File: page_specific_content_settings.h

package info (click to toggle)
chromium 120.0.6099.224-1~deb11u1
  • links: PTS, VCS
  • area: main
  • in suites: bullseye
  • size: 6,112,112 kB
  • sloc: cpp: 32,907,025; ansic: 8,148,123; javascript: 3,679,536; python: 2,031,248; asm: 959,718; java: 804,675; xml: 617,256; sh: 111,417; objc: 100,835; perl: 88,443; cs: 53,032; makefile: 29,579; fortran: 24,137; php: 21,162; tcl: 21,147; sql: 20,809; ruby: 17,735; pascal: 12,864; yacc: 8,045; lisp: 3,388; lex: 1,323; ada: 727; awk: 329; jsp: 267; csh: 117; exp: 43; sed: 37
file content (679 lines) | stat: -rw-r--r-- 27,566 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
// Copyright 2012 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifndef COMPONENTS_CONTENT_SETTINGS_BROWSER_PAGE_SPECIFIC_CONTENT_SETTINGS_H_
#define COMPONENTS_CONTENT_SETTINGS_BROWSER_PAGE_SPECIFIC_CONTENT_SETTINGS_H_

#include <stdint.h>

#include <map>
#include <memory>
#include <set>
#include <string>

#include "base/containers/enum_set.h"
#include "base/containers/flat_set.h"
#include "base/memory/raw_ptr.h"
#include "base/memory/weak_ptr.h"
#include "base/observer_list.h"
#include "base/scoped_observation.h"
#include "base/timer/timer.h"
#include "build/build_config.h"
#include "build/chromeos_buildflags.h"
#include "components/browsing_data/content/browsing_data_model.h"
#include "components/browsing_data/content/cookie_helper.h"
#include "components/browsing_data/content/local_shared_objects_container.h"
#include "components/content_settings/common/content_settings_manager.mojom.h"
#include "components/content_settings/core/browser/content_settings_observer.h"
#include "components/content_settings/core/browser/host_content_settings_map.h"
#include "components/content_settings/core/common/content_settings.h"
#include "components/content_settings/core/common/content_settings_types.h"
#include "components/privacy_sandbox/canonical_topic.h"
#include "content/public/browser/allow_service_worker_result.h"
#include "content/public/browser/page_user_data.h"
#include "content/public/browser/render_frame_host.h"
#include "net/base/schemeful_site.h"
#include "url/gurl.h"

namespace blink {
class StorageKey;
}  // namespace blink

namespace content {
class WebContents;
class WebContentsObserver;
}  // namespace content

namespace url {
class Origin;
}  // namespace url

namespace content_settings {

enum class SiteDataType {
  kUnknown,
  kStorage,
  kCookies,
  kServiceWorker,
  kSharedWorker,
  kInterestGroup,
  kTopic,
  kTrustToken,
};

enum class AccessType {
  // This value represents situations where by the PSCS doesn't have enough
  // information to assess the accurate nature of site data access.
  kUnknown,
  kRead,
  kWrite,
};

// Holds extra details about the site data access deemed useful by PSCS
// observers.
struct AccessDetails {
  AccessDetails();
  AccessDetails(SiteDataType site_data_type,
                AccessType access_type,
                GURL url,
                bool blocked_by_policy,
                bool is_from_primary_page);
  ~AccessDetails();
  bool operator<(const AccessDetails& other) const;

  SiteDataType site_data_type = SiteDataType::kUnknown;
  AccessType access_type = AccessType::kUnknown;
  GURL url;
  bool blocked_by_policy = false;
  // Specifies whether the access occurred in the primary page.
  bool is_from_primary_page = false;
};

// TODO(msramek): Media is storing their state in PageSpecificContentSettings:
// |microphone_camera_state_| without being tied to a single content setting.
// This state is not ideal, potential solution is to save this information via
// content::WebContentsUserData

