[Background Fetch] Incorporate DownloadRequestLimiter with BGF.

This will use the same permission model for downloads (only framed contexts) when a fetch is started. The permission will be checked every time a fetch starts (in the browser process) to prevent race conditions. Bug: 692647 Change-Id: Id67682cadaec3c0669d4308ac69e60447353a4e8 Reviewed-on: https://chromium-review.googlesource.com/1178281Reviewed-by: Avi Drissman <avi@chromium.org> Reviewed-by: Peter Beverloo <peter@chromium.org> Reviewed-by: Dominick Ng <dominickn@chromium.org> Reviewed-by: Mugdha Lakhani <nator@chromium.org> Commit-Queue: Rayan Kanso <rayankans@chromium.org> Cr-Commit-Position: refs/heads/master@{#585424}

[Background Fetch] Incorporate DownloadRequestLimiter with BGF.
This will use the same permission model for downloads (only framed contexts) when a fetch is started. The permission will be checked every time a fetch starts (in the browser process) to prevent race conditions. Bug: 692647 Change-Id: Id67682cadaec3c0669d4308ac69e60447353a4e8 Reviewed-on: https://chromium-review.googlesource.com/1178281Reviewed-by: Avi Drissman <avi@chromium.org> Reviewed-by: Peter Beverloo <peter@chromium.org> Reviewed-by: Dominick Ng <dominickn@chromium.org> Reviewed-by: Mugdha Lakhani <nator@chromium.org> Commit-Queue: Rayan Kanso <rayankans@chromium.org> Cr-Commit-Position: refs/heads/master@{#585424}
697f60ca · Rayan Kanso · Commit Bot · af1ab709 · 697f60ca · 697f60ca
Commit 697f60ca authored Aug 23, 2018 by Rayan Kanso Committed by Commit Bot Aug 23, 2018
22 changed files
--- a/chrome/browser/background_fetch/background_fetch_browsertest.cc
+++ b/chrome/browser/background_fetch/background_fetch_browsertest.cc
@@ -12,6 +12,8 @@
 #include "base/strings/stringprintf.h"
 #include "build/build_config.h"
 #include "chrome/browser/background_fetch/background_fetch_delegate_impl.h"
+#include "chrome/browser/browser_process.h"
+#include "chrome/browser/download/download_request_limiter.h"
 #include "chrome/browser/download/download_service_factory.h"
 #include "chrome/browser/offline_items_collection/offline_content_aggregator_factory.h"
 #include "chrome/browser/profiles/profile.h"
@@ -149,6 +151,8 @@ class OfflineContentProviderObserver : public OfflineContentProvider::Observer {
  DISALLOW_COPY_AND_ASSIGN(OfflineContentProviderObserver);
 };

+}  // namespace
+
 class BackgroundFetchBrowserTest : public InProcessBrowserTest {
 public:
  BackgroundFetchBrowserTest()
@@ -223,13 +227,13 @@ class BackgroundFetchBrowserTest : public InProcessBrowserTest {
    run_loop.Run();
  }

-  // Runs the |script| and waits for a background fetch event.
+  // Runs the |script| and waits for a message.
  // Wrap in ASSERT_NO_FATAL_FAILURE().
-  void RunScriptAndCheckResultingEvent(const std::string& script,
-                                       const std::string& expected_event) {
+  void RunScriptAndCheckResultingMessage(const std::string& script,
+                                         const std::string& expected_message) {
    std::string result;
    ASSERT_NO_FATAL_FAILURE(RunScript(script, &result));
-    ASSERT_EQ(expected_event, result);
+    ASSERT_EQ(expected_message, result);
  }

  void GetVisualsForOfflineItemSync(
@@ -292,6 +296,17 @@ class BackgroundFetchBrowserTest : public InProcessBrowserTest {
    std::move(quit_closure).Run();
  }

