1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "components/content_settings/core/browser/content_settings_policy_provider.h"
6
7 #include <stddef.h>
8
9 #include <string>
10
11 #include "base/bind.h"
12 #include "base/feature_list.h"
13 #include "base/json/json_reader.h"
14 #include "base/stl_util.h"
15 #include "base/values.h"
16 #include "components/content_settings/core/browser/content_settings_info.h"
17 #include "components/content_settings/core/browser/content_settings_registry.h"
18 #include "components/content_settings/core/browser/content_settings_rule.h"
19 #include "components/content_settings/core/browser/content_settings_utils.h"
20 #include "components/content_settings/core/browser/website_settings_info.h"
21 #include "components/content_settings/core/browser/website_settings_registry.h"
22 #include "components/content_settings/core/common/content_settings_pattern.h"
23 #include "components/content_settings/core/common/pref_names.h"
24 #include "components/pref_registry/pref_registry_syncable.h"
25 #include "components/prefs/pref_service.h"
26
27 namespace {
28
29 struct PrefsForManagedContentSettingsMapEntry {
30 const char* pref_name;
31 ContentSettingsType content_type;
32 ContentSetting setting;
33 };
34
35 const PrefsForManagedContentSettingsMapEntry
36 kPrefsForManagedContentSettingsMap[] = {
37 {prefs::kManagedCookiesAllowedForUrls, ContentSettingsType::COOKIES,
38 CONTENT_SETTING_ALLOW},
39 {prefs::kManagedCookiesBlockedForUrls, ContentSettingsType::COOKIES,
40 CONTENT_SETTING_BLOCK},
41 {prefs::kManagedCookiesSessionOnlyForUrls, ContentSettingsType::COOKIES,
42 CONTENT_SETTING_SESSION_ONLY},
43 {prefs::kManagedImagesAllowedForUrls, ContentSettingsType::IMAGES,
44 CONTENT_SETTING_ALLOW},
45 {prefs::kManagedImagesBlockedForUrls, ContentSettingsType::IMAGES,
46 CONTENT_SETTING_BLOCK},
47 {prefs::kManagedInsecureContentAllowedForUrls,
48 ContentSettingsType::MIXEDSCRIPT, CONTENT_SETTING_ALLOW},
49 {prefs::kManagedInsecureContentBlockedForUrls,
50 ContentSettingsType::MIXEDSCRIPT, CONTENT_SETTING_BLOCK},
51 {prefs::kManagedJavaScriptAllowedForUrls,
52 ContentSettingsType::JAVASCRIPT, CONTENT_SETTING_ALLOW},
53 {prefs::kManagedJavaScriptBlockedForUrls,
54 ContentSettingsType::JAVASCRIPT, CONTENT_SETTING_BLOCK},
55 {prefs::kManagedNotificationsAllowedForUrls,
56 ContentSettingsType::NOTIFICATIONS, CONTENT_SETTING_ALLOW},
57 {prefs::kManagedNotificationsBlockedForUrls,
58 ContentSettingsType::NOTIFICATIONS, CONTENT_SETTING_BLOCK},
59 {prefs::kManagedPluginsAllowedForUrls, ContentSettingsType::PLUGINS,
60 CONTENT_SETTING_ALLOW},
61 {prefs::kManagedPluginsBlockedForUrls, ContentSettingsType::PLUGINS,
62 CONTENT_SETTING_BLOCK},
63 {prefs::kManagedPopupsAllowedForUrls, ContentSettingsType::POPUPS,
64 CONTENT_SETTING_ALLOW},
65 {prefs::kManagedPopupsBlockedForUrls, ContentSettingsType::POPUPS,
66 CONTENT_SETTING_BLOCK},
67 {prefs::kManagedWebUsbAskForUrls, ContentSettingsType::USB_GUARD,
68 CONTENT_SETTING_ASK},
69 {prefs::kManagedWebUsbBlockedForUrls, ContentSettingsType::USB_GUARD,
70 CONTENT_SETTING_BLOCK},
71 {prefs::kManagedLegacyCookieAccessAllowedForDomains,
72 ContentSettingsType::LEGACY_COOKIE_ACCESS, CONTENT_SETTING_ALLOW}};
73
74 } // namespace
75
76 namespace content_settings {
77
78 // The preferences used to manage the default policy value for
79 // ContentSettingsTypes.
