commit fb4dd15c290ffa283c157f42f4d5abae97c3193d
author xhwang <xhwang@chromium.org> Sat May 06 19:07:15 2017
committer Commit bot <commit-bot@chromium.org> Sat May 06 19:07:15 2017
tree 6e8cb5e1543546b4a5f530241d68262d663594ae
parent bfe1030ac8d3e23bd238376e9aeab0bfb3437ee7

media: Restrict ProtectedMediaIdentifier permission to secure origins

Currently EME is restricted to secure origins (see BUG). However, it's
possible that the renderer process is compromised and bypasses this
restriction. This CL restricts the ProtectedMediaIdentifier permission
to secure origin as well to add another layer of protection.

Origins whitelisted by the --unsafely-treat-insecure-origin-as-secure
flag will always be treated as "secure", and as such will not be
affected by this change.

BUG=672605

Review-Url: https://codereview.chromium.org/2859293003
Cr-Commit-Position: refs/heads/master@{#469866}

chrome/browser/media/protected_media_identifier_permission_context.cc

diff --git a/chrome/browser/media/protected_media_identifier_permission_context.cc b/chrome/browser/media/protected_media_identifier_permission_context.cc
index 50c2dc5..3ef58c8 100644
--- a/chrome/browser/media/protected_media_identifier_permission_context.cc
+++ b/chrome/browser/media/protected_media_identifier_permission_context.cc
@@ -145,9 +145,12 @@
   }
 }
 
-bool
-ProtectedMediaIdentifierPermissionContext::IsRestrictedToSecureOrigins() const {
-  return false;
+bool ProtectedMediaIdentifierPermissionContext::IsRestrictedToSecureOrigins()
+    const {
+  // EME is not supported on insecure origins, see https://goo.gl/Ks5zf7
+  // Note that origins whitelisted by --unsafely-treat-insecure-origin-as-secure
+  // flag will be treated as "secure" so they will not be affected.
+  return true;
 }
 
 // TODO(xhwang): We should consolidate the "protected content" related pref