// This class manages state about permissions, content settings, cookies and
// site data for a specific page (main document and all of its child frames). It
// tracks which content was accessed and which content was blocked. Based on
// this it provides information about which types of content were accessed and
// blocked.
//
// Tracking is done per main document so instances of this class will be deleted
// when the main document is deleted. This can happen after the tab navigates
// away to a new document or when the tab itself is deleted, so you should not
// keep references to objects of this class.
//
// When a page enters the back-forward cache its associated
// PageSpecificContentSettings are not cleared and will be restored along with
// the document when navigating back. These stored instances still listen to
// content settings updates and keep their internal state up to date.
//
// Events tied to a main frame navigation will be associated with the newly
// loaded page once the navigation commits or discarded if it does not.
class PageSpecificContentSettings
    : public content_settings::Observer,
      public content::PageUserData<PageSpecificContentSettings> {
 public:
  // Fields describing the current mic/camera state. If a page has attempted to
  // access a device, the kXxxAccessed bit will be set. If access was blocked,
  // kXxxBlocked will be set.
  enum MicrophoneCameraStateFlags {
    kMicrophoneAccessed,
    kMicrophoneBlocked,
    kCameraAccessed,
    kCameraBlocked,

    kMinValue = kMicrophoneAccessed,
    kMaxValue = kCameraBlocked,
  };
  using MicrophoneCameraState =
      base::EnumSet<MicrophoneCameraStateFlags,
                    MicrophoneCameraStateFlags::kMinValue,
                    MicrophoneCameraStateFlags::kMaxValue>;

  class Delegate {
   public:
    virtual ~Delegate() = default;

    // Called when content settings state changes that might require updating
    // the location bar.
    virtual void UpdateLocationBar() = 0;

    // Gets the pref service for the current web contents.
    virtual PrefService* GetPrefs() = 0;

    // Gets the settings map for the current web contents.
    virtual HostContentSettingsMap* GetSettingsMap() = 0;

    // Gets the `BrowsingDataModel::Delegate` for the current profile.
    virtual std::unique_ptr<BrowsingDataModel::Delegate>
    CreateBrowsingDataModelDelegate() = 0;

    // Allows delegate to override content setting rules that will be sent to
    // the renderer.
    virtual void SetDefaultRendererContentSettingRules(
        content::RenderFrameHost* rfh,
        RendererContentSettingRules* rules) = 0;

    // Gets any additional file system types which should be used when
    // constructing a browsing_data::FileSystemHelper.
    virtual std::vector<storage::FileSystemType>
    GetAdditionalFileSystemTypes() = 0;

    virtual browsing_data::CookieHelper::IsDeletionDisabledCallback
    GetIsDeletionDisabledCallback() = 0;

    // Allows the delegate to provide additional logic for detecting state
    // changes on top of the camera/microphone permission state.
    virtual bool IsMicrophoneCameraStateChanged(
        MicrophoneCameraState microphone_camera_state,
        const std::string& media_stream_selected_audio_device,
        const std::string& media_stream_selected_video_device) = 0;

    // Allows the delegate to provide additional logic for getting microphone
    // and camera state on top of the microphone and camera state at the last
    // media stream request.
    virtual MicrophoneCameraState GetMicrophoneCameraState() = 0;

    // If there is a document picture-in-picture window open, check if the given
    // web contents is the opener web contents or child web contents, and return
    // the other web contents to be synced.
    virtual content::WebContents* MaybeGetSyncedWebContentsForPictureInPicture(
        content::WebContents* web_contents) = 0;

    // Notifies the delegate a particular content settings type was allowed for
    // the first time on this page.
    virtual void OnContentAllowed(ContentSettingsType type) = 0;

    // Notifies the delegate a particular content settings type was blocked.
    virtual void OnContentBlocked(ContentSettingsType type) = 0;
  };

  // Classes that want to be notified about site data events must implement
  // this abstract class and add themselves as observer to the
  // |PageSpecificContentSettings|.
  class SiteDataObserver {
   public:
    explicit SiteDataObserver(content::WebContents* web_contents);

    SiteDataObserver(const SiteDataObserver&) = delete;
    SiteDataObserver& operator=(const SiteDataObserver&) = delete;

    virtual ~SiteDataObserver();

    // Called whenever site data is accessed.
    virtual void OnSiteDataAccessed(const AccessDetails& access_details) = 0;

    // Called whenever this page is loaded via a redirect with stateful bounces.
    virtual void OnStatefulBounceDetected() = 0;

    content::WebContents* web_contents() { return web_contents_; }

    // Called when the WebContents is destroyed; nulls out
    // the local reference.
    void WebContentsDestroyed();

   private:
    raw_ptr<content::WebContents, DanglingUntriaged> web_contents_;
  };

  PageSpecificContentSettings(const PageSpecificContentSettings&) = delete;
  PageSpecificContentSettings& operator=(const PageSpecificContentSettings&) =
      delete;

