OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/child_process_security_policy_impl.h" | 5 #include "content/browser/child_process_security_policy_impl.h" |
6 | 6 |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "base/file_path.h" | 8 #include "base/file_path.h" |
9 #include "base/logging.h" | 9 #include "base/logging.h" |
10 #include "base/metrics/histogram.h" | 10 #include "base/metrics/histogram.h" |
(...skipping 490 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
501 } | 501 } |
502 | 502 |
503 bool ChildProcessSecurityPolicyImpl::CanLoadPage( | 503 bool ChildProcessSecurityPolicyImpl::CanLoadPage( |
504 int child_id, | 504 int child_id, |
505 const GURL& url, | 505 const GURL& url, |
506 ResourceType::Type resource_type) { | 506 ResourceType::Type resource_type) { |
507 // If --site-per-process flag is passed, we should enforce | 507 // If --site-per-process flag is passed, we should enforce |
508 // stronger security restrictions on page navigation. | 508 // stronger security restrictions on page navigation. |
509 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kSitePerProcess) && | 509 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kSitePerProcess) && |
510 ResourceType::IsFrame(resource_type)) { | 510 ResourceType::IsFrame(resource_type)) { |
511 // TODO(irobert): This currently breaks some WebUI page such as | 511 // TODO(nasko): Do the proper check for site-per-process, once |
512 // "chrome://extensions/" (belongs to site chrome://chrome/) which | 512 // out-of-process iframes is ready to go. |
Charlie Reis
2013/01/17 19:44:54
Wasn't this from your other CL? Did you want to l
nasko
2013/01/17 22:19:13
As discussed, I've decided to drop the other CL an
Charlie Reis
2013/01/18 05:37:07
Ok. In that case, can you add the bug number from
| |
513 // will load an iframe for the page "chrome://uber-frame/" | 513 return true; |
514 // (belongs to site chrome://uber-frame/). | |
515 base::AutoLock lock(lock_); | |
516 SecurityStateMap::iterator state = security_state_.find(child_id); | |
517 if (state == security_state_.end()) | |
518 return false; | |
519 return state->second->CanLoadPage(url); | |
520 } | 514 } |
521 return true; | 515 return true; |
522 } | 516 } |
523 | 517 |
524 bool ChildProcessSecurityPolicyImpl::CanRequestURL( | 518 bool ChildProcessSecurityPolicyImpl::CanRequestURL( |
525 int child_id, const GURL& url) { | 519 int child_id, const GURL& url) { |
526 if (!url.is_valid()) | 520 if (!url.is_valid()) |
527 return false; // Can't request invalid URLs. | 521 return false; // Can't request invalid URLs. |
528 | 522 |
529 if (IsDisabledScheme(url.scheme())) | 523 if (IsDisabledScheme(url.scheme())) |
(...skipping 170 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
700 int permission) { | 694 int permission) { |
701 base::AutoLock lock(lock_); | 695 base::AutoLock lock(lock_); |
702 | 696 |
703 SecurityStateMap::iterator state = security_state_.find(child_id); | 697 SecurityStateMap::iterator state = security_state_.find(child_id); |
704 if (state == security_state_.end()) | 698 if (state == security_state_.end()) |
705 return false; | 699 return false; |
706 return state->second->HasPermissionsForFileSystem(filesystem_id, permission); | 700 return state->second->HasPermissionsForFileSystem(filesystem_id, permission); |
707 } | 701 } |
708 | 702 |
709 } // namespace content | 703 } // namespace content |
OLD | NEW |