Fix HasSingleSecurityOrigin for HLS

HLS manifests can request segments from a different origin than the original manifest's origin. We do not inspect HLS manifests within Chromium, and instead delegate to Android's MediaPlayer. This means we need to be conservative, and always assume segments might come from a different origin. HasSingleSecurityOrigin should always return false when decoding HLS. Bug: 864283 Change-Id: Ie16849ac6f29ae7eaa9caf342ad0509a226228ef Reviewed-on: https://chromium-review.googlesource.com/1142691Reviewed-by: Dale Curtis <dalecurtis@chromium.org> Reviewed-by: Dominick Ng <dominickn@chromium.org> Commit-Queue: Thomas Guilbert <tguilbert@chromium.org> Cr-Commit-Position: refs/heads/master@{#576378}

Fix HasSingleSecurityOrigin for HLS
HLS manifests can request segments from a different origin than the original manifest's origin. We do not inspect HLS manifests within Chromium, and instead delegate to Android's MediaPlayer. This means we need to be conservative, and always assume segments might come from a different origin. HasSingleSecurityOrigin should always return false when decoding HLS. Bug: 864283 Change-Id: Ie16849ac6f29ae7eaa9caf342ad0509a226228ef Reviewed-on: https://chromium-review.googlesource.com/1142691Reviewed-by: Dale Curtis <dalecurtis@chromium.org> Reviewed-by: Dominick Ng <dominickn@chromium.org> Commit-Queue: Thomas Guilbert <tguilbert@chromium.org> Cr-Commit-Position: refs/heads/master@{#576378}
153f8457 · Thomas Guilbert · Commit Bot · 13ca4169 · 153f8457 · 153f8457
Commit 153f8457 authored Jul 19, 2018 by Thomas Guilbert Committed by Commit Bot Jul 19, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 13 additions and 0 deletions

media/blink/webmediaplayer_impl.cc media/blink/webmediaplayer_impl.cc +8 -0

media/blink/webmediaplayer_impl.h media/blink/webmediaplayer_impl.h +5 -0

No files found.
--- a/media/blink/webmediaplayer_impl.cc
+++ b/media/blink/webmediaplayer_impl.cc
@@ -1126,6 +1126,12 @@ bool WebMediaPlayerImpl::DidGetOpaqueResponseFromServiceWorker() const {
 }
 bool WebMediaPlayerImpl::HasSingleSecurityOrigin() const {
+  if (demuxer_found_hls_) {
+    // HLS manifests might pull segments from a different origin. We can't know
+    // for sure, so we conservatively say no here.
+    return false;
+  }
  if (data_source_)
    return data_source_->HasSingleOrigin();
  return true;
@@ -1530,6 +1536,8 @@ void WebMediaPlayerImpl::OnError(PipelineStatus status) {
 #if defined(OS_ANDROID)
  if (status == PipelineStatus::DEMUXER_ERROR_DETECTED_HLS) {
+    demuxer_found_hls_ = true;
    renderer_factory_selector_->SetUseMediaPlayer(true);
    pipeline_controller_.Stop();

--- a/media/blink/webmediaplayer_impl.h
+++ b/media/blink/webmediaplayer_impl.h
@@ -788,6 +788,11 @@ class MEDIA_BLINK_EXPORT WebMediaPlayerImpl
  // removing |cast_impl_|.
  bool using_media_player_renderer_ = false;
+  // Set whenever the demuxer encounters an HLS file.
+  // This flag is distinct from |using_media_player_renderer_|, because on older
+  // devices we might use MediaPlayerRenderer for non HLS playback.
+  bool demuxer_found_hls_ = false;
  // Called sometime after the media is suspended in a playing state in
  // OnFrameHidden(), causing the state to change to paused.
  base::OneShotTimer background_pause_timer_;