| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ | 5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ |
| 6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ | 6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ |
| 7 | 7 |
| 8 #pragma once | 8 #pragma once |
| 9 | 9 |
| 10 #include <map> | 10 #include <map> |
| (...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 59 // Schemes listed as disabled take precedence over Web-safe schemes. | 59 // Schemes listed as disabled take precedence over Web-safe schemes. |
| 60 void RegisterDisabledSchemes(const std::set<std::string>& schemes); | 60 void RegisterDisabledSchemes(const std::set<std::string>& schemes); |
| 61 | 61 |
| 62 // Returns true iff |scheme| is listed as a disabled scheme. | 62 // Returns true iff |scheme| is listed as a disabled scheme. |
| 63 bool IsDisabledScheme(const std::string& scheme); | 63 bool IsDisabledScheme(const std::string& scheme); |
| 64 | 64 |
| 65 // Upon creation, child processes should register themselves by calling this | 65 // Upon creation, child processes should register themselves by calling this |
| 66 // this method exactly once. | 66 // this method exactly once. |
| 67 void Add(int child_id); | 67 void Add(int child_id); |
| 68 | 68 |
| 69 // Upon creation, worker thread child processes should register themselves by |
| 70 // calling this this method exactly once. Workers that are not shared will |
| 71 // inherit permissions from their parent renderer process identified with |
| 72 // |main_render_process_id|. |
| 73 void AddWorker(int worker_child_id, int main_render_process_id); |
| 74 |
| 69 // Upon destruction, child processess should unregister themselves by caling | 75 // Upon destruction, child processess should unregister themselves by caling |
| 70 // this method exactly once. | 76 // this method exactly once. |
| 71 void Remove(int child_id); | 77 void Remove(int child_id); |
| 72 | 78 |
| 73 // Whenever the browser processes commands the child process to request a URL, | 79 // Whenever the browser processes commands the child process to request a URL, |
| 74 // it should call this method to grant the child process the capability to | 80 // it should call this method to grant the child process the capability to |
| 75 // request the URL. | 81 // request the URL. |
| 76 void GrantRequestURL(int child_id, const GURL& url); | 82 void GrantRequestURL(int child_id, const GURL& url); |
| 77 | 83 |
| 78 // Whenever the user picks a file from a <input type="file"> element, the | 84 // Whenever the user picks a file from a <input type="file"> element, the |
| (...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 144 | 150 |
| 145 private: | 151 private: |
| 146 friend class ChildProcessSecurityPolicyInProcessBrowserTest; | 152 friend class ChildProcessSecurityPolicyInProcessBrowserTest; |
| 147 FRIEND_TEST_ALL_PREFIXES(ChildProcessSecurityPolicyInProcessBrowserTest, | 153 FRIEND_TEST_ALL_PREFIXES(ChildProcessSecurityPolicyInProcessBrowserTest, |
| 148 NoLeak); | 154 NoLeak); |
| 149 | 155 |
| 150 class SecurityState; | 156 class SecurityState; |
| 151 | 157 |
| 152 typedef std::set<std::string> SchemeSet; | 158 typedef std::set<std::string> SchemeSet; |
| 153 typedef std::map<int, SecurityState*> SecurityStateMap; | 159 typedef std::map<int, SecurityState*> SecurityStateMap; |
| 160 typedef std::map<int, int> WorkerToMainProcessMap; |
| 154 | 161 |
| 155 // Obtain an instance of ChildProcessSecurityPolicy via GetInstance(). | 162 // Obtain an instance of ChildProcessSecurityPolicy via GetInstance(). |
| 156 ChildProcessSecurityPolicy(); | 163 ChildProcessSecurityPolicy(); |
| 157 friend struct DefaultSingletonTraits<ChildProcessSecurityPolicy>; | 164 friend struct DefaultSingletonTraits<ChildProcessSecurityPolicy>; |
| 158 | 165 |
| 159 // You must acquire this lock before reading or writing any members of this | 166 // Adds child process during registration. |
| 167 void AddChild(int child_id); |
| 168 |
| 169 // Determines if certain permissions were granted for a file to given child |
| 170 // process. |permissions| must be a bit-set of base::PlatformFileFlags. |
| 171 bool ChildProcessHasPermissionsForFile(int child_id, |
| 172 const FilePath& file, |
| 173 int permissions); |
| 174 |
| 175 // You must acquire this lock before reading or writing any members of this |
| 160 // class. You must not block while holding this lock. | 176 // class. You must not block while holding this lock. |
| 161 base::Lock lock_; | 177 base::Lock lock_; |
| 162 | 178 |
| 163 // These schemes are white-listed for all child processes. This set is | 179 // These schemes are white-listed for all child processes. This set is |
| 164 // protected by |lock_|. | 180 // protected by |lock_|. |
| 165 SchemeSet web_safe_schemes_; | 181 SchemeSet web_safe_schemes_; |
| 166 | 182 |
| 167 // These schemes do not actually represent retrievable URLs. For example, | 183 // These schemes do not actually represent retrievable URLs. For example, |
| 168 // the the URLs in the "about" scheme are aliases to other URLs. This set is | 184 // the the URLs in the "about" scheme are aliases to other URLs. This set is |
| 169 // protected by |lock_|. | 185 // protected by |lock_|. |
| 170 SchemeSet pseudo_schemes_; | 186 SchemeSet pseudo_schemes_; |
| 171 | 187 |
| 172 // These schemes are disabled by policy, and child processes are always | 188 // These schemes are disabled by policy, and child processes are always |
| 173 // denied permission to request them. This overrides |web_safe_schemes_|. | 189 // denied permission to request them. This overrides |web_safe_schemes_|. |
| 174 // This set is protected by |lock_|. | 190 // This set is protected by |lock_|. |
| 175 SchemeSet disabled_schemes_; | 191 SchemeSet disabled_schemes_; |
| 176 | 192 |
| 177 // This map holds a SecurityState for each child process. The key for the | 193 // This map holds a SecurityState for each child process. The key for the |
| 178 // map is the ID of the ChildProcessHost. The SecurityState objects are | 194 // map is the ID of the ChildProcessHost. The SecurityState objects are |
| 179 // owned by this object and are protected by |lock_|. References to them must | 195 // owned by this object and are protected by |lock_|. References to them must |
| 180 // not escape this class. | 196 // not escape this class. |
| 181 SecurityStateMap security_state_; | 197 SecurityStateMap security_state_; |
| 182 | 198 |
| 199 // This maps keeps the record of which js worker thread child process |
| 200 // corresponds to which main js thread child process. |
| 201 WorkerToMainProcessMap worker_map_; |
| 202 |
| 183 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicy); | 203 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicy); |
| 184 }; | 204 }; |
| 185 | 205 |
| 186 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ | 206 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 6912001:
Merge 83754 - blob_storage_controller.cc assert from this bug was caused by the fact that worker ... (Closed)
Base URL: svn://svn.chromium.org/chrome/branches/742/src/