Index: content/browser/child_process_security_policy_impl.h |
diff --git a/content/browser/child_process_security_policy_impl.h b/content/browser/child_process_security_policy_impl.h |
index 916643f09e465e256509fee1724b7e85eaa45185..e0eaf4a971dd72990491ecf6dc4b0a20c3596a80 100644 |
--- a/content/browser/child_process_security_policy_impl.h |
+++ b/content/browser/child_process_security_policy_impl.h |
@@ -43,9 +43,6 @@ |
// ChildProcessSecurityPolicy implementation. |
void RegisterWebSafeScheme(const std::string& scheme) override; |
- void RegisterWebSafeIsolatedScheme( |
- const std::string& scheme, |
- bool always_allow_in_origin_headers) override; |
bool IsWebSafeScheme(const std::string& scheme) override; |
void GrantReadFile(int child_id, const base::FilePath& file) override; |
void GrantCreateReadWriteFile(int child_id, |
@@ -67,8 +64,6 @@ |
const std::string& filesystem_id) override; |
void GrantOrigin(int child_id, const url::Origin& origin) override; |
void GrantScheme(int child_id, const std::string& scheme) override; |
- bool CanRequestURL(int child_id, const GURL& url) override; |
- bool CanCommitURL(int child_id, const GURL& url) override; |
bool CanReadFile(int child_id, const base::FilePath& file) override; |
bool CanCreateReadWriteFile(int child_id, |
const base::FilePath& file) override; |
@@ -132,6 +127,17 @@ |
// Revoke read raw cookies permission. |
void RevokeReadRawCookies(int child_id); |
+ // Before servicing a child process's request for a URL, the browser should |
+ // call this method to determine whether the process has the capability to |
+ // request the URL. |
+ bool CanRequestURL(int child_id, const GURL& url); |
+ |
+ // Whether the process is allowed to commit a document from the given URL. |
+ // This is more restrictive than CanRequestURL, since CanRequestURL allows |
+ // requests that might lead to cross-process navigations or external protocol |
+ // handlers. |
+ bool CanCommitURL(int child_id, const GURL& url); |
+ |
// Whether the given origin is valid for an origin header. Valid origin |
// headers are commitable URLs plus suborigin URLs. |
bool CanSetAsOriginHeader(int child_id, const GURL& url); |
@@ -229,11 +235,9 @@ |
// class. You must not block while holding this lock. |
base::Lock lock_; |
- // These schemes are white-listed for all child processes in various contexts. |
- // These sets are protected by |lock_|. |
- SchemeSet schemes_okay_to_commit_in_any_process_; |
- SchemeSet schemes_okay_to_request_in_any_process_; |
- SchemeSet schemes_okay_to_appear_as_origin_headers_; |
+ // These schemes are white-listed for all child processes. This set is |
+ // protected by |lock_|. |
+ SchemeSet web_safe_schemes_; |
// These schemes do not actually represent retrievable URLs. For example, |
// the the URLs in the "about" scheme are aliases to other URLs. This set is |