OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ | 5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ |
6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ | 6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ |
7 | 7 |
8 | 8 |
9 #include <map> | 9 #include <map> |
10 #include <set> | 10 #include <set> |
11 #include <string> | 11 #include <string> |
12 | 12 |
13 #include "base/compiler_specific.h" | 13 #include "base/compiler_specific.h" |
14 #include "base/gtest_prod_util.h" | 14 #include "base/gtest_prod_util.h" |
15 #include "base/memory/singleton.h" | 15 #include "base/memory/singleton.h" |
16 #include "base/synchronization/lock.h" | 16 #include "base/synchronization/lock.h" |
17 #include "content/public/browser/child_process_security_policy.h" | 17 #include "content/public/browser/child_process_security_policy.h" |
18 #include "content/public/common/resource_type.h" | 18 #include "content/public/common/resource_type.h" |
19 #include "webkit/common/fileapi/file_system_types.h" | 19 #include "storage/common/fileapi/file_system_types.h" |
20 | 20 |
21 class GURL; | 21 class GURL; |
22 | 22 |
23 namespace base { | 23 namespace base { |
24 class FilePath; | 24 class FilePath; |
25 } | 25 } |
26 | 26 |
27 namespace fileapi { | 27 namespace storage { |
28 class FileSystemURL; | 28 class FileSystemURL; |
29 } | 29 } |
30 | 30 |
31 namespace content { | 31 namespace content { |
32 | 32 |
33 class CONTENT_EXPORT ChildProcessSecurityPolicyImpl | 33 class CONTENT_EXPORT ChildProcessSecurityPolicyImpl |
34 : NON_EXPORTED_BASE(public ChildProcessSecurityPolicy) { | 34 : NON_EXPORTED_BASE(public ChildProcessSecurityPolicy) { |
35 public: | 35 public: |
36 // Object can only be created through GetInstance() so the constructor is | 36 // Object can only be created through GetInstance() so the constructor is |
37 // private. | 37 // private. |
(...skipping 98 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
136 bool CanRequestURL(int child_id, const GURL& url); | 136 bool CanRequestURL(int child_id, const GURL& url); |
137 | 137 |
138 // Returns true if the process is permitted to load pages from | 138 // Returns true if the process is permitted to load pages from |
139 // the given origin in main frames or subframes. | 139 // the given origin in main frames or subframes. |
140 // Only might return false if --site-per-process flag is used. | 140 // Only might return false if --site-per-process flag is used. |
141 bool CanLoadPage(int child_id, | 141 bool CanLoadPage(int child_id, |
142 const GURL& url, | 142 const GURL& url, |
143 ResourceType resource_type); | 143 ResourceType resource_type); |
144 | 144 |
145 // Explicit permissions checks for FileSystemURL specified files. | 145 // Explicit permissions checks for FileSystemURL specified files. |
146 bool CanReadFileSystemFile(int child_id, const fileapi::FileSystemURL& url); | 146 bool CanReadFileSystemFile(int child_id, const storage::FileSystemURL& url); |
147 bool CanWriteFileSystemFile(int child_id, const fileapi::FileSystemURL& url); | 147 bool CanWriteFileSystemFile(int child_id, const storage::FileSystemURL& url); |
148 bool CanCreateFileSystemFile(int child_id, const fileapi::FileSystemURL& url); | 148 bool CanCreateFileSystemFile(int child_id, const storage::FileSystemURL& url); |
149 bool CanCreateReadWriteFileSystemFile(int child_id, | 149 bool CanCreateReadWriteFileSystemFile(int child_id, |
150 const fileapi::FileSystemURL& url); | 150 const storage::FileSystemURL& url); |
151 bool CanCopyIntoFileSystemFile(int child_id, | 151 bool CanCopyIntoFileSystemFile(int child_id, |
152 const fileapi::FileSystemURL& url); | 152 const storage::FileSystemURL& url); |
153 bool CanDeleteFileSystemFile(int child_id, | 153 bool CanDeleteFileSystemFile(int child_id, const storage::FileSystemURL& url); |
154 const fileapi::FileSystemURL& url); | |
155 | 154 |
