From 4b69cb07ac783f0fc1b55608b068053871a2bde1 Mon Sep 17 00:00:00 2001
From: guidou <guidou@chromium.org>
Date: Wed, 10 Feb 2016 05:48:46 -0800
Subject: Do not check security origin for default audio output device.

The default device is always authorized, so the check is unnecessary and
in some cases results in a crash.

BUG=585075

Review URL: https://codereview.chromium.org/1689593002

Cr-Commit-Position: refs/heads/master@{#374653}
---
 content/browser/renderer_host/media/audio_renderer_host.cc | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/content/browser/renderer_host/media/audio_renderer_host.cc b/content/browser/renderer_host/media/audio_renderer_host.cc
index 5ef8d43..ca96329 100644
--- a/content/browser/renderer_host/media/audio_renderer_host.cc
+++ b/content/browser/renderer_host/media/audio_renderer_host.cc
@@ -761,7 +761,10 @@ void AudioRendererHost::CheckOutputDeviceAccess(
     const OutputDeviceAccessCB& callback) {
   DCHECK_CURRENTLY_ON(BrowserThread::IO);
 
-  if (!ChildProcessSecurityPolicyImpl::GetInstance()->CanRequestURL(
+  // Check security origin if nondefault device is requested.
+  // Ignore check for default device, which is always authorized.
+  if (!IsDefaultDeviceId(device_id) &&
+      !ChildProcessSecurityPolicyImpl::GetInstance()->CanRequestURL(
           render_process_id_, gurl_security_origin)) {
     content::bad_message::ReceivedBadMessage(this,
                                              bad_message::ARH_UNAUTHORIZED_URL);
-- 
cgit v1.1