ContentSettings: Prefer allowlist.

Replace all uses of whitelist with allowlist in ContentSettings code. Bug: 842296 Change-Id: I51442289ad63651313515ab3e2db76e2bc2dfe06 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2439554Reviewed-by: Christian Dullweber <dullweber@chromium.org> Reviewed-by: Scott Violet <sky@chromium.org> Commit-Queue: Darwin Huang <huangdarwin@chromium.org> Cr-Commit-Position: refs/heads/master@{#812949}

ContentSettings: Prefer allowlist.
Replace all uses of whitelist with allowlist in ContentSettings code. Bug: 842296 Change-Id: I51442289ad63651313515ab3e2db76e2bc2dfe06 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2439554Reviewed-by: Christian Dullweber <dullweber@chromium.org> Reviewed-by: Scott Violet <sky@chromium.org> Commit-Queue: Darwin Huang <huangdarwin@chromium.org> Cr-Commit-Position: refs/heads/master@{#812949}
ff585652 · Darwin Huang · Commit Bot · f9b59f38 · ff585652 · ff585652
Commit ff585652 authored Oct 01, 2020 by Darwin Huang Committed by Commit Bot Oct 01, 2020
15 changed files
--- a/chrome/browser/plugins/plugin_info_host_impl_unittest.cc
+++ b/chrome/browser/plugins/plugin_info_host_impl_unittest.cc
@@ -309,7 +309,7 @@ TEST_F(PluginInfoHostImplTest, RunAllFlashInAllowMode) {
  EXPECT_THAT(status, Eq(chrome::mojom::PluginStatus::kAllowed));
 }
-TEST_F(PluginInfoHostImplTest, PluginsOnlyAllowedInWhitelistedSchemes) {
+TEST_F(PluginInfoHostImplTest, PluginsOnlyAllowedInAllowlistedSchemes) {
  host_content_settings_map()->SetDefaultContentSetting(
      ContentSettingsType::PLUGINS, CONTENT_SETTING_DETECT_IMPORTANT_CONTENT);

--- a/chrome/browser/ui/webui/settings/site_settings_handler.cc
+++ b/chrome/browser/ui/webui/settings/site_settings_handler.cc
@@ -292,7 +292,7 @@ bool IsPatternValidForType(const std::string& pattern_string,
  // Don't allow patterns for WebUI schemes, even though it's a valid pattern.
  // WebUI permissions are controlled by ContentSettingsRegistry
-  // WhitelistedSchemes and WebUIAllowlist. Users shouldn't be able to grant
+  // AllowlistedSchemes and WebUIAllowlist. Users shouldn't be able to grant
  // extra permissions or revoke existing permissions.
  if (pattern.GetScheme() == ContentSettingsPattern::SCHEME_CHROME ||
      pattern.GetScheme() == ContentSettingsPattern::SCHEME_CHROMEUNTRUSTED ||

--- a/chrome/renderer/chrome_content_settings_agent_delegate.cc
+++ b/chrome/renderer/chrome_content_settings_agent_delegate.cc
@@ -57,7 +57,7 @@ bool ChromeContentSettingsAgentDelegate::IsPluginTemporarilyAllowed(
         base::Contains(temporarily_allowed_plugins_, std::string());
 }
-bool ChromeContentSettingsAgentDelegate::IsSchemeWhitelisted(
+bool ChromeContentSettingsAgentDelegate::IsSchemeAllowlisted(
    const std::string& scheme) {
 #if BUILDFLAG(ENABLE_EXTENSIONS)
  return scheme == extensions::kExtensionScheme;

--- a/chrome/renderer/chrome_content_settings_agent_delegate.h
+++ b/chrome/renderer/chrome_content_settings_agent_delegate.h
@@ -34,7 +34,7 @@ class ChromeContentSettingsAgentDelegate
  bool IsPluginTemporarilyAllowed(const std::string& identifier);
  // content_settings::ContentSettingsAgentImpl::Delegate:
-  bool IsSchemeWhitelisted(const std::string& scheme) override;
+  bool IsSchemeAllowlisted(const std::string& scheme) override;
  base::Optional<bool> AllowReadFromClipboard() override;
  base::Optional<bool> AllowWriteToClipboard() override;
  base::Optional<bool> AllowMutationEvents() override;

