| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ | 5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ |
| 6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ | 6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ |
| 7 | 7 |
| 8 #include <map> | 8 #include <map> |
| 9 #include <memory> | 9 #include <memory> |
| 10 #include <set> | 10 #include <set> |
| 11 #include <string> | 11 #include <string> |
| 12 #include <vector> | 12 #include <vector> |
| 13 | 13 |
| 14 #include "base/compiler_specific.h" | 14 #include "base/compiler_specific.h" |
| 15 #include "base/gtest_prod_util.h" | 15 #include "base/gtest_prod_util.h" |
| 16 #include "base/macros.h" | 16 #include "base/macros.h" |
| 17 #include "base/memory/ref_counted.h" |
| 17 #include "base/memory/singleton.h" | 18 #include "base/memory/singleton.h" |
| 18 #include "base/synchronization/lock.h" | 19 #include "base/synchronization/lock.h" |
| 19 #include "content/public/browser/child_process_security_policy.h" | 20 #include "content/public/browser/child_process_security_policy.h" |
| 20 #include "content/public/common/resource_type.h" | 21 #include "content/public/common/resource_type.h" |
| 21 #include "storage/common/fileapi/file_system_types.h" | 22 #include "storage/common/fileapi/file_system_types.h" |
| 22 | 23 |
| 23 class GURL; | 24 class GURL; |
| 24 | 25 |
| 25 namespace base { | 26 namespace base { |
| 26 class FilePath; | 27 class FilePath; |
| 27 } | 28 } |
| 28 | 29 |
| 29 namespace storage { | 30 namespace storage { |
| 31 class FileSystemContext; |
| 30 class FileSystemURL; | 32 class FileSystemURL; |
| 31 } | 33 } |
| 32 | 34 |
| 33 namespace content { | 35 namespace content { |
| 34 | 36 |
| 37 class SiteInstance; |
| 38 class ResourceRequestBodyImpl; |
| 39 |
| 35 class CONTENT_EXPORT ChildProcessSecurityPolicyImpl | 40 class CONTENT_EXPORT ChildProcessSecurityPolicyImpl |
| 36 : NON_EXPORTED_BASE(public ChildProcessSecurityPolicy) { | 41 : NON_EXPORTED_BASE(public ChildProcessSecurityPolicy) { |
| 37 public: | 42 public: |
| 38 // Object can only be created through GetInstance() so the constructor is | 43 // Object can only be created through GetInstance() so the constructor is |
| 39 // private. | 44 // private. |
| 40 ~ChildProcessSecurityPolicyImpl() override; | 45 ~ChildProcessSecurityPolicyImpl() override; |
| 41 | 46 |
| 42 static ChildProcessSecurityPolicyImpl* GetInstance(); | 47 static ChildProcessSecurityPolicyImpl* GetInstance(); |
| 43 | 48 |
| 44 // ChildProcessSecurityPolicy implementation. | 49 // ChildProcessSecurityPolicy implementation. |
| (...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 82 const std::string& filesystem_id) override; | 87 const std::string& filesystem_id) override; |
| 83 bool HasWebUIBindings(int child_id) override; | 88 bool HasWebUIBindings(int child_id) override; |
| 84 void GrantSendMidiSysExMessage(int child_id) override; | 89 void GrantSendMidiSysExMessage(int child_id) override; |
| 85 bool CanAccessDataForOrigin(int child_id, const GURL& url) override; | 90 bool CanAccessDataForOrigin(int child_id, const GURL& url) override; |
| 86 bool HasSpecificPermissionForOrigin(int child_id, | 91 bool HasSpecificPermissionForOrigin(int child_id, |
| 87 const url::Origin& origin) override; | 92 const url::Origin& origin) override; |
| 88 | 93 |
| 89 // Returns if |child_id| can read all of the |files|. | 94 // Returns if |child_id| can read all of the |files|. |
| 90 bool CanReadAllFiles(int child_id, const std::vector<base::FilePath>& files); | 95 bool CanReadAllFiles(int child_id, const std::vector<base::FilePath>& files); |
| 91 | 96 |
| 97 // Validate that the renderer process for |site_instance| is allowed to access |
| 98 // data in the POST body specified by |body|. Has to be called on the UI |
| 99 // thread. |
| 100 // TODO(lukasza): Remove code duplication - the method below should be reused |
| 101 // by RenderFrameHostImpl::OnBeginNavigation and |
| 102 // ResourceDispatcherHostImpl::ShouldServiceRequest. |
