Doc: https://docs.google.com/document/d/1x5QejvpyQ71LPWhMLsaM1lWCfSsBsSQ8Dap9kJ6uLv0/edit
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/b474c641b88faca0857a62fa203d07db39f93556 commit b474c641b88faca0857a62fa203d07db39f93556 Author: Raymes Khoury <raymes@chromium.org> Date: Wed Feb 28 06:16:28 2018 Implement Permission Delegation behind a flag This implements permission delegation which means that only top-level frames can directly request permission. Top level frames can delegate access to iframes using feature policy. If a cross-origin iframe has access delegated and makes a permission request, a prompt may be displayed with the origin of the top level frame. Implementation-wise this CL translates the requesting origin of a permission request into the top-level origin for the purpose of permission checks. Feature policy checks will ensure that only cross-origin iframes that have been explicitly granted access will have the opportunity to request permission. Bug: 802945 Change-Id: Ic4091ceebb7c32d7e7cfe7b293889ee037eece07 Reviewed-on: https://chromium-review.googlesource.com/737390 Reviewed-by: Finnur Thorarinsson <finnur@chromium.org> Reviewed-by: Timothy Loh <timloh@chromium.org> Commit-Queue: Raymes Khoury <raymes@chromium.org> Cr-Commit-Position: refs/heads/master@{#539729} [modify] https://crrev.com/b474c641b88faca0857a62fa203d07db39f93556/chrome/android/java/src/org/chromium/chrome/browser/ChromeFeatureList.java [modify] https://crrev.com/b474c641b88faca0857a62fa203d07db39f93556/chrome/android/javatests/src/org/chromium/chrome/browser/preferences/website/PermissionInfoTest.java [modify] https://crrev.com/b474c641b88faca0857a62fa203d07db39f93556/chrome/browser/android/chrome_feature_list.cc [modify] https://crrev.com/b474c641b88faca0857a62fa203d07db39f93556/chrome/browser/geolocation/geolocation_browsertest.cc [modify] https://crrev.com/b474c641b88faca0857a62fa203d07db39f93556/chrome/browser/geolocation/geolocation_permission_context_unittest.cc [modify] https://crrev.com/b474c641b88faca0857a62fa203d07db39f93556/chrome/browser/media/webrtc/media_stream_devices_controller.cc [modify] https://crrev.com/b474c641b88faca0857a62fa203d07db39f93556/chrome/browser/permissions/permission_context_base.cc [add] https://crrev.com/b474c641b88faca0857a62fa203d07db39f93556/chrome/browser/permissions/permission_delegation_browsertest.cc [modify] https://crrev.com/b474c641b88faca0857a62fa203d07db39f93556/chrome/browser/permissions/permission_manager.cc [modify] https://crrev.com/b474c641b88faca0857a62fa203d07db39f93556/chrome/browser/permissions/permission_manager.h [modify] https://crrev.com/b474c641b88faca0857a62fa203d07db39f93556/chrome/browser/permissions/permission_manager_unittest.cc [modify] https://crrev.com/b474c641b88faca0857a62fa203d07db39f93556/chrome/common/chrome_features.cc [modify] https://crrev.com/b474c641b88faca0857a62fa203d07db39f93556/chrome/common/chrome_features.h [modify] https://crrev.com/b474c641b88faca0857a62fa203d07db39f93556/chrome/test/BUILD.gn [add] https://crrev.com/b474c641b88faca0857a62fa203d07db39f93556/chrome/test/data/two_iframes_blank.html
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a commit ad7c24a16ce2a7f54d3970c2172af02ebd221c4a Author: Raymes Khoury <raymes@chromium.org> Date: Mon Mar 05 23:22:58 2018 Plumb the RenderFrameHost through for CheckMediaAccessPermission The RenderFrameHost is needed when checking media permissions to ensure that permission has been allowed by Feature Policy. This plumbs the RFH through the many layers of code necessary so it can be used to check this. Bug: 802945 Change-Id: Ice6d3b143113f1bc41b9af445bfd4c2887d112ff Reviewed-on: https://chromium-review.googlesource.com/938862 Reviewed-by: Guido Urdaneta <guidou@chromium.org> Reviewed-by: John Abd-El-Malek <jam@chromium.org> Commit-Queue: Raymes Khoury <raymes@chromium.org> Cr-Commit-Position: refs/heads/master@{#540967} [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/android/tab_web_contents_delegate_android.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/android/tab_web_contents_delegate_android.