Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(791)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/child_process_security_policy_impl.h

Issue 19599006: ChildProcessSecurityPolicy: Deprecate bitmask-based permissions checks for files. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: fix test on win Created 7 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | content/browser/child_process_security_policy_impl.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ 5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_
6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ 6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_
7 7
8 8
9 #include <map> 9 #include <map>
10 #include <set> 10 #include <set>
(...skipping 26 matching lines...) Expand all
37 // private. 37 // private.
38 virtual ~ChildProcessSecurityPolicyImpl(); 38 virtual ~ChildProcessSecurityPolicyImpl();
39 39
40 static ChildProcessSecurityPolicyImpl* GetInstance(); 40 static ChildProcessSecurityPolicyImpl* GetInstance();
41 41
42 // ChildProcessSecurityPolicy implementation. 42 // ChildProcessSecurityPolicy implementation.
43 virtual void RegisterWebSafeScheme(const std::string& scheme) OVERRIDE; 43 virtual void RegisterWebSafeScheme(const std::string& scheme) OVERRIDE;
44 virtual bool IsWebSafeScheme(const std::string& scheme) OVERRIDE; 44 virtual bool IsWebSafeScheme(const std::string& scheme) OVERRIDE;
45 virtual void GrantReadFile(int child_id, const base::FilePath& file) OVERRIDE; 45 virtual void GrantReadFile(int child_id, const base::FilePath& file) OVERRIDE;
46 virtual void GrantCreateReadWriteFile(int child_id, 46 virtual void GrantCreateReadWriteFile(int child_id,
47 const base::FilePath& file) OVERRIDE; 47 const base::FilePath& file) OVERRIDE;
48 virtual void GrantCreateWriteFile(int child_id, 48 virtual void GrantCreateWriteFile(int child_id,
49 const base::FilePath& file) OVERRIDE; 49 const base::FilePath& file) OVERRIDE;
50 virtual void GrantReadFileSystem( 50 virtual void GrantReadFileSystem(
51 int child_id, 51 int child_id,
52 const std::string& filesystem_id) OVERRIDE; 52 const std::string& filesystem_id) OVERRIDE;
53 virtual void GrantWriteFileSystem( 53 virtual void GrantWriteFileSystem(
54 int child_id, 54 int child_id,
55 const std::string& filesystem_id) OVERRIDE; 55 const std::string& filesystem_id) OVERRIDE;
56 virtual void GrantCreateFileForFileSystem( 56 virtual void GrantCreateFileForFileSystem(
57 int child_id, 57 int child_id,
58 const std::string& filesystem_id) OVERRIDE; 58 const std::string& filesystem_id) OVERRIDE;
59 virtual void GrantCopyIntoFileSystem( 59 virtual void GrantCopyIntoFileSystem(
60 int child_id, 60 int child_id,
61 const std::string& filesystem_id) OVERRIDE; 61 const std::string& filesystem_id) OVERRIDE;
62 virtual void GrantScheme(int child_id, const std::string& scheme) OVERRIDE; 62 virtual void GrantScheme(int child_id, const std::string& scheme) OVERRIDE;
63 virtual bool CanReadFile(int child_id, const base::FilePath& file) OVERRIDE; 63 virtual bool CanReadFile(int child_id, const base::FilePath& file) OVERRIDE;
64 virtual bool CanWriteFile(int child_id, const base::FilePath& file) OVERRIDE;
65 virtual bool CanCreateFile(int child_id, const base::FilePath& file) OVERRIDE;
66 virtual bool CanCreateWriteFile(int child_id,
67 const base::FilePath& file) OVERRIDE;
64 virtual bool CanReadFileSystem(int child_id, 68 virtual bool CanReadFileSystem(int child_id,
65 const std::string& filesystem_id) OVERRIDE; 69 const std::string& filesystem_id) OVERRIDE;
66 virtual bool CanReadWriteFileSystem( 70 virtual bool CanReadWriteFileSystem(
67 int child_id, 71 int child_id,
68 const std::string& filesystem_id) OVERRIDE; 72 const std::string& filesystem_id) OVERRIDE;
69 virtual bool CanCopyIntoFileSystem(int child_id, 73 virtual bool CanCopyIntoFileSystem(int child_id,
70 const std::string& filesystem_id) OVERRIDE; 74 const std::string& filesystem_id) OVERRIDE;
71 75
72 // Pseudo schemes are treated differently than other schemes because they 76 // Pseudo schemes are treated differently than other schemes because they
73 // cannot be requested like normal URLs. There is no mechanism for revoking 77 // cannot be requested like normal URLs. There is no mechanism for revoking
(...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after
127 // the given origin in main frames or subframes. 131 // the given origin in main frames or subframes.