80 struct PolicyProvider::PrefsForManagedDefaultMapEntry {
81 ContentSettingsType content_type;
82 const char* pref_name;
83 };
84
85 // static
86 const PolicyProvider::PrefsForManagedDefaultMapEntry
87 PolicyProvider::kPrefsForManagedDefault[] = {
88 {ContentSettingsType::ADS, prefs::kManagedDefaultAdsSetting},
89 {ContentSettingsType::COOKIES, prefs::kManagedDefaultCookiesSetting},
90 {ContentSettingsType::IMAGES, prefs::kManagedDefaultImagesSetting},
91 {ContentSettingsType::GEOLOCATION,
92 prefs::kManagedDefaultGeolocationSetting},
93 {ContentSettingsType::JAVASCRIPT,
94 prefs::kManagedDefaultJavaScriptSetting},
95 {ContentSettingsType::MEDIASTREAM_CAMERA,
96 prefs::kManagedDefaultMediaStreamSetting},
97 {ContentSettingsType::MEDIASTREAM_MIC,
98 prefs::kManagedDefaultMediaStreamSetting},
99 {ContentSettingsType::MIXEDSCRIPT,
100 prefs::kManagedDefaultInsecureContentSetting},
101 {ContentSettingsType::NOTIFICATIONS,
102 prefs::kManagedDefaultNotificationsSetting},
103 {ContentSettingsType::PLUGINS, prefs::kManagedDefaultPluginsSetting},
104 {ContentSettingsType::POPUPS, prefs::kManagedDefaultPopupsSetting},
105 {ContentSettingsType::BLUETOOTH_GUARD,
106 prefs::kManagedDefaultWebBluetoothGuardSetting},
107 {ContentSettingsType::USB_GUARD,
108 prefs::kManagedDefaultWebUsbGuardSetting},
109 {ContentSettingsType::LEGACY_COOKIE_ACCESS,
110 prefs::kManagedDefaultLegacyCookieAccessSetting}};
111
112 // static
RegisterProfilePrefs(user_prefs::PrefRegistrySyncable * registry)113 void PolicyProvider::RegisterProfilePrefs(
114 user_prefs::PrefRegistrySyncable* registry) {
115 registry->RegisterListPref(prefs::kManagedAutoSelectCertificateForUrls);
116 registry->RegisterListPref(prefs::kManagedCookiesAllowedForUrls);
117 registry->RegisterListPref(prefs::kManagedCookiesBlockedForUrls);
118 registry->RegisterListPref(prefs::kManagedCookiesSessionOnlyForUrls);
119 registry->RegisterListPref(prefs::kManagedImagesAllowedForUrls);
120 registry->RegisterListPref(prefs::kManagedImagesBlockedForUrls);
121 registry->RegisterListPref(prefs::kManagedInsecureContentAllowedForUrls);
122 registry->RegisterListPref(prefs::kManagedInsecureContentBlockedForUrls);
123 registry->RegisterListPref(prefs::kManagedJavaScriptAllowedForUrls);
124 registry->RegisterListPref(prefs::kManagedJavaScriptBlockedForUrls);
125 registry->RegisterListPref(prefs::kManagedNotificationsAllowedForUrls);
126 registry->RegisterListPref(prefs::kManagedNotificationsBlockedForUrls);
127 registry->RegisterListPref(prefs::kManagedPluginsAllowedForUrls);
128 registry->RegisterListPref(prefs::kManagedPluginsBlockedForUrls);
129 registry->RegisterListPref(prefs::kManagedPopupsAllowedForUrls);
130 registry->RegisterListPref(prefs::kManagedPopupsBlockedForUrls);
131 registry->RegisterListPref(prefs::kManagedWebUsbAllowDevicesForUrls);
132 registry->RegisterListPref(prefs::kManagedWebUsbAskForUrls);
133 registry->RegisterListPref(prefs::kManagedWebUsbBlockedForUrls);
134 registry->RegisterListPref(
135 prefs::kManagedLegacyCookieAccessAllowedForDomains);
136 // Preferences for default content setting policies. If a policy is not set of
137 // the corresponding preferences below is set to CONTENT_SETTING_DEFAULT.
