| OLD | NEW |
|---|
| 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/renderer_host/renderer_security_policy.h" | 5 #include "chrome/browser/renderer_host/renderer_security_policy.h" |
| 6 | 6 |
| 7 #include "base/logging.h" | 7 #include "base/logging.h" |
| 8 #include "base/string_util.h" | 8 #include "base/string_util.h" |
| 9 #include "chrome/common/url_constants.h" | 9 #include "chrome/common/url_constants.h" |
| 10 #ifdef CHROME_PERSONALIZATION | 10 #ifdef CHROME_PERSONALIZATION |
| (...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 71 // The set of files the renderer is permited to upload to the web. | 71 // The set of files the renderer is permited to upload to the web. |
| 72 FileSet uploadable_files_; | 72 FileSet uploadable_files_; |
| 73 | 73 |
| 74 bool has_dom_ui_bindings_; | 74 bool has_dom_ui_bindings_; |
| 75 | 75 |
| 76 DISALLOW_COPY_AND_ASSIGN(SecurityState); | 76 DISALLOW_COPY_AND_ASSIGN(SecurityState); |
| 77 }; | 77 }; |
| 78 | 78 |
| 79 RendererSecurityPolicy::RendererSecurityPolicy() { | 79 RendererSecurityPolicy::RendererSecurityPolicy() { |
| 80 // We know about these schemes and believe them to be safe. | 80 // We know about these schemes and believe them to be safe. |
| 81 RegisterWebSafeScheme("http"); | 81 RegisterWebSafeScheme(chrome::kHttpScheme); |
| 82 RegisterWebSafeScheme("https"); | 82 RegisterWebSafeScheme(chrome::kHttpsScheme); |
| 83 RegisterWebSafeScheme("ftp"); | 83 RegisterWebSafeScheme(chrome::kFtpScheme); |
| 84 RegisterWebSafeScheme("data"); | 84 RegisterWebSafeScheme(chrome::kDataScheme); |
| 85 RegisterWebSafeScheme("feed"); | 85 RegisterWebSafeScheme("feed"); |
| 86 RegisterWebSafeScheme("chrome-extension"); | 86 RegisterWebSafeScheme("chrome-extension"); |
| 87 | 87 |
| 88 // We know about the following psuedo schemes and treat them specially. | 88 // We know about the following psuedo schemes and treat them specially. |
| 89 RegisterPseudoScheme(chrome::kAboutScheme); | 89 RegisterPseudoScheme(chrome::kAboutScheme); |
| 90 RegisterPseudoScheme(chrome::kJavaScriptScheme); | 90 RegisterPseudoScheme(chrome::kJavaScriptScheme); |
| 91 RegisterPseudoScheme(chrome::kViewSourceScheme); | 91 RegisterPseudoScheme(chrome::kViewSourceScheme); |
| 92 } | 92 } |
| 93 | 93 |
| 94 // static | 94 // static |
| (...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 149 | 149 |
| 150 if (!url.is_valid()) | 150 if (!url.is_valid()) |
| 151 return; // Can't grant the capability to request invalid URLs. | 151 return; // Can't grant the capability to request invalid URLs. |
| 152 | 152 |
| 153 if (IsWebSafeScheme(url.scheme())) | 153 if (IsWebSafeScheme(url.scheme())) |
| 154 return; // The scheme has already been white-listed for every renderer. | 154 return; // The scheme has already been white-listed for every renderer. |
| 155 | 155 |
| 156 if (IsPseudoScheme(url.scheme())) { | 156 if (IsPseudoScheme(url.scheme())) { |
| 157 // The view-source scheme is a special case of a pseudo URL that eventually | 157 // The view-source scheme is a special case of a pseudo URL that eventually |
| 158 // results in requesting its embedded URL. | 158 // results in requesting its embedded URL. |
| 159 if (url.SchemeIs("view-source")) { | 159 if (url.SchemeIs(chrome::kViewSourceScheme)) { |
| 160 // URLs with the view-source scheme typically look like: | 160 // URLs with the view-source scheme typically look like: |
| 161 // view-source:http://www.google.com/a | 161 // view-source:http://www.google.com/a |
| 162 // In order to request these URLs, the renderer needs to be able to reques
t | 162 // In order to request these URLs, the renderer needs to be able to reques
t |
| 163 // the embedded URL. | 163 // the embedded URL. |
| 164 GrantRequestURL(renderer_id, GURL(url.path())); | 164 GrantRequestURL(renderer_id, GURL(url.path())); |
| 165 } | 165 } |
| 166 | 166 |
| 167 return; // Can't grant the capability to request pseudo schemes. | 167 return; // Can't grant the capability to request pseudo schemes. |
| 168 } | 168 } |
| 169 | 169 |
| (...skipping 22 matching lines...) Expand all Loading... |
| 192 | 192 |
| 193 void RendererSecurityPolicy::GrantInspectElement(int renderer_id) { | 193 void RendererSecurityPolicy::GrantInspectElement(int renderer_id) { |
| 194 AutoLock lock(lock_); | 194 AutoLock lock(lock_); |
| 195 | 195 |
| 196 SecurityStateMap::iterator state = security_state_.find(renderer_id); | 196 SecurityStateMap::iterator state = security_state_.find(renderer_id); |
| 197 if (state == security_state_.end()) | 197 if (state == security_state_.end()) |
| 198 return; | 198 return; |
| 199 | 199 |