+  void RevokeDownloadPermission() {
+    content::WebContents* web_contents =
+        browser()->tab_strip_model()->GetActiveWebContents();
+    DownloadRequestLimiter::TabDownloadState* tab_download_state =
+        g_browser_process->download_request_limiter()->GetDownloadState(
+            web_contents, web_contents, true /* create */);
+    tab_download_state->set_download_seen();
+    tab_download_state->SetDownloadStatusAndNotify(
+        DownloadRequestLimiter::DOWNLOADS_NOT_ALLOWED);
+  }
+
 protected:
  download::DownloadService* download_service_{nullptr};

@@ -492,7 +507,7 @@ IN_PROC_BROWSER_TEST_F(

 IN_PROC_BROWSER_TEST_F(BackgroundFetchBrowserTest,
                       FetchesRunToCompletionAndUpdateTitle_Fetched) {
-  ASSERT_NO_FATAL_FAILURE(RunScriptAndCheckResultingEvent(
+  ASSERT_NO_FATAL_FAILURE(RunScriptAndCheckResultingMessage(
      "RunFetchTillCompletion()", "backgroundfetchsuccess"));
  base::RunLoop().RunUntilIdle();  // Give `updateUI` a chance to propagate.
  EXPECT_TRUE(
@@ -502,7 +517,7 @@ IN_PROC_BROWSER_TEST_F(BackgroundFetchBrowserTest,

 IN_PROC_BROWSER_TEST_F(BackgroundFetchBrowserTest,
                       FetchesRunToCompletionAndUpdateTitle_Failed) {
-  ASSERT_NO_FATAL_FAILURE(RunScriptAndCheckResultingEvent(
+  ASSERT_NO_FATAL_FAILURE(RunScriptAndCheckResultingMessage(
      "RunFetchTillCompletionWithMissingResource()", "backgroundfetchfail"));
  base::RunLoop().RunUntilIdle();  // Give `updateUI` a chance to propagate.
  EXPECT_TRUE(
@@ -510,4 +525,10 @@ IN_PROC_BROWSER_TEST_F(BackgroundFetchBrowserTest,
                       "New Failed Title!", base::CompareCase::SENSITIVE));
 }

-}  // namespace
+IN_PROC_BROWSER_TEST_F(BackgroundFetchBrowserTest,
+                       FetchRejectedWithoutPermission) {
+  RevokeDownloadPermission();
+  ASSERT_NO_FATAL_FAILURE(RunScriptAndCheckResultingMessage(
+      "RunFetchAnExpectAnException()",
+      "This origin does not have permission to start a fetch."));
+}
--- a/chrome/browser/background_fetch/background_fetch_delegate_impl.cc
+++ b/chrome/browser/background_fetch/background_fetch_delegate_impl.cc
@@ -12,6 +12,8 @@
 #include "base/strings/string_util.h"
 #include "base/strings/stringprintf.h"
 #include "build/build_config.h"
+#include "chrome/browser/browser_process.h"
+#include "chrome/browser/download/download_request_limiter.h"
 #include "chrome/browser/download/download_service_factory.h"
 #include "chrome/browser/offline_items_collection/offline_content_aggregator_factory.h"
 #include "chrome/browser/profiles/profile.h"
@@ -25,6 +27,7 @@
 #include "third_party/skia/include/core/SkBitmap.h"
 #include "ui/gfx/geometry/size.h"
 #include "ui/gfx/image/image_skia.h"
+#include "url/origin.h"

 BackgroundFetchDelegateImpl::BackgroundFetchDelegateImpl(
    Profile* profile,
@@ -148,6 +151,28 @@ void BackgroundFetchDelegateImpl::GetIconDisplaySize(
  std::move(callback).Run(display_size);
 }

+void BackgroundFetchDelegateImpl::GetPermissionForOrigin(
+    const url::Origin& origin,
+    const content::ResourceRequestInfo::WebContentsGetter& wc_getter,
+    GetPermissionForOriginCallback callback) {
+  DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
+
+  if (!wc_getter) {
+    // TODO(crbug.com/692647): Check permission for non-framed contexts as well.
+    std::move(callback).Run(true /* has_permission */);
+    return;
+  }
+
+  DownloadRequestLimiter* limiter =
+      g_browser_process->download_request_limiter();
+  DCHECK(limiter);
+
+  // The fetch should be thought of as one download. So the origin will be
+  // used as the URL, and the |request_method| is set to GET.
+  limiter->CanDownload(wc_getter, origin.GetURL(), "GET",
+                       base::AdaptCallbackForRepeating(std::move(callback)));
+}
+
 void BackgroundFetchDelegateImpl::CreateDownloadJob(
    std::unique_ptr<content::BackgroundFetchDescription> fetch_description) {
  DCHECK_CURRENTLY_ON(content::BrowserThread::UI);

