Skip to content
Permalink
Browse files
[MediaStream] Don't request user permission for a device if it has al…
…ready been granted in the current browsing context

https://bugs.webkit.org/show_bug.cgi?id=164760
Source/WebKit2:

<rdar://problem/29261266>

Reviewed by Youenn Fablet.

* UIProcess/UserMediaPermissionRequestManagerProxy.cpp:
(WebKit::FrameAuthorizationState::FrameAuthorizationState):
(WebKit::FrameAuthorizationState::hasPermissionToUseCaptureDevice):
(WebKit::FrameAuthorizationState::setHasPermissionToUseCaptureDevice):
(WebKit::FrameAuthorizationState::reset):
(WebKit::FrameAuthorizationState::securityOriginsAreEqual):
(WebKit::UserMediaPermissionRequestManagerProxy::stateForRequest):
(WebKit::UserMediaPermissionRequestManagerProxy::invalidateRequests):
(WebKit::UserMediaPermissionRequestManagerProxy::createRequest):
(WebKit::UserMediaPermissionRequestManagerProxy::userMediaAccessWasDenied):
(WebKit::UserMediaPermissionRequestManagerProxy::userMediaAccessWasGranted):
(WebKit::UserMediaPermissionRequestManagerProxy::requestUserMediaPermissionForFrame):
* UIProcess/UserMediaPermissionRequestManagerProxy.h:
(WebKit::FrameAuthorizationState::~FrameAuthorizationState):
(WebKit::FrameAuthorizationState::frameID):
* UIProcess/UserMediaPermissionRequestProxy.cpp:
(WebKit::UserMediaPermissionRequestProxy::UserMediaPermissionRequestProxy):
* UIProcess/UserMediaPermissionRequestProxy.h:
(WebKit::UserMediaPermissionRequestProxy::create):
(WebKit::UserMediaPermissionRequestProxy::frameID):
(WebKit::UserMediaPermissionRequestProxy::userMediaDocumentSecurityOrigin):
(WebKit::UserMediaPermissionRequestProxy::topLevelDocumentSecurityOrigin):
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::didCommitLoadForFrame):
* WebProcess/MediaStream/UserMediaPermissionRequestManager.cpp:
(WebKit::UserMediaPermissionRequestManager::removeMediaRequestFromMaps):

Tools:

<rdar://problem/29261266>

Reviewed by Youenn Fablet.

Allow scripts to determine the number of times the user has been prompted for capture device access.

* WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl:
* WebKitTestRunner/InjectedBundle/InjectedBundle.cpp:
(WTR::InjectedBundle::setUserMediaPersistentPermissionForOrigin):
(WTR::InjectedBundle::userMediaPermissionRequestCountForOrigin):
(WTR::InjectedBundle::resetUserMediaPermissionRequestCountForOrigin):
(WTR::InjectedBundle::setUserMediaPermissionForOrigin): Deleted.
* WebKitTestRunner/InjectedBundle/InjectedBundle.h:
* WebKitTestRunner/InjectedBundle/TestRunner.cpp:
(WTR::TestRunner::setUserMediaPersistentPermissionForOrigin):
(WTR::TestRunner::userMediaPermissionRequestCountForOrigin):
(WTR::TestRunner::resetUserMediaPermissionRequestCountForOrigin):
(WTR::TestRunner::setUserMediaPermissionForOrigin): Deleted.
* WebKitTestRunner/InjectedBundle/TestRunner.h:
* WebKitTestRunner/TestController.cpp:
(WTR::TestController::resetStateToConsistentValues):
(WTR::OriginSettings::incrementRequestCount):
(WTR::OriginSettings::resetRequestCount):
(WTR::OriginSettings::requestCount):
(WTR::TestController::saltForOrigin):
(WTR::TestController::setUserMediaPersistentPermissionForOrigin):
(WTR::TestController::handleCheckOfUserMediaPermissionForOrigin):
(WTR::TestController::settingsForOrigin):
(WTR::TestController::userMediaPermissionRequestCountForOrigin):
(WTR::TestController::resetUserMediaPermissionRequestCountForOrigin):
(WTR::TestController::decidePolicyForUserMediaPermissionRequestIfPossible):
(WTR::TestController::setUserMediaPermissionForOrigin): Deleted.
* WebKitTestRunner/TestController.h:
* WebKitTestRunner/TestInvocation.cpp:
(WTR::TestInvocation::didReceiveMessageFromInjectedBundle):
(WTR::TestInvocation::didReceiveSynchronousMessageFromInjectedBundle):

LayoutTests:

Reviewed by Youenn Fablet.