138 registry->RegisterIntegerPref(prefs::kManagedDefaultAdsSetting,
139 CONTENT_SETTING_DEFAULT);
140 registry->RegisterIntegerPref(prefs::kManagedDefaultCookiesSetting,
141 CONTENT_SETTING_DEFAULT);
142 registry->RegisterIntegerPref(prefs::kManagedDefaultGeolocationSetting,
143 CONTENT_SETTING_DEFAULT);
144 registry->RegisterIntegerPref(prefs::kManagedDefaultImagesSetting,
145 CONTENT_SETTING_DEFAULT);
146 registry->RegisterIntegerPref(prefs::kManagedDefaultInsecureContentSetting,
147 CONTENT_SETTING_DEFAULT);
148 registry->RegisterIntegerPref(prefs::kManagedDefaultJavaScriptSetting,
149 CONTENT_SETTING_DEFAULT);
150 registry->RegisterIntegerPref(prefs::kManagedDefaultNotificationsSetting,
151 CONTENT_SETTING_DEFAULT);
152 registry->RegisterIntegerPref(prefs::kManagedDefaultMediaStreamSetting,
153 CONTENT_SETTING_DEFAULT);
154 registry->RegisterIntegerPref(prefs::kManagedDefaultPluginsSetting,
155 CONTENT_SETTING_DEFAULT);
156 registry->RegisterIntegerPref(prefs::kManagedDefaultPopupsSetting,
157 CONTENT_SETTING_DEFAULT);
158 registry->RegisterIntegerPref(prefs::kManagedDefaultWebBluetoothGuardSetting,
159 CONTENT_SETTING_DEFAULT);
160 registry->RegisterIntegerPref(prefs::kManagedDefaultWebUsbGuardSetting,
161 CONTENT_SETTING_DEFAULT);
162 registry->RegisterIntegerPref(prefs::kManagedDefaultLegacyCookieAccessSetting,
163 CONTENT_SETTING_DEFAULT);
164 }
165
PolicyProvider(PrefService * prefs)166 PolicyProvider::PolicyProvider(PrefService* prefs) : prefs_(prefs) {
167 ReadManagedDefaultSettings();
168 ReadManagedContentSettings(false);
169
170 pref_change_registrar_.Init(prefs_);
171 PrefChangeRegistrar::NamedChangeCallback callback = base::BindRepeating(
172 &PolicyProvider::OnPreferenceChanged, base::Unretained(this));
173 pref_change_registrar_.Add(
174 prefs::kManagedAutoSelectCertificateForUrls, callback);
175 pref_change_registrar_.Add(prefs::kManagedCookiesAllowedForUrls, callback);
176 pref_change_registrar_.Add(prefs::kManagedCookiesBlockedForUrls, callback);
177 pref_change_registrar_.Add(
178 prefs::kManagedCookiesSessionOnlyForUrls, callback);
179 pref_change_registrar_.Add(prefs::kManagedImagesAllowedForUrls, callback);
180 pref_change_registrar_.Add(prefs::kManagedImagesBlockedForUrls, callback);
181 pref_change_registrar_.Add(prefs::kManagedInsecureContentAllowedForUrls,
182 callback);
183 pref_change_registrar_.Add(prefs::kManagedInsecureContentBlockedForUrls,
184 callback);
185 pref_change_registrar_.Add(prefs::kManagedJavaScriptAllowedForUrls, callback);
186 pref_change_registrar_.Add(prefs::kManagedJavaScriptBlockedForUrls, callback);
187 pref_change_registrar_.Add(
188 prefs::kManagedNotificationsAllowedForUrls, callback);
189 pref_change_registrar_.Add(
190 prefs::kManagedNotificationsBlockedForUrls, callback);
191 pref_change_registrar_.Add(prefs::kManagedPluginsAllowedForUrls, callback);
192 pref_change_registrar_.Add(prefs::kManagedPluginsBlockedForUrls, callback);
193 pref_change_registrar_.Add(prefs::kManagedPopupsAllowedForUrls, callback);
194 pref_change_registrar_.Add(prefs::kManagedPopupsBlockedForUrls, callback);
195 pref_change_registrar_.Add(prefs::kManagedWebUsbAskForUrls, callback);
196 pref_change_registrar_.Add(prefs::kManagedWebUsbBlockedForUrls, callback);
197 pref_change_registrar_.Add(prefs::kManagedLegacyCookieAccessAllowedForDomains,
198 callback);
199 // The following preferences are only used to indicate if a default content
200 // setting is managed and to hold the managed default setting value. If the
201 // value for any of the following preferences is set then the corresponding
202 // default content setting is managed. These preferences exist in parallel to
203 // the preference default content settings. If a default content settings type
204 // is managed any user defined exceptions (patterns) for this type are
205 // ignored.