--- a/chrome/browser/background_fetch/background_fetch_delegate_impl.h
+++ b/chrome/browser/background_fetch/background_fetch_delegate_impl.h
@@ -52,6 +52,10 @@ class BackgroundFetchDelegateImpl

  // BackgroundFetchDelegate implementation:
  void GetIconDisplaySize(GetIconDisplaySizeCallback callback) override;
+  void GetPermissionForOrigin(
+      const url::Origin& origin,
+      const content::ResourceRequestInfo::WebContentsGetter& wc_getter,
+      GetPermissionForOriginCallback callback) override;
  void CreateDownloadJob(std::unique_ptr<content::BackgroundFetchDescription>
                             fetch_description) override;
  void DownloadUrl(const std::string& job_unique_id,

--- a/chrome/browser/download/download_request_limiter.h
+++ b/chrome/browser/download/download_request_limiter.h
@@ -239,6 +239,7 @@ class DownloadRequestLimiter
  FRIEND_TEST_ALL_PREFIXES(ContentSettingImageModelBrowserTest,
                           CreateBubbleModel);
  friend class base::RefCountedThreadSafe<DownloadRequestLimiter>;
+  friend class BackgroundFetchBrowserTest;
  friend class ContentSettingBubbleDialogTest;
  friend class DownloadRequestLimiterTest;
  friend class TabDownloadState;

--- a/chrome/test/data/background_fetch/background_fetch.js
+++ b/chrome/test/data/background_fetch/background_fetch.js
@@ -116,3 +116,15 @@ function RunFetchTillCompletionWithMissingResource() {
        kBackgroundFetchId, resources);
  }).catch(sendErrorToTest);
 }
+
+// Starts a Background Fetch that should fail due to a missing resource.
+function RunFetchAnExpectAnException() {
+  const resources = [
+    '/background_fetch/types_of_cheese.txt',
+    '/background_fetch/missing_cat.txt',
+  ];
+  navigator.serviceWorker.ready.then(swRegistration => {
+    return swRegistration.backgroundFetch.fetch(kBackgroundFetchId, resources);
+  }).then(sendErrorToTest)
+    .catch(e => sendResultToTest(e.message));
+}
--- a/content/browser/background_fetch/background_fetch_context.cc
+++ b/content/browser/background_fetch/background_fetch_context.cc
@@ -17,6 +17,8 @@
 #include "content/browser/service_worker/service_worker_context_wrapper.h"
 #include "content/public/browser/background_fetch_delegate.h"
 #include "content/public/browser/browser_context.h"
+#include "content/public/browser/render_frame_host.h"
+#include "content/public/browser/web_contents.h"
 #include "net/url_request/url_request_context_getter.h"
 #include "storage/browser/blob/blob_data_handle.h"
 #include "storage/browser/quota/quota_manager_proxy.h"
@@ -131,6 +133,7 @@ void BackgroundFetchContext::StartFetch(
    const std::vector<ServiceWorkerFetchRequest>& requests,
    const BackgroundFetchOptions& options,
    const SkBitmap& icon,
+    RenderFrameHost* render_frame_host,
    blink::mojom::BackgroundFetchService::FetchCallback callback) {
  DCHECK_CURRENTLY_ON(BrowserThread::IO);

@@ -141,10 +144,55 @@ void BackgroundFetchContext::StartFetch(
  DCHECK_EQ(0u, fetch_callbacks_.count(registration_id));
  fetch_callbacks_[registration_id] = std::move(callback);

