| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/child_process_security_policy_impl.h" | 5 #include "content/browser/child_process_security_policy_impl.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/files/file_path.h" | 8 #include "base/files/file_path.h" |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/metrics/histogram.h" | 10 #include "base/metrics/histogram.h" |
| (...skipping 196 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 207 if (it != file_permissions_.end()) | 207 if (it != file_permissions_.end()) |
| 208 return (it->second & permissions) == permissions; | 208 return (it->second & permissions) == permissions; |
| 209 } | 209 } |
| 210 last_path = current_path; | 210 last_path = current_path; |
| 211 current_path = current_path.DirName(); | 211 current_path = current_path.DirName(); |
| 212 } | 212 } |
| 213 | 213 |
| 214 return false; | 214 return false; |
| 215 } | 215 } |
| 216 | 216 |
| 217 bool CanLoadPage(const GURL& gurl) { | |
| 218 if (origin_lock_.is_empty()) | |
| 219 return true; | |
| 220 | |
| 221 // TODO(creis): We must pass the valid browser_context to convert hosted | |
| 222 // apps URLs. Currently, hosted apps cannot be loaded in this mode. | |
| 223 // See http://crbug.com/160576. | |
| 224 GURL site_gurl = SiteInstanceImpl::GetSiteForURL(NULL, gurl); | |
| 225 return origin_lock_ == site_gurl; | |
| 226 } | |
| 227 | |
| 228 bool CanAccessDataForOrigin(const GURL& gurl) { | 217 bool CanAccessDataForOrigin(const GURL& gurl) { |
| 229 if (origin_lock_.is_empty()) | 218 if (origin_lock_.is_empty()) |
| 230 return true; | 219 return true; |
| 231 // TODO(creis): We must pass the valid browser_context to convert hosted | 220 // TODO(creis): We must pass the valid browser_context to convert hosted |
| 232 // apps URLs. Currently, hosted apps cannot set cookies in this mode. | 221 // apps URLs. Currently, hosted apps cannot set cookies in this mode. |
| 233 // See http://crbug.com/160576. | 222 // See http://crbug.com/160576. |
| 234 GURL site_gurl = SiteInstanceImpl::GetSiteForURL(NULL, gurl); | 223 GURL site_gurl = SiteInstanceImpl::GetSiteForURL(NULL, gurl); |
| 235 return origin_lock_ == site_gurl; | 224 return origin_lock_ == site_gurl; |
| 236 } | 225 } |
| 237 | 226 |
| (...skipping 316 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 554 void ChildProcessSecurityPolicyImpl::RevokeReadRawCookies(int child_id) { | 543 void ChildProcessSecurityPolicyImpl::RevokeReadRawCookies(int child_id) { |
| 555 base::AutoLock lock(lock_); | 544 base::AutoLock lock(lock_); |
| 556 | 545 |
| 557 SecurityStateMap::iterator state = security_state_.find(child_id); | 546 SecurityStateMap::iterator state = security_state_.find(child_id); |
| 558 if (state == security_state_.end()) | 547 if (state == security_state_.end()) |
| 559 return; | 548 return; |
| 560 | 549 |
| 561 state->second->RevokeReadRawCookies(); | 550 state->second->RevokeReadRawCookies(); |
| 562 } | 551 } |
| 563 | 552 |
| 564 bool ChildProcessSecurityPolicyImpl::CanLoadPage(int child_id, | |
| 565 const GURL& url, | |
| 566 ResourceType resource_type) { | |
| 567 // If --site-per-process flag is passed, we should enforce | |
| 568 // stronger security restrictions on page navigation. | |
| 569 if (base::CommandLine::ForCurrentProcess()->HasSwitch( | |
| 570 switches::kSitePerProcess) && | |
| 571 IsResourceTypeFrame(resource_type)) { | |
| 572 // TODO(nasko): Do the proper check for site-per-process, once | |
| 573 // out-of-process iframes is ready to go. | |
| 574 return true; | |
| 575 } | |
| 576 return true; | |
| 577 } | |
| 578 | |
| 579 bool ChildProcessSecurityPolicyImpl::CanRequestURL( | 553 bool ChildProcessSecurityPolicyImpl::CanRequestURL( |
| 580 int child_id, const GURL& url) { | 554 int child_id, const GURL& url) { |
| 581 if (!url.is_valid()) | 555 if (!url.is_valid()) |
| 582 return false; // Can't request invalid URLs. | 556 return false; // Can't request invalid URLs. |
| 583 | 557 |
| 584 if (IsWebSafeScheme(url.scheme())) | 558 if (IsWebSafeScheme(url.scheme())) |
| 585 return true; // The scheme has been white-listed for every child process. | 559 return true; // The scheme has been white-listed for every child process. |
| 586 | 560 |
| 587 if (IsPseudoScheme(url.scheme())) { | 561 if (IsPseudoScheme(url.scheme())) { |
| 588 // There are a number of special cases for pseudo schemes. | 562 // There are a number of special cases for pseudo schemes. |
| (...skipping 258 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 847 base::AutoLock lock(lock_); | 821 base::AutoLock lock(lock_); |
| 848 | 822 |
| 849 SecurityStateMap::iterator state = security_state_.find(child_id); | 823 SecurityStateMap::iterator state = security_state_.find(child_id); |
| 850 if (state == security_state_.end()) | 824 if (state == security_state_.end()) |
| 851 return false; | 825 return false; |
| 852 | 826 |
| 853 return state->second->can_send_midi_sysex(); | 827 return state->second->can_send_midi_sysex(); |
| 854 } | 828 } |
| 855 | 829 |
| 856 } // namespace content | 830 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1241953009:
Remove CanLoadPage; it's essentially unused, and not compatible with (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master