Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(11)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/child_process_security_policy_impl.cc

Issue 2403713002: Add suborigin logic to url::Origin (Closed)
Patch Set: Fix unit test Created 4 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/browsing_data/cookies_tree_model.cc ('k') | content/browser/child_process_security_policy_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/browser/child_process_security_policy_impl.h" 5 #include "content/browser/child_process_security_policy_impl.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 #include <utility> 8 #include <utility>
9 9
10 #include "base/command_line.h" 10 #include "base/command_line.h"
(...skipping 326 matching lines...) Expand 10 before | Expand all | Expand 10 after
337 // TODO(nick): https://crbug.com/651534 blob: and filesystem: schemes embed 337 // TODO(nick): https://crbug.com/651534 blob: and filesystem: schemes embed
338 // other origins, so we should not treat them as web safe. Remove callers of 338 // other origins, so we should not treat them as web safe. Remove callers of
339 // IsWebSafeScheme(), and then eliminate the next two lines. 339 // IsWebSafeScheme(), and then eliminate the next two lines.
340 RegisterWebSafeScheme(url::kBlobScheme); 340 RegisterWebSafeScheme(url::kBlobScheme);
341 RegisterWebSafeScheme(url::kFileSystemScheme); 341 RegisterWebSafeScheme(url::kFileSystemScheme);
342 342
343 // We know about the following pseudo schemes and treat them specially. 343 // We know about the following pseudo schemes and treat them specially.
344 RegisterPseudoScheme(url::kAboutScheme); 344 RegisterPseudoScheme(url::kAboutScheme);
345 RegisterPseudoScheme(url::kJavaScriptScheme); 345 RegisterPseudoScheme(url::kJavaScriptScheme);
346 RegisterPseudoScheme(kViewSourceScheme); 346 RegisterPseudoScheme(kViewSourceScheme);
347 RegisterPseudoScheme(kHttpSuboriginScheme); 347 RegisterPseudoScheme(url::kHttpSuboriginScheme);
348 RegisterPseudoScheme(kHttpsSuboriginScheme); 348 RegisterPseudoScheme(url::kHttpsSuboriginScheme);
349 } 349 }
350 350
351 ChildProcessSecurityPolicyImpl::~ChildProcessSecurityPolicyImpl() { 351 ChildProcessSecurityPolicyImpl::~ChildProcessSecurityPolicyImpl() {
352 } 352 }
353 353
354 // static 354 // static
355 ChildProcessSecurityPolicy* ChildProcessSecurityPolicy::GetInstance() { 355 ChildProcessSecurityPolicy* ChildProcessSecurityPolicy::GetInstance() {
356 return ChildProcessSecurityPolicyImpl::GetInstance(); 356 return ChildProcessSecurityPolicyImpl::GetInstance();
357 } 357 }
358 358
(...skipping 345 matching lines...) Expand 10 before | Expand all | Expand 10 after
704 return state->second->CanCommitURL(url); 704 return state->second->CanCommitURL(url);
705 } 705 }
706 } 706 }
707 707
708 bool ChildProcessSecurityPolicyImpl::CanSetAsOriginHeader(int child_id, 708 bool ChildProcessSecurityPolicyImpl::CanSetAsOriginHeader(int child_id,
709 const GURL& url) { 709 const GURL& url) {
710 if (!url.is_valid()) 710 if (!url.is_valid())
711 return false; // Can't set invalid URLs as origin headers. 711 return false; // Can't set invalid URLs as origin headers.
712 712
713 // Suborigin URLs are a special case and are allowed to be an origin header. 713 // Suborigin URLs are a special case and are allowed to be an origin header.
714 if (url.scheme() == kHttpSuboriginScheme || 714 if (url.scheme() == url::kHttpSuboriginScheme ||
715 url.scheme() == kHttpsSuboriginScheme) { 715 url.scheme() == url::kHttpsSuboriginScheme) {
716 DCHECK(IsPseudoScheme(url.scheme())); 716 DCHECK(IsPseudoScheme(url.scheme()));
717 return true; 717 return true;
718 } 718 }
719 719
720 // If this process can commit |url|, it can use |url| as an origin for 720 // If this process can commit |url|, it can use |url| as an origin for
721 // outbound requests. 721 // outbound requests.
722 if (CanCommitURL(child_id, url)) 722 if (CanCommitURL(child_id, url))
723 return true; 723 return true;
724 724
725 // Allow schemes which may come from scripts executing in isolated worlds; 725 // Allow schemes which may come from scripts executing in isolated worlds;
(...skipping 267 matching lines...) Expand 10 before | Expand all | Expand 10 after
993 base::AutoLock lock(lock_); 993 base::AutoLock lock(lock_);
994 994
995 SecurityStateMap::iterator state = security_state_.find(child_id); 995 SecurityStateMap::iterator state = security_state_.find(child_id);
996 if (state == security_state_.end()) 996 if (state == security_state_.end())
997 return false; 997 return false;
998 998
999 return state->second->can_send_midi_sysex(); 999 return state->second->can_send_midi_sysex();
1000 } 1000 }
1001 1001
1002 } // namespace content 1002 } // namespace content
OLDNEW
« no previous file with comments | « chrome/browser/browsing_data/cookies_tree_model.cc ('k') | content/browser/child_process_security_policy_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698