Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(693)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/child_process_security_policy_impl.cc

Issue 2831683002: Introduce support for origins that require process isolation. (Closed)
Patch Set: Rebase Created 3 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« content/browser/child_process_security_policy_impl.h ('K') | « content/browser/child_process_security_policy_impl.h ('k') | content/browser/child_process_security_policy_unittest.cc » ('j') | content/browser/site_instance_impl.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/browser/child_process_security_policy_impl.h" 5 #include "content/browser/child_process_security_policy_impl.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 #include <utility> 8 #include <utility>
9 9
10 #include "base/command_line.h" 10 #include "base/command_line.h"
11 #include "base/debug/dump_without_crashing.h" 11 #include "base/debug/dump_without_crashing.h"
12 #include "base/files/file_path.h" 12 #include "base/files/file_path.h"
13 #include "base/logging.h" 13 #include "base/logging.h"
14 #include "base/macros.h" 14 #include "base/macros.h"
15 #include "base/memory/ptr_util.h" 15 #include "base/memory/ptr_util.h"
16 #include "base/metrics/histogram_macros.h" 16 #include "base/metrics/histogram_macros.h"
17 #include "base/strings/string_split.h"
17 #include "base/strings/string_util.h" 18 #include "base/strings/string_util.h"
18 #include "build/build_config.h" 19 #include "build/build_config.h"
19 #include "content/browser/site_instance_impl.h" 20 #include "content/browser/site_instance_impl.h"
20 #include "content/common/site_isolation_policy.h" 21 #include "content/common/site_isolation_policy.h"
21 #include "content/public/browser/child_process_data.h" 22 #include "content/public/browser/child_process_data.h"
22 #include "content/public/browser/content_browser_client.h" 23 #include "content/public/browser/content_browser_client.h"
23 #include "content/public/browser/render_process_host.h" 24 #include "content/public/browser/render_process_host.h"
24 #include "content/public/common/bindings_policy.h" 25 #include "content/public/common/bindings_policy.h"
25 #include "content/public/common/url_constants.h" 26 #include "content/public/common/url_constants.h"
26 #include "net/base/filename_util.h" 27 #include "net/base/filename_util.h"
(...skipping 221 matching lines...) Expand 10 before | Expand all | Expand 10 after
248 last_path = current_path; 249 last_path = current_path;
249 current_path = current_path.DirName(); 250 current_path = current_path.DirName();
250 } 251 }
251 252
252 return false; 253 return false;
253 } 254 }
254 255
255 bool CanAccessDataForOrigin(const GURL& gurl) { 256 bool CanAccessDataForOrigin(const GURL& gurl) {
256 if (origin_lock_.is_empty()) 257 if (origin_lock_.is_empty())
257 return true; 258 return true;
259
Charlie Reis 2017/05/19 00:10:18 nit: No need for churn here.
alexmos 2017/05/24 00:19:56 Done.
258 // TODO(creis): We must pass the valid browser_context to convert hosted 260 // TODO(creis): We must pass the valid browser_context to convert hosted
259 // apps URLs. Currently, hosted apps cannot set cookies in this mode. 261 // apps URLs. Currently, hosted apps cannot set cookies in this mode.
260 // See http://crbug.com/160576. 262 // See http://crbug.com/160576.
261 GURL site_gurl = SiteInstanceImpl::GetSiteForURL(NULL, gurl); 263 GURL site_gurl = SiteInstanceImpl::GetSiteForURL(NULL, gurl);
262 return origin_lock_ == site_gurl; 264 return origin_lock_ == site_gurl;
263 } 265 }
264 266
265 void LockToOrigin(const GURL& gurl) { 267 void LockToOrigin(const GURL& gurl) {
266 origin_lock_ = gurl; 268 origin_lock_ = gurl;
267 } 269 }
(...skipping 654 matching lines...) Expand 10 before | Expand all | Expand 10 after
922 924
923 bool ChildProcessSecurityPolicyImpl::CanAccessDataForOrigin(int child_id, 925 bool ChildProcessSecurityPolicyImpl::CanAccessDataForOrigin(int child_id,
924 const GURL& gurl) { 926 const GURL& gurl) {
925 base::AutoLock lock(lock_); 927 base::AutoLock lock(lock_);
926 SecurityStateMap::iterator state = security_state_.find(child_id); 928 SecurityStateMap::iterator state = security_state_.find(child_id);
927 if (state == security_state_.end()) { 929 if (state == security_state_.end()) {
928 // TODO(nick): Returning true instead of false here is a temporary 930 // TODO(nick): Returning true instead of false here is a temporary
929 // workaround for https://crbug.com/600441 931 // workaround for https://crbug.com/600441
930 return true; 932 return true;
931 } 933 }
934
Charlie Reis 2017/05/19 00:10:18 Or here.