156 // Returns true if the specified child_id has been granted ReadRawCookies. | 155 // Returns true if the specified child_id has been granted ReadRawCookies. |
157 bool CanReadRawCookies(int child_id); | 156 bool CanReadRawCookies(int child_id); |
158 | 157 |
159 // Returns true if the process is permitted to read and modify the cookies for | 158 // Returns true if the process is permitted to read and modify the cookies for |
160 // the given origin. Does not affect cookies attached to or set by network | 159 // the given origin. Does not affect cookies attached to or set by network |
161 // requests. | 160 // requests. |
162 // Only might return false if the very experimental | 161 // Only might return false if the very experimental |
163 // --enable-strict-site-isolation or --site-per-process flags are used. | 162 // --enable-strict-site-isolation or --site-per-process flags are used. |
164 bool CanAccessCookiesForOrigin(int child_id, const GURL& gurl); | 163 bool CanAccessCookiesForOrigin(int child_id, const GURL& gurl); |
165 | 164 |
166 // Returns true if the process is permitted to attach cookies to (or have | 165 // Returns true if the process is permitted to attach cookies to (or have |
167 // cookies set by) network requests. | 166 // cookies set by) network requests. |
168 // Only might return false if the very experimental | 167 // Only might return false if the very experimental |
169 // --enable-strict-site-isolation or --site-per-process flags are used. | 168 // --enable-strict-site-isolation or --site-per-process flags are used. |
170 bool CanSendCookiesForOrigin(int child_id, const GURL& gurl); | 169 bool CanSendCookiesForOrigin(int child_id, const GURL& gurl); |
171 | 170 |
172 // Sets the process as only permitted to use and see the cookies for the | 171 // Sets the process as only permitted to use and see the cookies for the |
173 // given origin. | 172 // given origin. |
174 // Only used if the very experimental --enable-strict-site-isolation or | 173 // Only used if the very experimental --enable-strict-site-isolation or |
175 // --site-per-process flags are used. | 174 // --site-per-process flags are used. |
176 void LockToOrigin(int child_id, const GURL& gurl); | 175 void LockToOrigin(int child_id, const GURL& gurl); |
177 | 176 |
178 // Register FileSystem type and permission policy which should be used | 177 // Register FileSystem type and permission policy which should be used |
179 // for the type. The |policy| must be a bitwise-or'd value of | 178 // for the type. The |policy| must be a bitwise-or'd value of |
180 // fileapi::FilePermissionPolicy. | 179 // storage::FilePermissionPolicy. |
181 void RegisterFileSystemPermissionPolicy( | 180 void RegisterFileSystemPermissionPolicy(storage::FileSystemType type, |
182 fileapi::FileSystemType type, | 181 int policy); |
183 int policy); | |
184 | 182 |
185 // Returns true if sending system exclusive messages is allowed. | 183 // Returns true if sending system exclusive messages is allowed. |
186 bool CanSendMidiSysExMessage(int child_id); | 184 bool CanSendMidiSysExMessage(int child_id); |
187 | 185 |
188 private: | 186 private: |
189 friend class ChildProcessSecurityPolicyInProcessBrowserTest; | 187 friend class ChildProcessSecurityPolicyInProcessBrowserTest; |
190 friend class ChildProcessSecurityPolicyTest; | 188 friend class ChildProcessSecurityPolicyTest; |
191 FRIEND_TEST_ALL_PREFIXES(ChildProcessSecurityPolicyInProcessBrowserTest, | 189 FRIEND_TEST_ALL_PREFIXES(ChildProcessSecurityPolicyInProcessBrowserTest, |
192 NoLeak); | 190 NoLeak); |
193 FRIEND_TEST_ALL_PREFIXES(ChildProcessSecurityPolicyTest, FilePermissions); | 191 FRIEND_TEST_ALL_PREFIXES(ChildProcessSecurityPolicyTest, FilePermissions); |
194 | 192 |
195 class SecurityState; | 193 class SecurityState; |
196 | 194 |
197 typedef std::set<std::string> SchemeSet; | 195 typedef std::set<std::string> SchemeSet; |
