OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ | 5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ |
6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ | 6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ |
7 | 7 |
8 #include <map> | 8 #include <map> |
9 #include <memory> | 9 #include <memory> |
10 #include <set> | 10 #include <set> |
(...skipping 25 matching lines...) Expand all Loading... |
36 : NON_EXPORTED_BASE(public ChildProcessSecurityPolicy) { | 36 : NON_EXPORTED_BASE(public ChildProcessSecurityPolicy) { |
37 public: | 37 public: |
38 // Object can only be created through GetInstance() so the constructor is | 38 // Object can only be created through GetInstance() so the constructor is |
39 // private. | 39 // private. |
40 ~ChildProcessSecurityPolicyImpl() override; | 40 ~ChildProcessSecurityPolicyImpl() override; |
41 | 41 |
42 static ChildProcessSecurityPolicyImpl* GetInstance(); | 42 static ChildProcessSecurityPolicyImpl* GetInstance(); |
43 | 43 |
44 // ChildProcessSecurityPolicy implementation. | 44 // ChildProcessSecurityPolicy implementation. |
45 void RegisterWebSafeScheme(const std::string& scheme) override; | 45 void RegisterWebSafeScheme(const std::string& scheme) override; |
| 46 void RegisterWebSafeIsolatedScheme( |
| 47 const std::string& scheme, |
| 48 bool always_allow_in_origin_headers) override; |
46 bool IsWebSafeScheme(const std::string& scheme) override; | 49 bool IsWebSafeScheme(const std::string& scheme) override; |
47 void GrantReadFile(int child_id, const base::FilePath& file) override; | 50 void GrantReadFile(int child_id, const base::FilePath& file) override; |
48 void GrantCreateReadWriteFile(int child_id, | 51 void GrantCreateReadWriteFile(int child_id, |
49 const base::FilePath& file) override; | 52 const base::FilePath& file) override; |
50 void GrantCopyInto(int child_id, const base::FilePath& dir) override; | 53 void GrantCopyInto(int child_id, const base::FilePath& dir) override; |
51 void GrantDeleteFrom(int child_id, const base::FilePath& dir) override; | 54 void GrantDeleteFrom(int child_id, const base::FilePath& dir) override; |
52 void GrantReadFileSystem(int child_id, | 55 void GrantReadFileSystem(int child_id, |
53 const std::string& filesystem_id) override; | 56 const std::string& filesystem_id) override; |
54 void GrantWriteFileSystem(int child_id, | 57 void GrantWriteFileSystem(int child_id, |
55 const std::string& filesystem_id) override; | 58 const std::string& filesystem_id) override; |
56 void GrantCreateFileForFileSystem(int child_id, | 59 void GrantCreateFileForFileSystem(int child_id, |
57 const std::string& filesystem_id) override; | 60 const std::string& filesystem_id) override; |
58 void GrantCreateReadWriteFileSystem( | 61 void GrantCreateReadWriteFileSystem( |
59 int child_id, | 62 int child_id, |
60 const std::string& filesystem_id) override; | 63 const std::string& filesystem_id) override; |
61 void GrantCopyIntoFileSystem(int child_id, | 64 void GrantCopyIntoFileSystem(int child_id, |
62 const std::string& filesystem_id) override; | 65 const std::string& filesystem_id) override; |
63 void GrantDeleteFromFileSystem(int child_id, | 66 void GrantDeleteFromFileSystem(int child_id, |
64 const std::string& filesystem_id) override; | 67 const std::string& filesystem_id) override; |
65 void GrantOrigin(int child_id, const url::Origin& origin) override; | 68 void GrantOrigin(int child_id, const url::Origin& origin) override; |
66 void GrantScheme(int child_id, const std::string& scheme) override; | 69 void GrantScheme(int child_id, const std::string& scheme) override; |
| 70 bool CanRequestURL(int child_id, const GURL& url) override; |
| 71 bool CanCommitURL(int child_id, const GURL& url) override; |
67 bool CanReadFile(int child_id, const base::FilePath& file) override; | 72 bool CanReadFile(int child_id, const base::FilePath& file) override; |
68 bool CanCreateReadWriteFile(int child_id, | 73 bool CanCreateReadWriteFile(int child_id, |
69 const base::FilePath& file) override; | 74 const base::FilePath& file) override; |
70 bool CanReadFileSystem(int child_id, | 75 bool CanReadFileSystem(int child_id, |
71 const std::string& filesystem_id) override; | 76 const std::string& filesystem_id) override; |
72 bool CanReadWriteFileSystem(int child_id, | 77 bool CanReadWriteFileSystem(int child_id, |
73 const std::string& filesystem_id) override; | 78 const std::string& filesystem_id) override; |
74 bool CanCopyIntoFileSystem(int child_id, | 79 bool CanCopyIntoFileSystem(int child_id, |
75 const std::string& filesystem_id) override; | 80 const std::string& filesystem_id) override; |
76 bool CanDeleteFromFileSystem(int child_id, | 81 bool CanDeleteFromFileSystem(int child_id, |
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
120 | 125 |
121 // Grant the child process the ability to use Web UI Bindings. | 126 // Grant the child process the ability to use Web UI Bindings. |
122 void GrantWebUIBindings(int child_id); | 127 void GrantWebUIBindings(int child_id); |
123 | 128 |
124 // Grant the child process the ability to read raw cookies. | 129 // Grant the child process the ability to read raw cookies. |
125 void GrantReadRawCookies(int child_id); | 130 void GrantReadRawCookies(int child_id); |
126 | 131 |
127 // Revoke read raw cookies permission. | 132 // Revoke read raw cookies permission. |
