Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(148)

Unified Diff: chrome/browser/net/chrome_network_delegate.cc

Issue 2926543002: chromeos: Replace "/tmp" with a call to PathService::Get() (Closed)
Patch Set: Address comments Created 3 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | chrome/browser/net/chrome_network_delegate_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/net/chrome_network_delegate.cc
diff --git a/chrome/browser/net/chrome_network_delegate.cc b/chrome/browser/net/chrome_network_delegate.cc
index b11644ada43c790b34cb4af8c7a96256a6d5a193..caa09c08abbc36ee70f15424530950daf18ab8e9 100644
--- a/chrome/browser/net/chrome_network_delegate.cc
+++ b/chrome/browser/net/chrome_network_delegate.cc
@@ -476,20 +476,24 @@ bool ChromeNetworkDelegate::IsAccessAllowed(
return true;
#else
+ std::vector<base::FilePath> whitelist;
#if defined(OS_CHROMEOS)
// Use a whitelist to only allow access to files residing in the list of
// directories below.
- static const char* const kLocalAccessWhiteList[] = {
+ static const base::FilePath::CharType* const kLocalAccessWhiteList[] = {
"/home/chronos/user/Downloads",
"/home/chronos/user/log",
"/home/chronos/user/WebRTC Logs",
"/media",
"/opt/oem",
"/usr/share/chromeos-assets",
- "/tmp",
"/var/log",
};
+ base::FilePath temp_dir;
+ if (PathService::Get(base::DIR_TEMP, &temp_dir))
+ whitelist.push_back(temp_dir);
+
// The actual location of "/home/chronos/user/Xyz" is the Xyz directory under
// the profile path ("/home/chronos/user' is a hard link to current primary
// logged in profile.) For the support of multi-profile sessions, we are
@@ -497,13 +501,9 @@ bool ChromeNetworkDelegate::IsAccessAllowed(
// access.
if (!profile_path.empty()) {
const base::FilePath downloads = profile_path.AppendASCII("Downloads");
- if (downloads == path.StripTrailingSeparators() || downloads.IsParent(path))
- return true;
+ whitelist.push_back(downloads);
const base::FilePath webrtc_logs = profile_path.AppendASCII("WebRTC Logs");
- if (webrtc_logs == path.StripTrailingSeparators() ||
- webrtc_logs.IsParent(path)) {
- return true;
- }
+ whitelist.push_back(webrtc_logs);
}
#elif defined(OS_ANDROID)
// Access to files in external storage is allowed.
@@ -513,17 +513,18 @@ bool ChromeNetworkDelegate::IsAccessAllowed(
return true;
// Whitelist of other allowed directories.
- static const char* const kLocalAccessWhiteList[] = {
- "/sdcard",
- "/mnt/sdcard",
+ static const base::FilePath::CharType* const kLocalAccessWhiteList[] = {
+ "/sdcard", "/mnt/sdcard",
};
#endif
- for (size_t i = 0; i < arraysize(kLocalAccessWhiteList); ++i) {
- const base::FilePath white_listed_path(kLocalAccessWhiteList[i]);
+ for (const auto* whitelisted_path : kLocalAccessWhiteList)
+ whitelist.push_back(base::FilePath(whitelisted_path));
+
+ for (const auto& whitelisted_path : whitelist) {
// base::FilePath::operator== should probably handle trailing separators.
- if (white_listed_path == path.StripTrailingSeparators() ||
- white_listed_path.IsParent(path)) {
+ if (whitelisted_path == path.StripTrailingSeparators() ||
+ whitelisted_path.IsParent(path)) {
return true;
}
}
« no previous file with comments | « no previous file | chrome/browser/net/chrome_network_delegate_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698