  ~PageSpecificContentSettings() override;

  static void CreateForWebContents(content::WebContents* web_contents,
                                   std::unique_ptr<Delegate> delegate);
  static void DeleteForWebContentsForTest(content::WebContents* web_contents);

  // Returns the object given a RenderFrameHost ids. Returns nullptr if the
  // frame no longer exist or there are no PageSpecificContentSettings attached
  // to the document.
  static PageSpecificContentSettings* GetForFrame(
      const content::GlobalRenderFrameHostId& id);

  // Returns the object given a RenderFrameHost. Returns nullptr if the frame
  // is nullptr or there are no PageSpecificContentSettings attached to the
  // document.
  static PageSpecificContentSettings* GetForFrame(
      content::RenderFrameHost* rfh);

  // Returns the Delegate that was associated to |web_contents| in
  // CreateForWebContents. Null if CreateForWebContents was not called for
  // |web_contents|.
  static PageSpecificContentSettings::Delegate* GetDelegateForWebContents(
      content::WebContents* web_contents);

  static void StorageAccessed(
      mojom::ContentSettingsManager::StorageType storage_type,
      int render_process_id,
      int render_frame_id,
      const blink::StorageKey& storage_key,
      bool blocked_by_policy);

  static void BrowsingDataAccessed(content::RenderFrameHost* rfh,
                                   BrowsingDataModel::DataKey data_key,
                                   BrowsingDataModel::StorageType storage_type,
                                   bool blocked);

  // Called when content access is blocked in the renderer process.
  static void ContentBlocked(int render_process_id,
                             int render_frame_id,
                             ContentSettingsType type);

  // Called when a specific Shared Worker was accessed.
  static void SharedWorkerAccessed(int render_process_id,
                                   int render_frame_id,
                                   const GURL& worker_url,
                                   const std::string& name,
                                   const blink::StorageKey& storage_key,
                                   bool blocked_by_policy);

  // Called when |api_origin| attempts to join an interest group via the
  // Interest Group API.
  static void InterestGroupJoined(content::RenderFrameHost* rfh,
                                  const url::Origin& api_origin,
                                  bool blocked_by_policy);

  // Called when |api_origin| attempts to access browsing topics.
  static void TopicAccessed(content::RenderFrameHost* rfh,
                            const url::Origin& api_origin,
                            bool blocked_by_policy,
                            privacy_sandbox::CanonicalTopic topic);

  static content::WebContentsObserver* GetWebContentsObserverForTest(
      content::WebContents* web_contents);

  // Returns a WeakPtr to this instance. Given that PageSpecificContentSettings
  // instances are tied to a page it is generally unsafe to store these
  // references, instead a WeakPtr should be used instead.
  base::WeakPtr<PageSpecificContentSettings> AsWeakPtr() {
    return weak_factory_.GetWeakPtr();
  }

  // Changes the |content_blocked_| entry for popups.
  void ClearPopupsBlocked();

  // Called when audio has been blocked on the page.
  void OnAudioBlocked();

  // Records one additional stateful bounce during the navigation that led to
  // this page.
  void IncrementStatefulBounceCount();

  // Returns whether a particular kind of content has been blocked for this
  // page.
  bool IsContentBlocked(ContentSettingsType content_type) const;

  // Returns whether a particular kind of content has been allowed. Currently
  // only tracks cookies.
  bool IsContentAllowed(ContentSettingsType content_type) const;

  // Returns a map from sites that requested |content_setting| to whether the
  // permission was granted. This method is only supported for permissions that
  // are scoped to sites and apply to embedded content, e.g. StorageAccess.
  std::map<net::SchemefulSite, /*is_allowed*/ bool> GetTwoSiteRequests(
      ContentSettingsType content_type);

  const GURL& media_stream_access_origin() const {
    return media_stream_access_origin_;
  }

  const std::string& media_stream_requested_audio_device() const {
    return media_stream_requested_audio_device_;
  }

  const std::string& media_stream_requested_video_device() const {
    return media_stream_requested_video_device_;
  }

  // Only public for tests.
  const std::string& media_stream_selected_audio_device() const {
    return media_stream_selected_audio_device_;
  }

  // Only public for tests.
  const std::string& media_stream_selected_video_device() const {
    return media_stream_selected_video_device_;
  }

  bool camera_was_just_granted_on_site_level() {
    return camera_was_just_granted_on_site_level_;
  }

  bool mic_was_just_granted_on_site_level() {
    return mic_was_just_granted_on_site_level_;
  }

  bool geolocation_was_just_granted_on_site_level() {
    return geolocation_was_just_granted_on_site_level_;
  }

