diff options
| -rw-r--r-- | chromium/content/browser/hid/hid_service.cc | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/chromium/content/browser/hid/hid_service.cc b/chromium/content/browser/hid/hid_service.cc index 11c695ec1fb..c5495923e9a 100644 --- a/chromium/content/browser/hid/hid_service.cc +++ b/chromium/content/browser/hid/hid_service.cc @@ -184,6 +184,13 @@ void HidService::Create( return; } + if (render_frame_host->GetOutermostMainFrame() + ->GetLastCommittedOrigin() + .opaque()) { + mojo::ReportBadMessage("WebHID is not allowed from an opaque origin."); + return; + } + // DocumentHelper observes the lifetime of the document connected to // `render_frame_host` and destroys the HidService when the Mojo connection is // disconnected, RenderFrameHost is deleted, or the RenderFrameHost commits a @@ -199,6 +206,13 @@ void HidService::Create( mojo::PendingReceiver<blink::mojom::HidService> receiver) { DCHECK(service_worker_context); + if (origin.opaque()) { + // Service worker should not be available to a window/worker client which + // origin is opaque according to Service Worker specification. + mojo::ReportBadMessage("WebHID is blocked in an opaque origin."); + return; + } + // Avoid creating the HidService if there is no HID delegate to provide // the implementation. if (!GetContentClient()->browser()->GetHidDelegate()) |