OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/chrome_content_browser_client.h" | 5 #include "chrome/browser/chrome_content_browser_client.h" |
6 | 6 |
7 #include <map> | 7 #include <map> |
8 #include <set> | 8 #include <set> |
9 #include <utility> | 9 #include <utility> |
10 #include <vector> | 10 #include <vector> |
(...skipping 147 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
158 #include "net/cookies/canonical_cookie.h" | 158 #include "net/cookies/canonical_cookie.h" |
159 #include "net/cookies/cookie_options.h" | 159 #include "net/cookies/cookie_options.h" |
160 #include "net/ssl/ssl_cert_request_info.h" | 160 #include "net/ssl/ssl_cert_request_info.h" |
161 #include "ppapi/host/ppapi_host.h" | 161 #include "ppapi/host/ppapi_host.h" |
162 #include "storage/browser/fileapi/external_mount_points.h" | 162 #include "storage/browser/fileapi/external_mount_points.h" |
163 #include "ui/base/l10n/l10n_util.h" | 163 #include "ui/base/l10n/l10n_util.h" |
164 #include "ui/base/resource/resource_bundle.h" | 164 #include "ui/base/resource/resource_bundle.h" |
165 #include "ui/resources/grit/ui_resources.h" | 165 #include "ui/resources/grit/ui_resources.h" |
166 | 166 |
167 #if defined(OS_WIN) | 167 #if defined(OS_WIN) |
168 #include "base/strings/string_tokenizer.h" | |
169 #include "base/strings/string_util.h" | |
jam
2016/01/26 15:18:51
this is already above, so remove
Will Harris
2016/01/26 22:57:54
Done.
| |
168 #include "base/win/windows_version.h" | 170 #include "base/win/windows_version.h" |
169 #include "chrome/browser/chrome_browser_main_win.h" | 171 #include "chrome/browser/chrome_browser_main_win.h" |
172 #include "components/variations/variations_associated_data.h" | |
jam
2016/01/26 15:18:51
ditto
Will Harris
2016/01/26 22:57:54
Done.
| |
170 #include "sandbox/win/src/sandbox_policy.h" | 173 #include "sandbox/win/src/sandbox_policy.h" |
171 #elif defined(OS_MACOSX) | 174 #elif defined(OS_MACOSX) |
172 #include "chrome/browser/chrome_browser_main_mac.h" | 175 #include "chrome/browser/chrome_browser_main_mac.h" |
173 #elif defined(OS_CHROMEOS) | 176 #elif defined(OS_CHROMEOS) |
174 #include "chrome/browser/chromeos/attestation/platform_verification_impl.h" | 177 #include "chrome/browser/chromeos/attestation/platform_verification_impl.h" |
175 #include "chrome/browser/chromeos/chrome_browser_main_chromeos.h" | 178 #include "chrome/browser/chromeos/chrome_browser_main_chromeos.h" |
176 #include "chrome/browser/chromeos/drive/fileapi/file_system_backend_delegate.h" | 179 #include "chrome/browser/chromeos/drive/fileapi/file_system_backend_delegate.h" |
177 #include "chrome/browser/chromeos/file_manager/app_id.h" | 180 #include "chrome/browser/chromeos/file_manager/app_id.h" |
178 #include "chrome/browser/chromeos/file_system_provider/fileapi/backend_delegate. h" | 181 #include "chrome/browser/chromeos/file_system_provider/fileapi/backend_delegate. h" |
179 #include "chrome/browser/chromeos/fileapi/file_system_backend.h" | 182 #include "chrome/browser/chromeos/fileapi/file_system_backend.h" |
(...skipping 2449 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
2629 if (result != sandbox::SBOX_ALL_OK) | 2632 if (result != sandbox::SBOX_ALL_OK) |
2630 return false; | 2633 return false; |
2631 | 2634 |
2632 // Renderers need to send named pipe handles and shared memory | 2635 // Renderers need to send named pipe handles and shared memory |
2633 // segment handles to NaCl loader processes. | 2636 // segment handles to NaCl loader processes. |
2634 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_HANDLES, | 2637 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_HANDLES, |