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/apps/guest_view/web_view_browsertest.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/chromeos/login/saml/saml_browsertest.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/chromeos/login/ui/webui_login_view.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/chromeos/login/ui/webui_login_view.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/extensions/api/tab_capture/offscreen_tab.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/extensions/api/tab_capture/offscreen_tab.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/extensions/chrome_extension_host_delegate.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/extensions/chrome_extension_host_delegate.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/media/chromeos_login_media_access_handler.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/media/chromeos_login_media_access_handler.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/media/extension_media_access_handler.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/media/extension_media_access_handler.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/media/media_access_handler.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/media/public_session_media_access_handler.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/media/public_session_media_access_handler.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/media/public_session_tab_capture_access_handler.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/media/public_session_tab_capture_access_handler.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/media/webrtc/desktop_capture_access_handler.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/media/webrtc/desktop_capture_access_handler.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/media/webrtc/media_capture_devices_dispatcher.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/media/webrtc/media_capture_devices_dispatcher.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/media/webrtc/permission_bubble_media_access_handler.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/media/webrtc/permission_bubble_media_access_handler.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/media/webrtc/tab_capture_access_handler.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/media/webrtc/tab_capture_access_handler.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/ui/apps/chrome_app_delegate.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/ui/apps/chrome_app_delegate.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/ui/browser.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chrome/browser/ui/browser.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chromecast/browser/cast_web_view_default.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chromecast/browser/cast_web_view_default.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chromecast/browser/extensions/cast_extension_host_delegate.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/chromecast/browser/extensions/cast_extension_host_delegate.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/components/offline_pages/content/background_loader/background_loader_contents.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/components/offline_pages/content/background_loader/background_loader_contents.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/content/browser/frame_host/render_frame_host_delegate.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/content/browser/frame_host/render_frame_host_delegate.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/content/browser/media/media_devices_permission_checker.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/content/browser/media/media_devices_permission_checker_unittest.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/content/browser/renderer_host/media/media_stream_ui_proxy_unittest.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/content/browser/web_contents/web_contents_impl.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/content/browser/web_contents/web_contents_impl.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/content/public/browser/web_contents_delegate.