Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(607)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/child_process_security_policy_impl.cc

Issue 23549039: Preparing to support fragment resolution against non-hierarchical schemes (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Spelling mistake in comment fixed Created 7 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « content/browser/browser_url_handler_impl.cc ('k') | url/gurl.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/browser/child_process_security_policy_impl.h" 5 #include "content/browser/child_process_security_policy_impl.h"
6 6
7 #include "base/command_line.h" 7 #include "base/command_line.h"
8 #include "base/files/file_path.h" 8 #include "base/files/file_path.h"
9 #include "base/logging.h" 9 #include "base/logging.h"
10 #include "base/metrics/histogram.h" 10 #include "base/metrics/histogram.h"
(...skipping 370 matching lines...) Expand 10 before | Expand all | Expand 10 after
381 return; // The scheme has already been whitelisted for every child process. 381 return; // The scheme has already been whitelisted for every child process.
382 382
383 if (IsPseudoScheme(url.scheme())) { 383 if (IsPseudoScheme(url.scheme())) {
384 // The view-source scheme is a special case of a pseudo-URL that eventually 384 // The view-source scheme is a special case of a pseudo-URL that eventually
385 // results in requesting its embedded URL. 385 // results in requesting its embedded URL.
386 if (url.SchemeIs(kViewSourceScheme)) { 386 if (url.SchemeIs(kViewSourceScheme)) {
387 // URLs with the view-source scheme typically look like: 387 // URLs with the view-source scheme typically look like:
388 // view-source:http://www.google.com/a 388 // view-source:http://www.google.com/a
389 // In order to request these URLs, the child_id needs to be able to 389 // In order to request these URLs, the child_id needs to be able to
390 // request the embedded URL. 390 // request the embedded URL.
391 GrantRequestURL(child_id, GURL(url.path())); 391 GrantRequestURL(child_id, GURL(url.GetContent()));
392 } 392 }
393 393
394 return; // Can't grant the capability to request pseudo schemes. 394 return; // Can't grant the capability to request pseudo schemes.
395 } 395 }
396 396
397 { 397 {
398 base::AutoLock lock(lock_); 398 base::AutoLock lock(lock_);
399 SecurityStateMap::iterator state = security_state_.find(child_id); 399 SecurityStateMap::iterator state = security_state_.find(child_id);
400 if (state == security_state_.end()) 400 if (state == security_state_.end())
401 return; 401 return;
(...skipping 155 matching lines...) Expand 10 before | Expand all | Expand 10 after
557 557
558 if (IsWebSafeScheme(url.scheme())) 558 if (IsWebSafeScheme(url.scheme()))
559 return true; // The scheme has been white-listed for every child process. 559 return true; // The scheme has been white-listed for every child process.
560 560
561 if (IsPseudoScheme(url.scheme())) { 561 if (IsPseudoScheme(url.scheme())) {
562 // There are a number of special cases for pseudo schemes. 562 // There are a number of special cases for pseudo schemes.
563 563
564 if (url.SchemeIs(kViewSourceScheme)) { 564 if (url.SchemeIs(kViewSourceScheme)) {
565 // A view-source URL is allowed if the child process is permitted to 565 // A view-source URL is allowed if the child process is permitted to
566 // request the embedded URL. Careful to avoid pointless recursion. 566 // request the embedded URL. Careful to avoid pointless recursion.
567 GURL child_url(url.path()); 567 GURL child_url(url.GetContent());
568 if (child_url.SchemeIs(kViewSourceScheme) && 568 if (child_url.SchemeIs(kViewSourceScheme) &&
569 url.SchemeIs(kViewSourceScheme)) 569 url.SchemeIs(kViewSourceScheme))
570 return false; 570 return false;
571 571
572 return CanRequestURL(child_id, child_url); 572 return CanRequestURL(child_id, child_url);
573 } 573 }
574 574
575 if (LowerCaseEqualsASCII(url.spec(), kAboutBlankURL)) 575 if (LowerCaseEqualsASCII(url.spec(), kAboutBlankURL))
576 return true; // Every child process can request <about:blank>. 576 return true; // Every child process can request <about:blank>.
577 577
(...skipping 249 matching lines...) Expand 10 before | Expand all | Expand 10 after
827 base::AutoLock lock(lock_); 827 base::AutoLock lock(lock_);
828 828
829 SecurityStateMap::iterator state = security_state_.find(child_id); 829 SecurityStateMap::iterator state = security_state_.find(child_id);
830 if (state == security_state_.end()) 830 if (state == security_state_.end())
831 return false; 831 return false;
832 832
833 return state->second->can_send_midi_sysex(); 833 return state->second->can_send_midi_sysex();
834 } 834 }
835 835
836 } // namespace content 836 } // namespace content
OLDNEW
« no previous file with comments | « content/browser/browser_url_handler_impl.cc ('k') | url/gurl.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698