OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/child_process_security_policy_impl.h" | 5 #include "content/browser/child_process_security_policy_impl.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <utility> | 8 #include <utility> |
9 | 9 |
10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
(...skipping 326 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
337 // TODO(nick): https://crbug.com/651534 blob: and filesystem: schemes embed | 337 // TODO(nick): https://crbug.com/651534 blob: and filesystem: schemes embed |
338 // other origins, so we should not treat them as web safe. Remove callers of | 338 // other origins, so we should not treat them as web safe. Remove callers of |
339 // IsWebSafeScheme(), and then eliminate the next two lines. | 339 // IsWebSafeScheme(), and then eliminate the next two lines. |
340 RegisterWebSafeScheme(url::kBlobScheme); | 340 RegisterWebSafeScheme(url::kBlobScheme); |
341 RegisterWebSafeScheme(url::kFileSystemScheme); | 341 RegisterWebSafeScheme(url::kFileSystemScheme); |
342 | 342 |
343 // We know about the following pseudo schemes and treat them specially. | 343 // We know about the following pseudo schemes and treat them specially. |
344 RegisterPseudoScheme(url::kAboutScheme); | 344 RegisterPseudoScheme(url::kAboutScheme); |
345 RegisterPseudoScheme(url::kJavaScriptScheme); | 345 RegisterPseudoScheme(url::kJavaScriptScheme); |
346 RegisterPseudoScheme(kViewSourceScheme); | 346 RegisterPseudoScheme(kViewSourceScheme); |
347 RegisterPseudoScheme(kHttpSuboriginScheme); | 347 RegisterPseudoScheme(url::kHttpSuboriginScheme); |
348 RegisterPseudoScheme(kHttpsSuboriginScheme); | 348 RegisterPseudoScheme(url::kHttpsSuboriginScheme); |
349 } | 349 } |
350 | 350 |
351 ChildProcessSecurityPolicyImpl::~ChildProcessSecurityPolicyImpl() { | 351 ChildProcessSecurityPolicyImpl::~ChildProcessSecurityPolicyImpl() { |
352 } | 352 } |
353 | 353 |
354 // static | 354 // static |
355 ChildProcessSecurityPolicy* ChildProcessSecurityPolicy::GetInstance() { | 355 ChildProcessSecurityPolicy* ChildProcessSecurityPolicy::GetInstance() { |
356 return ChildProcessSecurityPolicyImpl::GetInstance(); | 356 return ChildProcessSecurityPolicyImpl::GetInstance(); |
357 } | 357 } |
358 | 358 |
(...skipping 345 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
704 return state->second->CanCommitURL(url); | 704 return state->second->CanCommitURL(url); |
705 } | 705 } |
706 } | 706 } |
707 | 707 |
708 bool ChildProcessSecurityPolicyImpl::CanSetAsOriginHeader(int child_id, | 708 bool ChildProcessSecurityPolicyImpl::CanSetAsOriginHeader(int child_id, |
709 const GURL& url) { | 709 const GURL& url) { |
710 if (!url.is_valid()) | 710 if (!url.is_valid()) |
711 return false; // Can't set invalid URLs as origin headers. | 711 return false; // Can't set invalid URLs as origin headers. |
712 | 712 |
713 // Suborigin URLs are a special case and are allowed to be an origin header. | 713 // Suborigin URLs are a special case and are allowed to be an origin header. |
714 if (url.scheme() == kHttpSuboriginScheme || | 714 if (url.scheme() == url::kHttpSuboriginScheme || |
715 url.scheme() == kHttpsSuboriginScheme) { | 715 url.scheme() == url::kHttpsSuboriginScheme) { |
716 DCHECK(IsPseudoScheme(url.scheme())); | 716 DCHECK(IsPseudoScheme(url.scheme())); |
717 return true; | 717 return true; |
718 } | 718 } |
719 | 719 |
720 // If this process can commit |url|, it can use |url| as an origin for | 720 // If this process can commit |url|, it can use |url| as an origin for |
721 // outbound requests. | 721 // outbound requests. |
722 if (CanCommitURL(child_id, url)) | 722 if (CanCommitURL(child_id, url)) |
723 return true; | 723 return true; |
724 | 724 |
725 // Allow schemes which may come from scripts executing in isolated worlds; | 725 // Allow schemes which may come from scripts executing in isolated worlds; |
(...skipping 267 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
993 base::AutoLock lock(lock_); | 993 base::AutoLock lock(lock_); |
994 | 994 |
995 SecurityStateMap::iterator state = security_state_.find(child_id); | 995 SecurityStateMap::iterator state = security_state_.find(child_id); |
996 if (state == security_state_.end()) | 996 if (state == security_state_.end()) |
997 return false; | 997 return false; |
998 | 998 |
999 return state->second->can_send_midi_sysex(); | 999 return state->second->can_send_midi_sysex(); |
1000 } | 1000 } |
1001 | 1001 |
1002 } // namespace content | 1002 } // namespace content |
OLD | NEW |