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/content/public/browser/web_contents_delegate.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/extensions/browser/app_window/app_delegate.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/extensions/browser/app_window/app_web_contents_helper.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/extensions/browser/app_window/app_web_contents_helper.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/extensions/browser/app_window/app_window.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/extensions/browser/app_window/app_window.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/extensions/browser/extension_host.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/extensions/browser/extension_host.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/extensions/browser/extension_host_delegate.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/extensions/browser/guest_view/app_view/app_view_guest.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/extensions/browser/guest_view/app_view/app_view_guest.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/extensions/browser/guest_view/web_view/web_view_guest.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/extensions/browser/guest_view/web_view/web_view_guest.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/extensions/browser/guest_view/web_view/web_view_media_access_apitest.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/extensions/browser/guest_view/web_view/web_view_permission_helper.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/extensions/browser/guest_view/web_view/web_view_permission_helper.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/extensions/shell/browser/shell_app_delegate.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/extensions/shell/browser/shell_app_delegate.h [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/extensions/shell/browser/shell_extension_host_delegate.cc [modify] https://crrev.com/ad7c24a16ce2a7f54d3970c2172af02ebd221c4a/extensions/shell/browser/shell_extension_host_delegate.h
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/4ead6c35d84fcb312402a0ad5984cb44021b524e commit 4ead6c35d84fcb312402a0ad5984cb44021b524e Author: Raymes Khoury <raymes@chromium.org> Date: Wed Mar 07 04:43:48 2018 Expose GetPermissionStatusForFrame through the content PermissionManager API Within chrome/ GetPermissionStatusForFrame can already be used to accurately query the permission status for a particular RenderFrameHost. This will take into account things like Feature Policy. However currently this isn't exposed to content/. This CL exposes that function in the content API and uses it where sensible. Bug: 802945 Change-Id: I07402dc40c22939584178c071f5e253241c29e3f Reviewed-on: https://chromium-review.googlesource.com/940744 Commit-Queue: Raymes Khoury <raymes@chromium.org> Reviewed-by: Timothy Loh <timloh@chromium.org> Reviewed-by: Jochen Eisinger <jochen@chromium.org> Cr-Commit-Position: refs/heads/master@{#541337} [modify] https://crrev.com/4ead6c35d84fcb312402a0ad5984cb44021b524e/android_webview/browser/aw_permission_manager.cc [modify] https://crrev.com/4ead6c35d84fcb312402a0ad5984cb44021b524e/android_webview/browser/aw_permission_manager.h [modify] https://crrev.com/4ead6c35d84fcb312402a0ad5984cb44021b524e/chrome/browser/permissions/permission_manager.cc [modify] https://crrev.com/4ead6c35d84fcb312402a0ad5984cb44021b524e/chrome/browser/permissions/permission_manager.h [modify] https://crrev.com/4ead6c35d84fcb312402a0ad5984cb44021b524e/chromecast/browser/cast_permission_manager.cc [modify] https://crrev.com/4ead6c35d84fcb312402a0ad5984cb44021b524e/chromecast/browser/cast_permission_manager.h [modify] https://crrev.com/4ead6c35d84fcb312402a0ad5984cb44021b524e/components/domain_reliability/service_unittest.cc [modify] https://crrev.com/4ead6c35d84fcb312402a0ad5984cb44021b524e/content/browser/generic_sensor/sensor_provider_proxy_impl.cc [modify] https://crrev.com/4ead6c35d84fcb312402a0ad5984cb44021b524e/content/browser/permissions/permission_service_impl.cc [modify] https://crrev.com/4ead6c35d84fcb312402a0ad5984cb44021b524e/content/public/browser/permission_manager.h [modify] https://crrev.com/4ead6c35d84fcb312402a0ad5984cb44021b524e/content/public/test/mock_permission_manager.h [modify] https://crrev.com/4ead6c35d84fcb312402a0ad5984cb44021b524e/content/shell/browser/layout_test/layout_test_permission_manager.cc [modify] https://crrev.com/4ead6c35d84fcb312402a0ad5984cb44021b524e/content/shell/browser/layout_test/layout_test_permission_manager.h [modify] https://crrev.com/4ead6c35d84fcb312402a0ad5984cb44021b524e/content/shell/browser/shell_permission_manager.cc [modify] https://crrev.com/4ead6c35d84fcb312402a0ad5984cb44021b524e/content/shell/browser/shell_permission_manager.h [modify] https://crrev.com/4ead6c35d84fcb312402a0ad5984cb44021b524e/headless/lib/browser/headless_permission_manager.cc [modify] https://crrev.com/4ead6c35d84fcb312402a0ad5984cb44021b524e/headless/lib/browser/headless_permission_manager.h [modify] https://crrev.com/4ead6c35d84fcb312402a0ad5984cb44021b524e/third_party/WebKit/common/feature_policy/feature_policy.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/aa1b7deaacd5bb12ab8085e95ac90bdd9a4cdf28 commit aa1b7deaacd5bb12ab8085e95ac90bdd9a4cdf28 Author: Raymes Khoury <raymes@chromium.org> Date: Mon Mar 19 04:43:34 2018 Change scoping type of some content settings to be more accurate With permission delegation, permissions should generally not be set for embedded origins from UI (e.g. prompts, etc.). Therefore the default scoping type should not be REQUESTING_ORIGIN_AND_TOP_LEVEL_ORIGIN_SCOPE going forward. Some existing settings use this scoping type even though they don't need to: -The user pref for CONTENT_SETTINGS_TYPE_BLUETOOTH_GUARD is never set from UI so the scoping type is not important. -Accessibility events should be using permission delegation when it launches and so having it set to the requesting origin is appropriate -Payment handler is allowed by default but can be blocked for specific origins. I would suggest that behaves like JS, popups, etc. in that if the user blocks a certain origin, all origins that are embedded on that page are also blocked. -Clipboard is only currently only allowed for top level origins. If/when it gets exposed to iframes, it should use permission delegation. Bug: 802945 Change-Id: I2aaa2b67634571422b564f0a4e23b8c5a3d965c2 Reviewed-on: https://chromium-review.googlesource.com/954522 Reviewed-by: Timothy Loh <timloh@chromium.org> Reviewed-by: Dominic Mazzoni <dmazzoni@chromium.org> Reviewed-by: Jinho Bang <jinho.bang@samsung.com> Reviewed-by: Rouslan Solomakhin <rouslan@chromium.org> Commit-Queue: Raymes Khoury <raymes@chromium.org> Cr-Commit-Position: refs/heads/master@{#543970} [modify] https://crrev.com/aa1b7deaacd5bb12ab8085e95ac90bdd9a4cdf28/components/content_settings/core/browser/content_settings_registry.cc [modify] https://crrev.com/aa1b7deaacd5bb12ab8085e95ac90bdd9a4cdf28/components/content_settings/core/browser/website_settings_info.h
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/3ef4f6e1ccc542660852acbcd6aea8eac769cf1c commit 3ef4f6e1ccc542660852acbcd6aea8eac769cf1c Author: Raymes Khoury <raymes@chromium.org> Date: Thu Aug 09 09:34:48 2018 Change SubscribePermissionStatusChange to use a RFH to query permissions Currently updates to permission change subscriptions in PermissionManager won't use the RenderFrameHost to determine the permission value. This results in incorrect permission updates being sent in some cases. This changes updates to query GetPermissionStatusForFrame when possible. This is only not possible when the request is from a worker in which case we just use the worker's origin. Tbr: slan@chromium.org, asanka@chromium.org Bug: 802945 Change-Id: Ia69f7de8f166000661b5560a2f430b3787872b75 Reviewed-on: https://chromium-review.googlesource.com/979735 Commit-Queue: Raymes Khoury <raymes@chromium.org> Reviewed-by: Sami Kyöstilä <skyostil@chromium.org> Reviewed-by: Timothy Loh <timloh@chromium.org> Reviewed-by: Bo <boliu@chromium.org> Reviewed-by: Kinuko Yasuda <kinuko@chromium.org> Cr-Commit-Position: