| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/child_process_security_policy_impl.h" | 5 #include "content/browser/child_process_security_policy_impl.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/files/file_path.h" | 8 #include "base/files/file_path.h" |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/metrics/histogram.h" | 10 #include "base/metrics/histogram.h" |
| (...skipping 117 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 128 | 128 |
| 129 bool HasPermissionsForFileSystem(const std::string& filesystem_id, | 129 bool HasPermissionsForFileSystem(const std::string& filesystem_id, |
| 130 int permissions) { | 130 int permissions) { |
| 131 FileSystemMap::const_iterator it = | 131 FileSystemMap::const_iterator it = |
| 132 filesystem_permissions_.find(filesystem_id); | 132 filesystem_permissions_.find(filesystem_id); |
| 133 if (it == filesystem_permissions_.end()) | 133 if (it == filesystem_permissions_.end()) |
| 134 return false; | 134 return false; |
| 135 return (it->second & permissions) == permissions; | 135 return (it->second & permissions) == permissions; |
| 136 } | 136 } |
| 137 | 137 |
| 138 #if defined(OS_ANDROID) |
| 139 // Grant certain permissions to a file. |
| 140 void GrantPermissionsForContentUrl(const GURL& content_url, |
| 141 int permissions) { |
| 142 content_url_permissions_[content_url] |= permissions; |
| 143 } |
| 144 |
| 145 bool HasPermissionsForContentUrl(const GURL& content_url, |
| 146 int permissions) { |
| 147 if (content_url_permissions_.find(content_url) == |
| 148 content_url_permissions_.end()) { |
| 149 return false; |
| 150 } |
| 151 return (content_url_permissions_[content_url] & permissions) == |
| 152 permissions; |
| 153 } |
| 154 #endif |
| 155 |
| 138 void GrantBindings(int bindings) { | 156 void GrantBindings(int bindings) { |
| 139 enabled_bindings_ |= bindings; | 157 enabled_bindings_ |= bindings; |
| 140 } | 158 } |
| 141 | 159 |
| 142 void GrantReadRawCookies() { | 160 void GrantReadRawCookies() { |
| 143 can_read_raw_cookies_ = true; | 161 can_read_raw_cookies_ = true; |
| 144 } | 162 } |
| 145 | 163 |
| 146 void RevokeReadRawCookies() { | 164 void RevokeReadRawCookies() { |
| 147 can_read_raw_cookies_ = false; | 165 can_read_raw_cookies_ = false; |
| (...skipping 103 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 251 return can_send_midi_sysex_; | 269 return can_send_midi_sysex_; |
| 252 } | 270 } |
| 253 | 271 |
| 254 private: | 272 private: |
| 255 typedef std::map<std::string, bool> SchemeMap; | 273 typedef std::map<std::string, bool> SchemeMap; |
| 256 | 274 |
| 257 typedef int FilePermissionFlags; // bit-set of PlatformFileFlags | 275 typedef int FilePermissionFlags; // bit-set of PlatformFileFlags |
| 258 typedef std::map<base::FilePath, FilePermissionFlags> FileMap; | 276 typedef std::map<base::FilePath, FilePermissionFlags> FileMap; |
| 259 typedef std::map<std::string, FilePermissionFlags> FileSystemMap; | 277 typedef std::map<std::string, FilePermissionFlags> FileSystemMap; |
| 260 typedef std::set<base::FilePath> FileSet; | 278 typedef std::set<base::FilePath> FileSet; |
| 279 #if defined(OS_ANDROID) |
| 280 typedef std::map<GURL, FilePermissionFlags> ContentUrlMap; |
| 281 #endif |
| 261 | 282 |
| 262 // Maps URL schemes to whether permission has been granted or revoked: | 283 // Maps URL schemes to whether permission has been granted or revoked: |
| 263 // |true| means the scheme has been granted. | 284 // |true| means the scheme has been granted. |
