@ u'DefaultGeolocationSetting': 3, u'DefaultImagesSetting': 1, u'DefaultJavaScriptSetting': 1, + u'DefaultKeygenSetting': 2, u'DefaultNotificationsSetting': 1, u'DefaultPluginsSetting': 1, u'DefaultPopupsSetting': 1, @@ -136,6 +138,7 @@ u'PolicyRefreshRate': 5400000, u'ProxyPacUrl': u'http://proxyconfig.corp.google.com/wpad.dat', u'DefaultJavaScriptSetting': 1, + u'DefaultKeygenSetting': 2, u'RestoreOnStartup': 4, u'DefaultSearchProviderSuggestURL': u'http://search.my.company/suggest?q={searchTerms}', @@ -197,6 +200,7 @@ u'DefaultCookiesSetting': 1, u'DefaultGeolocationSetting': 1, u'DefaultJavaScriptSetting': 1, + u'DefaultKeygenSetting': 2, u'DefaultNotificationsSetting': 1, u'DefaultPopupsSetting': 2, u'DefaultSearchProviderEnabled': True, @@ -273,6 +277,7 @@ u'DefaultGeolocationSetting': 2, u'DefaultImagesSetting': 2, u'DefaultJavaScriptSetting': 2, + u'DefaultKeygenSetting': 2, u'DefaultNotificationsSetting': 2, u'DefaultPluginsSetting': 2, u'DefaultPopupsSetting': 2, @@ -334,6 +339,7 @@ u'DefaultGeolocationSetting': 3, u'DefaultImagesSetting': 1, u'DefaultJavaScriptSetting': 1, + u'DefaultKeygenSetting': 2, u'DefaultNotificationsSetting': 1, u'DefaultPluginsSetting': 1, u'DefaultPopupsSetting': 1, @@ -387,6 +393,7 @@ u'PolicyRefreshRate': 5400000, u'ProxyPacUrl': u'http://proxyconfig.corp.google.com/wpad.dat', u'DefaultJavaScriptSetting': 1, + u'DefaultKeygenSetting': 2, u'RestoreOnStartup': 4, u'DefaultSearchProviderSuggestURL': u'http://search.my.company/suggest?q={searchTerms}', @@ -448,6 +455,7 @@ u'DefaultCookiesSetting': 1, u'DefaultGeolocationSetting': 1, u'DefaultJavaScriptSetting': 1, + u'DefaultKeygenSetting': 2, u'DefaultNotificationsSetting': 1, u'DefaultPopupsSetting': 2, u'DefaultSearchProviderEnabled': True, diff --git a/chrome/test/data/policy/policy_test_cases.json b/chrome/test/data/policy/policy_test_cases.json index 68a0837..8bca443 100644 --- a/chrome/test/data/policy/policy_test_cases.json +++ b/chrome/test/data/policy/policy_test_cases.json @@ -992,6 +992,24 @@ "note": "TODO(bartfab): Flag this with can_be_recommended when http://crbug.com/106682 is fixed." }, + "DefaultKeygenSetting": { + "os": ["win", "linux", "mac", "chromeos", "android"], + "test_policy": { "DefaultKeygenSetting": 2 }, + "pref_mappings": [ + { "pref": "profile.managed_default_content_settings.keygen", + "indicator_selector": "[content-setting=keygen]", + "indicator_tests": [ + { "policy": { "DefaultKeygenSetting": 1 }, + "value": "allow"}, + { "policy": { "DefaultKeygenSetting": 2 }, + "value": "block"} + ] + } + ], + + "note": "TODO(bartfab): Flag this with can_be_recommended when http://crbug.com/106682 is fixed." + }, + "DefaultPluginsSetting": { "os": ["win", "linux", "mac", "chromeos"], "test_policy": { "DefaultPluginsSetting": 2 }, @@ -1316,6 +1334,38 @@ "note": "TODO(bartfab): Flag this with can_be_recommended when http://crbug.com/106682 is fixed." }, + "KeygenAllowedForUrls": { + "os": ["win", "linux", "mac", "chromeos", "android"], + "test_policy": { "KeygenAllowedForUrls": ["[*.]google.com"] }, + "pref_mappings": [ + { "pref": "profile.managed_keygen_allowed_for_urls", + "indicator_test_setup_js": "document.querySelector('button.exceptions-list-button[contentType=keygen]').click();", + "indicator_selector": "[content-exception=keygen]", + "indicator_tests": [ + { "policy": { "KeygenAllowedForUrls": ["[*.]google.com"] } } + ] + } + ], + + "note": "TODO(bartfab): Flag this with can_be_recommended when http://crbug.com/106682 is fixed." + }, + + "KeygenBlockedForUrls": { + "os": ["win", "linux", "mac", "chromeos", "android"], + "test_policy": { "KeygenBlockedForUrls": ["[*.]google.com"] }, + "pref_mappings": [ + { "pref": "profile.managed_keygen_blocked_for_urls", + "indicator_test_setup_js": "document.querySelector('button.exceptions-list-button[contentType=keygen]').click();", + "indicator_selector": "[content-exception=keygen]", + "indicator_tests": [ + { "policy": { "KeygenBlockedForUrls": ["[*.]google.com"] } } + ] + } + ], + + "note": "TODO(bartfab): Flag this with can_be_recommended when http://crbug.com/106682 is fixed." + }, + "PluginsAllowedForUrls": { "os": ["win", "linux", "mac", "chromeos"], "test_policy": { "PluginsAllowedForUrls": ["[*.]google.com"] }, diff --git a/components/policy/resources/policy_templates.json b/components/policy/resources/policy_templates.json index 5e23030..d32fe4f 100644 --- a/components/policy/resources/policy_templates.json +++ b/components/policy/resources/policy_templates.json @@ -137,7 +137,7 @@ # persistent IDs for all fields (but not for groups!) are