OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/child_process_security_policy_impl.h" | 5 #include "content/browser/child_process_security_policy_impl.h" |
6 | 6 |
7 #include <utility> | 7 #include <utility> |
8 | 8 |
9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
10 #include "base/files/file_path.h" | 10 #include "base/files/file_path.h" |
11 #include "base/logging.h" | 11 #include "base/logging.h" |
12 #include "base/macros.h" | 12 #include "base/macros.h" |
| 13 #include "base/memory/ptr_util.h" |
13 #include "base/metrics/histogram.h" | 14 #include "base/metrics/histogram.h" |
14 #include "base/stl_util.h" | 15 #include "base/stl_util.h" |
15 #include "base/strings/string_util.h" | 16 #include "base/strings/string_util.h" |
16 #include "build/build_config.h" | 17 #include "build/build_config.h" |
17 #include "content/browser/site_instance_impl.h" | 18 #include "content/browser/site_instance_impl.h" |
18 #include "content/common/site_isolation_policy.h" | 19 #include "content/common/site_isolation_policy.h" |
19 #include "content/public/browser/child_process_data.h" | 20 #include "content/public/browser/child_process_data.h" |
20 #include "content/public/browser/content_browser_client.h" | 21 #include "content/public/browser/content_browser_client.h" |
21 #include "content/public/browser/render_process_host.h" | 22 #include "content/public/browser/render_process_host.h" |
22 #include "content/public/common/bindings_policy.h" | 23 #include "content/public/common/bindings_policy.h" |
(...skipping 207 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
230 bool CanAccessDataForOrigin(const GURL& gurl) { | 231 bool CanAccessDataForOrigin(const GURL& gurl) { |
231 if (origin_lock_.is_empty()) | 232 if (origin_lock_.is_empty()) |
232 return true; | 233 return true; |
233 // TODO(creis): We must pass the valid browser_context to convert hosted | 234 // TODO(creis): We must pass the valid browser_context to convert hosted |
234 // apps URLs. Currently, hosted apps cannot set cookies in this mode. | 235 // apps URLs. Currently, hosted apps cannot set cookies in this mode. |
235 // See http://crbug.com/160576. | 236 // See http://crbug.com/160576. |
236 GURL site_gurl = SiteInstanceImpl::GetSiteForURL(NULL, gurl); | 237 GURL site_gurl = SiteInstanceImpl::GetSiteForURL(NULL, gurl); |
237 return origin_lock_ == site_gurl; | 238 return origin_lock_ == site_gurl; |
238 } | 239 } |
239 | 240 |
| 241 // TODO(nick): Remove this once we understand http://crbug.com/600441 |
| 242 GURL GetOriginLock() { return origin_lock_; } |
| 243 |
240 void LockToOrigin(const GURL& gurl) { | 244 void LockToOrigin(const GURL& gurl) { |
241 origin_lock_ = gurl; | 245 origin_lock_ = gurl; |
242 } | 246 } |
243 | 247 |
244 bool has_web_ui_bindings() const { | 248 bool has_web_ui_bindings() const { |
245 return enabled_bindings_ & BINDINGS_POLICY_WEB_UI; | 249 return enabled_bindings_ & BINDINGS_POLICY_WEB_UI; |
246 } | 250 } |
247 | 251 |
248 bool can_read_raw_cookies() const { | 252 bool can_read_raw_cookies() const { |
249 return can_read_raw_cookies_; | 253 return can_read_raw_cookies_; |
(...skipping 565 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
815 | 819 |
816 bool ChildProcessSecurityPolicyImpl::CanAccessDataForOrigin(int child_id, | 820 bool ChildProcessSecurityPolicyImpl::CanAccessDataForOrigin(int child_id, |
817 const GURL& gurl) { | 821 const GURL& gurl) { |
818 base::AutoLock lock(lock_); | 822 base::AutoLock lock(lock_); |
819 SecurityStateMap::iterator state = security_state_.find(child_id); | 823 SecurityStateMap::iterator state = security_state_.find(child_id); |
820 if (state == security_state_.end()) | 824 if (state == security_state_.end()) |
821 return false; | 825 return false; |
822 return state->second->CanAccessDataForOrigin(gurl); | 826 return state->second->CanAccessDataForOrigin(gurl); |
823 } | 827 } |
824 | 828 |
| 829 // TODO(nick): Remove this once we understand http://crbug.com/600441 |
| 830 std::unique_ptr<base::debug::ScopedCrashKey> |
| 831 ChildProcessSecurityPolicyImpl::GetOriginLockCrashKey(int child_id) { |
| 832 base::AutoLock lock(lock_); |
| 833 SecurityStateMap::iterator state = security_state_.find(child_id); |
| 834 return base::WrapUnique(new base::debug::ScopedCrashKey( |
| 835 "security_policy_origin_lock", |
| 836 state == security_state_.end() |
| 837 ? "not-found" |
| 838 : state->second->GetOriginLock().possibly_invalid_spec())); |
| 839 } |
| 840 |
825 void ChildProcessSecurityPolicyImpl::LockToOrigin(int child_id, | 841 void ChildProcessSecurityPolicyImpl::LockToOrigin(int child_id, |
826 const GURL& gurl) { | 842 const GURL& gurl) { |
827 // "gurl" can be currently empty in some cases, such as file://blah. | 843 // "gurl" can be currently empty in some cases, such as file://blah. |
828 DCHECK(SiteInstanceImpl::GetSiteForURL(NULL, gurl) == gurl); | 844 DCHECK(SiteInstanceImpl::GetSiteForURL(NULL, gurl) == gurl); |
829 base::AutoLock lock(lock_); | 845 base::AutoLock lock(lock_); |
830 SecurityStateMap::iterator state = security_state_.find(child_id); | 846 SecurityStateMap::iterator state = security_state_.find(child_id); |
831 DCHECK(state != security_state_.end()); | 847 DCHECK(state != security_state_.end()); |
832 state->second->LockToOrigin(gurl); | 848 state->second->LockToOrigin(gurl); |
833 } | 849 } |
834 | 850 |
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
867 base::AutoLock lock(lock_); | 883 base::AutoLock lock(lock_); |
868 | 884 |
869 SecurityStateMap::iterator state = security_state_.find(child_id); | 885 SecurityStateMap::iterator state = security_state_.find(child_id); |
870 if (state == security_state_.end()) | 886 if (state == security_state_.end()) |
871 return false; | 887 return false; |
872 | 888 |
873 return state->second->can_send_midi_sysex(); | 889 return state->second->can_send_midi_sysex(); |
874 } | 890 } |
875 | 891 |
876 } // namespace content | 892 } // namespace content |
OLD | NEW |