-  data_manager_->CreateRegistration(
-      registration_id, requests, options, icon,
+  // |data_manager| is guaranteed to outlive |this|. |create_registration| is
+  // passed to `DidGetPermission`, which is tied to |weak_factory_|. That means
+  // that if |create_registration| runs, |this| is still alive, as is
+  // |data_manager| (a pointer owned by |this|).
+  auto create_registration = base::BindOnce(
+      &BackgroundFetchDataManager::CreateRegistration,
+      base::Unretained(data_manager_.get()), registration_id, requests, options,
+      icon,
      base::BindOnce(&BackgroundFetchContext::DidCreateRegistration,
                     weak_factory_.GetWeakPtr(), registration_id));
+
+  GetPermissionForOrigin(
+      registration_id.origin(), render_frame_host,
+      base::BindOnce(&BackgroundFetchContext::DidGetPermission,
+                     weak_factory_.GetWeakPtr(), std::move(create_registration),
+                     registration_id));
+}
+
+void BackgroundFetchContext::GetPermissionForOrigin(
+    const url::Origin& origin,
+    RenderFrameHost* render_frame_host,
+    GetPermissionCallback callback) {
+  DCHECK_CURRENTLY_ON(BrowserThread::IO);
+
+  ResourceRequestInfo::WebContentsGetter wc_getter =
+      render_frame_host
+          ? base::BindRepeating(&WebContents::FromFrameTreeNodeId,
+                                render_frame_host->GetFrameTreeNodeId())
+          : base::NullCallback();
+
+  delegate_proxy_.GetPermissionForOrigin(origin, std::move(wc_getter),
+                                         std::move(callback));
+}
+
+void BackgroundFetchContext::DidGetPermission(
+    base::OnceClosure permission_closure,
+    const BackgroundFetchRegistrationId& registration_id,
+    bool has_permission) {
+  if (has_permission) {
+    std::move(permission_closure).Run();
+    return;
+  }
+
+  // No permission, the fetch should be rejected.
+  background_fetch::RecordRegistrationCreatedError(
+      blink::mojom::BackgroundFetchError::PERMISSION_DENIED);
+  std::move(fetch_callbacks_[registration_id])
+      .Run(blink::mojom::BackgroundFetchError::PERMISSION_DENIED,
+           base::nullopt);
 }

 void BackgroundFetchContext::GetIconDisplaySize(

--- a/content/browser/background_fetch/background_fetch_context.h
+++ b/content/browser/background_fetch/background_fetch_context.h
@@ -40,6 +40,7 @@ class BackgroundFetchRequestInfo;
 class BackgroundFetchScheduler;
 class BrowserContext;
 class CacheStorageContextImpl;
+class RenderFrameHost;
 class ServiceWorkerContextWrapper;
 struct ServiceWorkerFetchRequest;

@@ -90,6 +91,7 @@ class CONTENT_EXPORT BackgroundFetchContext
                  const std::vector<ServiceWorkerFetchRequest>& requests,
                  const BackgroundFetchOptions& options,
                  const SkBitmap& icon,
+                  RenderFrameHost* render_frame_host,
                  blink::mojom::BackgroundFetchService::FetchCallback callback);

  // Gets display size for the icon for Background Fetch UI.
@@ -148,6 +150,8 @@ class CONTENT_EXPORT BackgroundFetchContext
  void OnStorageWiped() override;

 private:
+  using GetPermissionCallback = base::OnceCallback<void(bool)>;
+
  FRIEND_TEST_ALL_PREFIXES(BackgroundFetchServiceTest,
                           JobsInitializedOnBrowserRestart);
  friend class BackgroundFetchServiceTest;
@@ -259,6 +263,17 @@ class CONTENT_EXPORT BackgroundFetchContext
  // blink::mojom::kInvalidServiceWorkerRegistrationId.
  void AbandonFetches(int64_t service_worker_registration_id);

+  // Check if |origin| has permission to start a fetch.
+  // virtual for testing.
+  void GetPermissionForOrigin(const url::Origin& origin,
+                              RenderFrameHost* render_frame_host,
+                              GetPermissionCallback callback);
+
+  // Callback for GetPermissionForOrigin.
+  void DidGetPermission(base::OnceClosure permission_closure,
+                        const BackgroundFetchRegistrationId& registration_id,
+                        bool has_permission);
+
  // |this| is owned, indirectly, by the BrowserContext.
  BrowserContext* browser_context_;


