| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // Represents the browser side of the browser <--> renderer communication | 5 // Represents the browser side of the browser <--> renderer communication |
| 6 // channel. There will be one RenderProcessHost per renderer process. | 6 // channel. There will be one RenderProcessHost per renderer process. |
| 7 | 7 |
| 8 #include "content/browser/renderer_host/render_process_host_impl.h" | 8 #include "content/browser/renderer_host/render_process_host_impl.h" |
| 9 | 9 |
| 10 #if defined(OS_WIN) | 10 #if defined(OS_WIN) |
| (...skipping 22 matching lines...) Expand all Loading... |
| 33 #include "base/process_util.h" | 33 #include "base/process_util.h" |
| 34 #include "base/rand_util.h" | 34 #include "base/rand_util.h" |
| 35 #include "base/stl_util.h" | 35 #include "base/stl_util.h" |
| 36 #include "base/string_util.h" | 36 #include "base/string_util.h" |
| 37 #include "base/sys_info.h" | 37 #include "base/sys_info.h" |
| 38 #include "base/threading/thread.h" | 38 #include "base/threading/thread.h" |
| 39 #include "base/threading/thread_restrictions.h" | 39 #include "base/threading/thread_restrictions.h" |
| 40 #include "base/tracked_objects.h" | 40 #include "base/tracked_objects.h" |
| 41 #include "content/browser/appcache/appcache_dispatcher_host.h" | 41 #include "content/browser/appcache/appcache_dispatcher_host.h" |
| 42 #include "content/browser/browser_main.h" | 42 #include "content/browser/browser_main.h" |
| 43 #include "content/browser/child_process_security_policy.h" | 43 #include "content/browser/child_process_security_policy_impl.h" |
| 44 #include "content/browser/device_orientation/message_filter.h" | 44 #include "content/browser/device_orientation/message_filter.h" |
| 45 #include "content/browser/download/mhtml_generation_manager.h" | 45 #include "content/browser/download/mhtml_generation_manager.h" |
| 46 #include "content/browser/file_system/file_system_dispatcher_host.h" | 46 #include "content/browser/file_system/file_system_dispatcher_host.h" |
| 47 #include "content/browser/geolocation/geolocation_dispatcher_host.h" | 47 #include "content/browser/geolocation/geolocation_dispatcher_host.h" |
| 48 #include "content/browser/gpu/gpu_data_manager.h" | 48 #include "content/browser/gpu/gpu_data_manager.h" |
| 49 #include "content/browser/gpu/gpu_process_host.h" | 49 #include "content/browser/gpu/gpu_process_host.h" |
| 50 #include "content/browser/in_process_webkit/dom_storage_message_filter.h" | 50 #include "content/browser/in_process_webkit/dom_storage_message_filter.h" |
| 51 #include "content/browser/in_process_webkit/indexed_db_dispatcher_host.h" | 51 #include "content/browser/in_process_webkit/indexed_db_dispatcher_host.h" |
| 52 #include "content/browser/mime_registry_message_filter.h" | 52 #include "content/browser/mime_registry_message_filter.h" |
| 53 #include "content/browser/plugin_service_impl.h" | 53 #include "content/browser/plugin_service_impl.h" |
| (...skipping 217 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 271 FROM_HERE, base::TimeDelta::FromSeconds(5), | 271 FROM_HERE, base::TimeDelta::FromSeconds(5), |
| 272 this, &RenderProcessHostImpl::ClearTransportDIBCache)), | 272 this, &RenderProcessHostImpl::ClearTransportDIBCache)), |
| 273 accessibility_enabled_(false), | 273 accessibility_enabled_(false), |
| 274 is_initialized_(false), | 274 is_initialized_(false), |
| 275 id_(ChildProcessHostImpl::GenerateChildProcessUniqueId()), | 275 id_(ChildProcessHostImpl::GenerateChildProcessUniqueId()), |
| 276 browser_context_(browser_context), | 276 browser_context_(browser_context), |
| 277 sudden_termination_allowed_(true), | 277 sudden_termination_allowed_(true), |
| 278 ignore_input_events_(false) { | 278 ignore_input_events_(false) { |