128 // Only might return false if --site-per-process flag is used. 132 // Only might return false if --site-per-process flag is used.
129 bool CanLoadPage(int child_id, 133 bool CanLoadPage(int child_id,
130 const GURL& url, 134 const GURL& url,
131 ResourceType::Type resource_type); 135 ResourceType::Type resource_type);
132 136
133 // Before servicing a child process's request to enumerate a directory 137 // Before servicing a child process's request to enumerate a directory
134 // the browser should call this method to check for the capability. 138 // the browser should call this method to check for the capability.
135 bool CanReadDirectory(int child_id, const base::FilePath& directory); 139 bool CanReadDirectory(int child_id, const base::FilePath& directory);
136 140
141 // Deprecated: Use CanReadFile, etc. methods instead.
137 // Determines if certain permissions were granted for a file. |permissions| 142 // Determines if certain permissions were granted for a file. |permissions|
138 // must be a bitwise-or'd value of base::PlatformFileFlags. 143 // must be a bitwise-or'd value of base::PlatformFileFlags.
139 bool HasPermissionsForFile(int child_id, 144 bool HasPermissionsForFile(int child_id,
140 const base::FilePath& file, 145 const base::FilePath& file,
141 int permissions); 146 int permissions);
142 147
148 // Deprecated: Use CanReadFileSystemFile, etc. methods instead.
143 // Determines if certain permissions were granted for a file in FileSystem 149 // Determines if certain permissions were granted for a file in FileSystem
144 // API. |permissions| must be a bitwise-or'd value of base::PlatformFileFlags. 150 // API. |permissions| must be a bitwise-or'd value of base::PlatformFileFlags.
145 bool HasPermissionsForFileSystemFile(int child_id, 151 bool HasPermissionsForFileSystemFile(int child_id,
146 const fileapi::FileSystemURL& url, 152 const fileapi::FileSystemURL& url,
147 int permissions); 153 int permissions);
148 154
155 // Explicit permissions checks for FileSystemURL specified files.
156 bool CanReadFileSystemFile(int child_id, const fileapi::FileSystemURL& url);
157 bool CanWriteFileSystemFile(int child_id, const fileapi::FileSystemURL& url);
158 bool CanCreateFileSystemFile(int child_id, const fileapi::FileSystemURL& url);
159 bool CanCreateWriteFileSystemFile(int child_id,
160 const fileapi::FileSystemURL& url);
161
149 // Returns true if the specified child_id has been granted WebUIBindings. 162 // Returns true if the specified child_id has been granted WebUIBindings.
150 // The browser should check this property before assuming the child process is 163 // The browser should check this property before assuming the child process is
151 // allowed to use WebUIBindings. 164 // allowed to use WebUIBindings.
152 bool HasWebUIBindings(int child_id); 165 bool HasWebUIBindings(int child_id);
153 166
154 // Returns true if the specified child_id has been granted ReadRawCookies. 167 // Returns true if the specified child_id has been granted ReadRawCookies.
155 bool CanReadRawCookies(int child_id); 168 bool CanReadRawCookies(int child_id);
156 169
157 // Returns true if the process is permitted to read and modify the cookies for 170 // Returns true if the process is permitted to read and modify the cookies for
158 // the given origin. Does not affect cookies attached to or set by network 171 // the given origin. Does not affect cookies attached to or set by network
(...skipping 93 matching lines...) Expand 10 before | Expand all | Expand 10 after
252 WorkerToMainProcessMap worker_map_; 265 WorkerToMainProcessMap worker_map_;
253 266
254 FileSystemPermissionPolicyMap file_system_policy_map_; 267 FileSystemPermissionPolicyMap file_system_policy_map_;
255 268
256 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicyImpl); 269 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicyImpl);
257 }; 270 };
258 271
259 } // namespace content 272 } // namespace content
260 273
261 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ 274 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_
OLDNEW
« no previous file with comments | « no previous file | content/browser/child_process_security_policy_impl.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698