| 200 // The inspector is served from a chrome-ui: URL. In order to run the | 200 // The inspector is served from a chrome-ui: URL. In order to run the |
| 201 // inspector, the renderer needs to be able to load chrome-ui URLs. | 201 // inspector, the renderer needs to be able to load chrome-ui URLs. |
| 202 state->second->GrantScheme("chrome-ui"); | 202 state->second->GrantScheme(chrome::kChromeUIScheme); |
| 203 } | 203 } |
| 204 | 204 |
| 205 void RendererSecurityPolicy::GrantDOMUIBindings(int renderer_id) { | 205 void RendererSecurityPolicy::GrantDOMUIBindings(int renderer_id) { |
| 206 AutoLock lock(lock_); | 206 AutoLock lock(lock_); |
| 207 | 207 |
| 208 SecurityStateMap::iterator state = security_state_.find(renderer_id); | 208 SecurityStateMap::iterator state = security_state_.find(renderer_id); |
| 209 if (state == security_state_.end()) | 209 if (state == security_state_.end()) |
| 210 return; | 210 return; |
| 211 | 211 |
| 212 state->second->GrantDOMUIBindings(); | 212 state->second->GrantDOMUIBindings(); |
| 213 | 213 |
| 214 // DOM UI bindings need the ability to request chrome-ui URLs. | 214 // DOM UI bindings need the ability to request chrome-ui URLs. |
| 215 state->second->GrantScheme("chrome-ui"); | 215 state->second->GrantScheme(chrome::kChromeUIScheme); |
| 216 | 216 |
| 217 // DOM UI pages can contain links to file:// URLs. | 217 // DOM UI pages can contain links to file:// URLs. |
| 218 state->second->GrantScheme("file"); | 218 state->second->GrantScheme(chrome::kFileScheme); |
| 219 } | 219 } |
| 220 | 220 |
| 221 bool RendererSecurityPolicy::CanRequestURL(int renderer_id, const GURL& url) { | 221 bool RendererSecurityPolicy::CanRequestURL(int renderer_id, const GURL& url) { |
| 222 if (!url.is_valid()) | 222 if (!url.is_valid()) |
| 223 return false; // Can't request invalid URLs. | 223 return false; // Can't request invalid URLs. |
| 224 | 224 |
| 225 if (IsWebSafeScheme(url.scheme())) | 225 if (IsWebSafeScheme(url.scheme())) |
| 226 return true; // The scheme has been white-listed for every renderer. | 226 return true; // The scheme has been white-listed for every renderer. |
| 227 | 227 |
| 228 if (IsPseudoScheme(url.scheme())) { | 228 if (IsPseudoScheme(url.scheme())) { |
| 229 // There are a number of special cases for pseudo schemes. | 229 // There are a number of special cases for pseudo schemes. |
| 230 | 230 |
| 231 if (url.SchemeIs("view-source")) { | 231 if (url.SchemeIs(chrome::kViewSourceScheme)) { |
| 232 // A view-source URL is allowed if the renderer is permitted to request | 232 // A view-source URL is allowed if the renderer is permitted to request |
| 233 // the embedded URL. | 233 // the embedded URL. |
| 234 return CanRequestURL(renderer_id, GURL(url.path())); | 234 return CanRequestURL(renderer_id, GURL(url.path())); |
| 235 } | 235 } |
| 236 | 236 |
| 237 if (LowerCaseEqualsASCII(url.spec(), "about:blank")) | 237 if (LowerCaseEqualsASCII(url.spec(), chrome::kAboutBlankURL)) |
| 238 return true; // Every renderer can request <about:blank>. | 238 return true; // Every renderer can request <about:blank>. |
| 239 | 239 |
| 240 // URLs like <about:memory> and <about:crash> shouldn't be requestable by | 240 // URLs like <about:memory> and <about:crash> shouldn't be requestable by |
| 241 // any renderer. Also, this case covers <javascript:...>, which should be | 241 // any renderer. Also, this case covers <javascript:...>, which should be |
| 242 // handled internally by the renderer and not kicked up to the browser. | 242 // handled internally by the renderer and not kicked up to the browser. |
| 243 return false; | 243 return false; |
| 244 } | 244 } |
| 245 | 245 |
| 246 #ifdef CHROME_PERSONALIZATION | 246 #ifdef CHROME_PERSONALIZATION |
| 247 if (url.SchemeIs(kPersonalizationScheme)) | 247 if (url.SchemeIs(kPersonalizationScheme)) |
| (...skipping 30 matching lines...) Expand all Loading... |
| 278 bool RendererSecurityPolicy::HasDOMUIBindings(int renderer_id) { | 278 bool RendererSecurityPolicy::HasDOMUIBindings(int renderer_id) { |
| 279 AutoLock lock(lock_); | 279 AutoLock lock(lock_); |
| 280 | 280 |
| 281 SecurityStateMap::iterator state = security_state_.find(renderer_id); | 281 SecurityStateMap::iterator state = security_state_.find(renderer_id); |
| 282 if (state == security_state_.end()) | 282 if (state == security_state_.end()) |
| 283 return false; | 283 return false; |
| 284 | 284 |
| 285 return state->second->has_dom_ui_bindings(); | 285 return state->second->has_dom_ui_bindings(); |
| 286 } | 286 } |
| 287 | 287 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 31008:
Coalesce more hardcoded schemes to using predefined constants. (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/