| 103 bool CanReadRequestBody(SiteInstance* site_instance, |
| 104 const scoped_refptr<ResourceRequestBodyImpl>& body); |
| 105 |
| 92 // Pseudo schemes are treated differently than other schemes because they | 106 // Pseudo schemes are treated differently than other schemes because they |
| 93 // cannot be requested like normal URLs. There is no mechanism for revoking | 107 // cannot be requested like normal URLs. There is no mechanism for revoking |
| 94 // pseudo schemes. | 108 // pseudo schemes. |
| 95 void RegisterPseudoScheme(const std::string& scheme); | 109 void RegisterPseudoScheme(const std::string& scheme); |
| 96 | 110 |
| 97 // Returns true iff |scheme| has been registered as pseudo scheme. | 111 // Returns true iff |scheme| has been registered as pseudo scheme. |
| 98 bool IsPseudoScheme(const std::string& scheme); | 112 bool IsPseudoScheme(const std::string& scheme); |
| 99 | 113 |
| 100 // Upon creation, child processes should register themselves by calling this | 114 // Upon creation, child processes should register themselves by calling this |
| 101 // this method exactly once. | 115 // this method exactly once. |
| (...skipping 124 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 226 const storage::FileSystemURL& filesystem_url, | 240 const storage::FileSystemURL& filesystem_url, |
| 227 int permissions); | 241 int permissions); |
| 228 | 242 |
| 229 // Determines if certain permissions were granted for a file system. | 243 // Determines if certain permissions were granted for a file system. |
| 230 // |permissions| is an internally defined bit-set. | 244 // |permissions| is an internally defined bit-set. |
| 231 bool HasPermissionsForFileSystem( | 245 bool HasPermissionsForFileSystem( |
| 232 int child_id, | 246 int child_id, |
| 233 const std::string& filesystem_id, | 247 const std::string& filesystem_id, |
| 234 int permission); | 248 int permission); |
| 235 | 249 |
| 250 // Validate that |child_id| in |file_system_context| is allowed to access |
| 251 // data in the POST body specified by |body|. Can be called on any thread. |
| 252 bool CanReadRequestBody(int child_id, |
| 253 const storage::FileSystemContext* file_system_context, |
| 254 const scoped_refptr<ResourceRequestBodyImpl>& body); |
| 255 |
| 236 // You must acquire this lock before reading or writing any members of this | 256 // You must acquire this lock before reading or writing any members of this |
| 237 // class. You must not block while holding this lock. | 257 // class. You must not block while holding this lock. |
| 238 base::Lock lock_; | 258 base::Lock lock_; |
| 239 | 259 |
| 240 // These schemes are white-listed for all child processes in various contexts. | 260 // These schemes are white-listed for all child processes in various contexts. |
| 241 // These sets are protected by |lock_|. | 261 // These sets are protected by |lock_|. |
| 242 SchemeSet schemes_okay_to_commit_in_any_process_; | 262 SchemeSet schemes_okay_to_commit_in_any_process_; |
| 243 SchemeSet schemes_okay_to_request_in_any_process_; | 263 SchemeSet schemes_okay_to_request_in_any_process_; |
| 244 SchemeSet schemes_okay_to_appear_as_origin_headers_; | 264 SchemeSet schemes_okay_to_appear_as_origin_headers_; |
| 245 | 265 |
| (...skipping 13 matching lines...) Expand all Loading... |
| 259 WorkerToMainProcessMap worker_map_; | 279 WorkerToMainProcessMap worker_map_; |
| 260 | 280 |
| 261 FileSystemPermissionPolicyMap file_system_policy_map_; | 281 FileSystemPermissionPolicyMap file_system_policy_map_; |
| 262 | 282 |
| 263 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicyImpl); | 283 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicyImpl); |
| 264 }; | 284 }; |
| 265 | 285 |
| 266 } // namespace content | 286 } // namespace content |
| 267 | 287 |
| 268 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ | 288 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2920833003:
FrameHostMsg_OpenURL_Params.resource_request_body needs to be validated. (Closed)