refs/heads/master@{#581843} [modify] https://crrev.com/3ef4f6e1ccc542660852acbcd6aea8eac769cf1c/android_webview/browser/aw_permission_manager.cc [modify] https://crrev.com/3ef4f6e1ccc542660852acbcd6aea8eac769cf1c/android_webview/browser/aw_permission_manager.h [modify] https://crrev.com/3ef4f6e1ccc542660852acbcd6aea8eac769cf1c/chrome/browser/permissions/permission_manager.cc [modify] https://crrev.com/3ef4f6e1ccc542660852acbcd6aea8eac769cf1c/chrome/browser/permissions/permission_manager.h [modify] https://crrev.com/3ef4f6e1ccc542660852acbcd6aea8eac769cf1c/chrome/browser/permissions/permission_manager_unittest.cc [modify] https://crrev.com/3ef4f6e1ccc542660852acbcd6aea8eac769cf1c/chromecast/browser/cast_permission_manager.cc [modify] https://crrev.com/3ef4f6e1ccc542660852acbcd6aea8eac769cf1c/chromecast/browser/cast_permission_manager.h [modify] https://crrev.com/3ef4f6e1ccc542660852acbcd6aea8eac769cf1c/components/domain_reliability/service_unittest.cc [modify] https://crrev.com/3ef4f6e1ccc542660852acbcd6aea8eac769cf1c/content/browser/permissions/permission_controller_impl.cc [modify] https://crrev.com/3ef4f6e1ccc542660852acbcd6aea8eac769cf1c/content/browser/permissions/permission_controller_impl.h [modify] https://crrev.com/3ef4f6e1ccc542660852acbcd6aea8eac769cf1c/content/browser/permissions/permission_service_context.cc [modify] https://crrev.com/3ef4f6e1ccc542660852acbcd6aea8eac769cf1c/content/public/browser/permission_controller_delegate.h [modify] https://crrev.com/3ef4f6e1ccc542660852acbcd6aea8eac769cf1c/content/public/test/mock_permission_manager.cc [modify] https://crrev.com/3ef4f6e1ccc542660852acbcd6aea8eac769cf1c/content/public/test/mock_permission_manager.h [modify] https://crrev.com/3ef4f6e1ccc542660852acbcd6aea8eac769cf1c/content/shell/browser/layout_test/layout_test_permission_manager.cc [modify] https://crrev.com/3ef4f6e1ccc542660852acbcd6aea8eac769cf1c/content/shell/browser/layout_test/layout_test_permission_manager.h [modify] https://crrev.com/3ef4f6e1ccc542660852acbcd6aea8eac769cf1c/content/shell/browser/shell_permission_manager.cc [modify] https://crrev.com/3ef4f6e1ccc542660852acbcd6aea8eac769cf1c/content/shell/browser/shell_permission_manager.h [modify] https://crrev.com/3ef4f6e1ccc542660852acbcd6aea8eac769cf1c/headless/lib/browser/headless_permission_manager.cc [modify] https://crrev.com/3ef4f6e1ccc542660852acbcd6aea8eac769cf1c/headless/lib/browser/headless_permission_manager.h
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/32ff6619802dfb77980ca274b6d7ea798a3c55a6 commit 32ff6619802dfb77980ca274b6d7ea798a3c55a6 Author: Raymes Khoury <raymes@chromium.org> Date: Fri Aug 10 01:48:18 2018 Ensure that GetPermissionStatus isn't called for embedded origins with Permission Delegation With Permission Delegation enabled, GetPermissionStatusForFrame should always be used to determine the permission status for an embedded origin. GetPermissionStatus should only be used when there is no frame available (e.g. for UI or in the case of service workers, etc.). Bug: 802945 Change-Id: I45867eb3c3e98be57b48e8c2c3cade6287e9a8fd Reviewed-on: https://chromium-review.googlesource.com/942504 Commit-Queue: Raymes Khoury <raymes@chromium.org> Reviewed-by: Timothy Loh <timloh@chromium.org> Reviewed-by: Marc Treib <treib@chromium.org> Cr-Commit-Position: refs/heads/master@{#582007} [modify] https://crrev.com/32ff6619802dfb77980ca274b6d7ea798a3c55a6/chrome/browser/permissions/permission_manager.cc [modify] https://crrev.com/32ff6619802dfb77980ca274b6d7ea798a3c55a6/chrome/browser/ui/search/local_ntp_voice_search_browsertest.