New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 731126 link

Starred by 1 user
Status: Archived
Owner: ----
Closed: Sep 13
Cc:
msramek@chromium.org
awdf@chromium.org
raymes@chromium.org
peter@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Task
Team-Security-UX



Sign in to add a comment

Verify notification content settings meet our assumptions

Project Member Reported by awdf@chromium.org, Jun 8 2017 
From https://codereview.chromium.org/2886433002/diff/250001/components/content_settings/core/browser/host_content_settings_map.cc#newcode406 :

We need something to ensure effectively the same as the following would do within HostContentSettingsMap::SetWebsiteSettingCustomScope, but in a neater way. (Ideally enforced at compile time - but that may be a bigger project):

#if defined(OS_ANDROID) && DCHECK_IS_ON()
  // The notification permission on Android only allows valid origins with a
  // restricted set of settings, or the global wildcard origin.
  if (content_type == CONTENT_SETTINGS_TYPE_NOTIFICATIONS &&
      !primary_pattern.MatchesAllHosts()) {
    // The |primary_pattern| must be a valid GURL as it may be presented to the
    // user: Android Notification Channels may be used on Android O onward.
    DCHECK(GURL(primary_pattern.ToString()).is_valid());

    ContentSetting setting =
        content_settings::ValueToContentSetting(value.get());

    // Disallow notification content setting updates for specific origins that
    // are not ALLOW/BLOCK/DEFAULT on Android.
    DCHECK(setting == CONTENT_SETTING_ALLOW ||
           setting == CONTENT_SETTING_BLOCK ||
           setting == CONTENT_SETTING_DEFAULT);
  }
#endif

Comment 1 by raymes@chromium.org, Jun 12 2017

Cc: msramek@chromium.org awdf@chromium.org
Components: Internals>Permissions>Model
Owner: ----
To summarize the assertions to enforce:
-We want to ensure that we only store origins in Content Settings for certain content setting types. In this case, notifications permissions on Android should only be stored for origins and not general patterns. I think msramek has thought about this a little.

-We want to ensure that we only write ALLOW/BLOCK settings (e.g. it's not valid to write ASK or DETECT_IMPORTANT_CONTENT for notifications). We already mostly have these restrictions in place (in ContentSettings.valid_settings, except for checking that ASK is not stored.

Comment 2 by msramek@chromium.org, Jun 12 2017

Components: Privacy

Comment 3 by est...@chromium.org, Nov 10 2017

Labels: Hotlist-EnamelAndFriendsFixIt

Comment 4 by est...@chromium.org, Feb 18 2018

Labels: -Hotlist-EnamelAndFriendsFixIt

Comment 5 by robliao@chromium.org, Sep 13

Status: Archived (was: Available)
Archiving old bugs that haven't been actively assigned in over 180 days.

If you feel this issue should still be addressed, feel free to reopen it or to file a new issue. Thanks!

Sign in to add a comment