| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ | 5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ |
| 6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ | 6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ |
| 7 | 7 |
| 8 #pragma once | 8 #pragma once |
| 9 | 9 |
| 10 #include <map> | 10 #include <map> |
| (...skipping 24 matching lines...) Loading... |
| 35 virtual void RegisterDisabledSchemes(const std::set<std::string>& schemes) | 35 virtual void RegisterDisabledSchemes(const std::set<std::string>& schemes) |
| 36 OVERRIDE; | 36 OVERRIDE; |
| 37 virtual void GrantPermissionsForFile(int child_id, | 37 virtual void GrantPermissionsForFile(int child_id, |
| 38 const FilePath& file, | 38 const FilePath& file, |
| 39 int permissions) OVERRIDE; | 39 int permissions) OVERRIDE; |
| 40 virtual void GrantReadFile(int child_id, const FilePath& file) OVERRIDE; | 40 virtual void GrantReadFile(int child_id, const FilePath& file) OVERRIDE; |
| 41 virtual void GrantScheme(int child_id, const std::string& scheme) OVERRIDE; | 41 virtual void GrantScheme(int child_id, const std::string& scheme) OVERRIDE; |
| 42 virtual void GrantAccessFileSystem(int child_id, | 42 virtual void GrantAccessFileSystem(int child_id, |
| 43 const std::string& filesystem_id) OVERRIDE; | 43 const std::string& filesystem_id) OVERRIDE; |
| 44 virtual bool CanReadFile(int child_id, const FilePath& file) OVERRIDE; | 44 virtual bool CanReadFile(int child_id, const FilePath& file) OVERRIDE; |
| 45 virtual bool CanRequestURL(int child_id, const GURL& url) OVERRIDE; |
| 45 | 46 |
| 46 // Pseudo schemes are treated differently than other schemes because they | 47 // Pseudo schemes are treated differently than other schemes because they |
| 47 // cannot be requested like normal URLs. There is no mechanism for revoking | 48 // cannot be requested like normal URLs. There is no mechanism for revoking |
| 48 // pseudo schemes. | 49 // pseudo schemes. |
| 49 void RegisterPseudoScheme(const std::string& scheme); | 50 void RegisterPseudoScheme(const std::string& scheme); |
| 50 | 51 |
| 51 // Returns true iff |scheme| has been registered as pseudo scheme. | 52 // Returns true iff |scheme| has been registered as pseudo scheme. |
| 52 bool IsPseudoScheme(const std::string& scheme); | 53 bool IsPseudoScheme(const std::string& scheme); |
| 53 | 54 |
| 54 // Returns true iff |scheme| is listed as a disabled scheme. | 55 // Returns true iff |scheme| is listed as a disabled scheme. |
| (...skipping 27 matching lines...) Loading... |
| 82 | 83 |
| 83 // Grant the child process the ability to use Web UI Bindings. | 84 // Grant the child process the ability to use Web UI Bindings. |
| 84 void GrantWebUIBindings(int child_id); | 85 void GrantWebUIBindings(int child_id); |
| 85 | 86 |
| 86 // Grant the child process the ability to read raw cookies. | 87 // Grant the child process the ability to read raw cookies. |
| 87 void GrantReadRawCookies(int child_id); | 88 void GrantReadRawCookies(int child_id); |
| 88 | 89 |
| 89 // Revoke read raw cookies permission. | 90 // Revoke read raw cookies permission. |
| 90 void RevokeReadRawCookies(int child_id); | 91 void RevokeReadRawCookies(int child_id); |
| 91 | 92 |
| 92 // Before servicing a child process's request for a URL, the browser should | |
| 93 // call this method to determine whether the process has the capability to | |
| 94 // request the URL. | |
| 95 bool CanRequestURL(int child_id, const GURL& url); | |
| 96 | |
| 97 // Before servicing a child process's request to enumerate a directory | 93 // Before servicing a child process's request to enumerate a directory |
| 98 // the browser should call this method to check for the capability. | 94 // the browser should call this method to check for the capability. |
| 99 bool CanReadDirectory(int child_id, const FilePath& directory); | 95 bool CanReadDirectory(int child_id, const FilePath& directory); |
| 100 | 96 |
| 101 // Determines if certain permissions were granted for a file. |permissions| | 97 // Determines if certain permissions were granted for a file. |permissions| |
| 102 // must be a bit-set of base::PlatformFileFlags. | 98 // must be a bit-set of base::PlatformFileFlags. |
| 103 bool HasPermissionsForFile(int child_id, | 99 bool HasPermissionsForFile(int child_id, |
| 104 const FilePath& file, | 100 const FilePath& file, |
| 105 int permissions); | 101 int permissions); |
| 106 | 102 |
| (...skipping 65 matching lines...) Loading... |
| 172 SecurityStateMap security_state_; | 168 SecurityStateMap security_state_; |
| 173 | 169 |
| 174 // This maps keeps the record of which js worker thread child process | 170 // This maps keeps the record of which js worker thread child process |
| 175 // corresponds to which main js thread child process. | 171 // corresponds to which main js thread child process. |
| 176 WorkerToMainProcessMap worker_map_; | 172 WorkerToMainProcessMap worker_map_; |
| 177 | 173 |
| 178 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicyImpl); | 174 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicyImpl); |
| 179 }; | 175 }; |
| 180 | 176 |
| 181 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ | 177 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews