| OLD | NEW |
|---|
| 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/child_process_security_policy.h" | 5 #include "chrome/browser/child_process_security_policy.h" |
| 6 | 6 |
| 7 #include "base/file_path.h" | 7 #include "base/file_path.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "base/stl_util-inl.h" | 9 #include "base/stl_util-inl.h" |
| 10 #include "base/string_util.h" | 10 #include "base/string_util.h" |
| (...skipping 80 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 91 RegisterWebSafeScheme(chrome::kHttpsScheme); | 91 RegisterWebSafeScheme(chrome::kHttpsScheme); |
| 92 RegisterWebSafeScheme(chrome::kFtpScheme); | 92 RegisterWebSafeScheme(chrome::kFtpScheme); |
| 93 RegisterWebSafeScheme(chrome::kDataScheme); | 93 RegisterWebSafeScheme(chrome::kDataScheme); |
| 94 RegisterWebSafeScheme("feed"); | 94 RegisterWebSafeScheme("feed"); |
| 95 RegisterWebSafeScheme("chrome-extension"); | 95 RegisterWebSafeScheme("chrome-extension"); |
| 96 | 96 |
| 97 // We know about the following psuedo schemes and treat them specially. | 97 // We know about the following psuedo schemes and treat them specially. |
| 98 RegisterPseudoScheme(chrome::kAboutScheme); | 98 RegisterPseudoScheme(chrome::kAboutScheme); |
| 99 RegisterPseudoScheme(chrome::kJavaScriptScheme); | 99 RegisterPseudoScheme(chrome::kJavaScriptScheme); |
| 100 RegisterPseudoScheme(chrome::kViewSourceScheme); | 100 RegisterPseudoScheme(chrome::kViewSourceScheme); |
| 101 RegisterPseudoScheme(chrome::kPrintScheme); |
| 101 } | 102 } |
| 102 | 103 |
| 103 ChildProcessSecurityPolicy::~ChildProcessSecurityPolicy() { | 104 ChildProcessSecurityPolicy::~ChildProcessSecurityPolicy() { |
| 104 web_safe_schemes_.clear(); | 105 web_safe_schemes_.clear(); |
| 105 pseudo_schemes_.clear(); | 106 pseudo_schemes_.clear(); |
| 106 STLDeleteContainerPairSecondPointers(security_state_.begin(), | 107 STLDeleteContainerPairSecondPointers(security_state_.begin(), |
| 107 security_state_.end()); | 108 security_state_.end()); |
| 108 security_state_.clear(); | 109 security_state_.clear(); |
| 109 } | 110 } |
| 110 | 111 |
| (...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 163 | 164 |
| 164 void ChildProcessSecurityPolicy::GrantRequestURL(int renderer_id, const GURL& ur
l) { | 165 void ChildProcessSecurityPolicy::GrantRequestURL(int renderer_id, const GURL& ur
l) { |
| 165 | 166 |
| 166 if (!url.is_valid()) | 167 if (!url.is_valid()) |
| 167 return; // Can't grant the capability to request invalid URLs. | 168 return; // Can't grant the capability to request invalid URLs. |
| 168 | 169 |
| 169 if (IsWebSafeScheme(url.scheme())) | 170 if (IsWebSafeScheme(url.scheme())) |
| 170 return; // The scheme has already been white-listed for every renderer. | 171 return; // The scheme has already been white-listed for every renderer. |
| 171 | 172 |
| 172 if (IsPseudoScheme(url.scheme())) { | 173 if (IsPseudoScheme(url.scheme())) { |
| 173 // The view-source scheme is a special case of a pseudo URL that eventually | 174 // The view-source and print schemes are a special case of a pseudo URL that |
| 174 // results in requesting its embedded URL. | 175 // eventually results in requesting its embedded URL. |
| 175 if (url.SchemeIs(chrome::kViewSourceScheme)) { | 176 if (url.SchemeIs(chrome::kViewSourceScheme) || |
| 176 // URLs with the view-source scheme typically look like: | 177 url.SchemeIs(chrome::kPrintScheme)) { |
| 178 // URLs with the view-source and print schemes typically look like: |
| 177 // view-source:http://www.google.com/a | 179 // view-source:http://www.google.com/a |