* fast/mediastream/MediaDevices-getUserMedia-expected.txt:
* fast/mediastream/MediaDevices-getUserMedia.html:


Canonical link: https://commits.webkit.org/182714@main
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209008 268f45cc-cd09-0410-ab3c-d52691b4dbfc
  • Loading branch information
eric-carlson committed Nov 28, 2016
1 parent 5838e9a commit bd001aa2fbf9bb158d8203c8540822c569b1c5f9
@@ -1,3 +1,13 @@
2016-11-28 Eric Carlson <eric.carlson@apple.com>

[MediaStream] Don't request user permission for a device if it has already been granted in the current browsing context
https://bugs.webkit.org/show_bug.cgi?id=164760

Reviewed by Youenn Fablet.

* fast/mediastream/MediaDevices-getUserMedia-expected.txt:
* fast/mediastream/MediaDevices-getUserMedia.html:

2016-11-28 Antti Koivisto <antti@apple.com>

Remove FIRST_LINE_INHERITED fake pseudo style
@@ -58,7 +58,7 @@
{
if (window.testRunner) {
testRunner.setUserMediaPermission(true);
testRunner.setUserMediaPermissionForOrigin(false, document.location.href, "");
testRunner.setUserMediaPersistentPermissionForOrigin(false, document.location.href, "");
}

navigator.mediaDevices
@@ -77,7 +77,7 @@
function grantPermission()
{
if (window.testRunner)
testRunner.setUserMediaPermissionForOrigin(true, document.location.href, "");
testRunner.setUserMediaPersistentPermissionForOrigin(true, document.location.href, "");

debug(`<br>*** Calling mediaDevices.enumerateDevices with persistent access, and without a media stream track<br>`);
havePermission = true;
@@ -11,7 +11,7 @@

if (window.testRunner) {
testRunner.setUserMediaPermission(true);
testRunner.setUserMediaPermissionForOrigin(true, "http://localhost:8000", location.href);
testRunner.setUserMediaPersistentPermissionForOrigin(true, "http://localhost:8000", location.href);
}

function setup()
@@ -0,0 +1,29 @@
Tests that user is only prompted once per device in the current browsing context.

On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".


PASS numberOfTimesGetUserMediaHasBeenCalled() is 0

** Request an audio-only stream, the user should be prompted **
PASS navigator.mediaDevices.getUserMedia({audio:true}).then(gotStream1); did not throw exception.
PASS numberOfTimesGetUserMediaHasBeenCalled() is 1
PASS stream.getAudioTracks().length is 1
PASS stream.getVideoTracks().length is 0

** Request a video-only stream, the user should be prompted **
PASS navigator.mediaDevices.getUserMedia({video:true}).then(gotStream2); did not throw exception.
PASS numberOfTimesGetUserMediaHasBeenCalled() is 2
PASS stream.getAudioTracks().length is 0
PASS stream.getVideoTracks().length is 1

** Request a stream with video and audio, the user should be not prompted **
PASS navigator.mediaDevices.getUserMedia({audio:true, video:true}).then(gotStream3); did not throw exception.
PASS numberOfTimesGetUserMediaHasBeenCalled() is 2
PASS stream.getAudioTracks().length is 1
PASS stream.getVideoTracks().length is 1

PASS successfullyParsed is true

TEST COMPLETE

@@ -0,0 +1,68 @@
<!DOCTYPE html>
<html>
<head>
<style>
iframe { border: 1px solid black; }
</style>
<script src="../../../../resources/js-test-pre.js"></script>
<script>

function numberOfTimesGetUserMediaHasBeenCalled()
{
return testRunner.userMediaPermissionRequestCountForOrigin(document.location.href, document.location.href);
}

function gotStream3(s)
{
stream = s;
shouldBe("numberOfTimesGetUserMediaHasBeenCalled()", "2");
shouldBe("stream.getAudioTracks().length", "1");
shouldBe("stream.getVideoTracks().length", "1");

debug("");
finishJSTest();
}

function gotStream2(s)
{
stream = s;
shouldBe("numberOfTimesGetUserMediaHasBeenCalled()", "2");
shouldBe("stream.getAudioTracks().length", "0");
shouldBe("stream.getVideoTracks().length", "1");

debug("<br>** Request a stream with video and audio, the user should be not prompted **");
shouldNotThrow("navigator.mediaDevices.getUserMedia({audio:true, video:true}).then(gotStream3);");
}