198 typedef std::map<int, SecurityState*> SecurityStateMap; | 196 typedef std::map<int, SecurityState*> SecurityStateMap; |
199 typedef std::map<int, int> WorkerToMainProcessMap; | 197 typedef std::map<int, int> WorkerToMainProcessMap; |
200 typedef std::map<fileapi::FileSystemType, int> FileSystemPermissionPolicyMap; | 198 typedef std::map<storage::FileSystemType, int> FileSystemPermissionPolicyMap; |
201 | 199 |
202 // Obtain an instance of ChildProcessSecurityPolicyImpl via GetInstance(). | 200 // Obtain an instance of ChildProcessSecurityPolicyImpl via GetInstance(). |
203 ChildProcessSecurityPolicyImpl(); | 201 ChildProcessSecurityPolicyImpl(); |
204 friend struct DefaultSingletonTraits<ChildProcessSecurityPolicyImpl>; | 202 friend struct DefaultSingletonTraits<ChildProcessSecurityPolicyImpl>; |
205 | 203 |
206 // Adds child process during registration. | 204 // Adds child process during registration. |
207 void AddChild(int child_id); | 205 void AddChild(int child_id); |
208 | 206 |
209 // Determines if certain permissions were granted for a file to given child | 207 // Determines if certain permissions were granted for a file to given child |
210 // process. |permissions| is an internally defined bit-set. | 208 // process. |permissions| is an internally defined bit-set. |
(...skipping 19 matching lines...) Expand all Loading... |
230 // is an internally defined bit-set. If |child_id| is a worker process, | 228 // is an internally defined bit-set. If |child_id| is a worker process, |
231 // this returns true if either the worker process or its parent renderer | 229 // this returns true if either the worker process or its parent renderer |
232 // has permissions for the file. | 230 // has permissions for the file. |
233 bool HasPermissionsForFile(int child_id, | 231 bool HasPermissionsForFile(int child_id, |
234 const base::FilePath& file, | 232 const base::FilePath& file, |
235 int permissions); | 233 int permissions); |
236 | 234 |
237 // Determines if certain permissions were granted for a file in FileSystem | 235 // Determines if certain permissions were granted for a file in FileSystem |
238 // API. |permissions| is an internally defined bit-set. | 236 // API. |permissions| is an internally defined bit-set. |
239 bool HasPermissionsForFileSystemFile(int child_id, | 237 bool HasPermissionsForFileSystemFile(int child_id, |
240 const fileapi::FileSystemURL& url, | 238 const storage::FileSystemURL& url, |
241 int permissions); | 239 int permissions); |
242 | 240 |
243 // Determines if certain permissions were granted for a file system. | 241 // Determines if certain permissions were granted for a file system. |
244 // |permissions| is an internally defined bit-set. | 242 // |permissions| is an internally defined bit-set. |
245 bool HasPermissionsForFileSystem( | 243 bool HasPermissionsForFileSystem( |
246 int child_id, | 244 int child_id, |
247 const std::string& filesystem_id, | 245 const std::string& filesystem_id, |
248 int permission); | 246 int permission); |
249 | 247 |
250 // You must acquire this lock before reading or writing any members of this | 248 // You must acquire this lock before reading or writing any members of this |
(...skipping 20 matching lines...) Expand all Loading... |
271 WorkerToMainProcessMap worker_map_; | 269 WorkerToMainProcessMap worker_map_; |
272 | 270 |
273 FileSystemPermissionPolicyMap file_system_policy_map_; | 271 FileSystemPermissionPolicyMap file_system_policy_map_; |
274 | 272 |
275 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicyImpl); | 273 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicyImpl); |
276 }; | 274 }; |
277 | 275 |
278 } // namespace content | 276 } // namespace content |
279 | 277 |
280 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ | 278 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ |
OLD | NEW |