Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(75)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/child_process_security_policy_impl.cc

Issue 2403713002: Add suborigin logic to url::Origin (Closed)
Patch Set: Adress nasko's comments Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/browsing_data/cookies_tree_model.cc ('k') | content/browser/child_process_security_policy_unittest.cc » ('j') | url/origin.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/browser/child_process_security_policy_impl.h" 5 #include "content/browser/child_process_security_policy_impl.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 #include <utility> 8 #include <utility>
9 9
10 #include "base/command_line.h" 10 #include "base/command_line.h"
(...skipping 322 matching lines...) Expand 10 before | Expand all | Expand 10 after
333 // TODO(nick): https://crbug.com/651534 blob: and filesystem: schemes embed 333 // TODO(nick): https://crbug.com/651534 blob: and filesystem: schemes embed
334 // other origins, so we should not treat them as web safe. Remove callers of 334 // other origins, so we should not treat them as web safe. Remove callers of
335 // IsWebSafeScheme(), and then eliminate the next two lines. 335 // IsWebSafeScheme(), and then eliminate the next two lines.
336 RegisterWebSafeScheme(url::kBlobScheme); 336 RegisterWebSafeScheme(url::kBlobScheme);
337 RegisterWebSafeScheme(url::kFileSystemScheme); 337 RegisterWebSafeScheme(url::kFileSystemScheme);
338 338
339 // We know about the following pseudo schemes and treat them specially. 339 // We know about the following pseudo schemes and treat them specially.
340 RegisterPseudoScheme(url::kAboutScheme); 340 RegisterPseudoScheme(url::kAboutScheme);
341 RegisterPseudoScheme(url::kJavaScriptScheme); 341 RegisterPseudoScheme(url::kJavaScriptScheme);
342 RegisterPseudoScheme(kViewSourceScheme); 342 RegisterPseudoScheme(kViewSourceScheme);
343 RegisterPseudoScheme(kHttpSuboriginScheme); 343 RegisterPseudoScheme(url::kHttpSuboriginScheme);
344 RegisterPseudoScheme(kHttpsSuboriginScheme); 344 RegisterPseudoScheme(url::kHttpsSuboriginScheme);
345 } 345 }
346 346
347 ChildProcessSecurityPolicyImpl::~ChildProcessSecurityPolicyImpl() { 347 ChildProcessSecurityPolicyImpl::~ChildProcessSecurityPolicyImpl() {
348 } 348 }
349 349
350 // static 350 // static
351 ChildProcessSecurityPolicy* ChildProcessSecurityPolicy::GetInstance() { 351 ChildProcessSecurityPolicy* ChildProcessSecurityPolicy::GetInstance() {
352 return ChildProcessSecurityPolicyImpl::GetInstance(); 352 return ChildProcessSecurityPolicyImpl::GetInstance();
353 } 353 }
354 354
(...skipping 345 matching lines...) Expand 10 before | Expand all | Expand 10 after
700 return state->second->CanCommitURL(url); 700 return state->second->CanCommitURL(url);
701 } 701 }
702 } 702 }
703 703
704 bool ChildProcessSecurityPolicyImpl::CanSetAsOriginHeader(int child_id, 704 bool ChildProcessSecurityPolicyImpl::CanSetAsOriginHeader(int child_id,
705 const GURL& url) { 705 const GURL& url) {
706 if (!url.is_valid()) 706 if (!url.is_valid())
707 return false; // Can't set invalid URLs as origin headers. 707 return false; // Can't set invalid URLs as origin headers.
708 708
709 // Suborigin URLs are a special case and are allowed to be an origin header. 709 // Suborigin URLs are a special case and are allowed to be an origin header.
710 if (url.scheme() == kHttpSuboriginScheme || 710 if (url.scheme() == url::kHttpSuboriginScheme ||
711 url.scheme() == kHttpsSuboriginScheme) { 711 url.scheme() == url::kHttpsSuboriginScheme) {
712 DCHECK(IsPseudoScheme(url.scheme())); 712 DCHECK(IsPseudoScheme(url.scheme()));
713 return true; 713 return true;
714 } 714 }
715 715
716 // If this process can commit |url|, it can use |url| as an origin for 716 // If this process can commit |url|, it can use |url| as an origin for
717 // outbound requests. 717 // outbound requests.
718 if (CanCommitURL(child_id, url)) 718 if (CanCommitURL(child_id, url))
719 return true; 719 return true;
720 720
721 // Allow schemes which may come from scripts executing in isolated worlds; 721 // Allow schemes which may come from scripts executing in isolated worlds;
(...skipping 257 matching lines...) Expand 10 before | Expand all | Expand 10 after
979 base::AutoLock lock(lock_); 979 base::AutoLock lock(lock_);
980 980
981 SecurityStateMap::iterator state = security_state_.find(child_id); 981 SecurityStateMap::iterator state = security_state_.find(child_id);
982 if (state == security_state_.end()) 982 if (state == security_state_.end())
983 return false; 983 return false;
984 984
985 return state->second->can_send_midi_sysex(); 985 return state->second->can_send_midi_sysex();
986 } 986 }
987 987
988 } // namespace content 988 } // namespace content
OLDNEW
« no previous file with comments | « chrome/browser/browsing_data/cookies_tree_model.cc ('k') | content/browser/child_process_security_policy_unittest.cc » ('j') | url/origin.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698