Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(336)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/child_process_security_policy.h

Issue 6538100: Move core pieces of chrome\browser. I've only gone up to "g", will do the re... (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/
Patch Set: take out extra stuff from content_browser.gypi Created 9 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/child_process_launcher.cc ('k') | chrome/browser/child_process_security_policy.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/child_process_security_policy.h
===================================================================
--- chrome/browser/child_process_security_policy.h (revision 75626)
+++ chrome/browser/child_process_security_policy.h (working copy)
@@ -7,158 +7,7 @@
#pragma once
-#include <map>
-#include <set>
-#include <string>
+// TODO(jam): remove this file when all files have been converted.
+#include "content/browser/child_process_security_policy.h"
-#include "base/basictypes.h"
-#include "base/gtest_prod_util.h"
-#include "base/singleton.h"
-#include "base/synchronization/lock.h"
-
-class FilePath;
-class GURL;
-
-// The ChildProcessSecurityPolicy class is used to grant and revoke security
-// capabilities for child porcesses. For example, it restricts whether a child
-// process is permmitted to loaded file:// URLs based on whether the process
-// has ever been commanded to load file:// URLs by the browser.
-//
-// ChildProcessSecurityPolicy is a singleton that may be used on any thread.
-//
-class ChildProcessSecurityPolicy {
- public:
- // Object can only be created through GetInstance() so the constructor is
- // private.
- ~ChildProcessSecurityPolicy();
-
- // There is one global ChildProcessSecurityPolicy object for the entire
- // browser process. The object returned by this method may be accessed on
- // any thread.
- static ChildProcessSecurityPolicy* GetInstance();
-
- // Web-safe schemes can be requested by any child process. Once a web-safe
- // scheme has been registered, any child process can request URLs with
- // that scheme. There is no mechanism for revoking web-safe schemes.
- void RegisterWebSafeScheme(const std::string& scheme);
-
- // Returns true iff |scheme| has been registered as a web-safe scheme.
- bool IsWebSafeScheme(const std::string& scheme);
-
- // Pseudo schemes are treated differently than other schemes because they
- // cannot be requested like normal URLs. There is no mechanism for revoking
- // pseudo schemes.
- void RegisterPseudoScheme(const std::string& scheme);
-
- // Returns true iff |scheme| has been registered as pseudo scheme.
- bool IsPseudoScheme(const std::string& scheme);
-
- // Upon creation, child processes should register themselves by calling this
- // this method exactly once.
- void Add(int child_id);
-
- // Upon destruction, child processess should unregister themselves by caling
- // this method exactly once.
- void Remove(int child_id);
-
- // Whenever the browser processes commands the child process to request a URL,
- // it should call this method to grant the child process the capability to
- // request the URL.
- void GrantRequestURL(int child_id, const GURL& url);
-
- // Whenever the user picks a file from a <input type="file"> element, the
- // browser should call this function to grant the child process the capability
- // to upload the file to the web.
- void GrantReadFile(int child_id, const FilePath& file);
-
- // Grants certain permissions to a file. |permissions| must be a bit-set of
- // base::PlatformFileFlags.
- void GrantPermissionsForFile(int child_id,
- const FilePath& file,
- int permissions);
-
- // Revokes all permissions granted to the given file.
- void RevokeAllPermissionsForFile(int child_id, const FilePath& file);
-
- // Grants the child process the capability to access URLs of the provided
- // scheme.
- void GrantScheme(int child_id, const std::string& scheme);
-
- // Grant the child process the ability to use Web UI Bindings.
- void GrantWebUIBindings(int child_id);
-
- // Grant the child process the ability to use extension Bindings.
- void GrantExtensionBindings(int child_id);
-
- // Grant the child process the ability to read raw cookies.
- void GrantReadRawCookies(int child_id);
-
- // Revoke read raw cookies permission.
- void RevokeReadRawCookies(int child_id);
-
- // Before servicing a child process's request for a URL, the browser should
- // call this method to determine whether the process has the capability to
- // request the URL.
- bool CanRequestURL(int child_id, const GURL& url);
-
- // Before servicing a child process's request to upload a file to the web, the
- // browser should call this method to determine whether the process has the
- // capability to upload the requested file.
- bool CanReadFile(int child_id, const FilePath& file);
-
- // Determines if certain permissions were granted for a file. |permissions|
- // must be a bit-set of base::PlatformFileFlags.
- bool HasPermissionsForFile(int child_id,
- const FilePath& file,
- int permissions);
-
- // Returns true if the specified child_id has been granted WebUIBindings.
- // The browser should check this property before assuming the child process is
- // allowed to use WebUIBindings.
- bool HasWebUIBindings(int child_id);
-
- // Returns true if the specified child_id has been granted WebUIBindings.
- // The browser should check this property before assuming the child process is
- // allowed to use extension bindings.
- bool HasExtensionBindings(int child_id);
-
- // Returns true if the specified child_id has been granted ReadRawCookies.
- bool CanReadRawCookies(int child_id);
-
- private:
- friend class ChildProcessSecurityPolicyInProcessBrowserTest;
- FRIEND_TEST_ALL_PREFIXES(ChildProcessSecurityPolicyInProcessBrowserTest,
- NoLeak);
-
- class SecurityState;
-
- typedef std::set<std::string> SchemeSet;
- typedef std::map<int, SecurityState*> SecurityStateMap;
-
- // Obtain an instance of ChildProcessSecurityPolicy via GetInstance().
- ChildProcessSecurityPolicy();
- friend struct DefaultSingletonTraits<ChildProcessSecurityPolicy>;
-
- // You must acquire this lock before reading or writing any members of this
- // class. You must not block while holding this lock.
- base::Lock lock_;
-
- // These schemes are white-listed for all child processes. This set is
- // protected by |lock_|.
- SchemeSet web_safe_schemes_;
-
- // These schemes do not actually represent retrievable URLs. For example,
- // the the URLs in the "about" scheme are aliases to other URLs. This set is
- // protected by |lock_|.
- SchemeSet pseudo_schemes_;
-
- // This map holds a SecurityState for each child process. The key for the
- // map is the ID of the ChildProcessHost. The SecurityState objects are
- // owned by this object and are protected by |lock_|. References to them must
- // not escape this class.
- SecurityStateMap security_state_;
-
- DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicy);
-};
-
#endif // CHROME_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_
« no previous file with comments | « chrome/browser/child_process_launcher.cc ('k') | chrome/browser/child_process_security_policy.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698