function gotStream1(s)
{
stream = s;
shouldBe("numberOfTimesGetUserMediaHasBeenCalled()", "1");
shouldBe("stream.getAudioTracks().length", "1");
shouldBe("stream.getVideoTracks().length", "0");

debug("<br>** Request a video-only stream, the user should be prompted **");
shouldNotThrow("navigator.mediaDevices.getUserMedia({video:true}).then(gotStream2);")
}

function setup()
{
description("Tests that user is only prompted once per device in the current browsing context.");

testRunner.resetUserMediaPermissionRequestCountForOrigin(document.location.href, document.location.href);
shouldBe("numberOfTimesGetUserMediaHasBeenCalled()", "0");

debug("<br>** Request an audio-only stream, the user should be prompted **");
shouldNotThrow("navigator.mediaDevices.getUserMedia({audio:true}).then(gotStream1);");
}

if (window.testRunner)
testRunner.setUserMediaPermission(true);
window.jsTestIsAsync = true;
window.successfullyParsed = true;
</script>
<script src="../../../../resources/js-test-post.js"></script>
</head>
<body onload="setup()">
</body>
</html>
@@ -1,3 +1,38 @@
2016-11-28 Eric Carlson <eric.carlson@apple.com>

[MediaStream] Don't request user permission for a device if it has already been granted in the current browsing context
https://bugs.webkit.org/show_bug.cgi?id=164760
<rdar://problem/29261266>

Reviewed by Youenn Fablet.

* UIProcess/UserMediaPermissionRequestManagerProxy.cpp:
(WebKit::FrameAuthorizationState::FrameAuthorizationState):
(WebKit::FrameAuthorizationState::hasPermissionToUseCaptureDevice):
(WebKit::FrameAuthorizationState::setHasPermissionToUseCaptureDevice):
(WebKit::FrameAuthorizationState::reset):
(WebKit::FrameAuthorizationState::securityOriginsAreEqual):
(WebKit::UserMediaPermissionRequestManagerProxy::stateForRequest):
(WebKit::UserMediaPermissionRequestManagerProxy::invalidateRequests):
(WebKit::UserMediaPermissionRequestManagerProxy::createRequest):
(WebKit::UserMediaPermissionRequestManagerProxy::userMediaAccessWasDenied):
(WebKit::UserMediaPermissionRequestManagerProxy::userMediaAccessWasGranted):
(WebKit::UserMediaPermissionRequestManagerProxy::requestUserMediaPermissionForFrame):
* UIProcess/UserMediaPermissionRequestManagerProxy.h:
(WebKit::FrameAuthorizationState::~FrameAuthorizationState):
(WebKit::FrameAuthorizationState::frameID):
* UIProcess/UserMediaPermissionRequestProxy.cpp:
(WebKit::UserMediaPermissionRequestProxy::UserMediaPermissionRequestProxy):
* UIProcess/UserMediaPermissionRequestProxy.h:
(WebKit::UserMediaPermissionRequestProxy::create):
(WebKit::UserMediaPermissionRequestProxy::frameID):
(WebKit::UserMediaPermissionRequestProxy::userMediaDocumentSecurityOrigin):
(WebKit::UserMediaPermissionRequestProxy::topLevelDocumentSecurityOrigin):
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::didCommitLoadForFrame):
* WebProcess/MediaStream/UserMediaPermissionRequestManager.cpp:
(WebKit::UserMediaPermissionRequestManager::removeMediaRequestFromMaps):

2016-11-27 Dean Jackson <dino@apple.com>

Removed a WTFLogAlways I left in with a recent commit.
@@ -34,6 +34,61 @@ using namespace WebCore;

namespace WebKit {

FrameAuthorizationState::FrameAuthorizationState(UserMediaPermissionRequestProxy& request)
: m_userMediaDocumentSecurityOrigin(request.userMediaDocumentSecurityOrigin())
, m_topLevelDocumentSecurityOrigin(request.topLevelDocumentSecurityOrigin())
{
}

bool FrameAuthorizationState::hasPermissionToUseCaptureDevice(const String& deviceUID)
{
return m_authorizedDeviceUIDs.find(deviceUID) != notFound;
}

void FrameAuthorizationState::setHasPermissionToUseCaptureDevice(const String& deviceUID, bool hasPermission)
{
if (deviceUID.isEmpty())
return;

size_t index = m_authorizedDeviceUIDs.find(deviceUID);
if (hasPermission == (index != notFound))
return;

