Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(958)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/browser/child_process_security_policy_impl.cc

Issue 1144253003: Remove --enable-strict-site-isolation (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Set correct upstream Created 5 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« content/browser/child_process_security_policy_impl.h ('K') | « content/browser/child_process_security_policy_impl.h ('k') | content/browser/loader/resource_dispatcher_host_impl.cc » ('j') | content/browser/renderer_host/render_process_host_unittest.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/child_process_security_policy_impl.cc
diff --git a/content/browser/child_process_security_policy_impl.cc b/content/browser/child_process_security_policy_impl.cc
index 34caa5a492393df47481c4b757c22da70acaadd3..5b03dfc713c8f31721c93b59f786a95a11848feb 100644
--- a/content/browser/child_process_security_policy_impl.cc
+++ b/content/browser/child_process_security_policy_impl.cc
@@ -235,26 +235,6 @@ class ChildProcessSecurityPolicyImpl::SecurityState {
return origin_lock_ == site_gurl;
}
- bool CanSendCookiesForOrigin(const GURL& gurl) {
- // We only block cross-site cookies on network requests if the
- // --enable-strict-site-isolation flag is passed. This is expected to break
- // compatibility with many sites. The similar --site-per-process flag only
- // blocks JavaScript access to cross-site cookies (in
- // CanAccessCookiesForOrigin).
- const base::CommandLine& command_line =
- *base::CommandLine::ForCurrentProcess();
- if (!command_line.HasSwitch(switches::kEnableStrictSiteIsolation))
- return true;
-
- if (origin_lock_.is_empty())
- return true;
- // TODO(creis): We must pass the valid browser_context to convert hosted
- // apps URLs. Currently, hosted apps cannot set cookies in this mode.
- // See http://crbug.com/160576.
- GURL site_gurl = SiteInstanceImpl::GetSiteForURL(NULL, gurl);
- return origin_lock_ == site_gurl;
- }
-
void LockToOrigin(const GURL& gurl) {
origin_lock_ = gurl;
}
@@ -822,26 +802,6 @@ bool ChildProcessSecurityPolicyImpl::CanAccessCookiesForOrigin(
return state->second->CanAccessCookiesForOrigin(gurl);
}
-bool ChildProcessSecurityPolicyImpl::CanSendCookiesForOrigin(int child_id,
- const GURL& gurl) {
- for (PluginProcessHostIterator iter; !iter.Done(); ++iter) {
- if (iter.GetData().id == child_id) {
- if (iter.GetData().process_type == PROCESS_TYPE_PLUGIN) {
- // NPAPI plugin processes are unsandboxed and so are trusted. Plugins
- // can make request to any origin.
- return true;
- }
- break;
- }
- }
-
- base::AutoLock lock(lock_);
- SecurityStateMap::iterator state = security_state_.find(child_id);
- if (state == security_state_.end())
- return false;
- return state->second->CanSendCookiesForOrigin(gurl);
-}
-
void ChildProcessSecurityPolicyImpl::LockToOrigin(int child_id,
const GURL& gurl) {
// "gurl" can be currently empty in some cases, such as file://blah.
« content/browser/child_process_security_policy_impl.h ('K') | « content/browser/child_process_security_policy_impl.h ('k') | content/browser/loader/resource_dispatcher_host_impl.cc » ('j') | content/browser/renderer_host/render_process_host_unittest.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698