206 pref_change_registrar_.Add(prefs::kManagedDefaultAdsSetting, callback);
207 pref_change_registrar_.Add(prefs::kManagedDefaultCookiesSetting, callback);
208 pref_change_registrar_.Add(
209 prefs::kManagedDefaultGeolocationSetting, callback);
210 pref_change_registrar_.Add(prefs::kManagedDefaultImagesSetting, callback);
211 pref_change_registrar_.Add(prefs::kManagedDefaultInsecureContentSetting,
212 callback);
213 pref_change_registrar_.Add(prefs::kManagedDefaultJavaScriptSetting, callback);
214 pref_change_registrar_.Add(
215 prefs::kManagedDefaultNotificationsSetting, callback);
216 pref_change_registrar_.Add(
217 prefs::kManagedDefaultMediaStreamSetting, callback);
218 pref_change_registrar_.Add(prefs::kManagedDefaultPluginsSetting, callback);
219 pref_change_registrar_.Add(prefs::kManagedDefaultPopupsSetting, callback);
220 pref_change_registrar_.Add(prefs::kManagedDefaultWebBluetoothGuardSetting,
221 callback);
222 pref_change_registrar_.Add(prefs::kManagedDefaultWebUsbGuardSetting,
223 callback);
224 pref_change_registrar_.Add(prefs::kManagedDefaultLegacyCookieAccessSetting,
225 callback);
226 }
227
~PolicyProvider()228 PolicyProvider::~PolicyProvider() {
229 DCHECK(!prefs_);
230 }
231
GetRuleIterator(ContentSettingsType content_type,const ResourceIdentifier & resource_identifier,bool incognito) const232 std::unique_ptr<RuleIterator> PolicyProvider::GetRuleIterator(
233 ContentSettingsType content_type,
234 const ResourceIdentifier& resource_identifier,
235 bool incognito) const {
236 return value_map_.GetRuleIterator(content_type, resource_identifier, &lock_);
237 }
238
GetContentSettingsFromPreferences(OriginIdentifierValueMap * value_map)239 void PolicyProvider::GetContentSettingsFromPreferences(
240 OriginIdentifierValueMap* value_map) {
241 for (size_t i = 0; i < base::size(kPrefsForManagedContentSettingsMap); ++i) {
242 const char* pref_name = kPrefsForManagedContentSettingsMap[i].pref_name;
243 // Skip unset policies.
