Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(339)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/child_process_security_policy_impl.cc

Issue 10536200: Manage IsolatedContext with reference counts (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 8 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/media_gallery/media_file_system_registry.cc ('k') | webkit/fileapi/isolated_context.h » ('j') | webkit/fileapi/isolated_context.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/browser/child_process_security_policy_impl.h" 5 #include "content/browser/child_process_security_policy_impl.h"
6 6
7 #include "base/file_path.h" 7 #include "base/file_path.h"
8 #include "base/logging.h" 8 #include "base/logging.h"
9 #include "base/metrics/histogram.h" 9 #include "base/metrics/histogram.h"
10 #include "base/platform_file.h" 10 #include "base/platform_file.h"
(...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after
51 : enabled_bindings_(0), 51 : enabled_bindings_(0),
52 can_read_raw_cookies_(false) { } 52 can_read_raw_cookies_(false) { }
53 53
54 ~SecurityState() { 54 ~SecurityState() {
55 scheme_policy_.clear(); 55 scheme_policy_.clear();
56 fileapi::IsolatedContext* isolated_context = 56 fileapi::IsolatedContext* isolated_context =
57 fileapi::IsolatedContext::GetInstance(); 57 fileapi::IsolatedContext::GetInstance();
58 for (FileSystemMap::iterator iter = filesystem_permissions_.begin(); 58 for (FileSystemMap::iterator iter = filesystem_permissions_.begin();
59 iter != filesystem_permissions_.end(); 59 iter != filesystem_permissions_.end();
60 ++iter) { 60 ++iter) {
61 isolated_context->RevokeIsolatedFileSystem(iter->first); 61 isolated_context->RemoveReference(iter->first);
62 } 62 }
63 UMA_HISTOGRAM_COUNTS("ChildProcessSecurityPolicy.PerChildFilePermissions", 63 UMA_HISTOGRAM_COUNTS("ChildProcessSecurityPolicy.PerChildFilePermissions",
64 file_permissions_.size()); 64 file_permissions_.size());
65 } 65 }
66 66
67 // Grant permission to request URLs with the specified scheme. 67 // Grant permission to request URLs with the specified scheme.
68 void GrantScheme(const std::string& scheme) { 68 void GrantScheme(const std::string& scheme) {
69 scheme_policy_[scheme] = true; 69 scheme_policy_[scheme] = true;
70 } 70 }
71 71
(...skipping 18 matching lines...) Expand all
90 // Revokes all permissions granted to a file. 90 // Revokes all permissions granted to a file.
91 void RevokeAllPermissionsForFile(const FilePath& file) { 91 void RevokeAllPermissionsForFile(const FilePath& file) {
92 FilePath stripped = file.StripTrailingSeparators(); 92 FilePath stripped = file.StripTrailingSeparators();
93 file_permissions_.erase(stripped); 93 file_permissions_.erase(stripped);
94 request_file_set_.erase(stripped); 94 request_file_set_.erase(stripped);
95 } 95 }
96 96
97 // Grant certain permissions to a file. 97 // Grant certain permissions to a file.
98 void GrantPermissionsForFileSystem(const std::string& filesystem_id, 98 void GrantPermissionsForFileSystem(const std::string& filesystem_id,
99 int permissions) { 99 int permissions) {
100 if (filesystem_permissions_.find(filesystem_id) ==
101 filesystem_permissions_.end())
102 fileapi::IsolatedContext::GetInstance()->AddReference(filesystem_id);
100 filesystem_permissions_[filesystem_id] = permissions; 103 filesystem_permissions_[filesystem_id] = permissions;
101 } 104 }
102 105
103 bool HasPermissionsForFileSystem(const std::string& filesystem_id, 106 bool HasPermissionsForFileSystem(const std::string& filesystem_id,
104 int permissions) { 107 int permissions) {
105 if (filesystem_permissions_.find(filesystem_id) == 108 if (filesystem_permissions_.find(filesystem_id) ==
106 filesystem_permissions_.end()) 109 filesystem_permissions_.end())
107 return false; 110 return false;
108 return (filesystem_permissions_[filesystem_id] & permissions) == 111 return (filesystem_permissions_[filesystem_id] & permissions) ==
109 permissions; 112 permissions;
(...skipping 502 matching lines...) Expand 10 before | Expand all | Expand 10 after
612 int child_id, 615 int child_id,
613 const std::string& filesystem_id, 616 const std::string& filesystem_id,
614 int permission) { 617 int permission) {
615 base::AutoLock lock(lock_); 618 base::AutoLock lock(lock_);
616 619
617 SecurityStateMap::iterator state = security_state_.find(child_id); 620 SecurityStateMap::iterator state = security_state_.find(child_id);
618 if (state == security_state_.end()) 621 if (state == security_state_.end())
619 return false; 622 return false;
620 return state->second->HasPermissionsForFileSystem(filesystem_id, permission); 623 return state->second->HasPermissionsForFileSystem(filesystem_id, permission);
621 } 624 }
OLDNEW
« no previous file with comments | « chrome/browser/media_gallery/media_file_system_registry.cc ('k') | webkit/fileapi/isolated_context.h » ('j') | webkit/fileapi/isolated_context.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698