  // Returns the state of the camera and microphone usage.
  // The return value always includes all active media capture devices, on top
  // of the devices from the last request.
  MicrophoneCameraState GetMicrophoneCameraState() const;

  // Returns whether the camera or microphone permission or media device setting
  // has changed since the last permission request.
  bool IsMicrophoneCameraStateChanged() const;

  // Returns the |LocalSharedObjectsContainer| instances corresponding to all
  // allowed, and blocked, respectively, local shared objects like cookies,
  // local storage, ... .
  const browsing_data::LocalSharedObjectsContainer&
  allowed_local_shared_objects() const {
    return allowed_local_shared_objects_;
  }

  const browsing_data::LocalSharedObjectsContainer&
  blocked_local_shared_objects() const {
    return blocked_local_shared_objects_;
  }

  int stateful_bounce_count() const { return stateful_bounce_count_; }

  BrowsingDataModel* allowed_browsing_data_model() const {
    return allowed_browsing_data_model_.get();
  }

  BrowsingDataModel* blocked_browsing_data_model() const {
    return blocked_browsing_data_model_.get();
  }

  void OnContentBlocked(ContentSettingsType type);
  void OnContentAllowed(ContentSettingsType type);

  // Call when a two-site permission was prompted or modified in order to
  // display a ContentSettingsImageModel icon.
  void OnTwoSitePermissionChanged(ContentSettingsType type,
                                  net::SchemefulSite requesting_site,
                                  ContentSetting content_setting);

  // |originating_page| is non-null when it differs from page(), which happens
  // when an embedding page's PSCS is notified of an access that happens in an
  // embedded page (through |MaybeUpdateParent|).
  void OnStorageAccessed(
      mojom::ContentSettingsManager::StorageType storage_type,
      const blink::StorageKey& storage_key,
      bool blocked_by_policy,
      content::Page* originating_page = nullptr);
  void OnSharedWorkerAccessed(const GURL& worker_url,
                              const std::string& name,
                              const blink::StorageKey& storage_key,
                              bool blocked_by_policy);
  void OnInterestGroupJoined(const url::Origin& api_origin,
                             bool blocked_by_policy);
  void OnTopicAccessed(const url::Origin& api_origin,
                       bool blocked_by_policy,
                       privacy_sandbox::CanonicalTopic topic);
  void OnTrustTokenAccessed(const url::Origin& api_origin, bool blocked);
  void OnBrowsingDataAccessed(BrowsingDataModel::DataKey data_key,
                              BrowsingDataModel::StorageType storage_type,
                              bool blocked,
                              content::Page* originating_page = nullptr);

#if BUILDFLAG(IS_ANDROID) || BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_WIN)
  void OnProtectedMediaIdentifierPermissionSet(const GURL& requesting_frame,
                                               bool allowed);
#endif

  // This method is called to update the status about the microphone and
  // camera stream access.
  void OnMediaStreamPermissionSet(
      const GURL& request_origin,
      MicrophoneCameraState new_microphone_camera_state,
      const std::string& media_stream_selected_audio_device,
      const std::string& media_stream_selected_video_device,
      const std::string& media_stream_requested_audio_device,
      const std::string& media_stream_requested_video_device);

  // See |OnStorageAccessed| documentation for more info on |originating_page|.
  void OnCookiesAccessed(const content::CookieAccessDetails& details,
                         content::Page* originating_page = nullptr);
  void OnServiceWorkerAccessed(const GURL& scope,
                               const blink::StorageKey& storage_key,
                               content::AllowServiceWorkerResult allowed,
                               content::Page* originating_page = nullptr);

  // Block all content. Used for testing content setting bubbles.
  void BlockAllContentForTesting();

  // Stores content settings changed by the user via PageInfo.
  void ContentSettingChangedViaPageInfo(ContentSettingsType type);

  // Returns true if the user changed the given ContentSettingsType via PageInfo
  // since the last navigation.
  bool HasContentSettingChangedViaPageInfo(ContentSettingsType type) const;

  // Returns true if the user was joined to an interest group and if the page
  // is the joining origin.
  bool HasJoinedUserToInterestGroup() const;

  // Returns true if the page has accessed the Topics API.
  bool HasAccessedTopics() const;

  // Returns the topics that were accessed by this page.
  std::vector<privacy_sandbox::CanonicalTopic> GetAccessedTopics() const;

  // Runs any queued updates in |updates_queued_during_prerender_|, should be
  // called after the page activates.
  void OnPrerenderingPageActivation();

  // This method is called when audio or video capturing is started or finished.
  void OnCapturingStateChanged(ContentSettingsType type, bool is_capturing);

  // Returns true if a page is currently using a feature gated behind `type`
  // permission. Returns false otherwise.
  bool IsInUse(ContentSettingsType type) { return in_use_.contains(type); }

  // Returns a time of last usage of a feature gated behind `type` permission.
  // Returns base::Time() if `type` was not used in the last 24 hours.
  const base::Time GetLastUsedTime(ContentSettingsType type);

  // This method is called when audio or video activity indicator is opened.
  void OnActivityIndicatorBubbleOpened(ContentSettingsType type);

  // This method is called when audio or video activity indicator is closed.
  void OnActivityIndicatorBubbleClosed(ContentSettingsType type);

  void set_media_stream_access_origin_for_testing(const GURL& url) {
    media_stream_access_origin_ = url;
  }

  void set_last_used_time_for_testing(ContentSettingsType type,
                                      base::Time time) {
    last_used_time_[type] = time;
  }

  std::map<ContentSettingsType, base::OneShotTimer>&
  get_media_blocked_indicator_timer_for_testing() {
    return media_blocked_indicator_timer_;
  }

 private:
  friend class content::PageUserData<PageSpecificContentSettings>;

  struct PendingUpdates {
    PendingUpdates();
    ~PendingUpdates();

    std::vector<base::OnceClosure> delegate_updates;
    bool site_data_accessed = false;
    AccessDetails access_details;
  };

  explicit PageSpecificContentSettings(content::Page& page, Delegate* delegate);

  // Updates `microphone_camera_state_` after audio/video is started/finished.
  void OnCapturingStateChangedInternal(ContentSettingsType type,
                                       bool is_capturing);

  // This methods is called when a camera and/or mic blocked indicator is
  // displayed.
  void OnMediaBlockedIndicatorsShown(ContentSettingsType type);

  void OnMediaBlockedIndicatorsDismiss(ContentSettingsType type);

  // content_settings::Observer implementation.
  void OnContentSettingChanged(const ContentSettingsPattern& primary_pattern,
                               const ContentSettingsPattern& secondary_pattern,
                               ContentSettingsType content_type) override;

  // Clears settings changed by the user via PageInfo since the last navigation.
  void ClearContentSettingsChangedViaPageInfo();

  bool IsPagePrerendering() const;
  bool IsEmbeddedPage() const;

  // Delays the call of the delegate method if the page is currently
  // prerendering until the page is activated; directly calls the method
  // otherwise.
  template <typename DelegateMethod, typename... Args>
  void NotifyDelegate(DelegateMethod method, Args... args) {
    if (IsEmbeddedPage()) {
      return;
    }
    if (IsPagePrerendering()) {
      DCHECK(updates_queued_during_prerender_);
      updates_queued_during_prerender_->delegate_updates.emplace_back(
          base::BindOnce(method, base::Unretained(delegate_), args...));
      return;
    }
    (*delegate_.*method)(args...);
  }
  // Used to notify the parent page's PSCS of a content access.
  template <typename PSCSMethod, typename... Args>
  void MaybeUpdateParent(PSCSMethod method, Args... args) {
    if (IsEmbeddedPage()) {
      PageSpecificContentSettings* pscs =
          PageSpecificContentSettings::GetForFrame(
              page().GetMainDocument().GetParentOrOuterDocument());
      DCHECK(pscs);
      (*pscs.*method)(args...);
    }
  }

  // Notifies observers. Like |NotifyDelegate|, the notification is delayed for
  // prerendering pages until the page is activated. Embedded pages will not
  // notify observers directly and rely on the outermost page to do so.
  void MaybeNotifySiteDataObservers(const AccessDetails& access_details);

  // Tells the delegate to update the location bar. This method is a no-op if
  // the page is currently prerendering or is embedded.
  void MaybeUpdateLocationBar();

  content::WebContents* GetWebContents() const;

  // Document picture-in-picture allows changing content settings in both the
  // browser window and the PiP window. When the settings is changed in one
  // place, return the settings in another place to be synced as well. We should
  // update settings in either place at most once, so we will avoid getting into
  // deadlock by using |is_updating_synced_pscs_|.
  PageSpecificContentSettings* MaybeGetSyncedSettingsForPictureInPicture();