--- a/components/content_settings/core/browser/content_settings_info.cc
+++ b/components/content_settings/core/browser/content_settings_info.cc
@@ -12,13 +12,13 @@ namespace content_settings {
 ContentSettingsInfo::ContentSettingsInfo(
    const WebsiteSettingsInfo* website_settings_info,
-    const std::vector<std::string>& whitelisted_schemes,
+    const std::vector<std::string>& allowlisted_schemes,
    const std::set<ContentSetting>& valid_settings,
    IncognitoBehavior incognito_behavior,
    StorageBehavior storage_behavior,
    OriginRestriction origin_restriction)
    : website_settings_info_(website_settings_info),
-      whitelisted_schemes_(whitelisted_schemes),
+      allowlisted_schemes_(allowlisted_schemes),
      valid_settings_(valid_settings),
      incognito_behavior_(incognito_behavior),
      storage_behavior_(storage_behavior),

--- a/components/content_settings/core/browser/content_settings_info.h
+++ b/components/content_settings/core/browser/content_settings_info.h
@@ -50,7 +50,7 @@ class ContentSettingsInfo {
  // This object does not take ownership of |website_settings_info|.
  ContentSettingsInfo(const WebsiteSettingsInfo* website_settings_info,
-                      const std::vector<std::string>& whitelisted_schemes,
+                      const std::vector<std::string>& allowlisted_schemes,
                      const std::set<ContentSetting>& valid_settings,
                      IncognitoBehavior incognito_behavior,
                      StorageBehavior storage_behavior,
@@ -60,8 +60,8 @@ class ContentSettingsInfo {
  const WebsiteSettingsInfo* website_settings_info() const {
    return website_settings_info_;
  }
-  const std::vector<std::string>& whitelisted_schemes() const {
+  const std::vector<std::string>& allowlisted_schemes() const {
-    return whitelisted_schemes_;
+    return allowlisted_schemes_;
  }
  // Gets the original default setting for a particular content type.
@@ -76,7 +76,7 @@ class ContentSettingsInfo {
 private:
  const WebsiteSettingsInfo* website_settings_info_;
-  const std::vector<std::string> whitelisted_schemes_;
+  const std::vector<std::string> allowlisted_schemes_;
  const std::set<ContentSetting> valid_settings_;
  const IncognitoBehavior incognito_behavior_;
  const StorageBehavior storage_behavior_;

--- a/components/content_settings/core/browser/content_settings_registry.cc
+++ b/components/content_settings/core/browser/content_settings_registry.cc
--- a/components/content_settings/core/browser/content_settings_registry.h
+++ b/components/content_settings/core/browser/content_settings_registry.h
@@ -62,7 +62,7 @@ class ContentSettingsRegistry {
                const std::string& name,
                ContentSetting initial_default_value,
                WebsiteSettingsInfo::SyncStatus sync_status,
-                const std::vector<std::string>& whitelisted_schemes,
+                const std::vector<std::string>& allowlisted_schemes,
                const std::set<ContentSetting>& valid_settings,
                WebsiteSettingsInfo::ScopingType scoping_type,
                Platforms platforms,

--- a/components/content_settings/core/browser/content_settings_registry_unittest.cc
+++ b/components/content_settings/core/browser/content_settings_registry_unittest.cc
@@ -68,7 +68,7 @@ TEST_F(ContentSettingsRegistryTest, Properties) {
      registry()->Get(ContentSettingsType::COOKIES);
  ASSERT_TRUE(info);
-  EXPECT_THAT(info->whitelisted_schemes(), ElementsAre("chrome", "devtools"));
+  EXPECT_THAT(info->allowlisted_schemes(), ElementsAre("chrome", "devtools"));
  // Check the other properties are populated correctly.
  EXPECT_TRUE(info->IsSettingValid(CONTENT_SETTING_SESSION_ONLY));

--- a/components/content_settings/core/browser/cookie_settings_unittest.cc
+++ b/components/content_settings/core/browser/cookie_settings_unittest.cc
@@ -149,7 +149,7 @@ class CookieSettingsTest : public testing::Test {
  base::test::ScopedFeatureList feature_list_;
 };
-TEST_F(CookieSettingsTest, TestWhitelistedScheme) {
+TEST_F(CookieSettingsTest, TestAllowlistedScheme) {
  cookie_settings_->SetDefaultCookieSetting(CONTENT_SETTING_BLOCK);
  EXPECT_FALSE(cookie_settings_->IsCookieAccessAllowed(kHttpSite, kChromeURL));
  EXPECT_TRUE(cookie_settings_->IsCookieAccessAllowed(kHttpsSite, kChromeURL));