| 264 // |false| means the scheme has been revoked. | 285 // |false| means the scheme has been revoked. |
| 265 // If a scheme is not present in the map, then it has never been granted | 286 // If a scheme is not present in the map, then it has never been granted |
| 266 // or revoked. | 287 // or revoked. |
| 267 SchemeMap scheme_policy_; | 288 SchemeMap scheme_policy_; |
| 268 | 289 |
| 269 // The set of files the child process is permited to upload to the web. | 290 // The set of files the child process is permited to upload to the web. |
| 270 FileMap file_permissions_; | 291 FileMap file_permissions_; |
| 271 | 292 |
| 272 // The set of files the child process is permitted to load. | 293 // The set of files the child process is permitted to load. |
| 273 FileSet request_file_set_; | 294 FileSet request_file_set_; |
| 274 | 295 |
| 275 int enabled_bindings_; | 296 int enabled_bindings_; |
| 276 | 297 |
| 277 bool can_read_raw_cookies_; | 298 bool can_read_raw_cookies_; |
| 278 | 299 |
| 279 bool can_send_midi_sysex_; | 300 bool can_send_midi_sysex_; |
| 280 | 301 |
| 281 GURL origin_lock_; | 302 GURL origin_lock_; |
| 282 | 303 |
| 283 // The set of isolated filesystems the child process is permitted to access. | 304 // The set of isolated filesystems the child process is permitted to access. |
| 284 FileSystemMap filesystem_permissions_; | 305 FileSystemMap filesystem_permissions_; |
| 285 | 306 |
| 307 #if defined(OS_ANDROID) |
| 308 // The set of content urls the child process is permited to upload to the web. |
| 309 ContentUrlMap content_url_permissions_; |
| 310 #endif |
| 311 |
| 286 DISALLOW_COPY_AND_ASSIGN(SecurityState); | 312 DISALLOW_COPY_AND_ASSIGN(SecurityState); |
| 287 }; | 313 }; |
| 288 | 314 |
| 289 ChildProcessSecurityPolicyImpl::ChildProcessSecurityPolicyImpl() { | 315 ChildProcessSecurityPolicyImpl::ChildProcessSecurityPolicyImpl() { |
| 290 // We know about these schemes and believe them to be safe. | 316 // We know about these schemes and believe them to be safe. |
| 291 RegisterWebSafeScheme(kHttpScheme); | 317 RegisterWebSafeScheme(kHttpScheme); |
| 292 RegisterWebSafeScheme(kHttpsScheme); | 318 RegisterWebSafeScheme(kHttpsScheme); |
| 293 RegisterWebSafeScheme(chrome::kFtpScheme); | 319 RegisterWebSafeScheme(chrome::kFtpScheme); |
| 294 RegisterWebSafeScheme(chrome::kDataScheme); | 320 RegisterWebSafeScheme(chrome::kDataScheme); |
| 295 RegisterWebSafeScheme("feed"); | 321 RegisterWebSafeScheme("feed"); |
| (...skipping 340 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 636 return HasPermissionsForFileSystem(child_id, filesystem_id, | 662 return HasPermissionsForFileSystem(child_id, filesystem_id, |
| 637 COPY_INTO_FILE_GRANT); | 663 COPY_INTO_FILE_GRANT); |
| 638 } | 664 } |
| 639 | 665 |
| 640 bool ChildProcessSecurityPolicyImpl::CanDeleteFromFileSystem( | 666 bool ChildProcessSecurityPolicyImpl::CanDeleteFromFileSystem( |
| 641 int child_id, const std::string& filesystem_id) { | 667 int child_id, const std::string& filesystem_id) { |
| 642 return HasPermissionsForFileSystem(child_id, filesystem_id, | 668 return HasPermissionsForFileSystem(child_id, filesystem_id, |
| 643 DELETE_FILE_GRANT); | 669 DELETE_FILE_GRANT); |
| 644 } | 670 } |
| 645 | 671 |
| 672 #if defined(OS_ANDROID) |
| 673 void ChildProcessSecurityPolicyImpl::GrantReadContentUrl( |
| 674 int child_id, const GURL& content_url) { |
| 675 GrantPermissionsForContentUrl(child_id, content_url, READ_FILE_GRANT); |
| 676 } |
| 677 |
