Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1775)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/child_process_security_policy_impl.cc

Issue 2405933002: Revert "[Merge to M54] Disallow file api access from processes that lack permissions for the scheme… (Closed)
Patch Set: Merge commit 'refs/branch-heads/2840' of https://chromium.googlesource.com/a/chromium/src into reve… Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/browser/child_process_security_policy_impl.h" 5 #include "content/browser/child_process_security_policy_impl.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 #include <utility> 8 #include <utility>
9 9
10 #include "base/command_line.h" 10 #include "base/command_line.h"
(...skipping 769 matching lines...) Expand 10 before | Expand all | Expand 10 after
780 return result; 780 return result;
781 } 781 }
782 782
783 bool ChildProcessSecurityPolicyImpl::HasPermissionsForFileSystemFile( 783 bool ChildProcessSecurityPolicyImpl::HasPermissionsForFileSystemFile(
784 int child_id, 784 int child_id,
785 const storage::FileSystemURL& url, 785 const storage::FileSystemURL& url,
786 int permissions) { 786 int permissions) {
787 if (!url.is_valid()) 787 if (!url.is_valid())
788 return false; 788 return false;
789 789
790 // If |url.origin()| is not committable in this process, then this page
791 // should not be able to place content in that origin via the filesystem
792 // API either.
793 if (!CanCommitURL(child_id, url.origin())) {
794 UMA_HISTOGRAM_BOOLEAN("FileSystem.OriginFailedCanCommitURL", true);
795 return false;
796 }
797
798 if (url.path().ReferencesParent()) 790 if (url.path().ReferencesParent())
799 return false; 791 return false;
800 792
801 // Any write access is disallowed on the root path. 793 // Any write access is disallowed on the root path.
802 if (storage::VirtualPath::IsRootPath(url.path()) && 794 if (storage::VirtualPath::IsRootPath(url.path()) &&
803 (permissions & ~READ_FILE_GRANT)) { 795 (permissions & ~READ_FILE_GRANT)) {
804 return false; 796 return false;
805 } 797 }
806 798
807 if (url.mount_type() == storage::kFileSystemTypeIsolated) { 799 if (url.mount_type() == storage::kFileSystemTypeIsolated) {
(...skipping 154 matching lines...) Expand 10 before | Expand all | Expand 10 after
962 base::AutoLock lock(lock_); 954 base::AutoLock lock(lock_);
963 955
964 SecurityStateMap::iterator state = security_state_.find(child_id); 956 SecurityStateMap::iterator state = security_state_.find(child_id);
965 if (state == security_state_.end()) 957 if (state == security_state_.end())
966 return false; 958 return false;
967 959
968 return state->second->can_send_midi_sysex(); 960 return state->second->can_send_midi_sysex();
969 } 961 }
970 962
971 } // namespace content 963 } // namespace content
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698