Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(59)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/child_process_security_policy_impl.cc

Issue 10658029: Revert 144115 - Manage IsolatedContext with reference counts (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 8 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | content/browser/renderer_host/render_view_host_impl.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/browser/child_process_security_policy_impl.h" 5 #include "content/browser/child_process_security_policy_impl.h"
6 6
7 #include "base/file_path.h" 7 #include "base/file_path.h"
8 #include "base/logging.h" 8 #include "base/logging.h"
9 #include "base/metrics/histogram.h" 9 #include "base/metrics/histogram.h"
10 #include "base/platform_file.h" 10 #include "base/platform_file.h"
(...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after
51 : enabled_bindings_(0), 51 : enabled_bindings_(0),
52 can_read_raw_cookies_(false) { } 52 can_read_raw_cookies_(false) { }
53 53
54 ~SecurityState() { 54 ~SecurityState() {
55 scheme_policy_.clear(); 55 scheme_policy_.clear();
56 fileapi::IsolatedContext* isolated_context = 56 fileapi::IsolatedContext* isolated_context =
57 fileapi::IsolatedContext::GetInstance(); 57 fileapi::IsolatedContext::GetInstance();
58 for (FileSystemMap::iterator iter = filesystem_permissions_.begin(); 58 for (FileSystemMap::iterator iter = filesystem_permissions_.begin();
59 iter != filesystem_permissions_.end(); 59 iter != filesystem_permissions_.end();
60 ++iter) { 60 ++iter) {
61 isolated_context->RemoveReference(iter->first); 61 isolated_context->RevokeIsolatedFileSystem(iter->first);
62 } 62 }
63 UMA_HISTOGRAM_COUNTS("ChildProcessSecurityPolicy.PerChildFilePermissions", 63 UMA_HISTOGRAM_COUNTS("ChildProcessSecurityPolicy.PerChildFilePermissions",
64 file_permissions_.size()); 64 file_permissions_.size());
65 } 65 }
66 66
67 // Grant permission to request URLs with the specified scheme. 67 // Grant permission to request URLs with the specified scheme.
68 void GrantScheme(const std::string& scheme) { 68 void GrantScheme(const std::string& scheme) {
69 scheme_policy_[scheme] = true; 69 scheme_policy_[scheme] = true;
70 } 70 }
71 71
(...skipping 18 matching lines...) Expand all
90 // Revokes all permissions granted to a file. 90 // Revokes all permissions granted to a file.
91 void RevokeAllPermissionsForFile(const FilePath& file) { 91 void RevokeAllPermissionsForFile(const FilePath& file) {
92 FilePath stripped = file.StripTrailingSeparators(); 92 FilePath stripped = file.StripTrailingSeparators();
93 file_permissions_.erase(stripped); 93 file_permissions_.erase(stripped);
94 request_file_set_.erase(stripped); 94 request_file_set_.erase(stripped);
95 } 95 }
96 96
97 // Grant certain permissions to a file. 97 // Grant certain permissions to a file.
98 void GrantPermissionsForFileSystem(const std::string& filesystem_id, 98 void GrantPermissionsForFileSystem(const std::string& filesystem_id,
99 int permissions) { 99 int permissions) {
100 if (filesystem_permissions_.find(filesystem_id) ==
101 filesystem_permissions_.end())
102 fileapi::IsolatedContext::GetInstance()->AddReference(filesystem_id);
103 filesystem_permissions_[filesystem_id] = permissions; 100 filesystem_permissions_[filesystem_id] = permissions;
104 } 101 }
105 102
106 bool HasPermissionsForFileSystem(const std::string& filesystem_id, 103 bool HasPermissionsForFileSystem(const std::string& filesystem_id,
107 int permissions) { 104 int permissions) {
108 if (filesystem_permissions_.find(filesystem_id) == 105 if (filesystem_permissions_.find(filesystem_id) ==
109 filesystem_permissions_.end()) 106 filesystem_permissions_.end())
110 return false; 107 return false;
111 return (filesystem_permissions_[filesystem_id] & permissions) == 108 return (filesystem_permissions_[filesystem_id] & permissions) ==
112 permissions; 109 permissions;
(...skipping 502 matching lines...) Expand 10 before | Expand all | Expand 10 after
615 int child_id, 612 int child_id,
616 const std::string& filesystem_id, 613 const std::string& filesystem_id,
617 int permission) { 614 int permission) {
618 base::AutoLock lock(lock_); 615 base::AutoLock lock(lock_);
619 616
620 SecurityStateMap::iterator state = security_state_.find(child_id); 617 SecurityStateMap::iterator state = security_state_.find(child_id);
621 if (state == security_state_.end()) 618 if (state == security_state_.end())
622 return false; 619 return false;
623 return state->second->HasPermissionsForFileSystem(filesystem_id, permission); 620 return state->second->HasPermissionsForFileSystem(filesystem_id, permission);
624 } 621 }
OLDNEW
« no previous file with comments | « no previous file | content/browser/renderer_host/render_view_host_impl.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698