Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(363)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/prefs/pref_hash_filter.h

Issue 122653005: Chrome Settings Hardening (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: void* 0xBAD instead of returning a base::Value* in checked/stored_value() test helper Created 6 years, 12 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/prefs/chrome_pref_service_factory.cc ('k') | chrome/browser/prefs/pref_hash_filter.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/prefs/pref_hash_filter.h
diff --git a/chrome/browser/prefs/pref_hash_filter.h b/chrome/browser/prefs/pref_hash_filter.h
index 2c746946a07ac9c5c05e0b274a2bce78b04a3310..5dea96839cb2e8dd87ddd7790f32db74276d191f 100644
--- a/chrome/browser/prefs/pref_hash_filter.h
+++ b/chrome/browser/prefs/pref_hash_filter.h
@@ -5,15 +5,14 @@
#ifndef CHROME_BROWSER_PREFS_PREF_HASH_FILTER_H_
#define CHROME_BROWSER_PREFS_PREF_HASH_FILTER_H_
-#include <set>
+#include <map>
#include <string>
#include "base/basictypes.h"
#include "base/compiler_specific.h"
#include "base/memory/scoped_ptr.h"
#include "base/prefs/pref_filter.h"
-
-class PrefHashStore;
+#include "chrome/browser/prefs/pref_hash_store.h"
namespace base {
class DictionaryValue;
@@ -25,7 +24,39 @@ class Value;
// are changed.
class PrefHashFilter : public PrefFilter {
public:
- explicit PrefHashFilter(scoped_ptr<PrefHashStore> pref_hash_store);
+ // Enforcement levels are defined in order of intensity; the next level always
+ // implies the previous one and more.
+ enum EnforcementLevel {
+ NO_ENFORCEMENT,
+ ENFORCE,
+ ENFORCE_NO_SEEDING,
+ ENFORCE_NO_SEEDING_NO_MIGRATION,
+ // ENFORCE_ALL must always remain last; it is meant to be used when the
+ // desired level is underdetermined and the caller wants to enforce the
+ // strongest setting to be safe.
+ ENFORCE_ALL
+ };
+
+ struct TrackedPreference {
+ size_t reporting_id;
+ const char* name;
+ // Whether to actually reset this specific preference when everything else
+ // indicates that it should be.
+ bool allow_enforcement;
+ };
+
+ // Constructs a PrefHashFilter tracking the specified |tracked_preferences|
+ // using |pref_hash_store| to check/store hashes.
+ // |reporting_ids_count| is the count of all possible IDs (possibly greater
+ // than |tracked_preferences_size|). |enforcement_level| determines when this
+ // filter will enforce factory defaults upon detecting an untrusted preference
+ // value.
+ PrefHashFilter(scoped_ptr<PrefHashStore> pref_hash_store,
+ const TrackedPreference tracked_preferences[],
+ size_t tracked_preferences_size,
+ size_t reporting_ids_count,
+ EnforcementLevel enforcement_level);
+
virtual ~PrefHashFilter();
// PrefFilter implementation.
@@ -35,8 +66,19 @@ class PrefHashFilter : public PrefFilter {
const base::Value* value) OVERRIDE;
private:
+ typedef std::map<std::string, const TrackedPreference> TrackedPreferencesMap;
+
scoped_ptr<PrefHashStore> pref_hash_store_;
- std::set<std::string> tracked_paths_;
+ TrackedPreferencesMap tracked_paths_;
+
+ size_t reporting_ids_count_;
+
+ // Prevent setting changes.
+ bool enforce_;
+ // Do not seed unknown values.
+ bool no_seeding_;
+ // Do not migrate values validated by the old MAC algorithm.
+ bool no_migration_;
DISALLOW_COPY_AND_ASSIGN(PrefHashFilter);
};
« no previous file with comments | « chrome/browser/prefs/chrome_pref_service_factory.cc ('k') | chrome/browser/prefs/pref_hash_filter.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698