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/06d6aef7859cffc2f2331ca055acd41d4be1ad81 commit 06d6aef7859cffc2f2331ca055acd41d4be1ad81 Author: Raymes Khoury <raymes@chromium.org> Date: Thu Aug 16 06:40:15 2018 Measure the number of embedded content settings set by extensions This adds a metric which measures the number of times an extension sets a content setting that has an embedded exception. This means that the primary and secondary pattern are different. We plan to deprecate this type of usage for permissions. If usage of this feature is low for other types of settings we may also consider deprecating those. Bug: 802945, 874322 Change-Id: I5076603eb462cda4495538022c4c3a93c8894519 Reviewed-on: https://chromium-review.googlesource.com/1174082 Reviewed-by: Steven Holte <holte@chromium.org> Reviewed-by: Devlin <rdevlin.cronin@chromium.org> Reviewed-by: Martin Šrámek <msramek@chromium.org> Commit-Queue: Raymes Khoury <raymes@chromium.org> Cr-Commit-Position: refs/heads/master@{#583566} [modify] https://crrev.com/06d6aef7859cffc2f2331ca055acd41d4be1ad81/chrome/browser/extensions/api/content_settings/content_settings_api.cc [modify] https://crrev.com/06d6aef7859cffc2f2331ca055acd41d4be1ad81/chrome/browser/extensions/api/content_settings/content_settings_apitest.cc [add] https://crrev.com/06d6aef7859cffc2f2331ca055acd41d4be1ad81/chrome/test/data/extensions/api_test/content_settings/embeddedsettingsmetric/manifest.json [add] https://crrev.com/06d6aef7859cffc2f2331ca055acd41d4be1ad81/chrome/test/data/extensions/api_test/content_settings/embeddedsettingsmetric/test.html [add] https://crrev.com/06d6aef7859cffc2f2331ca055acd41d4be1ad81/chrome/test/data/extensions/api_test/content_settings/embeddedsettingsmetric/test.js [modify] https://crrev.com/06d6aef7859cffc2f2331ca055acd41d4be1ad81/tools/metrics/histograms/histograms.xml
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/7c0b309939a68cde24b2f3b661362f4c604ca876 commit 7c0b309939a68cde24b2f3b661362f4c604ca876 Author: Raymes Khoury <raymes@chromium.org> Date: Thu Aug 23 03:06:30 2018 Add test to PermissionManager for permission delegation This test checks that basic behaviors related to permission delegation work correctly in PermissionManager. This includes requesting permission from a child frame, ensuring the origin displayed is correct and revoking access from the parent later and ensuring that is reflected in the child. Bug: 802945 Change-Id: Id2183c0d08d930fbd1664a2ba6102cb3bd56dd7c Reviewed-on: https://chromium-review.googlesource.com/1182716 Reviewed-by: Timothy Loh <timloh@chromium.org> Commit-Queue: Raymes Khoury <raymes@chromium.org> Cr-Commit-Position: refs/heads/master@{#585381} [modify] https://crrev.com/7c0b309939a68cde24b2f3b661362f4c604ca876/chrome/browser/geolocation/geolocation_permission_context_extensions.cc [modify] https://crrev.com/7c0b309939a68cde24b2f3b661362f4c604ca876/chrome/browser/permissions/permission_manager_unittest.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/a3026b61aa28dd5f478a849c98855324c38ec1b6 commit a3026b61aa28dd5f478a849c98855324c38ec1b6 Author: Raymes Khoury <raymes@chromium.org> Date: Mon Aug 27 02:28:14 2018 Migrate embedded permission settings when Permission Delegation is enabled This removes content settings set for embedded sites for the geolocation, protected media and midi sysex permissions when permission delegation is enabled. If one of these permissions is set, the permission for the top level origin will also be reset. This is because some users may have allowed a top level origin while blocking a site embedded in it. In those cases the top level site could delegate permission to an embedded site they had previously blocked. Clearing access to the top level site gives those users another opportunity. Bug: 802945 Cq-Include-Trybots: luci.chromium.try:ios-simulator-full-configs;master.tryserver.chromium.mac:ios-simulator-cronet Change-Id: Ie858ff005078326d9b04b82a03ebc9febe81aebe Reviewed-on: https://chromium-review.googlesource.com/1166620 Commit-Queue: Raymes Khoury <raymes@chromium.org> Reviewed-by: Sylvain Defresne <sdefresne@chromium.org> Reviewed-by: Martin Šrámek <msramek@chromium.org> Reviewed-by: Varun Khaneja <vakh@chromium.org> Cr-Commit-Position: refs/heads/master@{#586182} [modify] https://crrev.com/a3026b61aa28dd5f478a849c98855324c38ec1b6/chrome/browser/content_settings/host_content_settings_map_factory.cc [modify] https://crrev.com/a3026b61aa28dd5f478a849c98855324c38ec1b6/chrome/browser/content_settings/host_content_settings_map_unittest.cc [modify] https://crrev.com/a3026b61aa28dd5f478a849c98855324c38ec1b6/chrome/browser/safe_browsing/chrome_password_protection_service_unittest.cc [modify] https://crrev.com/a3026b61aa28dd5f478a849c98855324c38ec1b6/components/content_settings/core/browser/cookie_settings_unittest.cc [modify] https://crrev.com/a3026b61aa28dd5f478a849c98855324c38ec1b6/components/content_settings/core/browser/host_content_settings_map.cc [modify] https://crrev.com/a3026b61aa28dd5f478a849c98855324c38ec1b6/components/content_settings/core/browser/host_content_settings_map.h [modify] https://crrev.com/a3026b61aa28dd5f478a849c98855324c38ec1b6/components/safe_browsing/password_protection/password_protection_service_unittest.cc [modify] https://crrev.com/a3026b61aa28dd5f478a849c98855324c38ec1b6/components/signin/core/browser/signin_header_helper_unittest.cc [modify] https://crrev.com/a3026b61aa28dd5f478a849c98855324c38ec1b6/components/signin/ios/browser/account_consistency_service_unittest.mm [modify] https://crrev.com/a3026b61aa28dd5f478a849c98855324c38ec1b6/ios/chrome/browser/content_settings/host_content_settings_map_factory.cc [modify] https://crrev.com/a3026b61aa28dd5f478a849c98855324c38ec1b6/ios/web_view/internal/content_settings/web_view_host_content_settings_map_factory.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/7cbca198d5429bc127b976ffb09d57105f1d1bab commit 7cbca198d5429bc127b976ffb09d57105f1d1bab Author: Raymes Khoury <raymes@chromium.org> Date: Thu Aug 30 05:46:01 2018 Prevent extensions and enterprise settings setting embedded exceptions This change prevents extensions and enterprise settings from setting embedded exceptions for content setting types that don't support them. Namely, with permission delegation enabled, permission types don't support embedded patterns. In practice this only impacts the geolocation content setting when it is set through the chrome.contentSettings API. An additional scoping type is introduced to reflect content settings which can set embedded patterns and those which cannot. More details are included in the design doc: https://docs.google.com/document/d/1x5QejvpyQ71LPWhMLsaM1lWCfSsBsSQ8Dap9kJ6uLv0/edit#heading=h.bwzi3w3lx8nz Change-Id: I4384fd26d01862f477ba18fe7d87915ddae15446 Bug: 802945 Reviewed-on: https://chromium-review.googlesource.com/1173192 Commit-Queue: Raymes Khoury <raymes@chromium.org> Reviewed-by: Devlin <rdevlin.cronin@chromium.org> Reviewed-by: Martin Šrámek <msramek@chromium.org> Cr-Commit-Position: refs/heads/master@{#587451} [modify] https://crrev.com/7cbca198d5429bc127b976ffb09d57105f1d1bab/chrome/browser/extensions/api/content_settings/content_settings_api.cc [modify] https://crrev.com/7cbca198d5429bc127b976ffb09d57105f1d1bab/chrome/browser/extensions/api/content_settings/content_settings_apitest.cc [add] https://crrev.com/7cbca198d5429bc127b976ffb09d57105f1d1bab/chrome/test/data/extensions/api_test/content_settings/embeddedsettings/manifest.json [add] https://crrev.com/7cbca198d5429bc127b976ffb09d57105f1d1bab/chrome/test/data/extensions/api_test/content_settings/embeddedsettings/test.html [add] https://crrev.com/7cbca198d5429bc127b976ffb09d57105f1d1bab/chrome/test/data/extensions/api_test/content_settings/embeddedsettings/test.js [modify] https://crrev.com/7cbca198d5429bc127b976ffb09d57105f1d1bab/components/content_settings/core/browser/content_settings_policy_provider.cc [modify] https://crrev.com/7cbca198d5429bc127b976ffb09d57105f1d1bab/components/content_settings/core/browser/content_settings_registry.cc [modify] https://crrev.com/7cbca198d5429bc127b976ffb09d57105f1d1bab/components/content_settings/core/browser/host_content_settings_map.cc [modify] https://crrev.com/7cbca198d5429bc127b976ffb09d57105f1d1bab/components/content_settings/core/browser/website_settings_info.cc [modify] https://crrev.com/7cbca198d5429bc127b976ffb09d57105f1d1bab/components/content_settings/core/browser/website_settings_info.h [modify] https://crrev.com/7cbca198d5429bc127b976ffb09d57105f1d1bab/components/content_settings/core/browser/website_settings_registry.cc [modify] https://crrev.com/7cbca198d5429bc127b976ffb09d57105f1d1bab/components/content_settings/core/browser/website_settings_registry_unittest.