--- a/components/content_settings/core/browser/host_content_settings_map.cc
+++ b/components/content_settings/core/browser/host_content_settings_map.cc
@@ -107,7 +107,7 @@ bool SupportsResourceIdentifier(ContentSettingsType content_type) {
  return content_type == ContentSettingsType::PLUGINS;
 }
-bool SchemeCanBeWhitelisted(const std::string& scheme) {
+bool SchemeCanBeAllowlisted(const std::string& scheme) {
  return scheme == content_settings::kChromeDevToolsScheme ||
         scheme == content_settings::kExtensionScheme ||
         scheme == content_settings::kChromeUIScheme;
@@ -895,7 +895,7 @@ std::unique_ptr<base::Value> HostContentSettingsMap::GetWebsiteSetting(
  DCHECK(SupportsResourceIdentifier(content_type) ||
         resource_identifier.empty());
-  // Check if the requested setting is whitelisted.
+  // Check if the requested setting is allowlisted.
  // TODO(raymes): Move this into GetContentSetting. This has nothing to do with
  // website settings
  const content_settings::ContentSettingsInfo* content_settings_info =
@@ -903,8 +903,8 @@ std::unique_ptr<base::Value> HostContentSettingsMap::GetWebsiteSetting(
          content_type);
  if (content_settings_info) {
    for (const std::string& scheme :
-         content_settings_info->whitelisted_schemes()) {
+         content_settings_info->allowlisted_schemes()) {
-      DCHECK(SchemeCanBeWhitelisted(scheme));
+      DCHECK(SchemeCanBeAllowlisted(scheme));
      if (primary_url.SchemeIs(scheme)) {
        if (info) {

--- a/components/content_settings/core/browser/host_content_settings_map.h
+++ b/components/content_settings/core/browser/host_content_settings_map.h
@@ -107,7 +107,7 @@ class HostContentSettingsMap : public content_settings::Observer,
                                          std::string* provider_id) const;
  // Returns a single |ContentSetting| which applies to the given URLs.  Note
-  // that certain internal schemes are whitelisted. For |CONTENT_TYPE_COOKIES|,
+  // that certain internal schemes are allowlisted. For |CONTENT_TYPE_COOKIES|,
  // |CookieSettings| should be used instead. For content types that can't be
  // converted to a |ContentSetting|, |GetContentSettingValue| should be called.
  // If there is no content setting, returns CONTENT_SETTING_DEFAULT.
@@ -132,7 +132,7 @@ class HostContentSettingsMap : public content_settings::Observer,
  // source of the returned |Value| (POLICY, EXTENSION, USER, ...) and the
  // |primary_pattern| and the |secondary_pattern| fields of |info| are set to
  // the patterns of the applying rule.  Note that certain internal schemes are
-  // whitelisted. For whitelisted schemes the |source| field of |info| is set
+  // allowlisted. For allowlisted schemes the |source| field of |info| is set
  // the |SETTING_SOURCE_ALLOWLIST| and the |primary_pattern| and
  // |secondary_pattern| are set to a wildcard pattern.  If there is no content
  // setting, NULL is returned and the |source| field of |info| is set to

