| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ | 5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ |
| 6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ | 6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ |
| 7 | 7 |
| 8 #include <map> | 8 #include <map> |
| 9 #include <memory> | 9 #include <memory> |
| 10 #include <set> | 10 #include <set> |
| (...skipping 25 matching lines...) Expand all Loading... |
| 36 : NON_EXPORTED_BASE(public ChildProcessSecurityPolicy) { | 36 : NON_EXPORTED_BASE(public ChildProcessSecurityPolicy) { |
| 37 public: | 37 public: |
| 38 // Object can only be created through GetInstance() so the constructor is | 38 // Object can only be created through GetInstance() so the constructor is |
| 39 // private. | 39 // private. |
| 40 ~ChildProcessSecurityPolicyImpl() override; | 40 ~ChildProcessSecurityPolicyImpl() override; |
| 41 | 41 |
| 42 static ChildProcessSecurityPolicyImpl* GetInstance(); | 42 static ChildProcessSecurityPolicyImpl* GetInstance(); |
| 43 | 43 |
| 44 // ChildProcessSecurityPolicy implementation. | 44 // ChildProcessSecurityPolicy implementation. |
| 45 void RegisterWebSafeScheme(const std::string& scheme) override; | 45 void RegisterWebSafeScheme(const std::string& scheme) override; |
| 46 void RegisterWebSafeIsolatedScheme( | |
| 47 const std::string& scheme, | |
| 48 bool always_allow_in_origin_headers) override; | |
| 49 bool IsWebSafeScheme(const std::string& scheme) override; | 46 bool IsWebSafeScheme(const std::string& scheme) override; |
| 50 void GrantReadFile(int child_id, const base::FilePath& file) override; | 47 void GrantReadFile(int child_id, const base::FilePath& file) override; |
| 51 void GrantCreateReadWriteFile(int child_id, | 48 void GrantCreateReadWriteFile(int child_id, |
| 52 const base::FilePath& file) override; | 49 const base::FilePath& file) override; |
| 53 void GrantCopyInto(int child_id, const base::FilePath& dir) override; | 50 void GrantCopyInto(int child_id, const base::FilePath& dir) override; |
| 54 void GrantDeleteFrom(int child_id, const base::FilePath& dir) override; | 51 void GrantDeleteFrom(int child_id, const base::FilePath& dir) override; |
| 55 void GrantReadFileSystem(int child_id, | 52 void GrantReadFileSystem(int child_id, |
| 56 const std::string& filesystem_id) override; | 53 const std::string& filesystem_id) override; |
| 57 void GrantWriteFileSystem(int child_id, | 54 void GrantWriteFileSystem(int child_id, |
| 58 const std::string& filesystem_id) override; | 55 const std::string& filesystem_id) override; |
| 59 void GrantCreateFileForFileSystem(int child_id, | 56 void GrantCreateFileForFileSystem(int child_id, |
| 60 const std::string& filesystem_id) override; | 57 const std::string& filesystem_id) override; |
| 61 void GrantCreateReadWriteFileSystem( | 58 void GrantCreateReadWriteFileSystem( |
| 62 int child_id, | 59 int child_id, |
| 63 const std::string& filesystem_id) override; | 60 const std::string& filesystem_id) override; |
| 64 void GrantCopyIntoFileSystem(int child_id, | 61 void GrantCopyIntoFileSystem(int child_id, |
| 65 const std::string& filesystem_id) override; | 62 const std::string& filesystem_id) override; |
| 66 void GrantDeleteFromFileSystem(int child_id, | 63 void GrantDeleteFromFileSystem(int child_id, |
| 67 const std::string& filesystem_id) override; | 64 const std::string& filesystem_id) override; |
| 68 void GrantOrigin(int child_id, const url::Origin& origin) override; | 65 void GrantOrigin(int child_id, const url::Origin& origin) override; |
| 69 void GrantScheme(int child_id, const std::string& scheme) override; | 66 void GrantScheme(int child_id, const std::string& scheme) override; |
| 70 bool CanRequestURL(int child_id, const GURL& url) override; | |
| 71 bool CanCommitURL(int child_id, const GURL& url) override; | |
| 72 bool CanReadFile(int child_id, const base::FilePath& file) override; | 67 bool CanReadFile(int child_id, const base::FilePath& file) override; |
| 73 bool CanCreateReadWriteFile(int child_id, | 68 bool CanCreateReadWriteFile(int child_id, |
| 74 const base::FilePath& file) override; | 69 const base::FilePath& file) override; |
| 75 bool CanReadFileSystem(int child_id, | 70 bool CanReadFileSystem(int child_id, |
| 76 const std::string& filesystem_id) override; | 71 const std::string& filesystem_id) override; |
| 77 bool CanReadWriteFileSystem(int child_id, | 72 bool CanReadWriteFileSystem(int child_id, |
| 78 const std::string& filesystem_id) override; | 73 const std::string& filesystem_id) override; |
| 79 bool CanCopyIntoFileSystem(int child_id, | 74 bool CanCopyIntoFileSystem(int child_id, |
| 80 const std::string& filesystem_id) override; | 75 const std::string& filesystem_id) override; |
| 81 bool CanDeleteFromFileSystem(int child_id, | 76 bool CanDeleteFromFileSystem(int child_id, |
| (...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 125 | 120 |
| 126 // Grant the child process the ability to use Web UI Bindings. | 121 // Grant the child process the ability to use Web UI Bindings. |
| 127 void GrantWebUIBindings(int child_id); | 122 void GrantWebUIBindings(int child_id); |
| 128 | 123 |
| 129 // Grant the child process the ability to read raw cookies. | 124 // Grant the child process the ability to read raw cookies. |
| 130 void GrantReadRawCookies(int child_id); | 125 void GrantReadRawCookies(int child_id); |
| 131 | 126 |
