| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/child_process_security_policy_impl.h" | 5 #include "content/browser/child_process_security_policy_impl.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/files/file_path.h" | 8 #include "base/files/file_path.h" |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/metrics/histogram.h" | 10 #include "base/metrics/histogram.h" |
| (...skipping 298 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 309 // We know about these schemes and believe them to be safe. | 309 // We know about these schemes and believe them to be safe. |
| 310 RegisterWebSafeScheme(url::kHttpScheme); | 310 RegisterWebSafeScheme(url::kHttpScheme); |
| 311 RegisterWebSafeScheme(url::kHttpsScheme); | 311 RegisterWebSafeScheme(url::kHttpsScheme); |
| 312 RegisterWebSafeScheme(url::kFtpScheme); | 312 RegisterWebSafeScheme(url::kFtpScheme); |
| 313 RegisterWebSafeScheme(url::kDataScheme); | 313 RegisterWebSafeScheme(url::kDataScheme); |
| 314 RegisterWebSafeScheme("feed"); | 314 RegisterWebSafeScheme("feed"); |
| 315 RegisterWebSafeScheme(url::kBlobScheme); | 315 RegisterWebSafeScheme(url::kBlobScheme); |
| 316 RegisterWebSafeScheme(url::kFileSystemScheme); | 316 RegisterWebSafeScheme(url::kFileSystemScheme); |
| 317 | 317 |
| 318 // We know about the following pseudo schemes and treat them specially. | 318 // We know about the following pseudo schemes and treat them specially. |
| 319 RegisterPseudoScheme(kAboutScheme); | 319 RegisterPseudoScheme(url::kAboutScheme); |
| 320 RegisterPseudoScheme(url::kJavaScriptScheme); | 320 RegisterPseudoScheme(url::kJavaScriptScheme); |
| 321 RegisterPseudoScheme(kViewSourceScheme); | 321 RegisterPseudoScheme(kViewSourceScheme); |
| 322 } | 322 } |
| 323 | 323 |
| 324 ChildProcessSecurityPolicyImpl::~ChildProcessSecurityPolicyImpl() { | 324 ChildProcessSecurityPolicyImpl::~ChildProcessSecurityPolicyImpl() { |
| 325 web_safe_schemes_.clear(); | 325 web_safe_schemes_.clear(); |
| 326 pseudo_schemes_.clear(); | 326 pseudo_schemes_.clear(); |
| 327 STLDeleteContainerPairSecondPointers(security_state_.begin(), | 327 STLDeleteContainerPairSecondPointers(security_state_.begin(), |
| 328 security_state_.end()); | 328 security_state_.end()); |
| 329 security_state_.clear(); | 329 security_state_.clear(); |
| (...skipping 280 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 610 // A view-source URL is allowed if the child process is permitted to | 610 // A view-source URL is allowed if the child process is permitted to |
| 611 // request the embedded URL. Careful to avoid pointless recursion. | 611 // request the embedded URL. Careful to avoid pointless recursion. |
| 612 GURL child_url(url.GetContent()); | 612 GURL child_url(url.GetContent()); |
| 613 if (child_url.SchemeIs(kViewSourceScheme) && | 613 if (child_url.SchemeIs(kViewSourceScheme) && |
| 614 url.SchemeIs(kViewSourceScheme)) | 614 url.SchemeIs(kViewSourceScheme)) |
| 615 return false; | 615 return false; |
| 616 | 616 |
| 617 return CanRequestURL(child_id, child_url); | 617 return CanRequestURL(child_id, child_url); |
| 618 } | 618 } |
| 619 | 619 |
| 620 if (LowerCaseEqualsASCII(url.spec(), kAboutBlankURL)) | 620 if (LowerCaseEqualsASCII(url.spec(), url::kAboutBlankURL)) |
| 621 return true; // Every child process can request <about:blank>. | 621 return true; // Every child process can request <about:blank>. |
| 622 | 622 |
| 623 // URLs like <about:memory> and <about:crash> shouldn't be requestable by | 623 // URLs like <about:memory> and <about:crash> shouldn't be requestable by |
| 624 // any child process. Also, this case covers <javascript:...>, which should | 624 // any child process. Also, this case covers <javascript:...>, which should |
| 625 // be handled internally by the process and not kicked up to the browser. | 625 // be handled internally by the process and not kicked up to the browser. |
| 626 return false; | 626 return false; |
| 627 } | 627 } |
| 628 | 628 |
| 629 if (!GetContentClient()->browser()->IsHandledURL(url) && | 629 if (!GetContentClient()->browser()->IsHandledURL(url) && |
| 630 !net::URLRequest::IsHandledURL(url)) { | 630 !net::URLRequest::IsHandledURL(url)) { |
| (...skipping 253 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 884 base::AutoLock lock(lock_); | 884 base::AutoLock lock(lock_); |
| 885 | 885 |
| 886 SecurityStateMap::iterator state = security_state_.find(child_id); | 886 SecurityStateMap::iterator state = security_state_.find(child_id); |
| 887 if (state == security_state_.end()) | 887 if (state == security_state_.end()) |
| 888 return false; | 888 return false; |
| 889 | 889 |
| 890 return state->second->can_send_midi_sysex(); | 890 return state->second->can_send_midi_sysex(); |
| 891 } | 891 } |
| 892 | 892 |
| 893 } // namespace content | 893 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 325443002:
Move about://-related constants from //content to //url (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src