OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/child_process_security_policy_impl.h" | 5 #include "content/browser/child_process_security_policy_impl.h" |
6 | 6 |
| 7 #include <utility> |
| 8 |
7 #include "base/command_line.h" | 9 #include "base/command_line.h" |
8 #include "base/files/file_path.h" | 10 #include "base/files/file_path.h" |
9 #include "base/logging.h" | 11 #include "base/logging.h" |
10 #include "base/metrics/histogram.h" | 12 #include "base/metrics/histogram.h" |
11 #include "base/stl_util.h" | 13 #include "base/stl_util.h" |
12 #include "base/strings/string_util.h" | 14 #include "base/strings/string_util.h" |
13 #include "content/browser/plugin_process_host.h" | 15 #include "content/browser/plugin_process_host.h" |
14 #include "content/browser/site_instance_impl.h" | 16 #include "content/browser/site_instance_impl.h" |
15 #include "content/common/site_isolation_policy.h" | 17 #include "content/common/site_isolation_policy.h" |
16 #include "content/public/browser/child_process_data.h" | 18 #include "content/public/browser/child_process_data.h" |
(...skipping 63 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
80 storage::IsolatedContext::GetInstance(); | 82 storage::IsolatedContext::GetInstance(); |
81 for (FileSystemMap::iterator iter = filesystem_permissions_.begin(); | 83 for (FileSystemMap::iterator iter = filesystem_permissions_.begin(); |
82 iter != filesystem_permissions_.end(); | 84 iter != filesystem_permissions_.end(); |
83 ++iter) { | 85 ++iter) { |
84 isolated_context->RemoveReference(iter->first); | 86 isolated_context->RemoveReference(iter->first); |
85 } | 87 } |
86 UMA_HISTOGRAM_COUNTS("ChildProcessSecurityPolicy.PerChildFilePermissions", | 88 UMA_HISTOGRAM_COUNTS("ChildProcessSecurityPolicy.PerChildFilePermissions", |
87 file_permissions_.size()); | 89 file_permissions_.size()); |
88 } | 90 } |
89 | 91 |
| 92 // Grant permission to request URLs with the specified origin. |
| 93 void GrantOrigin(const url::Origin& origin) { |
| 94 origin_set_.insert(origin); |
| 95 } |
| 96 |
90 // Grant permission to request URLs with the specified scheme. | 97 // Grant permission to request URLs with the specified scheme. |
91 void GrantScheme(const std::string& scheme) { | 98 void GrantScheme(const std::string& scheme) { |
92 scheme_policy_[scheme] = true; | 99 scheme_policy_[scheme] = true; |
93 } | 100 } |
94 | 101 |
95 // Revoke permission to request URLs with the specified scheme. | 102 // Revoke permission to request URLs with the specified scheme. |
96 void RevokeScheme(const std::string& scheme) { | 103 void RevokeScheme(const std::string& scheme) { |
97 scheme_policy_[scheme] = false; | 104 scheme_policy_[scheme] = false; |
98 } | 105 } |
99 | 106 |
(...skipping 61 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
161 void RevokeReadRawCookies() { | 168 void RevokeReadRawCookies() { |
162 can_read_raw_cookies_ = false; | 169 can_read_raw_cookies_ = false; |
163 } | 170 } |
164 | 171 |
165 void GrantPermissionForMidiSysEx() { | 172 void GrantPermissionForMidiSysEx() { |
166 can_send_midi_sysex_ = true; | 173 can_send_midi_sysex_ = true; |
167 } | 174 } |
168 | 175 |
169 // Determine whether permission has been granted to commit |url|. | 176 // Determine whether permission has been granted to commit |url|. |
170 bool CanCommitURL(const GURL& url) { | 177 bool CanCommitURL(const GURL& url) { |
171 // Having permission to a scheme implies permssion to all of its URLs. | 178 // Having permission to a scheme implies permission to all of its URLs. |
172 SchemeMap::const_iterator judgment(scheme_policy_.find(url.scheme())); | 179 SchemeMap::const_iterator scheme_judgment( |
173 if (judgment != scheme_policy_.end()) | 180 scheme_policy_.find(url.scheme())); |
174 return judgment->second; | 181 if (scheme_judgment != scheme_policy_.end()) |
| 182 return scheme_judgment->second; |
| 183 |
| 184 // Otherwise, check for permission for specific origin. |
| 185 if (ContainsKey(origin_set_, url::Origin(url))) |
| 186 return true; |
175 | 187 |
176 // file:// URLs are more granular. The child may have been given | 188 // file:// URLs are more granular. The child may have been given |
177 // permission to a specific file but not the file:// scheme in general. | 189 // permission to a specific file but not the file:// scheme in general. |
178 if (url.SchemeIs(url::kFileScheme)) { | 190 if (url.SchemeIs(url::kFileScheme)) { |
179 base::FilePath path; | 191 base::FilePath path; |
180 if (net::FileURLToFilePath(url, &path)) | 192 if (net::FileURLToFilePath(url, &path)) |
181 return ContainsKey(request_file_set_, path); | 193 return ContainsKey(request_file_set_, path); |
182 } | 194 } |
183 | 195 |
184 return false; // Unmentioned schemes are disallowed. | 196 return false; // Unmentioned schemes are disallowed. |
(...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