if (hasPermission)
m_authorizedDeviceUIDs.append(deviceUID);
else
m_authorizedDeviceUIDs.remove(index);
}

void FrameAuthorizationState::ensureSecurityOriginsAreEqual(UserMediaPermissionRequestProxy& request)
{
do {
if (!m_userMediaDocumentSecurityOrigin || !m_userMediaDocumentSecurityOrigin->equal(request.userMediaDocumentSecurityOrigin()))
break;

if (!m_topLevelDocumentSecurityOrigin || !m_topLevelDocumentSecurityOrigin->equal(request.topLevelDocumentSecurityOrigin()))
break;

return;
} while (0);

m_userMediaDocumentSecurityOrigin = request.userMediaDocumentSecurityOrigin();
m_topLevelDocumentSecurityOrigin = request.topLevelDocumentSecurityOrigin();
m_authorizedDeviceUIDs.clear();
}

FrameAuthorizationState& UserMediaPermissionRequestManagerProxy::stateForRequest(UserMediaPermissionRequestProxy& request)
{
auto& state = m_frameStates.add(request.frameID(), nullptr).iterator->value;
if (state) {
state->ensureSecurityOriginsAreEqual(request);
return *state;
}

state = std::make_unique<FrameAuthorizationState>(request);
return *state;
}

UserMediaPermissionRequestManagerProxy::UserMediaPermissionRequestManagerProxy(WebPageProxy& page)
: m_page(page)
{
@@ -49,19 +104,12 @@ void UserMediaPermissionRequestManagerProxy::invalidateRequests()
request->invalidate();
m_pendingDeviceRequests.clear();

m_pageSandboxExtensionsGranted.clear();
}

Ref<UserMediaPermissionRequestProxy> UserMediaPermissionRequestManagerProxy::createRequest(uint64_t userMediaID, const Vector<String>& audioDeviceUIDs, const Vector<String>& videoDeviceUIDs)
{
Ref<UserMediaPermissionRequestProxy> request = UserMediaPermissionRequestProxy::create(*this, userMediaID, audioDeviceUIDs, videoDeviceUIDs);
m_pendingUserMediaRequests.add(userMediaID, request.ptr());
return request;
m_frameStates.clear();
}

Ref<UserMediaPermissionRequestProxy> UserMediaPermissionRequestManagerProxy::createRequest(uint64_t userMediaID)
Ref<UserMediaPermissionRequestProxy> UserMediaPermissionRequestManagerProxy::createRequest(uint64_t userMediaID, uint64_t frameID, const String& userMediaDocumentOriginIdentifier, const String& topLevelDocumentOriginIdentifier, const Vector<String>& audioDeviceUIDs, const Vector<String>& videoDeviceUIDs)
{
Ref<UserMediaPermissionRequestProxy> request = UserMediaPermissionRequestProxy::create(*this, userMediaID, Vector<String>(), Vector<String>());
auto request = UserMediaPermissionRequestProxy::create(*this, userMediaID, frameID, userMediaDocumentOriginIdentifier, topLevelDocumentOriginIdentifier, audioDeviceUIDs, videoDeviceUIDs);
m_pendingUserMediaRequests.add(userMediaID, request.ptr());
return request;
}
@@ -103,10 +151,17 @@ void UserMediaPermissionRequestManagerProxy::userMediaAccessWasDenied(uint64_t u
if (!m_page.isValid())
return;

if (!m_pendingUserMediaRequests.take(userMediaID))
auto request = m_pendingUserMediaRequests.take(userMediaID);
if (!request)
return;

denyRequest(userMediaID, reason, "");
auto fameState = stateForRequest(*request);
for (const auto& deviceUID : request->videoDeviceUIDs())
fameState.setHasPermissionToUseCaptureDevice(deviceUID, false);
for (const auto& deviceUID : request->audioDeviceUIDs())
fameState.setHasPermissionToUseCaptureDevice(deviceUID, false);

denyRequest(userMediaID, reason, emptyString());
}

void UserMediaPermissionRequestManagerProxy::denyRequest(uint64_t userMediaID, UserMediaPermissionRequestProxy::UserMediaAccessDenialReason reason, const String& invalidConstraint)
@@ -128,10 +183,15 @@ void UserMediaPermissionRequestManagerProxy::userMediaAccessWasGranted(uint64_t
if (!m_page.isValid())
return;

if (!m_pendingUserMediaRequests.take(userMediaID))
#if ENABLE(MEDIA_STREAM)
auto request = m_pendingUserMediaRequests.take(userMediaID);
if (!request)
return;

