Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(93)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: mojo/application/public/interfaces/shell.mojom

Issue 1244233002: Allow trusted brokers to restrict connections for spawned applications to whitelisted applications … (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: . Created 5 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« mojo/application/public/interfaces/application.mojom ('K') | « mojo/application/public/interfaces/application.mojom ('k') | mojo/mojo_shell.gyp » ('j') | mojo/shell/application_instance.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 module mojo; 5 module mojo;
6 6
7 import "mojo/application/public/interfaces/service_provider.mojom"; 7 import "mojo/application/public/interfaces/service_provider.mojom";
8 import "network/public/interfaces/url_loader.mojom"; 8 import "network/public/interfaces/url_loader.mojom";
9 9
10 // Specifies a whitelist of applications and services an application can connect
11 // to. Connections to applications not explicitly specified here as a key are
12 // rejected. Connections to services not specified in an application's allowed
13 // interfaces value are not made.
14 // A "*" value as the only key in an otherwise empty map means the application
15 // may connect to any other application.
16 // A "*" value as the only string in an otherwise empty array of interface names
17 // means the application may connect to any service in that application.
18 // An empty interface name array means the application may not connect to any
19 // services exposed by the application it is connecting to.
20 struct CapabilityFilter {
21 map<string, array<string>> filter;
22 };
23
10 // An interface through which a Mojo application may communicate with the Mojo 24 // An interface through which a Mojo application may communicate with the Mojo
11 // system and request connections to other applications. 25 // system and request connections to other applications.
12 interface Shell { 26 interface Shell {
13 // Establishes a connection with another application (located at 27 // Establishes a connection with another application ("target application")
14 // |request->url|) through which the calling application and the other 28 // (located at |request->url|) through which the calling application and the
15 // application may request services from one another. |application_url| is a 29 // target application may request services from one another.
16 // URLRequest in case this is called for an HTTP navigation, in which case 30 // |application_url| is a URLRequest in case this is called for an HTTP
17 // HTTP specific information like POST data, referrer header etc... needed. 31 // navigation, in which case HTTP specific information like POST data,
32 // referrer header etc... needed.
18 // 33 //
19 // If the calling application would like to request services from the other 34 // If the calling application would like to request services from the target
20 // application, it should pass a valid interface request in the |services| 35 // application, it should pass a valid interface request in the |services|
21 // parameter (i.e. one containing a valid message pipe endpoint). If the other 36 // parameter (i.e. one containing a valid message pipe endpoint). If the
22 // application does not wish to offer services, it may either not bind an 37 // target application does not wish to offer services, it may either not bind
23 // implementation to the interface request, or else bind an implementation 38 // an implementation to the interface request, or else bind an implementation
24 // that will reject some or all service requests. 39 // that will reject some or all service requests.
25 // 40 //
26 // If the calling application would like to offer services to the other 41 // If the calling application would like to offer services to the target
27 // application, it should pass a bound interface through the 42 // application, it should pass a bound interface through the
28 // |exposed_services| parameter. The other application may then request 43 // |exposed_services| parameter. The target application may then request
29 // services through that interface. 44 // services through that interface.
30 // 45 //
31 // At least one of |services| or |exposed_services| should be valid/bound in 46 // At least one of |services| or |exposed_services| should be valid/bound in
32 // the call. 47 // the call.
33 // 48 //
34 // If the |application_url| does not contain a domain, but is of the form 49 // If the |application_url| does not contain a domain, but is of the form
35 // "mojo:{service}", it is up to the Mojo shell to select an appropriate 50 // "mojo:{service}", it is up to the Mojo shell to select an appropriate
36 // application for the service. Currently, the shell does this based on the 51 // application for the service. Currently, the shell does this based on the
37 // value of its --origin flag. 52 // value of its --origin flag.
53 //
54 // |filter| is a whitelist of application URLs and services that the target
55 // application is permitted to connect to. See documentation for
56 // CapabilityFilter above. Note also that this parameter may be NULL, which
57 // has the same meaning as allowing the target application to connect to
58 // any application and service.
38 ConnectToApplication(URLRequest application_url, 59 ConnectToApplication(URLRequest application_url,
39 ServiceProvider&? services, 60 ServiceProvider&? services,
40 ServiceProvider? exposed_services); 61 ServiceProvider? exposed_services,
62 CapabilityFilter? filter);
41 63
42 // When there are no more instantiated services in an application, it should 64 // When there are no more instantiated services in an application, it should
43 // start its shutdown process by calling this method. Additionally, it should 65 // start its shutdown process by calling this method. Additionally, it should
44 // keep track of any new service requests that come in. The shell will then 66 // keep track of any new service requests that come in. The shell will then
45 // call Application::OnQuitRequested and start queueing new service requests. 67 // call Application::OnQuitRequested and start queueing new service requests.
46 // If the application didn't get any new service requests in the meantime, it 68 // If the application didn't get any new service requests in the meantime, it
47 // should call the callback with a true value. Otherwise it should call it 69 // should call the callback with a true value. Otherwise it should call it
48 // with false. 70 // with false.
49 QuitApplication(); 71 QuitApplication();
50 }; 72 };
OLDNEW
« mojo/application/public/interfaces/application.mojom ('K') | « mojo/application/public/interfaces/application.mojom ('k') | mojo/mojo_shell.gyp » ('j') | mojo/shell/application_instance.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698