Cleanup whitelist for screen capture access in getUserMedia()

1. Removed Google+ domains from the whitelist. 2. Chromecast extension ID is no longer hashed. 3. Deduped list of Chromecast extesions. R=jiayl@chromium.org, mfoltz@chromium.org Review URL: https://codereview.chromium.org/255553007 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@266715 0039d316-1c4b-4281-b951-d872f2087c98

Cleanup whitelist for screen capture access in getUserMedia()
1. Removed Google+ domains from the whitelist. 2. Chromecast extension ID is no longer hashed. 3. Deduped list of Chromecast extesions. R=jiayl@chromium.org, mfoltz@chromium.org Review URL: https://codereview.chromium.org/255553007 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@266715 0039d316-1c4b-4281-b951-d872f2087c98
fba9a6a6 · sergeyu@chromium.org · 9bf41e31 · fba9a6a6
Commit fba9a6a6 authored Apr 29, 2014 by sergeyu@chromium.org
Hide whitespace changes
Inline Side-by-side

Showing with 15 additions and 43 deletions

chrome/browser/media/media_capture_devices_dispatcher.cc chrome/browser/media/media_capture_devices_dispatcher.cc +15 -43

No files found.
--- a/chrome/browser/media/media_capture_devices_dispatcher.cc
+++ b/chrome/browser/media/media_capture_devices_dispatcher.cc
@@ -94,60 +94,31 @@ bool IsMediaRequestWhitelistedForExtension(
      extension->id() == "nnckehldicaciogcbchegobnafnjkcne";
 }
-// This is a short-term solution to allow testing of the the Screen Capture API
+bool IsBuiltInExtension(const GURL& origin) {
-// with Google Hangouts in M27.
-// TODO(sergeyu): Remove this whitelist as soon as possible.
-bool IsOriginWhitelistedForScreenCapture(const GURL& origin) {
-#if defined(OFFICIAL_BUILD)
-  if (// Google Hangouts.
-      (origin.SchemeIs("https") &&
-       EndsWith(origin.spec(), ".talkgadget.google.com/", true)) ||
-      origin.spec() == "https://talkgadget.google.com/" ||
-      origin.spec() == "https://plus.google.com/" ||
-      origin.spec() == "chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm/" ||
-      origin.spec() == "chrome-extension://fmfcbgogabcbclcofgocippekhfcmgfj/" ||
-      origin.spec() == "chrome-extension://hfaagokkkhdbgiakmmlclaapfelnkoah/" ||
-      origin.spec() == "chrome-extension://boadgeojelhgndaghljhdicfkmllpafd/" ||
-      origin.spec() == "chrome-extension://gfdkimpbcpahaombhbimeihdjnejgicl/") {
-    return true;
-  }
-  // Check against hashed origins.
-  // TODO(hshi): remove this when trusted tester becomes public.
-  const std::string origin_hash = base::SHA1HashString(origin.spec());
-  DCHECK_EQ(origin_hash.length(), base::kSHA1Length);
-  const std::string hexencoded_origin_hash =
-      base::HexEncode(origin_hash.data(), origin_hash.length());
  return
-      hexencoded_origin_hash == "3C2705BC432E7C51CA8553FDC5BEE873FF2468EE";
+      // Feedback Extension.
-#else
+      origin.spec() == "chrome-extension://gfdkimpbcpahaombhbimeihdjnejgicl/";
-  return false;
-#endif
 }
-#if defined(OS_CHROMEOS)
 // Returns true of the security origin is associated with casting.
 bool IsOriginForCasting(const GURL& origin) {
 #if defined(OFFICIAL_BUILD)
  // Whitelisted tab casting extensions.
-  if (origin.spec() == "chrome-extension://pkedcjkdefgpdelpbcmbmeomcjbeemfm/" ||
-      origin.spec() == "chrome-extension://fmfcbgogabcbclcofgocippekhfcmgfj/" ||
-      origin.spec() == "chrome-extension://hfaagokkkhdbgiakmmlclaapfelnkoah/" ||
-      origin.spec() == "chrome-extension://boadgeojelhgndaghljhdicfkmllpafd/") {
-    return true;
-  }
-  // Check against hashed origins.
-  // TODO(hshi): remove this when trusted tester becomes public.
-  const std::string origin_hash = base::SHA1HashString(origin.spec());
-  DCHECK_EQ(origin_hash.length(), base::kSHA1Length);
-  const std::string hexencoded_origin_hash =
-      base::HexEncode(origin_hash.data(), origin_hash.length());
  return
-      hexencoded_origin_hash == "3C2705BC432E7C51CA8553FDC5BEE873FF2468EE";
+      // Dev
+      origin.spec() == "chrome-extension://enhhojjnijigcajfphajepfemndkmdlo/" ||
+      // Canary
+      origin.spec() == "chrome-extension://hfaagokkkhdbgiakmmlclaapfelnkoah/" ||
+      // Beta (internal)
+      origin.spec() == "chrome-extension://fmfcbgogabcbclcofgocippekhfcmgfj/" ||
+      // Google Cast Beta
+      origin.spec() == "chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm/" ||
+      // Google Cast Stable
+      origin.spec() == "chrome-extension://boadgeojelhgndaghljhdicfkmllpafd/";
 #else
  return false;
 #endif
 }
-#endif
 // Helper to get title of the calling application shown in the screen capture
 // notification.
@@ -462,7 +433,8 @@ void MediaCaptureDevicesDispatcher::ProcessScreenCaptureAccessRequest(
  const bool screen_capture_enabled =
      CommandLine::ForCurrentProcess()->HasSwitch(
          switches::kEnableUserMediaScreenCapturing) ||
-      IsOriginWhitelistedForScreenCapture(request.security_origin);
+      IsOriginForCasting(request.security_origin) ||
+      IsBuiltInExtension(request.security_origin);
  const bool origin_is_secure =
      request.security_origin.SchemeIsSecure() ||