--- a/content/browser/background_fetch/background_fetch_delegate_proxy.cc
+++ b/content/browser/background_fetch/background_fetch_delegate_proxy.cc
@@ -41,6 +41,29 @@ class BackgroundFetchDelegateProxy::Core
    return weak_ptr_factory_.GetWeakPtr();
  }

+  void ForwardGetPermissionForOriginCallbackToIO(
+      BackgroundFetchDelegate::GetPermissionForOriginCallback callback,
+      bool has_permission) {
+    DCHECK_CURRENTLY_ON(BrowserThread::UI);
+    BrowserThread::PostTask(
+        BrowserThread::IO, FROM_HERE,
+        base::BindOnce(std::move(callback), has_permission));
+  }
+
+  void GetPermissionForOrigin(
+      const url::Origin& origin,
+      const ResourceRequestInfo::WebContentsGetter& wc_getter,
+      BackgroundFetchDelegate::GetPermissionForOriginCallback callback) {
+    if (delegate_) {
+      delegate_->GetPermissionForOrigin(
+          origin, wc_getter,
+          base::BindOnce(&Core::ForwardGetPermissionForOriginCallbackToIO,
+                         weak_ptr_factory_.GetWeakPtr(), std::move(callback)));
+    } else {
+      std::move(callback).Run(false /* has_permission */);
+    }
+  }
+
  void ForwardGetIconDisplaySizeCallbackToIO(
      BackgroundFetchDelegate::GetIconDisplaySizeCallback callback,
      const gfx::Size& display_size) {
@@ -289,6 +312,17 @@ void BackgroundFetchDelegateProxy::GetIconDisplaySize(
                                         ui_core_ptr_, std::move(callback)));
 }

+void BackgroundFetchDelegateProxy::GetPermissionForOrigin(
+    const url::Origin& origin,
+    const ResourceRequestInfo::WebContentsGetter& wc_getter,
+    BackgroundFetchDelegate::GetPermissionForOriginCallback callback) {
+  DCHECK_CURRENTLY_ON(BrowserThread::IO);
+  BrowserThread::PostTask(
+      BrowserThread::UI, FROM_HERE,
+      base::BindOnce(&Core::GetPermissionForOrigin, ui_core_ptr_, origin,
+                     wc_getter, std::move(callback)));
+}
+
 void BackgroundFetchDelegateProxy::CreateDownloadJob(
    base::WeakPtr<Controller> controller,
    std::unique_ptr<BackgroundFetchDescription> fetch_description,

--- a/content/browser/background_fetch/background_fetch_delegate_proxy.h
+++ b/content/browser/background_fetch/background_fetch_delegate_proxy.h
@@ -66,6 +66,12 @@ class CONTENT_EXPORT BackgroundFetchDelegateProxy {
  void GetIconDisplaySize(
      BackgroundFetchDelegate::GetIconDisplaySizeCallback callback);

+  // Checks if the provided origin has permission to start a Background Fetch.
+  void GetPermissionForOrigin(
+      const url::Origin& origin,
+      const ResourceRequestInfo::WebContentsGetter& wc_getter,
+      BackgroundFetchDelegate::GetPermissionForOriginCallback callback);
+
  // Creates a new download grouping described by |fetch_description|. Further
  // downloads started by StartRequest will also use
  // |fetch_description.job_unique_id| so that a notification can be updated

--- a/content/browser/background_fetch/background_fetch_delegate_proxy_unittest.cc
+++ b/content/browser/background_fetch/background_fetch_delegate_proxy_unittest.cc
@@ -33,6 +33,12 @@ class FakeBackgroundFetchDelegate : public BackgroundFetchDelegate {
      BackgroundFetchDelegate::GetIconDisplaySizeCallback callback) override {
    std::move(callback).Run(gfx::Size(kIconDisplaySize, kIconDisplaySize));
  }
+  void GetPermissionForOrigin(
+      const url::Origin& origin,
+      const ResourceRequestInfo::WebContentsGetter& wc_getter,
+      GetPermissionForOriginCallback callback) override {
+    std::move(callback).Run(true /* has_permission */);
+  }
  void CreateDownloadJob(
      std::unique_ptr<BackgroundFetchDescription> fetch_description) override {}
  void DownloadUrl(const std::string& job_unique_id,

