Add a path for a web page to request the enumeration of a directory. This, t...

content/browser/child_process_security_policy.h

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_
 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_
 
 #pragma once
 
 #include <map>
@@ skipping 53 matching lines @@
   // Whenever the browser processes commands the child process to request a URL,
   // it should call this method to grant the child process the capability to
   // request the URL.
   void GrantRequestURL(int child_id, const GURL& url);
 
   // Whenever the user picks a file from a <input type="file"> element, the
   // browser should call this function to grant the child process the capability
   // to upload the file to the web.
   void GrantReadFile(int child_id, const FilePath& file);
 
+  // Grants the child process permission to enumerate all the files in
+  // this directory and read those files.
+  void GrantReadDirectory(int child_id, const FilePath& directory);
+
   // Grants certain permissions to a file. |permissions| must be a bit-set of
   // base::PlatformFileFlags.
   void GrantPermissionsForFile(int child_id,
                                const FilePath& file,
                                int permissions);
 
   // Revokes all permissions granted to the given file.
   void RevokeAllPermissionsForFile(int child_id, const FilePath& file);
 
   // Grants the child process the capability to access URLs of the provided
@@ skipping 15 matching lines @@
   // Before servicing a child process's request for a URL, the browser should
   // call this method to determine whether the process has the capability to
   // request the URL.
   bool CanRequestURL(int child_id, const GURL& url);
 
   // Before servicing a child process's request to upload a file to the web, the
   // browser should call this method to determine whether the process has the
   // capability to upload the requested file.
   bool CanReadFile(int child_id, const FilePath& file);
 
+  // Before servicing a child process's request to enumerate a directory
+  // the browser should call this method to check for the capability.
+  bool CanReadDirectory(int child_id, const FilePath& directory);
+
   // Determines if certain permissions were granted for a file. |permissions|
   // must be a bit-set of base::PlatformFileFlags.
   bool HasPermissionsForFile(int child_id,
                              const FilePath& file,
                              int permissions);
 
   // Returns true if the specified child_id has been granted WebUIBindings.
   // The browser should check this property before assuming the child process is
   // allowed to use WebUIBindings.
   bool HasWebUIBindings(int child_id);
@@ skipping 36 matching lines @@
   // This map holds a SecurityState for each child process.  The key for the
   // map is the ID of the ChildProcessHost.  The SecurityState objects are
   // owned by this object and are protected by |lock_|.  References to them must
   // not escape this class.
   SecurityStateMap security_state_;
 
   DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicy);
 };
 
 #endif  // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_