#if ENABLE(MEDIA_STREAM)
auto& fameState = stateForRequest(*request);
fameState.setHasPermissionToUseCaptureDevice(audioDeviceUID, true);
fameState.setHasPermissionToUseCaptureDevice(videoDeviceUID, true);

size_t extensionCount = 0;
unsigned requiredExtensions = SandboxExtensionsGranted::None;
if (!audioDeviceUID.isEmpty()) {
@@ -143,10 +203,10 @@ void UserMediaPermissionRequestManagerProxy::userMediaAccessWasGranted(uint64_t
extensionCount++;
}

unsigned currentExtensions = m_pageSandboxExtensionsGranted.get(m_page.pageID());
unsigned currentExtensions = m_pageSandboxExtensionsGranted;
if (!(requiredExtensions & currentExtensions)) {
ASSERT(extensionCount);
m_pageSandboxExtensionsGranted.set(m_page.pageID(), requiredExtensions | currentExtensions);
m_pageSandboxExtensionsGranted = requiredExtensions | currentExtensions;
SandboxExtension::HandleArray handles;
handles.allocate(extensionCount);
if (!videoDeviceUID.isEmpty())
@@ -158,6 +218,7 @@ void UserMediaPermissionRequestManagerProxy::userMediaAccessWasGranted(uint64_t

m_page.process().send(Messages::WebPage::UserMediaAccessWasGranted(userMediaID, audioDeviceUID, videoDeviceUID), m_page.pageID());
#else
UNUSED_PARAM(userMediaID);
UNUSED_PARAM(audioDeviceUID);
UNUSED_PARAM(videoDeviceUID);
#endif
@@ -178,18 +239,38 @@ void UserMediaPermissionRequestManagerProxy::requestUserMediaPermissionForFrame(
return;

if (videoDeviceUIDs.isEmpty() && audioDeviceUIDs.isEmpty()) {
denyRequest(userMediaID, UserMediaPermissionRequestProxy::UserMediaAccessDenialReason::NoConstraints, "");
denyRequest(userMediaID, UserMediaPermissionRequestProxy::UserMediaAccessDenialReason::NoConstraints, emptyString());
return;
}

auto userMediaOrigin = API::SecurityOrigin::create(SecurityOriginData::fromDatabaseIdentifier(userMediaDocumentOriginIdentifier)->securityOrigin());
auto topLevelOrigin = API::SecurityOrigin::create(SecurityOriginData::fromDatabaseIdentifier(topLevelDocumentOriginIdentifier)->securityOrigin());
auto request = createRequest(userMediaID, audioDeviceUIDs, videoDeviceUIDs);
auto request = createRequest(userMediaID, frameID, userMediaDocumentOriginIdentifier, topLevelDocumentOriginIdentifier, audioDeviceUIDs, videoDeviceUIDs);

String authorizedAudioDevice;
String authorizedVideoDevice;
auto& fameState = stateForRequest(request);
for (auto deviceUID : audioDeviceUIDs) {
if (fameState.hasPermissionToUseCaptureDevice(deviceUID)) {
authorizedAudioDevice = deviceUID;
break;
}
}
for (auto deviceUID : videoDeviceUIDs) {
if (fameState.hasPermissionToUseCaptureDevice(deviceUID)) {
authorizedVideoDevice = deviceUID;
break;
}
}

if (!m_page.uiClient().decidePolicyForUserMediaPermissionRequest(m_page, *m_page.process().webFrame(frameID), *userMediaOrigin.get(), *topLevelOrigin.get(), request.get())) {
m_pendingUserMediaRequests.take(userMediaID);
request->deny(UserMediaPermissionRequestProxy::UserMediaAccessDenialReason::UserMediaDisabled);
if (audioDeviceUIDs.isEmpty() == authorizedAudioDevice.isEmpty() && videoDeviceUIDs.isEmpty() == authorizedVideoDevice.isEmpty()) {
userMediaAccessWasGranted(userMediaID, authorizedAudioDevice, authorizedVideoDevice);
return;
}

if (!m_page.uiClient().decidePolicyForUserMediaPermissionRequest(m_page, *m_page.process().webFrame(frameID), *userMediaOrigin.get(), *topLevelOrigin.get(), request.get()))
userMediaAccessWasDenied(userMediaID, UserMediaPermissionRequestProxy::UserMediaAccessDenialReason::UserMediaDisabled);

};

auto audioConstraints = MediaConstraintsImpl::create(audioConstraintsData);

0 comments on commit bd001aa

Please sign in to comment.