content/browser/child_process_security_policy_impl.cc - Issue 11772005: Implement a prototype to render cross-site iframes in a separate process from their parent.

Side by Side Diff: content/browser/child_process_security_policy_impl.cc

Issue 11772005: Implement a prototype to render cross-site iframes in a separate process from their parent. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Some cleanup. Created 7 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« content/browser/browser_plugin/browser_plugin_embedder.cc ('K') | « content/browser/browser_plugin/browser_plugin_embedder.cc ('k') | content/browser/loader/resource_loader.cc » ('j') | content/browser/loader/resource_loader.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "content/browser/child_process_security_policy_impl.h"	5 #include "content/browser/child_process_security_policy_impl.h"

6	6

7 #include "base/command_line.h"	7 #include "base/command_line.h"

8 #include "base/file_path.h"	8 #include "base/file_path.h"

9 #include "base/logging.h"	9 #include "base/logging.h"

10 #include "base/metrics/histogram.h"	10 #include "base/metrics/histogram.h"

(...skipping 490 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
501 }	501 }

502	502

503 bool ChildProcessSecurityPolicyImpl::CanLoadPage(	503 bool ChildProcessSecurityPolicyImpl::CanLoadPage(

504 int child_id,	504 int child_id,

505 const GURL& url,	505 const GURL& url,

506 ResourceType::Type resource_type) {	506 ResourceType::Type resource_type) {

507 // If --site-per-process flag is passed, we should enforce	507 // If --site-per-process flag is passed, we should enforce

508 // stronger security restrictions on page navigation.	508 // stronger security restrictions on page navigation.

509 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kSitePerProcess) &&	509 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kSitePerProcess) &&

510 ResourceType::IsFrame(resource_type)) {	510 ResourceType::IsFrame(resource_type)) {

511 // TODO(irobert): This currently breaks some WebUI page such as	511 // TODO(nasko): Do the proper check for site-per-process, once

512 // "chrome://extensions/" (belongs to site chrome://chrome/) which	512 // out-of-process iframes is ready to go.
	Charlie Reis 2013/01/17 19:44:54 Wasn't this from your other CL? Did you want to l Wasn't this from your other CL? Did you want to land that first? nasko 2013/01/17 22:19:13 As discussed, I've decided to drop the other CL an Show quoted text On 2013/01/17 19:44:54, creis wrote: > Wasn't this from your other CL? Did you want to land that first? As discussed, I've decided to drop the other CL and merge the code here. Charlie Reis 2013/01/18 05:37:07 Ok. In that case, can you add the bug number from Show quoted text On 2013/01/17 22:19:13, nasko wrote: > On 2013/01/17 19:44:54, creis wrote: > > Wasn't this from your other CL? Did you want to land that first? > > As discussed, I've decided to drop the other CL and merge the code here. Ok. In that case, can you add the bug number from that other CL to this one?
513 // will load an iframe for the page "chrome://uber-frame/"	513 return true;

514 // (belongs to site chrome://uber-frame/).

515 base::AutoLock lock(lock_);

516 SecurityStateMap::iterator state = security_state_.find(child_id);

517 if (state == security_state_.end())

518 return false;

519 return state->second->CanLoadPage(url);

520 }	514 }

521 return true;	515 return true;

522 }	516 }

523	517

524 bool ChildProcessSecurityPolicyImpl::CanRequestURL(	518 bool ChildProcessSecurityPolicyImpl::CanRequestURL(

525 int child_id, const GURL& url) {	519 int child_id, const GURL& url) {

526 if (!url.is_valid())	520 if (!url.is_valid())

527 return false; // Can't request invalid URLs.	521 return false; // Can't request invalid URLs.

528	522

529 if (IsDisabledScheme(url.scheme()))	523 if (IsDisabledScheme(url.scheme()))

(...skipping 170 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
700 int permission) {	694 int permission) {

701 base::AutoLock lock(lock_);	695 base::AutoLock lock(lock_);

702	696

703 SecurityStateMap::iterator state = security_state_.find(child_id);	697 SecurityStateMap::iterator state = security_state_.find(child_id);

704 if (state == security_state_.end())	698 if (state == security_state_.end())

705 return false;	699 return false;

706 return state->second->HasPermissionsForFileSystem(filesystem_id, permission);	700 return state->second->HasPermissionsForFileSystem(filesystem_id, permission);

707 }	701 }

708	702

709 } // namespace content	703 } // namespace content

OLD	NEW