--- a/content/browser/background_fetch/background_fetch_service_impl.cc
+++ b/content/browser/background_fetch/background_fetch_service_impl.cc
@@ -16,7 +16,6 @@
 #include "content/browser/storage_partition_impl.h"
 #include "content/common/service_worker/service_worker_types.h"
 #include "content/public/browser/browser_thread.h"
-#include "content/public/browser/render_frame_host.h"
 #include "content/public/browser/render_process_host.h"
 #include "mojo/public/cpp/bindings/strong_binding.h"

@@ -91,7 +90,8 @@ BackgroundFetchServiceImpl::BackgroundFetchServiceImpl(
    url::Origin origin,
    RenderFrameHost* render_frame_host)
    : background_fetch_context_(std::move(background_fetch_context)),
-      origin_(std::move(origin)) {
+      origin_(std::move(origin)),
+      render_frame_host_(render_frame_host) {
  DCHECK(background_fetch_context_);
 }

@@ -123,7 +123,8 @@ void BackgroundFetchServiceImpl::Fetch(
                                                base::GenerateGUID());

  background_fetch_context_->StartFetch(registration_id, requests, options,
-                                        icon, std::move(callback));
+                                        icon, render_frame_host_,
+                                        std::move(callback));
 }

 void BackgroundFetchServiceImpl::GetIconDisplaySize(

--- a/content/browser/background_fetch/background_fetch_service_impl.h
+++ b/content/browser/background_fetch/background_fetch_service_impl.h
@@ -100,6 +100,8 @@ class CONTENT_EXPORT BackgroundFetchServiceImpl

  const url::Origin origin_;

+  RenderFrameHost* render_frame_host_;
+
  DISALLOW_COPY_AND_ASSIGN(BackgroundFetchServiceImpl);
 };


--- a/content/browser/background_fetch/mock_background_fetch_delegate.cc
+++ b/content/browser/background_fetch/mock_background_fetch_delegate.cc
@@ -6,6 +6,7 @@
 #include <vector>

 #include "base/files/file_util.h"
+#include "base/threading/sequenced_task_runner_handle.h"
 #include "base/threading/thread_task_runner_handle.h"
 #include "content/browser/background_fetch/mock_background_fetch_delegate.h"
 #include "content/public/browser/background_fetch_description.h"
@@ -56,6 +57,15 @@ MockBackgroundFetchDelegate::MockBackgroundFetchDelegate() {}

 MockBackgroundFetchDelegate::~MockBackgroundFetchDelegate() {}

+void MockBackgroundFetchDelegate::GetPermissionForOrigin(
+    const url::Origin& origin,
+    const ResourceRequestInfo::WebContentsGetter& wc_getter,
+    GetPermissionForOriginCallback callback) {
+  base::SequencedTaskRunnerHandle::Get()->PostTask(
+      FROM_HERE,
+      base::BindOnce(std::move(callback), true /* has_permission */));
+}
+
 void MockBackgroundFetchDelegate::GetIconDisplaySize(
    GetIconDisplaySizeCallback callback) {}


--- a/content/browser/background_fetch/mock_background_fetch_delegate.h
+++ b/content/browser/background_fetch/mock_background_fetch_delegate.h
@@ -65,6 +65,10 @@ class MockBackgroundFetchDelegate : public BackgroundFetchDelegate {
  ~MockBackgroundFetchDelegate() override;

  // BackgroundFetchDelegate implementation:
+  void GetPermissionForOrigin(
+      const url::Origin& origin,
+      const ResourceRequestInfo::WebContentsGetter& wc_getter,
+      GetPermissionForOriginCallback callback) override;
  void GetIconDisplaySize(
      BackgroundFetchDelegate::GetIconDisplaySizeCallback callback) override;
  void CreateDownloadJob(