128 void RevokeReadRawCookies(int child_id); | 133 void RevokeReadRawCookies(int child_id); |
129 | 134 |
130 // Before servicing a child process's request for a URL, the browser should | 135 // Whether the given origin is valid for an origin header. Valid origin |
131 // call this method to determine whether the process has the capability to | 136 // headers are commitable URLs. |
132 // request the URL. | 137 bool CanSetAsOriginHeader(int child_id, const GURL& url); |
133 bool CanRequestURL(int child_id, const GURL& url); | |
134 | |
135 // Whether the process is allowed to commit a document from the given URL. | |
136 // This is more restrictive than CanRequestURL, since CanRequestURL allows | |
137 // requests that might lead to cross-process navigations or external protocol | |
138 // handlers. | |
139 bool CanCommitURL(int child_id, const GURL& url); | |
140 | 138 |
141 // Explicit permissions checks for FileSystemURL specified files. | 139 // Explicit permissions checks for FileSystemURL specified files. |
142 bool CanReadFileSystemFile(int child_id, const storage::FileSystemURL& url); | 140 bool CanReadFileSystemFile(int child_id, const storage::FileSystemURL& url); |
143 bool CanWriteFileSystemFile(int child_id, const storage::FileSystemURL& url); | 141 bool CanWriteFileSystemFile(int child_id, const storage::FileSystemURL& url); |
144 bool CanCreateFileSystemFile(int child_id, const storage::FileSystemURL& url); | 142 bool CanCreateFileSystemFile(int child_id, const storage::FileSystemURL& url); |
145 bool CanCreateReadWriteFileSystemFile(int child_id, | 143 bool CanCreateReadWriteFileSystemFile(int child_id, |
146 const storage::FileSystemURL& url); | 144 const storage::FileSystemURL& url); |
147 bool CanCopyIntoFileSystemFile(int child_id, | 145 bool CanCopyIntoFileSystemFile(int child_id, |
148 const storage::FileSystemURL& url); | 146 const storage::FileSystemURL& url); |
149 bool CanDeleteFileSystemFile(int child_id, const storage::FileSystemURL& url); | 147 bool CanDeleteFileSystemFile(int child_id, const storage::FileSystemURL& url); |
(...skipping 74 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
224 // |permissions| is an internally defined bit-set. | 222 // |permissions| is an internally defined bit-set. |
225 bool HasPermissionsForFileSystem( | 223 bool HasPermissionsForFileSystem( |
226 int child_id, | 224 int child_id, |
227 const std::string& filesystem_id, | 225 const std::string& filesystem_id, |
228 int permission); | 226 int permission); |
229 | 227 |
230 // You must acquire this lock before reading or writing any members of this | 228 // You must acquire this lock before reading or writing any members of this |
231 // class. You must not block while holding this lock. | 229 // class. You must not block while holding this lock. |
232 base::Lock lock_; | 230 base::Lock lock_; |
233 | 231 |
234 // These schemes are white-listed for all child processes. This set is | 232 // These schemes are white-listed for all child processes in various contexts. |
235 // protected by |lock_|. | 233 // These sets are protected by |lock_|. |
236 SchemeSet web_safe_schemes_; | 234 SchemeSet schemes_okay_to_commit_in_any_process_; |
| 235 SchemeSet schemes_okay_to_request_in_any_process_; |
| 236 SchemeSet schemes_okay_to_appear_as_origin_headers_; |
237 | 237 |
238 // These schemes do not actually represent retrievable URLs. For example, | 238 // These schemes do not actually represent retrievable URLs. For example, |
239 // the the URLs in the "about" scheme are aliases to other URLs. This set is | 239 // the the URLs in the "about" scheme are aliases to other URLs. This set is |
240 // protected by |lock_|. | 240 // protected by |lock_|. |
241 SchemeSet pseudo_schemes_; | 241 SchemeSet pseudo_schemes_; |
242 | 242 |
243 // This map holds a SecurityState for each child process. The key for the | 243 // This map holds a SecurityState for each child process. The key for the |
244 // map is the ID of the ChildProcessHost. The SecurityState objects are | 244 // map is the ID of the ChildProcessHost. The SecurityState objects are |
245 // owned by this object and are protected by |lock_|. References to them must | 245 // owned by this object and are protected by |lock_|. References to them must |
246 // not escape this class. | 246 // not escape this class. |
247 SecurityStateMap security_state_; | 247 SecurityStateMap security_state_; |
248 | 248 |
249 // This maps keeps the record of which js worker thread child process | 249 // This maps keeps the record of which js worker thread child process |
250 // corresponds to which main js thread child process. | 250 // corresponds to which main js thread child process. |
251 WorkerToMainProcessMap worker_map_; | 251 WorkerToMainProcessMap worker_map_; |
252 | 252 |
253 FileSystemPermissionPolicyMap file_system_policy_map_; | 253 FileSystemPermissionPolicyMap file_system_policy_map_; |
254 | 254 |
255 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicyImpl); | 255 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicyImpl); |
256 }; | 256 }; |
257 | 257 |
258 } // namespace content | 258 } // namespace content |
259 | 259 |
260 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ | 260 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ |
OLD | NEW |