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/e5b72a1dc326b6b635c6cd6f8d17fc6214240513 commit e5b72a1dc326b6b635c6cd6f8d17fc6214240513 Author: Raymes Khoury <raymes@chromium.org> Date: Thu Aug 30 06:03:36 2018 Add a test for SubscribePermissionStatusChange for Permission Delegation This adds a test to PermissionManager to verify that subscribing to permission status changes for child frames works correctly with permission delegation enabled. Specifically child frames that are impacted by permission changes in parent frames should receive updates. Bug: 802945 Change-Id: Ic6ec9bfffe5b6c5f0935c6e857dd162af84a0a14 Reviewed-on: https://chromium-review.googlesource.com/1195252 Reviewed-by: Timothy Loh <timloh@chromium.org> Commit-Queue: Raymes Khoury <raymes@chromium.org> Cr-Commit-Position: refs/heads/master@{#587454} [modify] https://crrev.com/e5b72a1dc326b6b635c6cd6f8d17fc6214240513/chrome/browser/permissions/permission_manager_unittest.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/76e7b6c7586052e4042c7dbf456e3e0bdcfe6065 commit 76e7b6c7586052e4042c7dbf456e3e0bdcfe6065 Author: Raymes Khoury <raymes@chromium.org> Date: Mon Sep 03 03:48:21 2018 Make the midi sysex content setting unsyncable The migration code for permission delegation is going to touch the midi sysex seting which is currently syncable. Migration code does not run well on syncable settings. To work around this for the time being, we're temporarily making midi sysex not syncable. Bug: 802945, 879954 Change-Id: I36fb0c83fbd823e6c4612a64dce84787080a8732 Reviewed-on: https://chromium-review.googlesource.com/1196283 Commit-Queue: Raymes Khoury <raymes@chromium.org> Reviewed-by: Martin Šrámek <msramek@chromium.org> Cr-Commit-Position: refs/heads/master@{#588324} [modify] https://crrev.com/76e7b6c7586052e4042c7dbf456e3e0bdcfe6065/components/content_settings/core/browser/content_settings_registry.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/02b12a035888c7f2332055779a86c206cccfa219 commit 02b12a035888c7f2332055779a86c206cccfa219 Author: Raymes Khoury <raymes@chromium.org> Date: Wed Sep 05 04:43:39 2018 Remove embedded patterns from extension prefs for types that don't support them Some content settings types don't support embedded patterns, however it's currently possible to set embedded patterns for these types. https://chromium-review.googlesource.com/c/chromium/src/+/1173192 stops this from being possible, however if these patterns were already written to a pref then they will still be there. This CL deletes those patterns. Bug: 802945 Change-Id: Ia7fd878ba3d1a635bb92215f0b6dbba04519a07c Reviewed-on: https://chromium-review.googlesource.com/1175518 Reviewed-by: Devlin <rdevlin.cronin@chromium.org> Reviewed-by: Martin Šrámek <msramek@chromium.org> Commit-Queue: Raymes Khoury <raymes@chromium.org> Cr-Commit-Position: refs/heads/master@{#588766} [modify] https://crrev.com/02b12a035888c7f2332055779a86c206cccfa219/chrome/browser/extensions/api/content_settings/content_settings_store.cc [modify] https://crrev.com/02b12a035888c7f2332055779a86c206cccfa219/chrome/browser/extensions/api/content_settings/content_settings_store_unittest.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/5e9f806410de4daa95cc0f57061e12270391fdff commit 5e9f806410de4daa95cc0f57061e12270391fdff Author: Raymes Khoury <raymes@chromium.org> Date: Thu Sep 06 00:38:20 2018 Enable Permission Delegation This enables the Permission Delegation feature by default. Bug: 802945, 818004 Change-Id: I1631401b929aee66def51d44e71e1d95915fcd54 Reviewed-on: https://chromium-review.googlesource.com/1201644 Reviewed-by: Devlin <rdevlin.cronin@chromium.org> Reviewed-by: Timothy Loh <timloh@chromium.org> Reviewed-by: Martin Šrámek <msramek@chromium.org> Commit-Queue: Raymes Khoury <raymes@chromium.org> Cr-Commit-Position: refs/heads/master@{#589072} [modify] https://crrev.com/5e9f806410de4daa95cc0f57061e12270391fdff/chrome/browser/extensions/api/content_settings/content_settings_api.cc [modify] https://crrev.com/5e9f806410de4daa95cc0f57061e12270391fdff/chrome/browser/extensions/api/content_settings/content_settings_apitest.cc [modify] https://crrev.com/5e9f806410de4daa95cc0f57061e12270391fdff/chrome/common/chrome_features.cc
Comment 1 by bugdroid1@chromium.org
, Feb 28 2018