| 132 // Revoke read raw cookies permission. | 127 // Revoke read raw cookies permission. |
| 133 void RevokeReadRawCookies(int child_id); | 128 void RevokeReadRawCookies(int child_id); |
| 134 | 129 |
| 130 // Before servicing a child process's request for a URL, the browser should |
| 131 // call this method to determine whether the process has the capability to |
| 132 // request the URL. |
| 133 bool CanRequestURL(int child_id, const GURL& url); |
| 134 |
| 135 // Whether the process is allowed to commit a document from the given URL. |
| 136 // This is more restrictive than CanRequestURL, since CanRequestURL allows |
| 137 // requests that might lead to cross-process navigations or external protocol |
| 138 // handlers. |
| 139 bool CanCommitURL(int child_id, const GURL& url); |
| 140 |
| 135 // Whether the given origin is valid for an origin header. Valid origin | 141 // Whether the given origin is valid for an origin header. Valid origin |
| 136 // headers are commitable URLs plus suborigin URLs. | 142 // headers are commitable URLs plus suborigin URLs. |
| 137 bool CanSetAsOriginHeader(int child_id, const GURL& url); | 143 bool CanSetAsOriginHeader(int child_id, const GURL& url); |
| 138 | 144 |
| 139 // Explicit permissions checks for FileSystemURL specified files. | 145 // Explicit permissions checks for FileSystemURL specified files. |
| 140 bool CanReadFileSystemFile(int child_id, const storage::FileSystemURL& url); | 146 bool CanReadFileSystemFile(int child_id, const storage::FileSystemURL& url); |
| 141 bool CanWriteFileSystemFile(int child_id, const storage::FileSystemURL& url); | 147 bool CanWriteFileSystemFile(int child_id, const storage::FileSystemURL& url); |
| 142 bool CanCreateFileSystemFile(int child_id, const storage::FileSystemURL& url); | 148 bool CanCreateFileSystemFile(int child_id, const storage::FileSystemURL& url); |
| 143 bool CanCreateReadWriteFileSystemFile(int child_id, | 149 bool CanCreateReadWriteFileSystemFile(int child_id, |
| 144 const storage::FileSystemURL& url); | 150 const storage::FileSystemURL& url); |
| (...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 222 // |permissions| is an internally defined bit-set. | 228 // |permissions| is an internally defined bit-set. |
| 223 bool HasPermissionsForFileSystem( | 229 bool HasPermissionsForFileSystem( |
| 224 int child_id, | 230 int child_id, |
| 225 const std::string& filesystem_id, | 231 const std::string& filesystem_id, |
| 226 int permission); | 232 int permission); |
| 227 | 233 |
| 228 // You must acquire this lock before reading or writing any members of this | 234 // You must acquire this lock before reading or writing any members of this |
| 229 // class. You must not block while holding this lock. | 235 // class. You must not block while holding this lock. |
| 230 base::Lock lock_; | 236 base::Lock lock_; |
| 231 | 237 |
| 232 // These schemes are white-listed for all child processes in various contexts. | 238 // These schemes are white-listed for all child processes. This set is |
| 233 // These sets are protected by |lock_|. | 239 // protected by |lock_|. |
| 234 SchemeSet schemes_okay_to_commit_in_any_process_; | 240 SchemeSet web_safe_schemes_; |
| 235 SchemeSet schemes_okay_to_request_in_any_process_; | |
| 236 SchemeSet schemes_okay_to_appear_as_origin_headers_; | |
| 237 | 241 |
| 238 // These schemes do not actually represent retrievable URLs. For example, | 242 // These schemes do not actually represent retrievable URLs. For example, |
| 239 // the the URLs in the "about" scheme are aliases to other URLs. This set is | 243 // the the URLs in the "about" scheme are aliases to other URLs. This set is |
| 240 // protected by |lock_|. | 244 // protected by |lock_|. |
| 241 SchemeSet pseudo_schemes_; | 245 SchemeSet pseudo_schemes_; |
| 242 | 246 |
| 243 // This map holds a SecurityState for each child process. The key for the | 247 // This map holds a SecurityState for each child process. The key for the |
| 244 // map is the ID of the ChildProcessHost. The SecurityState objects are | 248 // map is the ID of the ChildProcessHost. The SecurityState objects are |
| 245 // owned by this object and are protected by |lock_|. References to them must | 249 // owned by this object and are protected by |lock_|. References to them must |
| 246 // not escape this class. | 250 // not escape this class. |
| 247 SecurityStateMap security_state_; | 251 SecurityStateMap security_state_; |
| 248 | 252 |
| 249 // This maps keeps the record of which js worker thread child process | 253 // This maps keeps the record of which js worker thread child process |
| 250 // corresponds to which main js thread child process. | 254 // corresponds to which main js thread child process. |
| 251 WorkerToMainProcessMap worker_map_; | 255 WorkerToMainProcessMap worker_map_; |
| 252 | 256 |
| 253 FileSystemPermissionPolicyMap file_system_policy_map_; | 257 FileSystemPermissionPolicyMap file_system_policy_map_; |
| 254 | 258 |
| 255 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicyImpl); | 259 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicyImpl); |
| 256 }; | 260 }; |
| 257 | 261 |
| 258 } // namespace content | 262 } // namespace content |
| 259 | 263 |
| 260 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ | 264 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2385553002:
Revert of Lock down the registration of blob:chrome-extension:// URLs (Closed)
