Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(35)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/child_process_security_policy_impl.h

Issue 46303005: Fix chrome upload with content uri (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: simplify the change using FILE enum instead of adding a new enum Created 7 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« base/files/file_path.h ('K') | « base/files/file_path.cc ('k') | content/browser/child_process_security_policy_impl.cc » ('j') | content/browser/fileapi/fileapi_message_filter.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ 5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_
6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ 6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_
7 7
8 8
9 #include <map> 9 #include <map>
10 #include <set> 10 #include <set>
(...skipping 156 matching lines...) Expand 10 before | Expand all | Expand 10 after
167 // --enable-strict-site-isolation or --site-per-process flags are used. 167 // --enable-strict-site-isolation or --site-per-process flags are used.
168 bool CanSendCookiesForOrigin(int child_id, const GURL& gurl); 168 bool CanSendCookiesForOrigin(int child_id, const GURL& gurl);
169 169
170 // Sets the process as only permitted to use and see the cookies for the 170 // Sets the process as only permitted to use and see the cookies for the
171 // given origin. 171 // given origin.
172 // Only used if the very experimental --enable-strict-site-isolation or 172 // Only used if the very experimental --enable-strict-site-isolation or
173 // --site-per-process flags are used. 173 // --site-per-process flags are used.
174 void LockToOrigin(int child_id, const GURL& gurl); 174 void LockToOrigin(int child_id, const GURL& gurl);
175 175
176 // Determines if certain permissions were granted for a file fystem. 176 // Determines if certain permissions were granted for a file fystem.
177 // |permissions| must be a bitwise-or'd value of base::PlatformFileFlags. 177 // |permissions| must be a bitwise-or'd value of
178 // ChildProcessSecurityPermissions.
178 bool HasPermissionsForFileSystem( 179 bool HasPermissionsForFileSystem(
179 int child_id, 180 int child_id,
180 const std::string& filesystem_id, 181 const std::string& filesystem_id,
181 int permission); 182 int permission);
182 183
183 // Register FileSystem type and permission policy which should be used 184 // Register FileSystem type and permission policy which should be used
184 // for the type. The |policy| must be a bitwise-or'd value of 185 // for the type. The |policy| must be a bitwise-or'd value of
185 // fileapi::FilePermissionPolicy. 186 // fileapi::FilePermissionPolicy.
186 void RegisterFileSystemPermissionPolicy( 187 void RegisterFileSystemPermissionPolicy(
187 fileapi::FileSystemType type, 188 fileapi::FileSystemType type,
(...skipping 18 matching lines...) Expand all
206 207
207 // Obtain an instance of ChildProcessSecurityPolicyImpl via GetInstance(). 208 // Obtain an instance of ChildProcessSecurityPolicyImpl via GetInstance().
208 ChildProcessSecurityPolicyImpl(); 209 ChildProcessSecurityPolicyImpl();
209 friend struct DefaultSingletonTraits<ChildProcessSecurityPolicyImpl>; 210 friend struct DefaultSingletonTraits<ChildProcessSecurityPolicyImpl>;
210 211
211 // Adds child process during registration. 212 // Adds child process during registration.
212 void AddChild(int child_id); 213 void AddChild(int child_id);
213 214
214 // Determines if certain permissions were granted for a file to given child 215 // Determines if certain permissions were granted for a file to given child
215 // process. |permissions| must be a bitwise-or'd value of 216 // process. |permissions| must be a bitwise-or'd value of
216 // base::PlatformFileFlags. 217 // ChildProcessSecurityPermissions.
217 bool ChildProcessHasPermissionsForFile(int child_id, 218 bool ChildProcessHasPermissionsForFile(int child_id,
218 const base::FilePath& file, 219 const base::FilePath& file,
219 int permissions); 220 int permissions);
220 221
221 // Grant a particular permission set for a file. |permissions| is a bit-set 222 // Grant a particular permission set for a file. |permissions| is a bit-set
222 // of base::PlatformFileFlags. 223 // of ChildProcessSecurityPermissions.
223 void GrantPermissionsForFile(int child_id, 224 void GrantPermissionsForFile(int child_id,
224 const base::FilePath& file, 225 const base::FilePath& file,
225 int permissions); 226 int permissions);
226 227
227 // Grants access permission to the given isolated file system 228 // Grants access permission to the given isolated file system
228 // identified by |filesystem_id|. See comments for 229 // identified by |filesystem_id|. See comments for
229 // ChildProcessSecurityPolicy::GrantReadFileSystem() for more details. 230 // ChildProcessSecurityPolicy::GrantReadFileSystem() for more details.
230 void GrantPermissionsForFileSystem( 231 void GrantPermissionsForFileSystem(
231 int child_id, 232 int child_id,
232 const std::string& filesystem_id, 233 const std::string& filesystem_id,
233 int permission); 234 int permission);
234 235
235 // Deprecated: Use CanReadFile, etc. methods instead. 236 // Deprecated: Use CanReadFile, etc. methods instead.
236 // Determines if certain permissions were granted for a file. |permissions| 237 // Determines if certain permissions were granted for a file. |permissions|
237 // must be a bitwise-or'd value of base::PlatformFileFlags. 238 // must be a bitwise-or'd value of ChildProcessSecurityPermissions.
238 bool HasPermissionsForFile(int child_id, 239 bool HasPermissionsForFile(int child_id,
239 const base::FilePath& file, 240 const base::FilePath& file,
240 int permissions); 241 int permissions);
241 242
242 // Deprecated: Use CanReadFileSystemFile, etc. methods instead. 243 // Deprecated: Use CanReadFileSystemFile, etc. methods instead.
243 // Determines if certain permissions were granted for a file in FileSystem 244 // Determines if certain permissions were granted for a file in FileSystem
244 // API. |permissions| must be a bitwise-or'd value of base::PlatformFileFlags. 245 // API. |permissions| must be a bitwise-or'd value of
246 // ChildProcessSecurityPermissions.
245 bool HasPermissionsForFileSystemFile(int child_id, 247 bool HasPermissionsForFileSystemFile(int child_id,
246 const fileapi::FileSystemURL& url, 248 const fileapi::FileSystemURL& url,
247 int permissions); 249 int permissions);
248 250
249 // You must acquire this lock before reading or writing any members of this 251 // You must acquire this lock before reading or writing any members of this
250 // class. You must not block while holding this lock. 252 // class. You must not block while holding this lock.
251 base::Lock lock_; 253 base::Lock lock_;
252 254
253 // These schemes are white-listed for all child processes. This set is 255 // These schemes are white-listed for all child processes. This set is
254 // protected by |lock_|. 256 // protected by |lock_|.
(...skipping 15 matching lines...) Expand all
270 WorkerToMainProcessMap worker_map_; 272 WorkerToMainProcessMap worker_map_;
271 273
272 FileSystemPermissionPolicyMap file_system_policy_map_; 274 FileSystemPermissionPolicyMap file_system_policy_map_;
273 275
274 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicyImpl); 276 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicyImpl);
275 }; 277 };
276 278
277 } // namespace content 279 } // namespace content
278 280
279 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ 281 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_
OLDNEW
« base/files/file_path.h ('K') | « base/files/file_path.cc ('k') | content/browser/child_process_security_policy_impl.cc » ('j') | content/browser/fileapi/fileapi_message_filter.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698