OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/child_process_security_policy_impl.h" | 5 #include "content/browser/child_process_security_policy_impl.h" |
6 | 6 |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "base/file_path.h" | 8 #include "base/file_path.h" |
9 #include "base/logging.h" | 9 #include "base/logging.h" |
10 #include "base/metrics/histogram.h" | 10 #include "base/metrics/histogram.h" |
(...skipping 497 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
508 } | 508 } |
509 | 509 |
510 bool ChildProcessSecurityPolicyImpl::CanLoadPage( | 510 bool ChildProcessSecurityPolicyImpl::CanLoadPage( |
511 int child_id, | 511 int child_id, |
512 const GURL& url, | 512 const GURL& url, |
513 ResourceType::Type resource_type) { | 513 ResourceType::Type resource_type) { |
514 // If --site-per-process flag is passed, we should enforce | 514 // If --site-per-process flag is passed, we should enforce |
515 // stronger security restrictions on page navigation. | 515 // stronger security restrictions on page navigation. |
516 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kSitePerProcess) && | 516 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kSitePerProcess) && |
517 ResourceType::IsFrame(resource_type)) { | 517 ResourceType::IsFrame(resource_type)) { |
518 // TODO(irobert): This currently breaks some WebUI page such as | 518 // TODO(nasko): Do the proper check for site-per-process, once |
519 // "chrome://extensions/" (belongs to site chrome://chrome/) which | 519 // out-of-process iframes is ready to go. |
520 // will load an iframe for the page "chrome://uber-frame/" | 520 return true; |
521 // (belongs to site chrome://uber-frame/). | |
522 base::AutoLock lock(lock_); | |
523 SecurityStateMap::iterator state = security_state_.find(child_id); | |
524 if (state == security_state_.end()) | |
525 return false; | |
526 return state->second->CanLoadPage(url); | |
527 } | 521 } |
528 return true; | 522 return true; |
529 } | 523 } |
530 | 524 |
531 bool ChildProcessSecurityPolicyImpl::CanRequestURL( | 525 bool ChildProcessSecurityPolicyImpl::CanRequestURL( |
532 int child_id, const GURL& url) { | 526 int child_id, const GURL& url) { |
533 if (!url.is_valid()) | 527 if (!url.is_valid()) |
534 return false; // Can't request invalid URLs. | 528 return false; // Can't request invalid URLs. |
535 | 529 |
536 if (IsDisabledScheme(url.scheme())) | 530 if (IsDisabledScheme(url.scheme())) |
(...skipping 170 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
707 int permission) { | 701 int permission) { |
708 base::AutoLock lock(lock_); | 702 base::AutoLock lock(lock_); |
709 | 703 |
710 SecurityStateMap::iterator state = security_state_.find(child_id); | 704 SecurityStateMap::iterator state = security_state_.find(child_id); |
711 if (state == security_state_.end()) | 705 if (state == security_state_.end()) |
712 return false; | 706 return false; |
713 return state->second->HasPermissionsForFileSystem(filesystem_id, permission); | 707 return state->second->HasPermissionsForFileSystem(filesystem_id, permission); |
714 } | 708 } |
715 | 709 |
716 } // namespace content | 710 } // namespace content |
OLD | NEW |