244 if (!prefs_->HasPrefPath(pref_name)) {
245 VLOG(2) << "Skipping unset preference: " << pref_name;
246 continue;
247 }
248
249 const PrefService::Preference* pref = prefs_->FindPreference(pref_name);
250 DCHECK(pref);
251 DCHECK(!pref->HasUserSetting() && !pref->HasExtensionSetting());
252
253 const base::ListValue* pattern_str_list = nullptr;
254 if (!pref->GetValue()->GetAsList(&pattern_str_list)) {
255 NOTREACHED() << "Could not read patterns from " << pref_name;
256 return;
257 }
258
259 for (size_t j = 0; j < pattern_str_list->GetSize(); ++j) {
260 std::string original_pattern_str;
261 if (!pattern_str_list->GetString(j, &original_pattern_str)) {
262 NOTREACHED() << "Could not read content settings pattern #" << j
263 << " from " << pref_name;
264 continue;
265 }
266
267 VLOG(2) << "Reading content settings pattern " << original_pattern_str
268 << " from " << pref_name;
269
270 PatternPair pattern_pair = ParsePatternString(original_pattern_str);
271 // Ignore invalid patterns.
272 if (!pattern_pair.first.IsValid()) {
273 VLOG(1) << "Ignoring invalid content settings pattern "
274 << original_pattern_str;
275 continue;
276 }
277
278 ContentSettingsType content_type =
279 kPrefsForManagedContentSettingsMap[i].content_type;
280 DCHECK_NE(content_type, ContentSettingsType::AUTO_SELECT_CERTIFICATE);
281 // If only one pattern was defined auto expand it to a pattern pair.
282 ContentSettingsPattern secondary_pattern =
283 !pattern_pair.second.IsValid() ? ContentSettingsPattern::Wildcard()
284 : pattern_pair.second;
285 VLOG_IF(2, !pattern_pair.second.IsValid())
286 << "Replacing invalid secondary pattern '"
287 << pattern_pair.second.ToString() << "' with wildcard";
288
289 // Currently all settings that can set pattern pairs support embedded
290 // exceptions. However if a new content setting is added that doesn't,
291 // this DCHECK should be changed to an actual check which ignores such
292 // patterns for that type.
293 DCHECK(pattern_pair.first == pattern_pair.second ||
294 pattern_pair.second == ContentSettingsPattern::Wildcard() ||
295 content_settings::WebsiteSettingsRegistry::GetInstance()
296 ->Get(content_type)
297 ->SupportsEmbeddedExceptions());
298
299 // Don't set a timestamp for policy settings.
300 value_map->SetValue(
301 pattern_pair.first, secondary_pattern, content_type,
302 ResourceIdentifier(), base::Time(),
303 base::Value(kPrefsForManagedContentSettingsMap[i].setting));
304 }
305 }
306 }
307
GetAutoSelectCertificateSettingsFromPreferences(OriginIdentifierValueMap * value_map)308 void PolicyProvider::GetAutoSelectCertificateSettingsFromPreferences(
309 OriginIdentifierValueMap* value_map) {
310 const char* pref_name = prefs::kManagedAutoSelectCertificateForUrls;
311
312 if (!prefs_->HasPrefPath(pref_name)) {
313 VLOG(2) << "Skipping unset preference: " << pref_name;
314 return;
315 }
316
317 const PrefService::Preference* pref = prefs_->FindPreference(pref_name);
318 DCHECK(pref);
319 DCHECK(!pref->HasUserSetting() && !pref->HasExtensionSetting());
320
321 const base::ListValue* pattern_filter_str_list = nullptr;
322 if (!pref->GetValue()->GetAsList(&pattern_filter_str_list)) {
323 NOTREACHED();
324 return;
325 }
326
327 // Parse the list of pattern filter strings. A pattern filter string has
328 // the following JSON format:
329 //
330 // {
331 // "pattern": <content settings pattern string>,
332 // "filter" : <certificate filter in JSON format>
333 // }
334 //
335 // e.g.