2635 sandbox::TargetPolicy::HANDLES_DUP_ANY, | 2638 sandbox::TargetPolicy::HANDLES_DUP_ANY, |
2636 L"File"); | 2639 L"File"); |
2637 return result == sandbox::SBOX_ALL_OK; | 2640 return result == sandbox::SBOX_ALL_OK; |
2638 } | 2641 } |
2639 #endif | 2642 |
2643 bool ChromeContentBrowserClient::IsWin32kLockdownEnabledForMimeType( | |
2644 const std::string& mime_type) const { | |
2645 // First, check if any variation parameters have enabled or disabled this | |
2646 // mime type either specifically or globally. | |
2647 std::map<std::string, std::string> mime_params; | |
2648 if (variations::GetVariationParams("EnableWin32kLockDownMimeTypes", | |
2649 &mime_params)) { | |
2650 bool enabled = false; | |
2651 for (const auto& param : mime_params) { | |
2652 if (param.first == mime_type || param.first == "*") { | |
2653 // Disabled entries take precedence over Enabled entries. | |
2654 if (base::StartsWith(param.second, "Disabled", | |
2655 base::CompareCase::INSENSITIVE_ASCII)) { | |
2656 return false; | |
2657 } | |
2658 if (base::StartsWith(param.second, "Enabled", | |
2659 base::CompareCase::INSENSITIVE_ASCII)) { | |
2660 enabled = true; | |
2661 } | |
2662 } | |
2663 } | |
2664 return enabled; | |
2665 } | |
2666 | |
2667 // Second, check the command line to see if this mime type is enabled | |
2668 // either specifically or globally. | |
2669 const base::CommandLine* cmd_line = base::CommandLine::ForCurrentProcess(); | |
2670 | |
2671 if (!cmd_line->HasSwitch(switches::kEnableWin32kLockDownMimeTypes)) | |
2672 return false; | |
2673 | |
2674 std::string mime_types = | |
2675 cmd_line->GetSwitchValueASCII(switches::kEnableWin32kLockDownMimeTypes); | |
2676 | |
2677 // Consider the value * to enable all mime types for lockdown. | |
2678 if (mime_types == "*") | |
2679 return true; | |
2680 | |
2681 base::StringTokenizer tokenizer(mime_types, ","); | |
2682 tokenizer.set_quote_chars("\""); | |
2683 while (tokenizer.GetNext()) { | |
2684 if (tokenizer.token() == mime_type) | |
2685 return true; | |
2686 } | |
2687 | |
2688 return false; | |
2689 } | |
2690 #endif // defined(OS_WIN) | |
2640 | 2691 |
2641 void ChromeContentBrowserClient::RegisterFrameMojoShellServices( | 2692 void ChromeContentBrowserClient::RegisterFrameMojoShellServices( |
2642 content::ServiceRegistry* registry, | 2693 content::ServiceRegistry* registry, |
2643 content::RenderFrameHost* render_frame_host) { | 2694 content::RenderFrameHost* render_frame_host) { |
2644 #if defined(OS_CHROMEOS) | 2695 #if defined(OS_CHROMEOS) |
2645 registry->AddService( | 2696 registry->AddService( |
2646 base::Bind(&chromeos::attestation::PlatformVerificationImpl::Create, | 2697 base::Bind(&chromeos::attestation::PlatformVerificationImpl::Create, |
2647 render_frame_host)); | 2698 render_frame_host)); |
2648 #endif | 2699 #endif |
2649 } | 2700 } |
(...skipping 174 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
2824 if (channel <= kMaxDisableEncryptionChannel) { | 2875 if (channel <= kMaxDisableEncryptionChannel) { |
2825 static const char* const kWebRtcDevSwitchNames[] = { | 2876 static const char* const kWebRtcDevSwitchNames[] = { |
2826 switches::kDisableWebRtcEncryption, | 2877 switches::kDisableWebRtcEncryption, |
2827 }; | 2878 }; |
2828 to_command_line->CopySwitchesFrom(from_command_line, | 2879 to_command_line->CopySwitchesFrom(from_command_line, |
2829 kWebRtcDevSwitchNames, | 2880 kWebRtcDevSwitchNames, |
2830 arraysize(kWebRtcDevSwitchNames)); | 2881 arraysize(kWebRtcDevSwitchNames)); |
2831 } | 2882 } |
2832 } | 2883 } |
2833 #endif // defined(ENABLE_WEBRTC) | 2884 #endif // defined(ENABLE_WEBRTC) |
OLD | NEW |