4 files changed, 117 insertions, 0 deletions

diff --git a/core/java/android/webkit/PermissionRequest.java b/core/java/android/webkit/PermissionRequest.java
new file mode 100644
index 000000000000..2f8850ba9e33
--- /dev/null
+++ b/core/java/android/webkit/PermissionRequest.java
@@ -0,0 +1,74 @@
+/*
+ * Copyright (C) 2014 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.webkit;
+
+import android.net.Uri;
+
+/**
+ * This class wraps a permission request, and is used to request permission for
+ * the web content to access the resources.
+ *
+ * Either {@link #grant(long) grant()} or {@link #deny()} must be called to response the
+ * request, otherwise, {@link WebChromeClient#onPermissionRequest(PermissionRequest)} will
+ * not be invoked again if there is other permission request in this WebView.
+ *
+ * @hide
+ */
+public interface PermissionRequest {
+    /**
+     * Resource belongs to geolocation service.
+     */
+    public final static long RESOURCE_GEOLOCATION = 1 << 0;
+    /**
+     * Resource belongs to video capture device, like camera.
+     */
+    public final static long RESOURCE_VIDEO_CAPTURE = 1 << 1;
+    /**
+     * Resource belongs to audio capture device, like microphone.
+     */
+    public final static long RESOURCE_AUDIO_CAPTURE = 1 << 2;
+
+    /**
+     * @return the origin of web content which attempt to access the restricted
+     *         resources.
+     */
+    public Uri getOrigin();
+
+    /**
+     * @return a bit mask of resources the web content wants to access.
+     */
+    public long getResources();
+
+    /**
+     * Call this method to grant origin the permission to access the given resources.
+     * The granted permission is only valid for this WebView.
+     *
+     * @param resources the resources granted to be accessed by origin, to grant
+     *        request, the requested resources returned by {@link #getResources()}
+     *        must be equals or a subset of granted resources.
+     *        This parameter is designed to avoid granting permission by accident
+     *        especially when new resources are requested by web content.
+     *        Calling grant(getResources()) has security issue, the new permission
+     *        will be granted without being noticed.
+     */
+    public void grant(long resources);
+
+    /**
+     * Call this method to deny the request.
+     */
+    public void deny();
+}
diff --git a/core/java/android/webkit/WebChromeClient.java b/core/java/android/webkit/WebChromeClient.java
index aa57423a09eb..60cba869d658 100644
--- a/core/java/android/webkit/WebChromeClient.java
+++ b/core/java/android/webkit/WebChromeClient.java
@@ -296,6 +296,30 @@ public class WebChromeClient {
     public void onGeolocationPermissionsHidePrompt() {}
 
     /**
+     * Notify the host application that web content is requesting permission to
+     * access the specified resources and the permission currently isn't granted
+     * or denied. The host application must invoke {@link PermissionRequest#grant(long)}
+     * or {@link PermissionRequest#deny()}.
+     *
+     * If this method isn't overridden, the permission is denied.
+     *
+     * @param request the PermissionRequest from current web content.
+     * @hide
+     */
+    public void onPermissionRequest(PermissionRequest request) {
+        request.deny();
+    }
+
+    /**
+     * Notify the host application that the given permission request
+     * has been canceled. Any related UI should therefore be hidden.
+     *
+     * @param request the PermissionRequest need be canceled.
+     * @hide
+     */
+    public void onPermissionRequestCanceled(PermissionRequest request) {}
+
+    /**
      * Tell the client that a JavaScript execution timeout has occured. And the
      * client may decide whether or not to interrupt the execution. If the
      * client returns true, the JavaScript will be interrupted. If the client
diff --git a/core/java/android/webkit/WebView.java b/core/java/android/webkit/WebView.java
index 81d36a4db1ff..bde1b93a425a 100644
--- a/core/java/android/webkit/WebView.java
+++ b/core/java/android/webkit/WebView.java
@@ -25,6 +25,7 @@ import android.graphics.Paint;
 import android.graphics.Picture;
 import android.graphics.Rect;
 import android.graphics.drawable.Drawable;
+import android.net.Uri;
 import android.net.http.SslCertificate;
 import android.os.Build;
 import android.os.Bundle;
@@ -1640,6 +1641,21 @@ public class WebView extends AbsoluteLayout
     }
 
     /**
+     * Preauthorize the given origin to access resources.
+     * This authorization only valid for this WebView instance life cycle and
+     * will not retained.
+     *
+     * @param origin the origin authorized to access resources
+     * @param resources the resource authorized to be accessed by origin.
+     *
+     * @hide
+     */
+    public void preauthorizePermission(Uri origin, long resources) {
+        checkThread();
+        mProvider.preauthorizePermission(origin, resources);
+    }
+
+    /**
      * Sets the Picture listener. This is an interface used to receive
      * notifications of a new Picture.
      *
diff --git a/core/java/android/webkit/WebViewProvider.java b/core/java/android/webkit/WebViewProvider.java
index 696aad4e592f..9488cdddc7f3 100644
--- a/core/java/android/webkit/WebViewProvider.java
+++ b/core/java/android/webkit/WebViewProvider.java
@@ -23,6 +23,7 @@ import android.graphics.Paint;
 import android.graphics.Picture;
 import android.graphics.Rect;
 import android.graphics.drawable.Drawable;
+import android.net.Uri;
 import android.net.http.SslCertificate;
 import android.os.Bundle;
 import android.os.Message;
@@ -245,6 +246,8 @@ public interface WebViewProvider {
 
     public View findHierarchyView(String className, int hashCode);
 
+    public void preauthorizePermission(Uri origin, long resources);
+
     //-------------------------------------------------------------------------
     // Provider internal methods
     //-------------------------------------------------------------------------