| 678 bool ChildProcessSecurityPolicyImpl::CanReadContentUrl( |
| 679 int child_id, const GURL& content_url) { |
| 680 if (!content_url.SchemeIsContent()) |
| 681 return false; |
| 682 base::AutoLock lock(lock_); |
| 683 bool result = ChildProcessHasPermissionsForContentUrl( |
| 684 child_id, content_url, READ_FILE_GRANT); |
| 685 if (!result) { |
| 686 WorkerToMainProcessMap::iterator iter = worker_map_.find(child_id); |
| 687 if (iter != worker_map_.end() && iter->second != 0) { |
| 688 result = ChildProcessHasPermissionsForContentUrl(iter->second, |
| 689 content_url, |
| 690 READ_FILE_GRANT); |
| 691 } |
| 692 } |
| 693 return result; |
| 694 } |
| 695 |
| 696 void ChildProcessSecurityPolicyImpl::GrantPermissionsForContentUrl( |
| 697 int child_id, const GURL& content_url, int permissions) { |
| 698 base::AutoLock lock(lock_); |
| 699 |
| 700 SecurityStateMap::iterator state = security_state_.find(child_id); |
| 701 if (state == security_state_.end()) |
| 702 return; |
| 703 state->second->GrantPermissionsForContentUrl(content_url, READ_FILE_GRANT); |
| 704 } |
| 705 |
| 706 bool ChildProcessSecurityPolicyImpl::ChildProcessHasPermissionsForContentUrl( |
| 707 int child_id, const GURL& content_url, int permissions) { |
| 708 SecurityStateMap::iterator state = security_state_.find(child_id); |
| 709 if (state == security_state_.end()) |
| 710 return false; |
| 711 return state->second->HasPermissionsForContentUrl(content_url, permissions); |
| 712 } |
| 713 #endif |
| 714 |
| 646 bool ChildProcessSecurityPolicyImpl::HasPermissionsForFile( | 715 bool ChildProcessSecurityPolicyImpl::HasPermissionsForFile( |
| 647 int child_id, const base::FilePath& file, int permissions) { | 716 int child_id, const base::FilePath& file, int permissions) { |
| 648 base::AutoLock lock(lock_); | 717 base::AutoLock lock(lock_); |
| 649 bool result = ChildProcessHasPermissionsForFile(child_id, file, permissions); | 718 bool result = ChildProcessHasPermissionsForFile(child_id, file, permissions); |
| 650 if (!result) { | 719 if (!result) { |
| 651 // If this is a worker thread that has no access to a given file, | 720 // If this is a worker thread that has no access to a given file, |
| 652 // let's check that its renderer process has access to that file instead. | 721 // let's check that its renderer process has access to that file instead. |
| 653 WorkerToMainProcessMap::iterator iter = worker_map_.find(child_id); | 722 WorkerToMainProcessMap::iterator iter = worker_map_.find(child_id); |
| 654 if (iter != worker_map_.end() && iter->second != 0) { | 723 if (iter != worker_map_.end() && iter->second != 0) { |
| 655 result = ChildProcessHasPermissionsForFile(iter->second, | 724 result = ChildProcessHasPermissionsForFile(iter->second, |
| (...skipping 193 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 849 base::AutoLock lock(lock_); | 918 base::AutoLock lock(lock_); |
| 850 | 919 |
| 851 SecurityStateMap::iterator state = security_state_.find(child_id); | 920 SecurityStateMap::iterator state = security_state_.find(child_id); |
| 852 if (state == security_state_.end()) | 921 if (state == security_state_.end()) |
| 853 return false; | 922 return false; |
| 854 | 923 |
| 855 return state->second->can_send_midi_sysex(); | 924 return state->second->can_send_midi_sysex(); |
| 856 } | 925 } |
| 857 | 926 |
| 858 } // namespace content | 927 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 46303005:
Fix chrome upload with content uri (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src