Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(486)

Side by Side Diff: content/browser/child_process_security_policy.h

Issue 6623015: Add a path for a web page to request the enumeration of a directory. This, t... (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: '' Created 9 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/file_select_helper.cc ('k') | content/browser/child_process_security_policy.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ 5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_
6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ 6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_
7 7
8 #pragma once 8 #pragma once
9 9
10 #include <map> 10 #include <map>
(...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after
64 // Whenever the browser processes commands the child process to request a URL, 64 // Whenever the browser processes commands the child process to request a URL,
65 // it should call this method to grant the child process the capability to 65 // it should call this method to grant the child process the capability to
66 // request the URL. 66 // request the URL.
67 void GrantRequestURL(int child_id, const GURL& url); 67 void GrantRequestURL(int child_id, const GURL& url);
68 68
69 // Whenever the user picks a file from a <input type="file"> element, the 69 // Whenever the user picks a file from a <input type="file"> element, the
70 // browser should call this function to grant the child process the capability 70 // browser should call this function to grant the child process the capability
71 // to upload the file to the web. 71 // to upload the file to the web.
72 void GrantReadFile(int child_id, const FilePath& file); 72 void GrantReadFile(int child_id, const FilePath& file);
73 73
74 // Grants the child process permission to enumerate all the files in
75 // this directory and read those files.
76 void GrantReadDirectory(int child_id, const FilePath& directory);
77
74 // Grants certain permissions to a file. |permissions| must be a bit-set of 78 // Grants certain permissions to a file. |permissions| must be a bit-set of
75 // base::PlatformFileFlags. 79 // base::PlatformFileFlags.
76 void GrantPermissionsForFile(int child_id, 80 void GrantPermissionsForFile(int child_id,
77 const FilePath& file, 81 const FilePath& file,
78 int permissions); 82 int permissions);
79 83
80 // Revokes all permissions granted to the given file. 84 // Revokes all permissions granted to the given file.
81 void RevokeAllPermissionsForFile(int child_id, const FilePath& file); 85 void RevokeAllPermissionsForFile(int child_id, const FilePath& file);
82 86
83 // Grants the child process the capability to access URLs of the provided 87 // Grants the child process the capability to access URLs of the provided
(...skipping 15 matching lines...) Expand all
99 // Before servicing a child process's request for a URL, the browser should 103 // Before servicing a child process's request for a URL, the browser should
100 // call this method to determine whether the process has the capability to 104 // call this method to determine whether the process has the capability to
101 // request the URL. 105 // request the URL.
102 bool CanRequestURL(int child_id, const GURL& url); 106 bool CanRequestURL(int child_id, const GURL& url);
103 107
104 // Before servicing a child process's request to upload a file to the web, the 108 // Before servicing a child process's request to upload a file to the web, the
105 // browser should call this method to determine whether the process has the 109 // browser should call this method to determine whether the process has the
106 // capability to upload the requested file. 110 // capability to upload the requested file.
107 bool CanReadFile(int child_id, const FilePath& file); 111 bool CanReadFile(int child_id, const FilePath& file);
108 112
113 // Before servicing a child process's request to enumerate a directory
114 // the browser should call this method to check for the capability.
115 bool CanReadDirectory(int child_id, const FilePath& directory);
116
109 // Determines if certain permissions were granted for a file. |permissions| 117 // Determines if certain permissions were granted for a file. |permissions|
110 // must be a bit-set of base::PlatformFileFlags. 118 // must be a bit-set of base::PlatformFileFlags.
111 bool HasPermissionsForFile(int child_id, 119 bool HasPermissionsForFile(int child_id,
112 const FilePath& file, 120 const FilePath& file,
113 int permissions); 121 int permissions);
114 122
115 // Returns true if the specified child_id has been granted WebUIBindings. 123 // Returns true if the specified child_id has been granted WebUIBindings.
116 // The browser should check this property before assuming the child process is 124 // The browser should check this property before assuming the child process is
117 // allowed to use WebUIBindings. 125 // allowed to use WebUIBindings.
118 bool HasWebUIBindings(int child_id); 126 bool HasWebUIBindings(int child_id);
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after
155 // This map holds a SecurityState for each child process. The key for the 163 // This map holds a SecurityState for each child process. The key for the
156 // map is the ID of the ChildProcessHost. The SecurityState objects are 164 // map is the ID of the ChildProcessHost. The SecurityState objects are
157 // owned by this object and are protected by |lock_|. References to them must 165 // owned by this object and are protected by |lock_|. References to them must
158 // not escape this class. 166 // not escape this class.
159 SecurityStateMap security_state_; 167 SecurityStateMap security_state_;
160 168
161 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicy); 169 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicy);
162 }; 170 };
163 171
164 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ 172 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_
OLDNEW
« no previous file with comments | « chrome/browser/file_select_helper.cc ('k') | content/browser/child_process_security_policy.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698