needed. These are # specified by the 'id' keys of each policy. NEVER CHANGE EXISTING IDs, # because doing so would break the deployed wire format! -# For your editing convenience: highest ID currently used: 312 +# For your editing convenience: highest ID currently used: 315 # # Placeholders: # The following placeholder strings are automatically substituted: @@ -3053,6 +3053,38 @@ If this policy is left not set, 'PromptOnAccess' will be used and the user will be able to change it.''', }, { + 'name': 'DefaultKeygenSetting', + 'type': 'int-enum', + 'schema': { + 'type': 'integer', + 'enum': [ 1, 2 ], + }, + 'items': [ + { + 'name': 'AllowKeygen', + 'value': 1, + 'caption': '''Allow all sites to use key generation''', + }, + { + 'name': 'BlockKeygen', + 'value': 2, + 'caption': '''Do not allow any site to use key generation''', + }, + ], + 'supported_on': ['chrome.*:49-', 'chrome_os:49-', 'android:49-'], + 'features': { + 'dynamic_refresh': True, + 'per_profile': True, + }, + 'example_value': 2, + 'id': 313, + 'caption': '''Default key generation setting''', + 'tags': ['system-security', 'website-sharing', 'local-data-access'], + 'desc': '''Allows you to set whether websites are allowed to use key generation. Using key generation can be either allowed for all websites or denied for all websites. + + If this policy is left not set, 'BlockKeygen' will be used and the user will be able to change it.''', + }, + { 'name': 'AutoSelectCertificateForUrls', 'type': 'list', 'schema': { @@ -3234,6 +3266,46 @@ If this policy is left not set the global default value will be used for all sites either from the 'DefaultJavaScriptSetting' policy if it is set, or the user's personal configuration otherwise.''', }, { + 'name': 'KeygenAllowedForUrls', + 'type': 'list', + 'schema': { + 'type': 'array', + 'items': { 'type': 'string' }, + }, + 'supported_on': ['chrome.*:49-', 'chrome_os:49-', 'android:49-'], + 'features': { + 'dynamic_refresh': True, + 'per_profile': True, + }, + 'example_value': ['https://www.example.com', '[*.]example.edu'], + 'id': 314, + 'caption': '''Allow key generation on these sites''', + 'tags': ['system-security', 'website-sharing', 'local-data-access'], + 'desc': '''Allows you to set a list of url patterns that specify sites which are allowed to use key generation. If a url pattern is in 'KeygenBlockedForUrls', that overrides these exceptions. + + If this policy is left not set the global default value will be used for all sites either from the 'DefaultKeygenSetting' policy if it is set, or the user's personal configuration otherwise.''', + }, + { + 'name': 'KeygenBlockedForUrls', + 'type': 'list', + 'schema': { + 'type': 'array', + 'items': { 'type': 'string' }, + }, + 'supported_on': ['chrome.*:49-', 'chrome_os:49-', 'android:49-'], + 'features': { + 'dynamic_refresh': True, + 'per_profile': True, + }, + 'example_value': ['https://www.example.com', '[*.]example.edu'], + 'id': 315, + 'caption': '''Block key generation on these sites''', + 'tags': ['system-security', 'website-sharing', 'local-data-access'], + 'desc': '''Allows you to set a list of url patterns that specify sites which are not allowed to use key generation. If a url pattern is in 'KeygenAllowedForUrls', this policy overrides these exceptions. + + If this policy is left not set the global default value will be used for all sites either from the 'DefaultKeygenSetting' policy if it is set, or the user's personal configuration otherwise.''', + }, + { 'name': 'PluginsAllowedForUrls', 'type': 'list', 'schema': { diff --git a/tools/metrics/histograms/histograms.xml b/tools/metrics/histograms/histograms.xml index 12a0918..1671778 100644 --- a/tools/metrics/histograms/histograms.xml +++ b/tools/metrics/histograms/histograms.xml @@ -61622,8 +61622,12 @@ http://cs/file:chrome/histograms.xml - but prefer this file for new entries. <int value="308" label="Default printer selection rules"/> <int value="309" label="Allow Dinosaur Easter Egg Game"/> <int value="310" label="Whether RC4 cipher suites in TLS are enabled"/> - <int value="311" label="Default value for Display Rotation"/> - <int value="312" label="Allow export of supervised user data"/> + <int value="311" + label="Set default display rotation, reapplied on every reboot"/> + <int value="312" label="Enable the supervised user content provider"/> + <int value="313" label="Default key generation setting"/> + <int value="314" label="Allow key generation on these sites"/> + <int value="315" label="Block key generation on these sites"/> </enum> <enum name="EnterprisePolicyInvalidations" type="int"> |