Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(478)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/browser/child_process_security_policy_impl.h

Issue 2364633004: Lock down the registration of blob:chrome-extension:// URLs (Closed)
Patch Set: Pare down CL Created 4 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« chrome/browser/extensions/process_manager_browsertest.cc ('K') | « content/browser/blob_storage/blob_dispatcher_host.cc ('k') | content/browser/child_process_security_policy_impl.cc » ('j') | content/browser/child_process_security_policy_impl.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/child_process_security_policy_impl.h
diff --git a/content/browser/child_process_security_policy_impl.h b/content/browser/child_process_security_policy_impl.h
index e0eaf4a971dd72990491ecf6dc4b0a20c3596a80..6103bb708ef7acac7fc946dcfcbb5fa729cd7739 100644
--- a/content/browser/child_process_security_policy_impl.h
+++ b/content/browser/child_process_security_policy_impl.h
@@ -43,6 +43,7 @@ class CONTENT_EXPORT ChildProcessSecurityPolicyImpl
// ChildProcessSecurityPolicy implementation.
void RegisterWebSafeScheme(const std::string& scheme) override;
+ void RegisterWebSafeIsolatedScheme(const std::string& scheme) override;
bool IsWebSafeScheme(const std::string& scheme) override;
void GrantReadFile(int child_id, const base::FilePath& file) override;
void GrantCreateReadWriteFile(int child_id,
@@ -64,6 +65,8 @@ class CONTENT_EXPORT ChildProcessSecurityPolicyImpl
const std::string& filesystem_id) override;
void GrantOrigin(int child_id, const url::Origin& origin) override;
void GrantScheme(int child_id, const std::string& scheme) override;
+ bool CanRequestURL(int child_id, const GURL& url) override;
+ bool CanCommitURL(int child_id, const GURL& url) override;
bool CanReadFile(int child_id, const base::FilePath& file) override;
bool CanCreateReadWriteFile(int child_id,
const base::FilePath& file) override;
@@ -127,16 +130,6 @@ class CONTENT_EXPORT ChildProcessSecurityPolicyImpl
// Revoke read raw cookies permission.
void RevokeReadRawCookies(int child_id);
- // Before servicing a child process's request for a URL, the browser should
- // call this method to determine whether the process has the capability to
- // request the URL.
- bool CanRequestURL(int child_id, const GURL& url);
-
- // Whether the process is allowed to commit a document from the given URL.
- // This is more restrictive than CanRequestURL, since CanRequestURL allows
- // requests that might lead to cross-process navigations or external protocol
- // handlers.
- bool CanCommitURL(int child_id, const GURL& url);
// Whether the given origin is valid for an origin header. Valid origin
// headers are commitable URLs plus suborigin URLs.
@@ -237,7 +230,8 @@ class CONTENT_EXPORT ChildProcessSecurityPolicyImpl
// These schemes are white-listed for all child processes. This set is
// protected by |lock_|.
- SchemeSet web_safe_schemes_;
+ SchemeSet schemes_okay_to_commit_in_any_process_;
+ SchemeSet schemes_okay_to_request_in_any_process_;
// These schemes do not actually represent retrievable URLs. For example,
// the the URLs in the "about" scheme are aliases to other URLs. This set is
« chrome/browser/extensions/process_manager_browsertest.cc ('K') | « content/browser/blob_storage/blob_dispatcher_host.cc ('k') | content/browser/child_process_security_policy_impl.cc » ('j') | content/browser/child_process_security_policy_impl.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698