336 // {
337 // "pattern": "[*.]example.com",
338 // "filter": {
339 // "ISSUER": {
340 // "CN": "some name"
341 // }
342 // }
343 // }
344 std::unordered_map<std::string, base::DictionaryValue> filters_map;
345 for (size_t j = 0; j < pattern_filter_str_list->GetSize(); ++j) {
346 std::string pattern_filter_json;
347 if (!pattern_filter_str_list->GetString(j, &pattern_filter_json)) {
348 NOTREACHED();
349 continue;
350 }
351
352 std::unique_ptr<base::Value> value = base::JSONReader::ReadDeprecated(
353 pattern_filter_json, base::JSON_ALLOW_TRAILING_COMMAS);
354 if (!value || !value->is_dict()) {
355 VLOG(1) << "Ignoring invalid certificate auto select setting. Reason:"
356 " Invalid JSON object: " << pattern_filter_json;
357 continue;
358 }
359
360 std::unique_ptr<base::DictionaryValue> pattern_filter_pair =
361 base::DictionaryValue::From(std::move(value));
362 base::Value* pattern = pattern_filter_pair->FindKey("pattern");
363 base::Value* filter = pattern_filter_pair->FindKey("filter");
364 if (!pattern || !filter) {
365 VLOG(1) << "Ignoring invalid certificate auto select setting. Reason:"
366 " Missing pattern or filter.";
367 continue;
368 }
369 std::string pattern_str = pattern->GetString();
370
371 if (filters_map.find(pattern_str) == filters_map.end())
372 filters_map[pattern_str].SetKey("filters", base::ListValue());
373
374 // Don't pass removed values from |value|, because base::Values read with
375 // JSONReader use a shared string buffer. Instead, Clone() here.
376 filters_map[pattern_str].FindKey("filters")->Append(filter->Clone());
377 }
378
379 for (const auto& it : filters_map) {
380 const std::string& pattern_str = it.first;
381 const base::DictionaryValue& setting = it.second;
382
383 ContentSettingsPattern pattern =
384 ContentSettingsPattern::FromString(pattern_str);
385 // Ignore invalid patterns.
386 if (!pattern.IsValid()) {
387 VLOG(1) << "Ignoring invalid certificate auto select setting:"
388 " Invalid content settings pattern: "
389 << pattern.ToString();
390 continue;
391 }
392
393 value_map->SetValue(pattern, ContentSettingsPattern::Wildcard(),
394 ContentSettingsType::AUTO_SELECT_CERTIFICATE,
395 std::string(), base::Time(), setting.Clone());
396 }
397 }
398
ReadManagedDefaultSettings()399 void PolicyProvider::ReadManagedDefaultSettings() {
400 for (const PrefsForManagedDefaultMapEntry& entry : kPrefsForManagedDefault)
401 UpdateManagedDefaultSetting(entry);
402 }
403
UpdateManagedDefaultSetting(const PrefsForManagedDefaultMapEntry & entry)404 void PolicyProvider::UpdateManagedDefaultSetting(
405 const PrefsForManagedDefaultMapEntry& entry) {
406 // Not all managed default types are registered on every platform. If they're
407 // not registered, don't update them.
408 const ContentSettingsInfo* info =
409 ContentSettingsRegistry::GetInstance()->Get(entry.content_type);
410 if (!info)
411 return;
412
413 // If a pref to manage a default-content-setting was not set (NOTICE:
414 // "HasPrefPath" returns false if no value was set for a registered pref) then
415 // the default value of the preference is used. The default value of a
416 // preference to manage a default-content-settings is CONTENT_SETTING_DEFAULT.
417 // This indicates that no managed value is set. If a pref was set, than it
418 // MUST be managed.
419 DCHECK(!prefs_->HasPrefPath(entry.pref_name) ||
420 prefs_->IsManagedPreference(entry.pref_name));
421 base::AutoLock auto_lock(lock_);
422 int setting = prefs_->GetInteger(entry.pref_name);
423 // TODO(wfh): Remove once HDB is enabled by default.
424 if (entry.pref_name == prefs::kManagedDefaultPluginsSetting) {
425 static constexpr base::Feature kIgnoreDefaultPluginsSetting = {
426 "IgnoreDefaultPluginsSetting", base::FEATURE_DISABLED_BY_DEFAULT};
427 if (base::FeatureList::IsEnabled(kIgnoreDefaultPluginsSetting))
428 setting = CONTENT_SETTING_DEFAULT;
429 }
430 if (setting == CONTENT_SETTING_DEFAULT) {
431 value_map_.DeleteValue(ContentSettingsPattern::Wildcard(),
432 ContentSettingsPattern::Wildcard(),
433 entry.content_type, std::string());
434 } else if (info->IsSettingValid(IntToContentSetting(setting))) {
435 // Don't set a timestamp for policy settings.
