Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(218)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/child_process_security_policy_impl.h

Issue 11416121: Prevent cross-site pages when --site-per-process is passed (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Fix Iframe Redirect Flaw Created 8 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | content/browser/child_process_security_policy_impl.cc » ('j') | content/browser/child_process_security_policy_impl.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ 5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_
6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ 6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_
7 7
8 8
9 #include <map> 9 #include <map>
10 #include <set> 10 #include <set>
11 #include <string> 11 #include <string>
12 12
13 #include "base/compiler_specific.h" 13 #include "base/compiler_specific.h"
14 #include "base/gtest_prod_util.h" 14 #include "base/gtest_prod_util.h"
15 #include "base/memory/singleton.h" 15 #include "base/memory/singleton.h"
16 #include "base/synchronization/lock.h" 16 #include "base/synchronization/lock.h"
17 #include "content/public/browser/child_process_security_policy.h" 17 #include "content/public/browser/child_process_security_policy.h"
18 #include "webkit/glue/resource_type.h"
18 19
19 class FilePath; 20 class FilePath;
20 class GURL; 21 class GURL;
21 22
22 namespace content { 23 namespace content {
23 24
24 class CONTENT_EXPORT ChildProcessSecurityPolicyImpl 25 class CONTENT_EXPORT ChildProcessSecurityPolicyImpl
25 : NON_EXPORTED_BASE(public ChildProcessSecurityPolicy) { 26 : NON_EXPORTED_BASE(public ChildProcessSecurityPolicy) {
26 public: 27 public:
27 // Object can only be created through GetInstance() so the constructor is 28 // Object can only be created through GetInstance() so the constructor is
(...skipping 75 matching lines...) Expand 10 before | Expand all | Expand 10 after
103 void GrantReadRawCookies(int child_id); 104 void GrantReadRawCookies(int child_id);
104 105
105 // Revoke read raw cookies permission. 106 // Revoke read raw cookies permission.
106 void RevokeReadRawCookies(int child_id); 107 void RevokeReadRawCookies(int child_id);
107 108
108 // Before servicing a child process's request for a URL, the browser should 109 // Before servicing a child process's request for a URL, the browser should
109 // call this method to determine whether the process has the capability to 110 // call this method to determine whether the process has the capability to
110 // request the URL. 111 // request the URL.
111 bool CanRequestURL(int child_id, const GURL& url); 112 bool CanRequestURL(int child_id, const GURL& url);
112 113
114 // Returns true if the process is permitted to load the page for
Charlie Reis 2012/11/29 22:00:54 nit: s/the page for/pages from/
irobert 2012/12/01 00:02:48 Done.
115 // the given origin (applied to the page in main_frame and sub_frame).
Charlie Reis 2012/11/29 22:00:54 nit: the given origin in main frames or subframes.
irobert 2012/12/01 00:02:48 Done.
116 // Only might return false if --site-per-process flag is used.
117 bool CanLoadPage(int child_id, const GURL& url,
118 ResourceType::Type resource_type);
119
113 // Before servicing a child process's request to enumerate a directory 120 // Before servicing a child process's request to enumerate a directory
114 // the browser should call this method to check for the capability. 121 // the browser should call this method to check for the capability.
115 bool CanReadDirectory(int child_id, const FilePath& directory); 122 bool CanReadDirectory(int child_id, const FilePath& directory);
116 123
117 // Determines if certain permissions were granted for a file. |permissions| 124 // Determines if certain permissions were granted for a file. |permissions|
118 // must be a bit-set of base::PlatformFileFlags. 125 // must be a bit-set of base::PlatformFileFlags.
119 bool HasPermissionsForFile(int child_id, 126 bool HasPermissionsForFile(int child_id,
120 const FilePath& file, 127 const FilePath& file,
121 int permissions); 128 int permissions);
122 129
(...skipping 90 matching lines...) Expand 10 before | Expand all | Expand 10 after
213 // This maps keeps the record of which js worker thread child process 220 // This maps keeps the record of which js worker thread child process
214 // corresponds to which main js thread child process. 221 // corresponds to which main js thread child process.
215 WorkerToMainProcessMap worker_map_; 222 WorkerToMainProcessMap worker_map_;
216 223
217 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicyImpl); 224 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicyImpl);
218 }; 225 };
219 226
220 } // namespace content 227 } // namespace content
221 228
222 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ 229 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_
OLDNEW
« no previous file with comments | « no previous file | content/browser/child_process_security_policy_impl.cc » ('j') | content/browser/child_process_security_policy_impl.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698