| Index: content/public/browser/child_process_security_policy.h
|
| diff --git a/content/public/browser/child_process_security_policy.h b/content/public/browser/child_process_security_policy.h
|
| index f2dea9ed31db732cccc90dcb1bcf32a778419811..9a2becf0c827c0a435215f4091477a4c7976fba3 100644
|
| --- a/content/public/browser/child_process_security_policy.h
|
| +++ b/content/public/browser/child_process_security_policy.h
|
| @@ -34,35 +34,11 @@
|
| static CONTENT_EXPORT ChildProcessSecurityPolicy* GetInstance();
|
|
|
| // Web-safe schemes can be requested by any child process. Once a web-safe
|
| - // scheme has been registered, any child process can request URLs whose
|
| - // origins use that scheme. There is no mechanism for revoking web-safe
|
| - // schemes.
|
| - //
|
| - // Only call this function if URLs of this scheme are okay to host in
|
| - // any ordinary renderer process.
|
| - //
|
| - // Registering 'your-scheme' as web-safe also causes 'blob:your-scheme://'
|
| - // and 'filesystem:your-scheme://' URLs to be considered web-safe.
|
| + // scheme has been registered, any child process can request URLs with
|
| + // that scheme. There is no mechanism for revoking web-safe schemes.
|
| virtual void RegisterWebSafeScheme(const std::string& scheme) = 0;
|
|
|
| - // More restrictive variant of RegisterWebSafeScheme; URLs with this scheme
|
| - // may be requested by any child process, but navigations to this scheme may
|
| - // only commit in child processes that have been explicitly granted
|
| - // permission to do so.
|
| - //
|
| - // |always_allow_in_origin_headers| controls whether this scheme is allowed to
|
| - // appear as the Origin HTTP header in outbound requests, even if the
|
| - // originating process does not have permission to commit this scheme. This
|
| - // may be necessary if the scheme is used in conjunction with blink's
|
| - // IsolatedWorldSecurityOrigin mechanism, as for extension content scripts.
|
| - virtual void RegisterWebSafeIsolatedScheme(
|
| - const std::string& scheme,
|
| - bool always_allow_in_origin_headers) = 0;
|
| -
|
| // Returns true iff |scheme| has been registered as a web-safe scheme.
|
| - // TODO(nick): https://crbug.com/651534 This function does not have enough
|
| - // information to render an appropriate judgment for blob and filesystem URLs;
|
| - // change it to accept an URL instead.
|
| virtual bool IsWebSafeScheme(const std::string& scheme) = 0;
|
|
|
| // This permission grants only read access to a file.
|
| @@ -81,17 +57,6 @@
|
|
|
| // This permission grants delete permission for |dir|.
|
| virtual void GrantDeleteFrom(int child_id, const base::FilePath& dir) = 0;
|
| -
|
| - // Determine whether the process has the capability to request the URL.
|
| - // Before servicing a child process's request for a URL, the content layer
|
| - // calls this method to determine whether it is safe.
|
| - virtual bool CanRequestURL(int child_id, const GURL& url) = 0;
|
| -
|
| - // Whether the process is allowed to commit a document from the given URL.
|
| - // This is more restrictive than CanRequestURL, since CanRequestURL allows
|
| - // requests that might lead to cross-process navigations or external protocol
|
| - // handlers.
|
| - virtual bool CanCommitURL(int child_id, const GURL& url) = 0;
|
|
|
| // These methods verify whether or not the child process has been granted
|
| // permissions perform these functions on |file|.
|
|
|
Chromium Code Reviews
Issue 2385553002:
Revert of Lock down the registration of blob:chrome-extension:// URLs (Closed)
