Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1261)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/public/browser/child_process_security_policy.h

Issue 1362433002: Fix for "chrome://" links in PDFs. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Added tests. Addressed comments. Created 5 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« content/browser/child_process_security_policy_unittest.cc ('K') | « content/browser/child_process_security_policy_unittest.cc ('k') | extensions/browser/extension_web_contents_observer.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef CONTENT_PUBLIC_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ 5 #ifndef CONTENT_PUBLIC_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_
6 #define CONTENT_PUBLIC_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ 6 #define CONTENT_PUBLIC_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_
7 7
8 #include <string> 8 #include <string>
9 9
10 #include "base/basictypes.h" 10 #include "base/basictypes.h"
11 #include "content/common/content_export.h" 11 #include "content/common/content_export.h"
12 #include "url/gurl.h" 12 #include "url/gurl.h"
13 #include "url/origin.h"
13 14
14 namespace base { 15 namespace base {
15 class FilePath; 16 class FilePath;
16 } 17 }
17 18
18 namespace content { 19 namespace content {
19 20
20 // The ChildProcessSecurityPolicy class is used to grant and revoke security 21 // The ChildProcessSecurityPolicy class is used to grant and revoke security
21 // capabilities for child processes. For example, it restricts whether a child 22 // capabilities for child processes. For example, it restricts whether a child
22 // process is permitted to load file:// URLs based on whether the process 23 // process is permitted to load file:// URLs based on whether the process
(...skipping 97 matching lines...) Expand 10 before | Expand all | Expand 10 after
120 // granting more general create and write permissions. 121 // granting more general create and write permissions.
121 virtual void GrantCopyIntoFileSystem(int child_id, 122 virtual void GrantCopyIntoFileSystem(int child_id,
122 const std::string& filesystem_id) = 0; 123 const std::string& filesystem_id) = 0;
123 124
124 // Grants permission to delete from filesystem |filesystem_id|. 'delete-from' 125 // Grants permission to delete from filesystem |filesystem_id|. 'delete-from'
125 // is used to allow deleting files into the destination filesystem without 126 // is used to allow deleting files into the destination filesystem without
126 // granting more general create and write permissions. 127 // granting more general create and write permissions.
127 virtual void GrantDeleteFromFileSystem(int child_id, 128 virtual void GrantDeleteFromFileSystem(int child_id,
128 const std::string& filesystem_id) = 0; 129 const std::string& filesystem_id) = 0;
129 130
131 // Grants the child process the capability to access URLs with the provided
132 // origin.
133 virtual void GrantOrigin(int child_id, const url::Origin& origin) = 0;
134
130 // Grants the child process the capability to access URLs of the provided 135 // Grants the child process the capability to access URLs of the provided
131 // scheme. 136 // scheme.
132 virtual void GrantScheme(int child_id, const std::string& scheme) = 0; 137 virtual void GrantScheme(int child_id, const std::string& scheme) = 0;
133 138
134 // Returns true if read access has been granted to |filesystem_id|. 139 // Returns true if read access has been granted to |filesystem_id|.
135 virtual bool CanReadFileSystem(int child_id, 140 virtual bool CanReadFileSystem(int child_id,
136 const std::string& filesystem_id) = 0; 141 const std::string& filesystem_id) = 0;
137 142
138 // Returns true if read and write access has been granted to |filesystem_id|. 143 // Returns true if read and write access has been granted to |filesystem_id|.
139 virtual bool CanReadWriteFileSystem(int child_id, 144 virtual bool CanReadWriteFileSystem(int child_id,
(...skipping 18 matching lines...) Expand all
158 // Returns true if the process is permitted to read and modify the data for 163 // Returns true if the process is permitted to read and modify the data for
159 // the given origin. This is currently used for cookies and passwords. 164 // the given origin. This is currently used for cookies and passwords.
160 // Does not affect cookies attached to or set by network requests. 165 // Does not affect cookies attached to or set by network requests.
161 // Only might return false if the --site-per-process flag is used. 166 // Only might return false if the --site-per-process flag is used.
162 virtual bool CanAccessDataForOrigin(int child_id, const GURL& gurl) = 0; 167 virtual bool CanAccessDataForOrigin(int child_id, const GURL& gurl) = 0;
163 }; 168 };
164 169
165 } // namespace content 170 } // namespace content
166 171
167 #endif // CONTENT_PUBLIC_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ 172 #endif // CONTENT_PUBLIC_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_
OLDNEW
« content/browser/child_process_security_policy_unittest.cc ('K') | « content/browser/child_process_security_policy_unittest.cc ('k') | extensions/browser/extension_web_contents_observer.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698