Index: content/browser/renderer_host/media/midi_host.cc |
diff --git a/content/browser/renderer_host/media/midi_host.cc b/content/browser/renderer_host/media/midi_host.cc |
index e03b3dfba12027f01ba30c98c16d8e4021028f43..0467404bda31a6c2946ed25bdaeefbaadb2d143f 100644 |
--- a/content/browser/renderer_host/media/midi_host.cc |
+++ b/content/browser/renderer_host/media/midi_host.cc |
@@ -136,13 +136,16 @@ void MIDIHost::ReceiveMIDIData( |
double timestamp) { |
TRACE_EVENT0("midi", "MIDIHost::ReceiveMIDIData"); |
- // For now disallow all System Exclusive messages even if we |
- // have permission. |
- // TODO(toyoshim): allow System Exclusive if browser has granted |
- // this client access. We'll likely need to pass a GURL |
- // here to compare against our permissions. |
- if (length > 0 && data[0] >= kSysExMessage) |
+ // Check a process security policy to receive a system exclusive message. |
+ if (length > 0 && data[0] >= kSysExMessage) { |
+ if (!ChildProcessSecurityPolicyImpl::GetInstance()->CanSendMIDISysExMessage( |
+ renderer_process_id_)) { |
+ // MIDI devices may send a system exclusive messages even if the renderer |
+ // doesn't have a permission to receive it. Don't kill the renderer as |
+ // OnSendData() does. |
return; |
+ } |
+ } |
// Send to the renderer. |
std::vector<uint8> v(data, data + length); |