436 value_map_.SetValue(ContentSettingsPattern::Wildcard(),
437 ContentSettingsPattern::Wildcard(), entry.content_type,
438 std::string(), base::Time(), base::Value(setting));
439 }
440 }
441
442
ReadManagedContentSettings(bool overwrite)443 void PolicyProvider::ReadManagedContentSettings(bool overwrite) {
444 base::AutoLock auto_lock(lock_);
445 if (overwrite)
446 value_map_.clear();
447 GetContentSettingsFromPreferences(&value_map_);
448 GetAutoSelectCertificateSettingsFromPreferences(&value_map_);
449 }
450
451 // Since the PolicyProvider is a read only content settings provider, all
452 // methodes of the ProviderInterface that set or delete any settings do nothing.
SetWebsiteSetting(const ContentSettingsPattern & primary_pattern,const ContentSettingsPattern & secondary_pattern,ContentSettingsType content_type,const ResourceIdentifier & resource_identifier,std::unique_ptr<base::Value> && value)453 bool PolicyProvider::SetWebsiteSetting(
454 const ContentSettingsPattern& primary_pattern,
455 const ContentSettingsPattern& secondary_pattern,
456 ContentSettingsType content_type,
457 const ResourceIdentifier& resource_identifier,
458 std::unique_ptr<base::Value>&& value) {
459 return false;
460 }
461
ClearAllContentSettingsRules(ContentSettingsType content_type)462 void PolicyProvider::ClearAllContentSettingsRules(
463 ContentSettingsType content_type) {
464 }
465
ShutdownOnUIThread()466 void PolicyProvider::ShutdownOnUIThread() {
467 DCHECK(CalledOnValidThread());
468 RemoveAllObservers();
469 if (!prefs_)
470 return;
471 pref_change_registrar_.RemoveAll();
472 prefs_ = nullptr;
473 }
474
OnPreferenceChanged(const std::string & name)475 void PolicyProvider::OnPreferenceChanged(const std::string& name) {
476 DCHECK(CalledOnValidThread());
477
478 for (const PrefsForManagedDefaultMapEntry& entry : kPrefsForManagedDefault) {
479 if (entry.pref_name == name)
480 UpdateManagedDefaultSetting(entry);
481 }
482
483 if (name == prefs::kManagedAutoSelectCertificateForUrls ||
484 name == prefs::kManagedCookiesAllowedForUrls ||
485 name == prefs::kManagedCookiesBlockedForUrls ||
486 name == prefs::kManagedCookiesSessionOnlyForUrls ||
487 name == prefs::kManagedImagesAllowedForUrls ||
488 name == prefs::kManagedImagesBlockedForUrls ||
489 name == prefs::kManagedInsecureContentAllowedForUrls ||
490 name == prefs::kManagedInsecureContentBlockedForUrls ||
491 name == prefs::kManagedJavaScriptAllowedForUrls ||
492 name == prefs::kManagedJavaScriptBlockedForUrls ||
493 name == prefs::kManagedNotificationsAllowedForUrls ||
494 name == prefs::kManagedNotificationsBlockedForUrls ||
495 name == prefs::kManagedPluginsAllowedForUrls ||
496 name == prefs::kManagedPluginsBlockedForUrls ||
497 name == prefs::kManagedPopupsAllowedForUrls ||
498 name == prefs::kManagedPopupsBlockedForUrls ||
499 name == prefs::kManagedLegacyCookieAccessAllowedForDomains) {
500 ReadManagedContentSettings(true);
501 ReadManagedDefaultSettings();
502 }
503
504 NotifyObservers(ContentSettingsPattern(), ContentSettingsPattern(),
505 ContentSettingsType::DEFAULT, std::string());
506 }
507
508 } // namespace content_settings
509