OLD | NEW |
---|---|
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CHROME_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ | 5 #ifndef CHROME_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ |
6 #define CHROME_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ | 6 #define CHROME_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ |
7 | 7 |
8 #pragma once | 8 #pragma once |
9 | 9 |
10 #include <map> | 10 #include <map> |
(...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
62 void Remove(int renderer_id); | 62 void Remove(int renderer_id); |
63 | 63 |
64 // Whenever the browser processes commands the renderer to request a URL, it | 64 // Whenever the browser processes commands the renderer to request a URL, it |
65 // should call this method to grant the renderer process the capability to | 65 // should call this method to grant the renderer process the capability to |
66 // request the URL. | 66 // request the URL. |
67 void GrantRequestURL(int renderer_id, const GURL& url); | 67 void GrantRequestURL(int renderer_id, const GURL& url); |
68 | 68 |
69 // Whenever the user picks a file from a <input type="file"> element, the | 69 // Whenever the user picks a file from a <input type="file"> element, the |
70 // browser should call this function to grant the renderer the capability to | 70 // browser should call this function to grant the renderer the capability to |
71 // upload the file to the web. | 71 // upload the file to the web. |
72 void GrantUploadFile(int renderer_id, const FilePath& file); | 72 void GrantReadFile(int renderer_id, const FilePath& file); |
73 | |
74 // Grants certain permissions to a file. |permissions| must be a bit-set of | |
75 // base::PlatformFileFlags. | |
76 void GrantPermissionsForFile(int renderer_id, | |
77 const FilePath& file, | |
78 int permissions); | |
73 | 79 |
74 // Grants the renderer process the capability to access URLs of the provided | 80 // Grants the renderer process the capability to access URLs of the provided |
75 // scheme. | 81 // scheme. |
76 void GrantScheme(int renderer_id, const std::string& scheme); | 82 void GrantScheme(int renderer_id, const std::string& scheme); |
77 | 83 |
78 // Whenever the browser processes commands the renderer to run web inspector, | 84 // Whenever the browser processes commands the renderer to run web inspector, |
79 // it should call this method to grant the renderer process the capability to | 85 // it should call this method to grant the renderer process the capability to |
80 // run the inspector. | 86 // run the inspector. |
81 void GrantInspectElement(int renderer_id); | 87 void GrantInspectElement(int renderer_id); |
82 | 88 |
(...skipping 10 matching lines...) Expand all Loading... | |
93 void RevokeReadRawCookies(int renderer_id); | 99 void RevokeReadRawCookies(int renderer_id); |
94 | 100 |
95 // Before servicing a renderer's request for a URL, the browser should call | 101 // Before servicing a renderer's request for a URL, the browser should call |
96 // this method to determine whether the renderer has the capability to | 102 // this method to determine whether the renderer has the capability to |
97 // request the URL. | 103 // request the URL. |
98 bool CanRequestURL(int renderer_id, const GURL& url); | 104 bool CanRequestURL(int renderer_id, const GURL& url); |
99 | 105 |
100 // Before servicing a renderer's request to upload a file to the web, the | 106 // Before servicing a renderer's request to upload a file to the web, the |
101 // browser should call this method to determine whether the renderer has the | 107 // browser should call this method to determine whether the renderer has the |
102 // capability to upload the requested file. | 108 // capability to upload the requested file. |
103 bool CanUploadFile(int renderer_id, const FilePath& file); | 109 bool CanReadFile(int renderer_id, const FilePath& file); |
110 | |
111 // Determins if certain permissions were granted for a file. |permissions| | |
darin (slow to review)
2010/09/28 06:18:27
nit: Determins -> Determines
| |
112 // must be a bit-set of base::PlatformFileFlags. | |
113 bool HasPermissionsForFile(int renderer_id, | |
114 const FilePath& file, | |
115 int permissions); | |
104 | 116 |
105 // Returns true if the specified renderer_id has been granted DOMUIBindings. | 117 // Returns true if the specified renderer_id has been granted DOMUIBindings. |
106 // The browser should check this property before assuming the renderer is | 118 // The browser should check this property before assuming the renderer is |
107 // allowed to use DOMUIBindings. | 119 // allowed to use DOMUIBindings. |
108 bool HasDOMUIBindings(int renderer_id); | 120 bool HasDOMUIBindings(int renderer_id); |
109 | 121 |
110 // Returns true if the specified renderer_id has been granted DOMUIBindings. | 122 // Returns true if the specified renderer_id has been granted DOMUIBindings. |
111 // The browser should check this property before assuming the renderer is | 123 // The browser should check this property before assuming the renderer is |
112 // allowed to use extension bindings. | 124 // allowed to use extension bindings. |
113 bool HasExtensionBindings(int renderer_id); | 125 bool HasExtensionBindings(int renderer_id); |
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
145 // This map holds a SecurityState for each renderer process. The key for the | 157 // This map holds a SecurityState for each renderer process. The key for the |
146 // map is the ID of the RenderProcessHost. The SecurityState objects are | 158 // map is the ID of the RenderProcessHost. The SecurityState objects are |
147 // owned by this object and are protected by |lock_|. References to them must | 159 // owned by this object and are protected by |lock_|. References to them must |
148 // not escape this class. | 160 // not escape this class. |
149 SecurityStateMap security_state_; | 161 SecurityStateMap security_state_; |
150 | 162 |
151 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicy); | 163 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicy); |
152 }; | 164 }; |
153 | 165 |
154 #endif // CHROME_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ | 166 #endif // CHROME_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ |
OLD | NEW |