Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(15)

Unified Diff: content/public/browser/child_process_security_policy.h

Issue 2385553002: Revert of Lock down the registration of blob:chrome-extension:// URLs (Closed)
Patch Set: Created 4 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: content/public/browser/child_process_security_policy.h
diff --git a/content/public/browser/child_process_security_policy.h b/content/public/browser/child_process_security_policy.h
index f2dea9ed31db732cccc90dcb1bcf32a778419811..9a2becf0c827c0a435215f4091477a4c7976fba3 100644
--- a/content/public/browser/child_process_security_policy.h
+++ b/content/public/browser/child_process_security_policy.h
@@ -34,35 +34,11 @@
static CONTENT_EXPORT ChildProcessSecurityPolicy* GetInstance();
// Web-safe schemes can be requested by any child process. Once a web-safe
- // scheme has been registered, any child process can request URLs whose
- // origins use that scheme. There is no mechanism for revoking web-safe
- // schemes.
- //
- // Only call this function if URLs of this scheme are okay to host in
- // any ordinary renderer process.
- //
- // Registering 'your-scheme' as web-safe also causes 'blob:your-scheme://'
- // and 'filesystem:your-scheme://' URLs to be considered web-safe.
+ // scheme has been registered, any child process can request URLs with
+ // that scheme. There is no mechanism for revoking web-safe schemes.
virtual void RegisterWebSafeScheme(const std::string& scheme) = 0;
- // More restrictive variant of RegisterWebSafeScheme; URLs with this scheme
- // may be requested by any child process, but navigations to this scheme may
- // only commit in child processes that have been explicitly granted
- // permission to do so.
- //
- // |always_allow_in_origin_headers| controls whether this scheme is allowed to
- // appear as the Origin HTTP header in outbound requests, even if the
- // originating process does not have permission to commit this scheme. This
- // may be necessary if the scheme is used in conjunction with blink's
- // IsolatedWorldSecurityOrigin mechanism, as for extension content scripts.
- virtual void RegisterWebSafeIsolatedScheme(
- const std::string& scheme,
- bool always_allow_in_origin_headers) = 0;
-
// Returns true iff |scheme| has been registered as a web-safe scheme.
- // TODO(nick): https://crbug.com/651534 This function does not have enough
- // information to render an appropriate judgment for blob and filesystem URLs;
- // change it to accept an URL instead.
virtual bool IsWebSafeScheme(const std::string& scheme) = 0;
// This permission grants only read access to a file.
@@ -81,17 +57,6 @@
// This permission grants delete permission for |dir|.
virtual void GrantDeleteFrom(int child_id, const base::FilePath& dir) = 0;
-
- // Determine whether the process has the capability to request the URL.
- // Before servicing a child process's request for a URL, the content layer
- // calls this method to determine whether it is safe.
- virtual bool CanRequestURL(int child_id, const GURL& url) = 0;
-
- // Whether the process is allowed to commit a document from the given URL.
- // This is more restrictive than CanRequestURL, since CanRequestURL allows
- // requests that might lead to cross-process navigations or external protocol
- // handlers.
- virtual bool CanCommitURL(int child_id, const GURL& url) = 0;
// These methods verify whether or not the child process has been granted
// permissions perform these functions on |file|.
« no previous file with comments | « content/browser/child_process_security_policy_impl.cc ('k') | extensions/browser/extension_web_contents_observer.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698