| 178 // In order to request these URLs, the renderer needs to be able to | 180 // In order to request these URLs, the renderer needs to be able to |
| 179 // request the embedded URL. | 181 // request the embedded URL. |
| 180 GrantRequestURL(renderer_id, GURL(url.path())); | 182 GrantRequestURL(renderer_id, GURL(url.path())); |
| 181 } | 183 } |
| 182 | 184 |
| 183 return; // Can't grant the capability to request pseudo schemes. | 185 return; // Can't grant the capability to request pseudo schemes. |
| 184 } | 186 } |
| 185 | 187 |
| 186 { | 188 { |
| (...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 247 bool ChildProcessSecurityPolicy::CanRequestURL(int renderer_id, const GURL& url)
{ | 249 bool ChildProcessSecurityPolicy::CanRequestURL(int renderer_id, const GURL& url)
{ |
| 248 if (!url.is_valid()) | 250 if (!url.is_valid()) |
| 249 return false; // Can't request invalid URLs. | 251 return false; // Can't request invalid URLs. |
| 250 | 252 |
| 251 if (IsWebSafeScheme(url.scheme())) | 253 if (IsWebSafeScheme(url.scheme())) |
| 252 return true; // The scheme has been white-listed for every renderer. | 254 return true; // The scheme has been white-listed for every renderer. |
| 253 | 255 |
| 254 if (IsPseudoScheme(url.scheme())) { | 256 if (IsPseudoScheme(url.scheme())) { |
| 255 // There are a number of special cases for pseudo schemes. | 257 // There are a number of special cases for pseudo schemes. |
| 256 | 258 |
| 257 if (url.SchemeIs(chrome::kViewSourceScheme)) { | 259 if (url.SchemeIs(chrome::kViewSourceScheme) || |
| 258 // A view-source URL is allowed if the renderer is permitted to request | 260 url.SchemeIs(chrome::kPrintScheme)) { |
| 259 // the embedded URL. | 261 // View-source and print URL's are allowed if the renderer is permitted |
| 262 // to request the embedded URL. |
| 260 return CanRequestURL(renderer_id, GURL(url.path())); | 263 return CanRequestURL(renderer_id, GURL(url.path())); |
| 261 } | 264 } |
| 262 | 265 |
| 263 if (LowerCaseEqualsASCII(url.spec(), chrome::kAboutBlankURL)) | 266 if (LowerCaseEqualsASCII(url.spec(), chrome::kAboutBlankURL)) |
| 264 return true; // Every renderer can request <about:blank>. | 267 return true; // Every renderer can request <about:blank>. |
| 265 | 268 |
| 266 // URLs like <about:memory> and <about:crash> shouldn't be requestable by | 269 // URLs like <about:memory> and <about:crash> shouldn't be requestable by |
| 267 // any renderer. Also, this case covers <javascript:...>, which should be | 270 // any renderer. Also, this case covers <javascript:...>, which should be |
| 268 // handled internally by the renderer and not kicked up to the browser. | 271 // handled internally by the renderer and not kicked up to the browser. |
| 269 return false; | 272 return false; |
| (...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 308 | 311 |
| 309 bool ChildProcessSecurityPolicy::HasExtensionBindings(int renderer_id) { | 312 bool ChildProcessSecurityPolicy::HasExtensionBindings(int renderer_id) { |
| 310 AutoLock lock(lock_); | 313 AutoLock lock(lock_); |
| 311 | 314 |
| 312 SecurityStateMap::iterator state = security_state_.find(renderer_id); | 315 SecurityStateMap::iterator state = security_state_.find(renderer_id); |
| 313 if (state == security_state_.end()) | 316 if (state == security_state_.end()) |
| 314 return false; | 317 return false; |
| 315 | 318 |
| 316 return state->second->has_extension_bindings(); | 319 return state->second->has_extension_bindings(); |
| 317 } | 320 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 150207:
Foundations for Print Preview and Setup... (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/