Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(107)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/child_process_security_policy_impl.h

Issue 1144253003: Remove --enable-strict-site-isolation (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Set correct upstream Created 5 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« chrome/browser/prerender/prerender_contents.cc ('K') | « chrome/browser/prerender/prerender_contents.cc ('k') | content/browser/child_process_security_policy_impl.cc » ('j') | content/browser/renderer_host/render_process_host_unittest.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ 5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_
6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ 6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_
7 7
8 8
9 #include <map> 9 #include <map>
10 #include <set> 10 #include <set>
(...skipping 130 matching lines...) Expand 10 before | Expand all | Expand 10 after
141 bool CanCopyIntoFileSystemFile(int child_id, 141 bool CanCopyIntoFileSystemFile(int child_id,
142 const storage::FileSystemURL& url); 142 const storage::FileSystemURL& url);
143 bool CanDeleteFileSystemFile(int child_id, const storage::FileSystemURL& url); 143 bool CanDeleteFileSystemFile(int child_id, const storage::FileSystemURL& url);
144 144
145 // Returns true if the specified child_id has been granted ReadRawCookies. 145 // Returns true if the specified child_id has been granted ReadRawCookies.
146 bool CanReadRawCookies(int child_id); 146 bool CanReadRawCookies(int child_id);
147 147
148 // Returns true if the process is permitted to read and modify the cookies for 148 // Returns true if the process is permitted to read and modify the cookies for
149 // the given origin. Does not affect cookies attached to or set by network 149 // the given origin. Does not affect cookies attached to or set by network
150 // requests. 150 // requests.
151 // Only might return false if the very experimental 151 // Only might return false if the --site-per-process flag is used.
152 // --enable-strict-site-isolation or --site-per-process flags are used.
153 bool CanAccessCookiesForOrigin(int child_id, const GURL& gurl); 152 bool CanAccessCookiesForOrigin(int child_id, const GURL& gurl);
154 153
155 // Returns true if the process is permitted to attach cookies to (or have
156 // cookies set by) network requests.
157 // Only might return false if the very experimental
158 // --enable-strict-site-isolation or --site-per-process flags are used.
159 bool CanSendCookiesForOrigin(int child_id, const GURL& gurl);
Charlie Reis 2015/06/05 23:06:18 Yes, deleting this makes sense. We don't prevent
ncarter (slow) 2015/06/06 18:24:34 Done.
160
161 // Sets the process as only permitted to use and see the cookies for the 154 // Sets the process as only permitted to use and see the cookies for the
162 // given origin. 155 // given origin.
163 // Only used if the very experimental --enable-strict-site-isolation or 156 // Origin lock is applied only if the --site-per-process flag is used.
164 // --site-per-process flags are used.
165 void LockToOrigin(int child_id, const GURL& gurl); 157 void LockToOrigin(int child_id, const GURL& gurl);
166 158
167 // Register FileSystem type and permission policy which should be used 159 // Register FileSystem type and permission policy which should be used
168 // for the type. The |policy| must be a bitwise-or'd value of 160 // for the type. The |policy| must be a bitwise-or'd value of
169 // storage::FilePermissionPolicy. 161 // storage::FilePermissionPolicy.
170 void RegisterFileSystemPermissionPolicy(storage::FileSystemType type, 162 void RegisterFileSystemPermissionPolicy(storage::FileSystemType type,
171 int policy); 163 int policy);
172 164
173 // Returns true if sending system exclusive messages is allowed. 165 // Returns true if sending system exclusive messages is allowed.
174 bool CanSendMidiSysExMessage(int child_id); 166 bool CanSendMidiSysExMessage(int child_id);
(...skipping 84 matching lines...) Expand 10 before | Expand all | Expand 10 after
259 WorkerToMainProcessMap worker_map_; 251 WorkerToMainProcessMap worker_map_;
260 252
261 FileSystemPermissionPolicyMap file_system_policy_map_; 253 FileSystemPermissionPolicyMap file_system_policy_map_;
262 254
263 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicyImpl); 255 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicyImpl);
264 }; 256 };
265 257
266 } // namespace content 258 } // namespace content
267 259
268 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ 260 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_
OLDNEW
« chrome/browser/prerender/prerender_contents.cc ('K') | « chrome/browser/prerender/prerender_contents.cc ('k') | content/browser/child_process_security_policy_impl.cc » ('j') | content/browser/renderer_host/render_process_host_unittest.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698