--- a/components/content_settings/renderer/content_settings_agent_impl.cc
+++ b/components/content_settings/renderer/content_settings_agent_impl.cc
@@ -76,7 +76,7 @@ bool IsFrameWithOpaqueOrigin(WebFrame* frame) {
 ContentSettingsAgentImpl::Delegate::~Delegate() = default;
-bool ContentSettingsAgentImpl::Delegate::IsSchemeWhitelisted(
+bool ContentSettingsAgentImpl::Delegate::IsSchemeAllowlisted(
    const std::string& scheme) {
  return false;
 }
@@ -100,12 +100,12 @@ void ContentSettingsAgentImpl::Delegate::PassiveInsecureContentFound(
 ContentSettingsAgentImpl::ContentSettingsAgentImpl(
    content::RenderFrame* render_frame,
-    bool should_whitelist,
+    bool should_allowlist,
    std::unique_ptr<Delegate> delegate)
    : content::RenderFrameObserver(render_frame),
      content::RenderFrameObserverTracker<ContentSettingsAgentImpl>(
          render_frame),
-      should_whitelist_(should_whitelist),
+      should_allowlist_(should_allowlist),
      delegate_(std::move(delegate)) {
  DCHECK(delegate_);
  ClearBlockedContentSettings();
@@ -337,7 +337,7 @@ bool ContentSettingsAgentImpl::AllowImage(bool enabled_per_settings,
    if (is_interstitial_page_)
      return true;
-    if (IsWhitelistedForContentSettings())
+    if (IsAllowlistedForContentSettings())
      return true;
    if (content_setting_rules_) {
@@ -365,7 +365,7 @@ bool ContentSettingsAgentImpl::AllowScript(bool enabled_per_settings) {
    return it->second;
  // Evaluate the content setting rules before
-  // IsWhitelistedForContentSettings(); if there is only the default rule
+  // IsAllowlistedForContentSettings(); if there is only the default rule
  // allowing all scripts, it's quicker this way.
  bool allow = true;
  if (content_setting_rules_) {
@@ -374,7 +374,7 @@ bool ContentSettingsAgentImpl::AllowScript(bool enabled_per_settings) {
        url::Origin(frame->GetDocument().GetSecurityOrigin()).GetURL());
    allow = setting != CONTENT_SETTING_BLOCK;
  }
-  allow = allow || IsWhitelistedForContentSettings();
+  allow = allow || IsAllowlistedForContentSettings();
  cached_script_permissions_[frame] = allow;
  return allow;
@@ -397,7 +397,7 @@ bool ContentSettingsAgentImpl::AllowScriptFromSource(
                                   render_frame()->GetWebFrame(), script_url);
    allow = setting != CONTENT_SETTING_BLOCK;
  }
-  return allow || IsWhitelistedForContentSettings();
+  return allow || IsAllowlistedForContentSettings();
 }
 bool ContentSettingsAgentImpl::AllowReadFromClipboard(bool default_value) {
@@ -471,11 +471,11 @@ void ContentSettingsAgentImpl::ClearBlockedContentSettings() {
  cached_script_permissions_.clear();
 }
-bool ContentSettingsAgentImpl::IsWhitelistedForContentSettings() const {
+bool ContentSettingsAgentImpl::IsAllowlistedForContentSettings() const {
-  if (should_whitelist_)
+  if (should_allowlist_)
    return true;
-  // Whitelist ftp directory listings, as they require JavaScript to function
+  // Allowlist ftp directory listings, as they require JavaScript to function
  // properly.
  if (render_frame()->IsFTPDirectoryListing())
    return true;
@@ -497,7 +497,7 @@ bool ContentSettingsAgentImpl::IsWhitelistedForContentSettings() const {
  if (protocol == content::kChromeDevToolsScheme)
    return true;  // DevTools UI elements should still work.
-  if (delegate_->IsSchemeWhitelisted(protocol.Utf8()))
+  if (delegate_->IsSchemeAllowlisted(protocol.Utf8()))
    return true;
  // If the scheme is file:, an empty file name indicates a directory listing,

--- a/components/content_settings/renderer/content_settings_agent_impl.h
+++ b/components/content_settings/renderer/content_settings_agent_impl.h
@@ -47,8 +47,8 @@ class ContentSettingsAgentImpl
   public:
    virtual ~Delegate();
-    // Return true if this scheme should be whitelisted for content settings.
+    // Return true if this scheme should be allowlisted for content settings.
-    virtual bool IsSchemeWhitelisted(const std::string& scheme);
+    virtual bool IsSchemeAllowlisted(const std::string& scheme);
    // Allows the delegate to override logic for various
    // blink::WebContentSettingsClient methods. If an optional value is
@@ -59,10 +59,10 @@ class ContentSettingsAgentImpl
    virtual void PassiveInsecureContentFound(const blink::WebURL& resource_url);
  };
-  // Set |should_whitelist| to true if |render_frame()| contains content that
+  // Set |should_allowlist| to true if |render_frame()| contains content that
-  // should be whitelisted for content settings.
+  // should be allowlisted for content settings.
  ContentSettingsAgentImpl(content::RenderFrame* render_frame,
-                           bool should_whitelist,
+                           bool should_allowlist,
                           std::unique_ptr<Delegate> delegate);
  ~ContentSettingsAgentImpl() override;
@@ -122,7 +122,7 @@ class ContentSettingsAgentImpl
 private:
  FRIEND_TEST_ALL_PREFIXES(ContentSettingsAgentImplBrowserTest,
-                           WhitelistedSchemes);
+                           AllowlistedSchemes);
  FRIEND_TEST_ALL_PREFIXES(ContentSettingsAgentImplBrowserTest,
                           ContentSettingsInterstitialPages);
@@ -142,9 +142,9 @@ class ContentSettingsAgentImpl
  void ClearBlockedContentSettings();
  // Helpers.
-  // True if |render_frame()| contains content that is white-listed for content
+  // True if |render_frame()| contains content that is allowlisted for content
  // settings.
-  bool IsWhitelistedForContentSettings() const;
+  bool IsAllowlistedForContentSettings() const;
  // A getter for |content_settings_manager_| that ensures it is bound.
  mojom::ContentSettingsManager& GetContentSettingsManager();
@@ -173,8 +173,8 @@ class ContentSettingsAgentImpl
  bool is_interstitial_page_ = false;
  bool mixed_content_autoupgrades_disabled_ = false;
-  // If true, IsWhitelistedForContentSettings will always return true.
+  // If true, IsAllowlistedForContentSettings will always return true.
-  const bool should_whitelist_;
+  const bool should_allowlist_;
  std::unique_ptr<Delegate> delegate_;

