github/electron
1
1
Fork 0
mirror of https://github.com/electron/electron.git synced 2026-04-10 03:01:51 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
fbc489c43be82f0fc331560ae678a39aeaea38c8
electron/shell/browser/usb/usb_chooser_controller.h
Keeley Hammond 9d0c858be0 fix: validate USB device selection against filtered device list (#50159) 
* fix: validate USB device selection against filtered device list (#50002)

* fix: validate USB device selection against filtered device list

Previously, UsbChooserController::OnDeviceChosen looked up the chosen
device_id via chooser_context_->GetDeviceInfo(), which searches all
known USB devices on the system rather than the filtered list shown to
the select-usb-device handler. This meant a device excluded by the
renderer's filters or exclusion_filters could still be granted
permission if the handler returned its GUID.

* bump for CI

---------

Co-authored-by: John Kleinschmidt <kleinschmidtorama@gmail.com>

* chore: fixup, remove gin::WeakCell

---------

Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>
Co-authored-by: John Kleinschmidt <kleinschmidtorama@gmail.com>
2026-03-10 09:22:13 +00:00

88 lines
2.8 KiB
C++
Raw Blame History

// Copyright (c) 2022 Microsoft, Inc.
// Use of this source code is governed by the MIT license that can be
// found in the LICENSE file.
#ifndef ELECTRON_SHELL_BROWSER_USB_USB_CHOOSER_CONTROLLER_H_
#define ELECTRON_SHELL_BROWSER_USB_USB_CHOOSER_CONTROLLER_H_
#include <string>
#include <vector>
#include "base/memory/weak_ptr.h"
#include "base/scoped_observation.h"
#include "content/public/browser/web_contents_observer.h"
#include "services/device/public/mojom/usb_device.mojom-forward.h"
#include "shell/browser/usb/usb_chooser_context.h"
#include "third_party/blink/public/mojom/usb/web_usb_service.mojom.h"
#include "url/origin.h"
namespace content {
class RenderFrameHost;
class WebContents;
} // namespace content
namespace gin {
class Arguments;
}
namespace electron {
class ElectronUsbDelegate;
namespace api {
class Session;
}
// UsbChooserController creates a chooser for WebUSB.
class UsbChooserController final : private UsbChooserContext::DeviceObserver,
private content::WebContentsObserver {
public:
UsbChooserController(
content::RenderFrameHost* render_frame_host,
blink::mojom::WebUsbRequestDeviceOptionsPtr options,
blink::mojom::WebUsbService::GetPermissionCallback callback,
content::WebContents* web_contents,
base::WeakPtr<ElectronUsbDelegate> usb_delegate);
UsbChooserController(const UsbChooserController&) = delete;
UsbChooserController& operator=(const UsbChooserController&) = delete;
~UsbChooserController() override;
// UsbChooserContext::DeviceObserver implementation:
void OnDeviceAdded(const device::mojom::UsbDeviceInfo& device_info) override;
void OnDeviceRemoved(
const device::mojom::UsbDeviceInfo& device_info) override;
void OnBrowserContextShutdown() override;
// content::WebContentsObserver:
void RenderFrameDeleted(content::RenderFrameHost* render_frame_host) override;
private:
api::Session* GetSession();
void GotUsbDeviceList(std::vector<device::mojom::UsbDeviceInfoPtr> devices);
bool DisplayDevice(const device::mojom::UsbDeviceInfo& device) const;
void RunCallback(device::mojom::UsbDeviceInfoPtr device_info);
void OnDeviceChosen(gin::Arguments* args);
blink::mojom::WebUsbRequestDeviceOptionsPtr options_;
blink::mojom::WebUsbService::GetPermissionCallback callback_;
url::Origin origin_;
base::WeakPtr<UsbChooserContext> chooser_context_;
base::ScopedObservation<UsbChooserContext, UsbChooserContext::DeviceObserver>
observation_{this};
base::WeakPtr<ElectronUsbDelegate> usb_delegate_;
// Filtered list of devices that passed DisplayDevice()
std::vector<device::mojom::UsbDeviceInfoPtr> devices_;
content::GlobalRenderFrameHostId render_frame_host_id_;
base::WeakPtrFactory<UsbChooserController> weak_factory_{this};
};
} // namespace electron
#endif // ELECTRON_SHELL_BROWSER_USB_USB_CHOOSER_CONTROLLER_H_
Reference in New Issue View Git Blame Copy Permalink