1 // Copyright 2013 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "android_webview/renderer/aw_permission_client.h" 6 7 #include "content/public/renderer/render_frame.h" 8 #include "third_party/WebKit/public/platform/WebURL.h" 9 #include "third_party/WebKit/public/web/WebFrame.h" 10 #include "url/gurl.h" 11 12 namespace android_webview { 13 14 namespace { 15 16 bool AllowMixedContent(const blink::WebURL& url) { 17 // We treat non-standard schemes as "secure" in the WebView to allow them to 18 // be used for request interception. 19 // TODO(benm): Tighten this restriction by requiring embedders to register 20 // their custom schemes? See b/9420953. 21 GURL gurl(url); 22 return !gurl.IsStandard(); 23 } 24 25 } 26 27 AwPermissionClient::AwPermissionClient(content::RenderFrame* render_frame) 28 : content::RenderFrameObserver(render_frame) { 29 render_frame->GetWebFrame()->setPermissionClient(this); 30 } 31 32 AwPermissionClient::~AwPermissionClient() { 33 } 34 35 bool AwPermissionClient::allowDisplayingInsecureContent( 36 bool enabled_per_settings, 37 const blink::WebSecurityOrigin& origin, 38 const blink::WebURL& url) { 39 return enabled_per_settings ? true : AllowMixedContent(url); 40 } 41 42 bool AwPermissionClient::allowRunningInsecureContent( 43 bool enabled_per_settings, 44 const blink::WebSecurityOrigin& origin, 45 const blink::WebURL& url) { 46 return enabled_per_settings ? true : AllowMixedContent(url); 47 } 48 49 } // namespace android_webview 50