235 bool can_read_raw_cookies() const { | 247 bool can_read_raw_cookies() const { |
236 return can_read_raw_cookies_; | 248 return can_read_raw_cookies_; |
237 } | 249 } |
238 | 250 |
239 bool can_send_midi_sysex() const { | 251 bool can_send_midi_sysex() const { |
240 return can_send_midi_sysex_; | 252 return can_send_midi_sysex_; |
241 } | 253 } |
242 | 254 |
243 private: | 255 private: |
244 typedef std::map<std::string, bool> SchemeMap; | 256 typedef std::map<std::string, bool> SchemeMap; |
| 257 typedef std::set<url::Origin> OriginSet; |
245 | 258 |
246 typedef int FilePermissionFlags; // bit-set of base::File::Flags | 259 typedef int FilePermissionFlags; // bit-set of base::File::Flags |
247 typedef std::map<base::FilePath, FilePermissionFlags> FileMap; | 260 typedef std::map<base::FilePath, FilePermissionFlags> FileMap; |
248 typedef std::map<std::string, FilePermissionFlags> FileSystemMap; | 261 typedef std::map<std::string, FilePermissionFlags> FileSystemMap; |
249 typedef std::set<base::FilePath> FileSet; | 262 typedef std::set<base::FilePath> FileSet; |
250 | 263 |
251 // Maps URL schemes to whether permission has been granted or revoked: | 264 // Maps URL schemes to whether permission has been granted or revoked: |
252 // |true| means the scheme has been granted. | 265 // |true| means the scheme has been granted. |
253 // |false| means the scheme has been revoked. | 266 // |false| means the scheme has been revoked. |
254 // If a scheme is not present in the map, then it has never been granted | 267 // If a scheme is not present in the map, then it has never been granted |
255 // or revoked. | 268 // or revoked. |
256 SchemeMap scheme_policy_; | 269 SchemeMap scheme_policy_; |
257 | 270 |
| 271 // The set of URL origins to which the child process has been granted |
| 272 // permission. |
| 273 OriginSet origin_set_; |
| 274 |
258 // The set of files the child process is permited to upload to the web. | 275 // The set of files the child process is permited to upload to the web. |
259 FileMap file_permissions_; | 276 FileMap file_permissions_; |
260 | 277 |
261 // The set of files the child process is permitted to load. | 278 // The set of files the child process is permitted to load. |
262 FileSet request_file_set_; | 279 FileSet request_file_set_; |
263 | 280 |
264 int enabled_bindings_; | 281 int enabled_bindings_; |
265 | 282 |
266 bool can_read_raw_cookies_; | 283 bool can_read_raw_cookies_; |
267 | 284 |
(...skipping 228 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
496 void ChildProcessSecurityPolicyImpl::GrantSendMidiSysExMessage(int child_id) { | 513 void ChildProcessSecurityPolicyImpl::GrantSendMidiSysExMessage(int child_id) { |
497 base::AutoLock lock(lock_); | 514 base::AutoLock lock(lock_); |
498 | 515 |
499 SecurityStateMap::iterator state = security_state_.find(child_id); | 516 SecurityStateMap::iterator state = security_state_.find(child_id); |
500 if (state == security_state_.end()) | 517 if (state == security_state_.end()) |
501 return; | 518 return; |
502 | 519 |
503 state->second->GrantPermissionForMidiSysEx(); | 520 state->second->GrantPermissionForMidiSysEx(); |
504 } | 521 } |
505 | 522 |
| 523 void ChildProcessSecurityPolicyImpl::GrantOrigin(int child_id, |
| 524 const url::Origin& origin) { |
| 525 base::AutoLock lock(lock_); |
| 526 |
| 527 SecurityStateMap::iterator state = security_state_.find(child_id); |
| 528 if (state == security_state_.end()) |
| 529 return; |
| 530 |
| 531 state->second->GrantOrigin(origin); |
| 532 } |
| 533 |
506 void ChildProcessSecurityPolicyImpl::GrantScheme(int child_id, | 534 void ChildProcessSecurityPolicyImpl::GrantScheme(int child_id, |
507 const std::string& scheme) { | 535 const std::string& scheme) { |
508 base::AutoLock lock(lock_); | 536 base::AutoLock lock(lock_); |
509 | 537 |
510 SecurityStateMap::iterator state = security_state_.find(child_id); | 538 SecurityStateMap::iterator state = security_state_.find(child_id); |
511 if (state == security_state_.end()) | 539 if (state == security_state_.end()) |
512 return; | 540 return; |
513 | 541 |
514 state->second->GrantScheme(scheme); | 542 state->second->GrantScheme(scheme); |
515 } | 543 } |
(...skipping 322 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
838 base::AutoLock lock(lock_); | 866 base::AutoLock lock(lock_); |
839 | 867 |
840 SecurityStateMap::iterator state = security_state_.find(child_id); | 868 SecurityStateMap::iterator state = security_state_.find(child_id); |
841 if (state == security_state_.end()) | 869 if (state == security_state_.end()) |
842 return false; | 870 return false; |
843 | 871 |
844 return state->second->can_send_midi_sysex(); | 872 return state->second->can_send_midi_sysex(); |
845 } | 873 } |
846 | 874 |
847 } // namespace content | 875 } // namespace content |
OLD | NEW |