--- a/content/public/browser/background_fetch_delegate.h
+++ b/content/public/browser/background_fetch_delegate.h
@@ -15,6 +15,7 @@
 #include "base/memory/weak_ptr.h"
 #include "base/optional.h"
 #include "content/common/content_export.h"
+#include "content/public/browser/resource_request_info.h"
 #include "third_party/skia/include/core/SkBitmap.h"

 class GURL;
@@ -28,6 +29,10 @@ class HttpRequestHeaders;
 struct NetworkTrafficAnnotationTag;
 }  // namespace net

+namespace url {
+class Origin;
+}  // namespace url
+
 namespace content {
 struct BackgroundFetchResponse;
 struct BackgroundFetchResult;
@@ -50,6 +55,7 @@ enum class BackgroundFetchReasonToAbort {
 class CONTENT_EXPORT BackgroundFetchDelegate {
 public:
  using GetIconDisplaySizeCallback = base::OnceCallback<void(const gfx::Size&)>;
+  using GetPermissionForOriginCallback = base::OnceCallback<void(bool)>;

  // Client interface that a BackgroundFetchDelegate would use to signal the
  // progress of a background fetch.
@@ -98,6 +104,13 @@ class CONTENT_EXPORT BackgroundFetchDelegate {
  // Gets size of the icon to display with the Background Fetch UI.
  virtual void GetIconDisplaySize(GetIconDisplaySizeCallback callback) = 0;

+  // Checks whether |origin| has permission to start a Background Fetch.
+  // |wc_getter| can be null, which means this is running from a worker context.
+  virtual void GetPermissionForOrigin(
+      const url::Origin& origin,
+      const ResourceRequestInfo::WebContentsGetter& wc_getter,
+      GetPermissionForOriginCallback callback) = 0;
+
  // Creates a new download grouping identified by |job_unique_id|. Further
  // downloads started by DownloadUrl will also use this |job_unique_id| so that
  // a notification can be updated with the current status. If the download was

--- a/content/shell/browser/layout_test/layout_test_background_fetch_delegate.cc
+++ b/content/shell/browser/layout_test/layout_test_background_fetch_delegate.cc
@@ -173,6 +173,14 @@ void LayoutTestBackgroundFetchDelegate::GetIconDisplaySize(
  std::move(callback).Run(gfx::Size(192, 192));
 }

+void LayoutTestBackgroundFetchDelegate::GetPermissionForOrigin(
+    const url::Origin& origin,
+    const ResourceRequestInfo::WebContentsGetter& wc_getter,
+    GetPermissionForOriginCallback callback) {
+  DCHECK_CURRENTLY_ON(BrowserThread::UI);
+  std::move(callback).Run(true /* has_permission */);
+}
+
 void LayoutTestBackgroundFetchDelegate::CreateDownloadJob(
    std::unique_ptr<BackgroundFetchDescription> fetch_description) {}


--- a/content/shell/browser/layout_test/layout_test_background_fetch_delegate.h
+++ b/content/shell/browser/layout_test/layout_test_background_fetch_delegate.h
@@ -27,6 +27,10 @@ class LayoutTestBackgroundFetchDelegate : public BackgroundFetchDelegate {

  // BackgroundFetchDelegate implementation:
  void GetIconDisplaySize(GetIconDisplaySizeCallback callback) override;
+  void GetPermissionForOrigin(
+      const url::Origin& origin,
+      const ResourceRequestInfo::WebContentsGetter& wc_getter,
+      GetPermissionForOriginCallback callback) override;
  void CreateDownloadJob(
      std::unique_ptr<BackgroundFetchDescription> fetch_description) override;
  void DownloadUrl(const std::string& job_unique_id,

--- a/third_party/blink/public/platform/modules/background_fetch/background_fetch.mojom
+++ b/third_party/blink/public/platform/modules/background_fetch/background_fetch.mojom
@@ -18,7 +18,8 @@ enum BackgroundFetchError {
  INVALID_ID,
  STORAGE_ERROR,
  SERVICE_WORKER_UNAVAILABLE,
-  QUOTA_EXCEEDED
+  QUOTA_EXCEEDED,
+  PERMISSION_DENIED
 };

