content/browser/child_process_security_policy_impl.h - Issue 2908433003: RenderFrameProxyHost::OnOpenURL needs to validate resource request body.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: content/browser/child_process_security_policy_impl.h

Issue 2908433003: RenderFrameProxyHost::OnOpenURL needs to validate resource request body. (Closed)

Patch Set: Rebasing... Created 3 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: content/browser/child_process_security_policy_impl.h

diff --git a/content/browser/child_process_security_policy_impl.h b/content/browser/child_process_security_policy_impl.h

index 82f0e9be22c660dd30f0c11eb4c58e775405cf78..15c8d886d9b36f78c86a90db583482106e06e31b 100644

--- a/content/browser/child_process_security_policy_impl.h

+++ b/content/browser/child_process_security_policy_impl.h

@@ -14,6 +14,7 @@

#include "base/compiler_specific.h"

#include "base/gtest_prod_util.h"

#include "base/macros.h"

+#include "base/memory/ref_counted.h"

#include "base/memory/singleton.h"

#include "base/synchronization/lock.h"

#include "content/public/browser/child_process_security_policy.h"

@@ -27,11 +28,15 @@ class FilePath;

}

namespace storage {

+class FileSystemContext;

class FileSystemURL;

}

namespace content {

+class SiteInstance;

+class ResourceRequestBodyImpl;

class CONTENT_EXPORT ChildProcessSecurityPolicyImpl

: NON_EXPORTED_BASE(public ChildProcessSecurityPolicy) {

public:

@@ -89,6 +94,15 @@ class CONTENT_EXPORT ChildProcessSecurityPolicyImpl

// Returns if |child_id| can read all of the |files|.

bool CanReadAllFiles(int child_id, const std::vector<base::FilePath>& files);

+ // Validate that the renderer process for |site_instance| is allowed to access

+ // data in the POST body specified by |body|. Has to be called on the UI

+ // thread.

+ // TODO(lukasza): Remove code duplication - the method below should be reused

+ // by RenderFrameHostImpl::OnBeginNavigation and

+ // ResourceDispatcherHostImpl::ShouldServiceRequest.

+ bool CanReadRequestBody(SiteInstance* site_instance,

+ const scoped_refptr<ResourceRequestBodyImpl>& body);

// Pseudo schemes are treated differently than other schemes because they

// cannot be requested like normal URLs. There is no mechanism for revoking

// pseudo schemes.

@@ -233,6 +247,12 @@ class CONTENT_EXPORT ChildProcessSecurityPolicyImpl

const std::string& filesystem_id,

int permission);

+ // Validate that |child_id| in |file_system_context| is allowed to access

+ // data in the POST body specified by |body|. Can be called on any thread.

+ bool CanReadRequestBody(int child_id,

+ const storage::FileSystemContext* file_system_context,

+ const scoped_refptr<ResourceRequestBodyImpl>& body);

// You must acquire this lock before reading or writing any members of this

// class. You must not block while holding this lock.

base::Lock lock_;

« no previous file with comments | « content/browser/bad_message.h ('k') | content/browser/child_process_security_policy_impl.cc » ('j') | no next file with comments »