  // An auto reset variable to make sure we do not get into deadlock when
  // updating synced PageSpecificContentSettings for the document
  // picture-in-picture case.
  bool is_updating_synced_pscs_ = false;

  raw_ptr<Delegate> delegate_;

  struct ContentSettingsStatus {
    bool blocked;
    bool allowed;
  };
  // Stores which content setting types actually have blocked content.
  std::map<ContentSettingsType, ContentSettingsStatus> content_settings_status_;

  // Stores embedded sites that requested a permission. Only applies to
  // permissions that are scoped to two sites, e.g. StorageAccess.
  std::map<ContentSettingsType, std::map<net::SchemefulSite, bool>>
      content_settings_two_site_requests_;

  // Profile-bound, this will outlive this class (which is WebContents bound).
  raw_ptr<HostContentSettingsMap> map_;

  // Stores the blocked/allowed cookies.
  browsing_data::LocalSharedObjectsContainer allowed_local_shared_objects_;
  browsing_data::LocalSharedObjectsContainer blocked_local_shared_objects_;

  // Stores the count of stateful bounces during the navigation that led to this
  // page.
  int stateful_bounce_count_ = 0u;

  std::unique_ptr<BrowsingDataModel> allowed_browsing_data_model_;
  std::unique_ptr<BrowsingDataModel> blocked_browsing_data_model_;

  // The origin of the media stream request. Note that we only support handling
  // settings for one request per tab. The latest request's origin will be
  // stored here. http://crbug.com/259794
  // TODO(crbug.com/1467791): Remove `media_stream_access_origin_` and calculate
  // a proper origin internaly.
  GURL media_stream_access_origin_;

  // The microphone and camera state at the last media stream request.
  MicrophoneCameraState microphone_camera_state_;
  // The selected devices at the last media stream request.
  std::string media_stream_selected_audio_device_;
  std::string media_stream_selected_video_device_;

  // The devices to be displayed in the media bubble when the media stream
  // request is requesting certain specific devices.
  std::string media_stream_requested_audio_device_;
  std::string media_stream_requested_video_device_;

  // Contains URLs which attempted to join interest groups. Note: The UI will
  // only currently show the top frame as having attempted to join.
  std::vector<url::Origin> allowed_interest_group_api_;
  std::vector<url::Origin> blocked_interest_group_api_;

  // Contains topics that were accessed by this page.
  base::flat_set<privacy_sandbox::CanonicalTopic> accessed_topics_;

  // The Geolocation, camera, and/or microphone permission was granted to this
  // origin from a permission prompt that was triggered by the currently active
  // document.
  bool camera_was_just_granted_on_site_level_ = false;
  bool mic_was_just_granted_on_site_level_ = false;
  bool geolocation_was_just_granted_on_site_level_ = false;

  // The time when the media indicator was displayed.
  base::TimeTicks media_indicator_time_;

  // Stores timers for delaying hiding an activity indicators.
  std::map<ContentSettingsType, base::OneShotTimer>
      indicators_hiding_delay_timer_;
  // Stores last used time when a permission-gate feature is no longer in use.
  std::map<ContentSettingsType, base::Time> last_used_time_;
  // Stores `ContentSettingsType` that is currently used by a page.
  std::set<ContentSettingsType> in_use_;

  // A timer to removed a blocked media indicator.
  std::map<ContentSettingsType, base::OneShotTimer>
      media_blocked_indicator_timer_;

  // Observer to watch for content settings changed.
  base::ScopedObservation<HostContentSettingsMap, content_settings::Observer>
      observation_{this};

  // Stores content settings changed by the user via page info since the last
  // navigation. Used to determine whether to display the settings in page info.
  std::set<ContentSettingsType> content_settings_changed_via_page_info_;

  // Calls to |delegate_| and SiteDataObservers that have been queued up while
  // the page is prerendering. These calls are run when the page is activated.
  std::unique_ptr<PendingUpdates> updates_queued_during_prerender_;

  PAGE_USER_DATA_KEY_DECL();

  base::WeakPtrFactory<PageSpecificContentSettings> weak_factory_{this};
};

}  // namespace content_settings

#endif  // COMPONENTS_CONTENT_SETTINGS_BROWSER_PAGE_SPECIFIC_CONTENT_SETTINGS_H_