chrome/browser/chrome_content_browser_client.cc - Issue 2411483002: Enable win32k lockdown for ppapi processes.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: chrome/browser/chrome_content_browser_client.cc

Issue 2411483002: Enable win32k lockdown for ppapi processes. (Closed)

Patch Set: readd entry Created 4 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: chrome/browser/chrome_content_browser_client.cc

diff --git a/chrome/browser/chrome_content_browser_client.cc b/chrome/browser/chrome_content_browser_client.cc

index 007f69b15ec609724447899f31792ce6e18090a8..6c26bec05e13249ace433c0bce1787724086a7fa 100644

--- a/chrome/browser/chrome_content_browser_client.cc

+++ b/chrome/browser/chrome_content_browser_client.cc

@@ -2887,57 +2887,6 @@ bool ChromeContentBrowserClient::PreSpawnRenderer(

return false;

return result == sandbox::SBOX_ALL_OK;

}

-bool ChromeContentBrowserClient::IsWin32kLockdownEnabledForMimeType(

- const std::string& mime_type) const {

- // We don't support PPAPI win32k lockdown prior to Windows 10.

- if (base::win::GetVersion() < base::win::VERSION_WIN10)

- return false;

- // First, check if any variation parameters have enabled or disabled this

- // mime type either specifically or globally.

- std::map<std::string, std::string> mime_params;

- if (variations::GetVariationParams("EnableWin32kLockDownMimeTypes",

- &mime_params)) {

- bool enabled = false;

- for (const auto& param : mime_params) {

- if (param.first == mime_type || param.first == "*") {

- // Disabled entries take precedence over Enabled entries.

- if (base::StartsWith(param.second, "Disabled",

- base::CompareCase::INSENSITIVE_ASCII)) {

- return false;

- }

- if (base::StartsWith(param.second, "Enabled",

- base::CompareCase::INSENSITIVE_ASCII)) {

- enabled = true;

- }

- return enabled;

- }

- // Second, check the command line to see if this mime type is enabled

- // either specifically or globally.

- const base::CommandLine* cmd_line = base::CommandLine::ForCurrentProcess();

- if (!cmd_line->HasSwitch(switches::kEnableWin32kLockDownMimeTypes))

- return false;

- std::string mime_types =

- cmd_line->GetSwitchValueASCII(switches::kEnableWin32kLockDownMimeTypes);

- // Consider the value * to enable all mime types for lockdown.

- if (mime_types == "*")

- return true;

- base::StringTokenizer tokenizer(mime_types, ",");

- tokenizer.set_quote_chars("\"");

- while (tokenizer.GetNext()) {

- if (tokenizer.token() == mime_type)

- return true;

- }

- return false;

#endif // defined(OS_WIN)

void ChromeContentBrowserClient::ExposeInterfacesToRenderer(

« no previous file with comments | « chrome/browser/chrome_content_browser_client.h ('k') | content/browser/browser_main_loop.cc » ('j') | no next file with comments »