OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CONTENT_PUBLIC_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ | 5 #ifndef CONTENT_PUBLIC_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ |
6 #define CONTENT_PUBLIC_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ | 6 #define CONTENT_PUBLIC_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ |
7 | 7 |
8 #include <string> | 8 #include <string> |
9 | 9 |
10 #include "base/basictypes.h" | 10 #include "base/basictypes.h" |
(...skipping 113 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
124 // Grants permission to delete from filesystem |filesystem_id|. 'delete-from' | 124 // Grants permission to delete from filesystem |filesystem_id|. 'delete-from' |
125 // is used to allow deleting files into the destination filesystem without | 125 // is used to allow deleting files into the destination filesystem without |
126 // granting more general create and write permissions. | 126 // granting more general create and write permissions. |
127 virtual void GrantDeleteFromFileSystem(int child_id, | 127 virtual void GrantDeleteFromFileSystem(int child_id, |
128 const std::string& filesystem_id) = 0; | 128 const std::string& filesystem_id) = 0; |
129 | 129 |
130 // Grants the child process the capability to access URLs of the provided | 130 // Grants the child process the capability to access URLs of the provided |
131 // scheme. | 131 // scheme. |
132 virtual void GrantScheme(int child_id, const std::string& scheme) = 0; | 132 virtual void GrantScheme(int child_id, const std::string& scheme) = 0; |
133 | 133 |
134 // Grants the child process the capability to access URLs with both the | |
135 // provided scheme and host. | |
Charlie Reis
2015/09/22 17:38:15
Maybe we should be using url::Origins here, rather
paulmeyer
2015/09/22 22:13:57
Done and done.
Charlie Reis
2015/09/23 00:07:15
Please use url::Origins rather than strings (same
paulmeyer
2015/09/23 17:03:54
Sorry, I misunderstood. Now using url::Origin.
| |
136 virtual void GrantSchemeHost(int child_id, const std::string& scheme, | |
137 const std::string& host) = 0; | |
Charlie Reis
2015/09/22 17:38:15
Same style nit.
paulmeyer
2015/09/22 22:13:57
Done.
| |
138 | |
134 // Returns true if read access has been granted to |filesystem_id|. | 139 // Returns true if read access has been granted to |filesystem_id|. |
135 virtual bool CanReadFileSystem(int child_id, | 140 virtual bool CanReadFileSystem(int child_id, |
136 const std::string& filesystem_id) = 0; | 141 const std::string& filesystem_id) = 0; |
137 | 142 |
138 // Returns true if read and write access has been granted to |filesystem_id|. | 143 // Returns true if read and write access has been granted to |filesystem_id|. |
139 virtual bool CanReadWriteFileSystem(int child_id, | 144 virtual bool CanReadWriteFileSystem(int child_id, |
140 const std::string& filesystem_id) = 0; | 145 const std::string& filesystem_id) = 0; |
141 | 146 |
142 // Returns true if copy-into access has been granted to |filesystem_id|. | 147 // Returns true if copy-into access has been granted to |filesystem_id|. |
143 virtual bool CanCopyIntoFileSystem(int child_id, | 148 virtual bool CanCopyIntoFileSystem(int child_id, |
(...skipping 14 matching lines...) Expand all Loading... | |
158 // Returns true if the process is permitted to read and modify the data for | 163 // Returns true if the process is permitted to read and modify the data for |
159 // the given origin. This is currently used for cookies and passwords. | 164 // the given origin. This is currently used for cookies and passwords. |
160 // Does not affect cookies attached to or set by network requests. | 165 // Does not affect cookies attached to or set by network requests. |
161 // Only might return false if the --site-per-process flag is used. | 166 // Only might return false if the --site-per-process flag is used. |
162 virtual bool CanAccessDataForOrigin(int child_id, const GURL& gurl) = 0; | 167 virtual bool CanAccessDataForOrigin(int child_id, const GURL& gurl) = 0; |
163 }; | 168 }; |
164 | 169 |
165 } // namespace content | 170 } // namespace content |
166 | 171 |
167 #endif // CONTENT_PUBLIC_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ | 172 #endif // CONTENT_PUBLIC_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ |
OLD | NEW |