--- a/components/content_settings/renderer/content_settings_agent_impl_browsertest.cc
+++ b/components/content_settings/renderer/content_settings_agent_impl_browsertest.cc
@@ -27,7 +27,7 @@
 namespace content_settings {
 namespace {
-constexpr char kWhitelistScheme[] = "foo";
+constexpr char kAllowlistScheme[] = "foo";
 constexpr char kEndUrl[] = ":something";
 constexpr char kScriptHtml[] = R"HTML(
@@ -86,8 +86,8 @@ class MockContentSettingsManagerImpl : public mojom::ContentSettingsManager {
 class MockContentSettingsAgentDelegate
    : public ContentSettingsAgentImpl::Delegate {
 public:
-  bool IsSchemeWhitelisted(const std::string& scheme) override {
+  bool IsSchemeAllowlisted(const std::string& scheme) override {
-    return scheme == kWhitelistScheme;
+    return scheme == kAllowlistScheme;
  }
 };
@@ -182,32 +182,32 @@ class ContentSettingsAgentImplBrowserTest : public content::RenderViewTest {
  }
 };
-TEST_F(ContentSettingsAgentImplBrowserTest, WhitelistedSchemes) {
+TEST_F(ContentSettingsAgentImplBrowserTest, AllowlistedSchemes) {
  url::ScopedSchemeRegistryForTests scoped_registry;
-  url::AddStandardScheme(kWhitelistScheme, url::SCHEME_WITH_HOST);
+  url::AddStandardScheme(kAllowlistScheme, url::SCHEME_WITH_HOST);
  MockContentSettingsAgentImpl mock_agent(view_->GetMainRenderFrame());
  GURL chrome_ui_url =
      GURL(std::string(content::kChromeUIScheme).append(kEndUrl));
  LoadHTMLWithUrlOverride("<html></html>", chrome_ui_url.spec().c_str());
-  EXPECT_TRUE(mock_agent.IsWhitelistedForContentSettings());
+  EXPECT_TRUE(mock_agent.IsAllowlistedForContentSettings());
  GURL chrome_dev_tools_url =
      GURL(std::string(content::kChromeDevToolsScheme).append(kEndUrl));
  LoadHTMLWithUrlOverride("<html></html>", chrome_dev_tools_url.spec().c_str());
-  EXPECT_TRUE(mock_agent.IsWhitelistedForContentSettings());
+  EXPECT_TRUE(mock_agent.IsAllowlistedForContentSettings());
-  GURL whitelist_url = GURL(std::string(kWhitelistScheme).append(kEndUrl));
+  GURL allowlist_url = GURL(std::string(kAllowlistScheme).append(kEndUrl));
-  LoadHTMLWithUrlOverride("<html></html>", whitelist_url.spec().c_str());
+  LoadHTMLWithUrlOverride("<html></html>", allowlist_url.spec().c_str());
-  EXPECT_TRUE(mock_agent.IsWhitelistedForContentSettings());
+  EXPECT_TRUE(mock_agent.IsAllowlistedForContentSettings());
  LoadHTMLWithUrlOverride("<html></html>", "file:///dir/");
-  EXPECT_TRUE(mock_agent.IsWhitelistedForContentSettings());
+  EXPECT_TRUE(mock_agent.IsAllowlistedForContentSettings());
  LoadHTMLWithUrlOverride("<html></html>", "file:///dir/file");
-  EXPECT_FALSE(mock_agent.IsWhitelistedForContentSettings());
+  EXPECT_FALSE(mock_agent.IsAllowlistedForContentSettings());
  LoadHTMLWithUrlOverride("<html></html>", "http://server.com/path");
-  EXPECT_FALSE(mock_agent.IsWhitelistedForContentSettings());
+  EXPECT_FALSE(mock_agent.IsAllowlistedForContentSettings());
 }
 TEST_F(ContentSettingsAgentImplBrowserTest, DidBlockContentType) {