 // Struct representing completed Background Fetch requests, along with their

--- a/third_party/blink/renderer/modules/background_fetch/background_fetch_manager.cc
+++ b/third_party/blink/renderer/modules/background_fetch/background_fetch_manager.cc
@@ -330,6 +330,11 @@ void BackgroundFetchManager::DidFetch(
          script_state->GetIsolate(),
          "There already is a registration for the given id."));
      return;
+    case mojom::blink::BackgroundFetchError::PERMISSION_DENIED:
+      resolver->Reject(V8ThrowException::CreateTypeError(
+          script_state->GetIsolate(),
+          "This origin does not have permission to start a fetch."));
+      return;
    case mojom::blink::BackgroundFetchError::STORAGE_ERROR:
      DCHECK(!registration);
      resolver->Reject(V8ThrowException::CreateTypeError(
@@ -468,6 +473,7 @@ void BackgroundFetchManager::DidGetRegistration(
      return;
    case mojom::blink::BackgroundFetchError::DUPLICATED_DEVELOPER_ID:
    case mojom::blink::BackgroundFetchError::INVALID_ARGUMENT:
+    case mojom::blink::BackgroundFetchError::PERMISSION_DENIED:
    case mojom::blink::BackgroundFetchError::QUOTA_EXCEEDED:
      // Not applicable for this callback.
      break;
@@ -517,6 +523,7 @@ void BackgroundFetchManager::DidGetDeveloperIds(
    case mojom::blink::BackgroundFetchError::DUPLICATED_DEVELOPER_ID:
    case mojom::blink::BackgroundFetchError::INVALID_ARGUMENT:
    case mojom::blink::BackgroundFetchError::INVALID_ID:
+    case mojom::blink::BackgroundFetchError::PERMISSION_DENIED:
    case mojom::blink::BackgroundFetchError::SERVICE_WORKER_UNAVAILABLE:
    case mojom::blink::BackgroundFetchError::QUOTA_EXCEEDED:
      // Not applicable for this callback.

--- a/third_party/blink/renderer/modules/background_fetch/background_fetch_registration.cc
+++ b/third_party/blink/renderer/modules/background_fetch/background_fetch_registration.cc
@@ -226,6 +226,7 @@ void BackgroundFetchRegistration::DidAbort(
    case mojom::blink::BackgroundFetchError::SERVICE_WORKER_UNAVAILABLE:
    case mojom::blink::BackgroundFetchError::DUPLICATED_DEVELOPER_ID:
    case mojom::blink::BackgroundFetchError::INVALID_ARGUMENT:
+    case mojom::blink::BackgroundFetchError::PERMISSION_DENIED:
    case mojom::blink::BackgroundFetchError::QUOTA_EXCEEDED:
      // Not applicable for this callback.
      break;

--- a/third_party/blink/renderer/modules/background_fetch/background_fetch_update_ui_event.cc
+++ b/third_party/blink/renderer/modules/background_fetch/background_fetch_update_ui_event.cc
@@ -113,6 +113,7 @@ void BackgroundFetchUpdateUIEvent::DidUpdateUI(
    case mojom::blink::BackgroundFetchError::DUPLICATED_DEVELOPER_ID:
    case mojom::blink::BackgroundFetchError::INVALID_ARGUMENT:
    case mojom::blink::BackgroundFetchError::SERVICE_WORKER_UNAVAILABLE:
+    case mojom::blink::BackgroundFetchError::PERMISSION_DENIED:
    case mojom::blink::BackgroundFetchError::QUOTA_EXCEEDED:
      // Not applicable for this callback.
      break;

--- a/tools/metrics/histograms/enums.xml
+++ b/tools/metrics/histograms/enums.xml
@@ -3096,6 +3096,9 @@ uploading your change for review.  These are checked by presubmit scripts.
  <int value="2" label="Invalid argument"/>
  <int value="3" label="Invalid ID"/>
  <int value="4" label="Storage error"/>
+  <int value="5" label="Service Worker unavailable"/>
+  <int value="6" label="Quota exceeded"/>
+  <int value="7" label="Permission denied"/>
 </enum>

 <enum name="BackgroundFetchEventDispatchResult">