| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ | 5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ |
| 6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ | 6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ |
| 7 | 7 |
| 8 #pragma once | 8 #pragma once |
| 9 | 9 |
| 10 #include <map> | 10 #include <map> |
| (...skipping 123 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 134 int permissions); | 134 int permissions); |
| 135 | 135 |
| 136 // Returns true if the specified child_id has been granted WebUIBindings. | 136 // Returns true if the specified child_id has been granted WebUIBindings. |
| 137 // The browser should check this property before assuming the child process is | 137 // The browser should check this property before assuming the child process is |
| 138 // allowed to use WebUIBindings. | 138 // allowed to use WebUIBindings. |
| 139 bool HasWebUIBindings(int child_id); | 139 bool HasWebUIBindings(int child_id); |
| 140 | 140 |
| 141 // Returns true if the specified child_id has been granted ReadRawCookies. | 141 // Returns true if the specified child_id has been granted ReadRawCookies. |
| 142 bool CanReadRawCookies(int child_id); | 142 bool CanReadRawCookies(int child_id); |
| 143 | 143 |
| 144 // Returns true if the process is permitted to see and use the cookies for |
| 145 // the given origin. |
| 146 // Only might return false if the very experimental |
| 147 // --enable-strict-site-isolation is used. |
| 148 bool CanUseCookiesForOrigin(int child_id, const GURL& gurl); |
| 149 |
| 150 // Sets the process as only permitted to use and see the cookies for the |
| 151 // given origin. |
| 152 // Only used if the very experimental --enable-strict-site-isolation is used. |
| 153 void LockToOrigin(int child_id, const GURL& gurl); |
| 154 |
| 144 private: | 155 private: |
| 145 friend class ChildProcessSecurityPolicyInProcessBrowserTest; | 156 friend class ChildProcessSecurityPolicyInProcessBrowserTest; |
| 146 FRIEND_TEST_ALL_PREFIXES(ChildProcessSecurityPolicyInProcessBrowserTest, | 157 FRIEND_TEST_ALL_PREFIXES(ChildProcessSecurityPolicyInProcessBrowserTest, |
| 147 NoLeak); | 158 NoLeak); |
| 148 | 159 |
| 149 class SecurityState; | 160 class SecurityState; |
| 150 | 161 |
| 151 typedef std::set<std::string> SchemeSet; | 162 typedef std::set<std::string> SchemeSet; |
| 152 typedef std::map<int, SecurityState*> SecurityStateMap; | 163 typedef std::map<int, SecurityState*> SecurityStateMap; |
| 153 typedef std::map<int, int> WorkerToMainProcessMap; | 164 typedef std::map<int, int> WorkerToMainProcessMap; |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 190 SecurityStateMap security_state_; | 201 SecurityStateMap security_state_; |
| 191 | 202 |
| 192 // This maps keeps the record of which js worker thread child process | 203 // This maps keeps the record of which js worker thread child process |
| 193 // corresponds to which main js thread child process. | 204 // corresponds to which main js thread child process. |
| 194 WorkerToMainProcessMap worker_map_; | 205 WorkerToMainProcessMap worker_map_; |
| 195 | 206 |
| 196 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicy); | 207 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicy); |
| 197 }; | 208 }; |
| 198 | 209 |
| 199 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ | 210 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 8496027:
Enhance --enable-strict-site-isolation to prevent a site-isolated renderer (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/