Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1360)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/child_process_security_policy_impl.cc

Issue 120593003: Move kFileScheme constant into content namespace. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 6 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « content/browser/browser_url_handler_impl.cc ('k') | content/browser/child_process_security_policy_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/browser/child_process_security_policy_impl.h" 5 #include "content/browser/child_process_security_policy_impl.h"
6 6
7 #include "base/command_line.h" 7 #include "base/command_line.h"
8 #include "base/files/file_path.h" 8 #include "base/files/file_path.h"
9 #include "base/logging.h" 9 #include "base/logging.h"
10 #include "base/metrics/histogram.h" 10 #include "base/metrics/histogram.h"
(...skipping 158 matching lines...) Expand 10 before | Expand all | Expand 10 after
169 169
170 // Determine whether permission has been granted to request |url|. 170 // Determine whether permission has been granted to request |url|.
171 bool CanRequestURL(const GURL& url) { 171 bool CanRequestURL(const GURL& url) {
172 // Having permission to a scheme implies permssion to all of its URLs. 172 // Having permission to a scheme implies permssion to all of its URLs.
173 SchemeMap::const_iterator judgment(scheme_policy_.find(url.scheme())); 173 SchemeMap::const_iterator judgment(scheme_policy_.find(url.scheme()));
174 if (judgment != scheme_policy_.end()) 174 if (judgment != scheme_policy_.end())
175 return judgment->second; 175 return judgment->second;
176 176
177 // file:// URLs are more granular. The child may have been given 177 // file:// URLs are more granular. The child may have been given
178 // permission to a specific file but not the file:// scheme in general. 178 // permission to a specific file but not the file:// scheme in general.
179 if (url.SchemeIs(chrome::kFileScheme)) { 179 if (url.SchemeIs(kFileScheme)) {
180 base::FilePath path; 180 base::FilePath path;
181 if (net::FileURLToFilePath(url, &path)) 181 if (net::FileURLToFilePath(url, &path))
182 return ContainsKey(request_file_set_, path); 182 return ContainsKey(request_file_set_, path);
183 } 183 }
184 184
185 return false; // Unmentioned schemes are disallowed. 185 return false; // Unmentioned schemes are disallowed.
186 } 186 }
187 187
188 // Determine if the certain permissions have been granted to a file. 188 // Determine if the certain permissions have been granted to a file.
189 bool HasPermissionsForFile(const base::FilePath& file, int permissions) { 189 bool HasPermissionsForFile(const base::FilePath& file, int permissions) {
(...skipping 237 matching lines...) Expand 10 before | Expand all | Expand 10 after
427 427
428 // When the child process has been commanded to request this scheme, 428 // When the child process has been commanded to request this scheme,
429 // we grant it the capability to request all URLs of that scheme. 429 // we grant it the capability to request all URLs of that scheme.
430 state->second->GrantScheme(url.scheme()); 430 state->second->GrantScheme(url.scheme());
431 } 431 }
432 } 432 }
433 433
434 void ChildProcessSecurityPolicyImpl::GrantRequestSpecificFileURL( 434 void ChildProcessSecurityPolicyImpl::GrantRequestSpecificFileURL(
435 int child_id, 435 int child_id,
436 const GURL& url) { 436 const GURL& url) {
437 if (!url.SchemeIs(chrome::kFileScheme)) 437 if (!url.SchemeIs(kFileScheme))
438 return; 438 return;
439 439
440 { 440 {
441 base::AutoLock lock(lock_); 441 base::AutoLock lock(lock_);
442 SecurityStateMap::iterator state = security_state_.find(child_id); 442 SecurityStateMap::iterator state = security_state_.find(child_id);
443 if (state == security_state_.end()) 443 if (state == security_state_.end())
444 return; 444 return;
445 445
446 // When the child process has been commanded to request a file:// URL, 446 // When the child process has been commanded to request a file:// URL,
447 // then we grant it the capability for that URL only. 447 // then we grant it the capability for that URL only.
(...skipping 93 matching lines...) Expand 10 before | Expand all | Expand 10 after
541 SecurityStateMap::iterator state = security_state_.find(child_id); 541 SecurityStateMap::iterator state = security_state_.find(child_id);
542 if (state == security_state_.end()) 542 if (state == security_state_.end())
543 return; 543 return;
544 544
545 state->second->GrantBindings(BINDINGS_POLICY_WEB_UI); 545 state->second->GrantBindings(BINDINGS_POLICY_WEB_UI);
546 546
547 // Web UI bindings need the ability to request chrome: URLs. 547 // Web UI bindings need the ability to request chrome: URLs.
548 state->second->GrantScheme(chrome::kChromeUIScheme); 548 state->second->GrantScheme(chrome::kChromeUIScheme);
549 549
550 // Web UI pages can contain links to file:// URLs. 550 // Web UI pages can contain links to file:// URLs.
551 state->second->GrantScheme(chrome::kFileScheme); 551 state->second->GrantScheme(kFileScheme);
552 } 552 }
553 553
554 void ChildProcessSecurityPolicyImpl::GrantReadRawCookies(int child_id) { 554 void ChildProcessSecurityPolicyImpl::GrantReadRawCookies(int child_id) {
555 base::AutoLock lock(lock_); 555 base::AutoLock lock(lock_);
556 556
557 SecurityStateMap::iterator state = security_state_.find(child_id); 557 SecurityStateMap::iterator state = security_state_.find(child_id);
558 if (state == security_state_.end()) 558 if (state == security_state_.end())
559 return; 559 return;
560 560
561 state->second->GrantReadRawCookies(); 561 state->second->GrantReadRawCookies();
(...skipping 313 matching lines...) Expand 10 before | Expand all | Expand 10 after
875 base::AutoLock lock(lock_); 875 base::AutoLock lock(lock_);
876 876
877 SecurityStateMap::iterator state = security_state_.find(child_id); 877 SecurityStateMap::iterator state = security_state_.find(child_id);
878 if (state == security_state_.end()) 878 if (state == security_state_.end())
879 return false; 879 return false;
880 880
881 return state->second->can_send_midi_sysex(); 881 return state->second->can_send_midi_sysex();
882 } 882 }
883 883
884 } // namespace content 884 } // namespace content
OLDNEW
« no previous file with comments | « content/browser/browser_url_handler_impl.cc ('k') | content/browser/child_process_security_policy_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698