alexmos 2017/05/24 00:19:56 Done.
932 return state->second->CanAccessDataForOrigin(gurl); 935 return state->second->CanAccessDataForOrigin(gurl);
933 } 936 }
934 937
935 bool ChildProcessSecurityPolicyImpl::HasSpecificPermissionForOrigin( 938 bool ChildProcessSecurityPolicyImpl::HasSpecificPermissionForOrigin(
936 int child_id, 939 int child_id,
937 const url::Origin& origin) { 940 const url::Origin& origin) {
938 base::AutoLock lock(lock_); 941 base::AutoLock lock(lock_);
939 SecurityStateMap::iterator state = security_state_.find(child_id); 942 SecurityStateMap::iterator state = security_state_.find(child_id);
940 if (state == security_state_.end()) 943 if (state == security_state_.end())
941 return false; 944 return false;
(...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after
986 bool ChildProcessSecurityPolicyImpl::CanSendMidiSysExMessage(int child_id) { 989 bool ChildProcessSecurityPolicyImpl::CanSendMidiSysExMessage(int child_id) {
987 base::AutoLock lock(lock_); 990 base::AutoLock lock(lock_);
988 991
989 SecurityStateMap::iterator state = security_state_.find(child_id); 992 SecurityStateMap::iterator state = security_state_.find(child_id);
990 if (state == security_state_.end()) 993 if (state == security_state_.end())
991 return false; 994 return false;
992 995
993 return state->second->can_send_midi_sysex(); 996 return state->second->can_send_midi_sysex();
994 } 997 }
995 998
999 void ChildProcessSecurityPolicyImpl::AddIsolatedOrigin(
1000 const url::Origin& origin) {
1001 DCHECK(!origin.unique());
Charlie Reis 2017/05/19 00:10:18 Maybe this should be a CHECK with an error message
alexmos 2017/05/24 00:19:56 Done. Good idea.
1002 DCHECK(!IsIsolatedOrigin(origin));
Charlie Reis 2017/05/19 00:10:18 Same here, in case someone said --isolated-origins
alexmos 2017/05/24 00:19:56 Done. This particular one might go away with Safe
1003
1004 base::AutoLock lock(isolated_origins_lock_);
1005 isolated_origins_.insert(origin);
1006 }
1007
1008 void ChildProcessSecurityPolicyImpl::AddIsolatedOriginsFromCommandLine(
1009 const std::string& origin_list) {
1010 for (const base::StringPiece& origin_piece :
1011 base::SplitStringPiece(origin_list, ",", base::TRIM_WHITESPACE,
1012 base::SPLIT_WANT_NONEMPTY)) {
1013 url::Origin origin((GURL(origin_piece)));
1014 if (!origin.unique())
1015 AddIsolatedOrigin(origin);
1016 }
1017 }
1018
1019 bool ChildProcessSecurityPolicyImpl::IsIsolatedOrigin(
1020 const url::Origin& origin) {
1021 base::AutoLock lock(isolated_origins_lock_);
1022 return isolated_origins_.find(origin) != isolated_origins_.end();
1023 }
1024
996 } // namespace content 1025 } // namespace content
OLDNEW
« content/browser/child_process_security_policy_impl.h ('K') | « content/browser/child_process_security_policy_impl.h ('k') | content/browser/child_process_security_policy_unittest.cc » ('j') | content/browser/site_instance_impl.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698