| 279 widget_helper_ = new RenderWidgetHelper(); | 279 widget_helper_ = new RenderWidgetHelper(); |
| 280 | 280 |
| 281 ChildProcessSecurityPolicy::GetInstance()->Add(GetID()); | 281 ChildProcessSecurityPolicyImpl::GetInstance()->Add(GetID()); |
| 282 | 282 |
| 283 // Grant most file permissions to this renderer. | 283 // Grant most file permissions to this renderer. |
| 284 // PLATFORM_FILE_TEMPORARY, PLATFORM_FILE_HIDDEN and | 284 // PLATFORM_FILE_TEMPORARY, PLATFORM_FILE_HIDDEN and |
| 285 // PLATFORM_FILE_DELETE_ON_CLOSE are not granted, because no existing API | 285 // PLATFORM_FILE_DELETE_ON_CLOSE are not granted, because no existing API |
| 286 // requests them. | 286 // requests them. |
| 287 // This is for the filesystem sandbox. | 287 // This is for the filesystem sandbox. |
| 288 ChildProcessSecurityPolicy::GetInstance()->GrantPermissionsForFile( | 288 ChildProcessSecurityPolicyImpl::GetInstance()->GrantPermissionsForFile( |
| 289 GetID(), browser_context->GetPath().Append( | 289 GetID(), browser_context->GetPath().Append( |
| 290 fileapi::SandboxMountPointProvider::kNewFileSystemDirectory), | 290 fileapi::SandboxMountPointProvider::kNewFileSystemDirectory), |
| 291 base::PLATFORM_FILE_OPEN | | 291 base::PLATFORM_FILE_OPEN | |
| 292 base::PLATFORM_FILE_CREATE | | 292 base::PLATFORM_FILE_CREATE | |
| 293 base::PLATFORM_FILE_OPEN_ALWAYS | | 293 base::PLATFORM_FILE_OPEN_ALWAYS | |
| 294 base::PLATFORM_FILE_CREATE_ALWAYS | | 294 base::PLATFORM_FILE_CREATE_ALWAYS | |
| 295 base::PLATFORM_FILE_OPEN_TRUNCATED | | 295 base::PLATFORM_FILE_OPEN_TRUNCATED | |
| 296 base::PLATFORM_FILE_READ | | 296 base::PLATFORM_FILE_READ | |
| 297 base::PLATFORM_FILE_WRITE | | 297 base::PLATFORM_FILE_WRITE | |
| 298 base::PLATFORM_FILE_EXCLUSIVE_READ | | 298 base::PLATFORM_FILE_EXCLUSIVE_READ | |
| 299 base::PLATFORM_FILE_EXCLUSIVE_WRITE | | 299 base::PLATFORM_FILE_EXCLUSIVE_WRITE | |
| 300 base::PLATFORM_FILE_ASYNC | | 300 base::PLATFORM_FILE_ASYNC | |
| 301 base::PLATFORM_FILE_WRITE_ATTRIBUTES | | 301 base::PLATFORM_FILE_WRITE_ATTRIBUTES | |
| 302 base::PLATFORM_FILE_ENUMERATE); | 302 base::PLATFORM_FILE_ENUMERATE); |
| 303 // This is so that we can read and move stuff out of the old filesystem | 303 // This is so that we can read and move stuff out of the old filesystem |
| 304 // sandbox. | 304 // sandbox. |
| 305 ChildProcessSecurityPolicy::GetInstance()->GrantPermissionsForFile( | 305 ChildProcessSecurityPolicyImpl::GetInstance()->GrantPermissionsForFile( |
| 306 GetID(), browser_context->GetPath().Append( | 306 GetID(), browser_context->GetPath().Append( |
| 307 fileapi::SandboxMountPointProvider::kOldFileSystemDirectory), | 307 fileapi::SandboxMountPointProvider::kOldFileSystemDirectory), |
| 308 base::PLATFORM_FILE_READ | base::PLATFORM_FILE_WRITE | | 308 base::PLATFORM_FILE_READ | base::PLATFORM_FILE_WRITE | |
| 309 base::PLATFORM_FILE_WRITE_ATTRIBUTES | base::PLATFORM_FILE_ENUMERATE); | 309 base::PLATFORM_FILE_WRITE_ATTRIBUTES | base::PLATFORM_FILE_ENUMERATE); |
| 310 // This is so that we can rename the old sandbox out of the way so that we | 310 // This is so that we can rename the old sandbox out of the way so that we |
| 311 // know we've taken care of it. | 311 // know we've taken care of it. |
| 312 ChildProcessSecurityPolicy::GetInstance()->GrantPermissionsForFile( | 312 ChildProcessSecurityPolicyImpl::GetInstance()->GrantPermissionsForFile( |
| 313 GetID(), browser_context->GetPath().Append( | 313 GetID(), browser_context->GetPath().Append( |
| 314 fileapi::SandboxMountPointProvider::kRenamedOldFileSystemDirectory), | 314 fileapi::SandboxMountPointProvider::kRenamedOldFileSystemDirectory), |
| 315 base::PLATFORM_FILE_CREATE | base::PLATFORM_FILE_CREATE_ALWAYS | | 315 base::PLATFORM_FILE_CREATE | base::PLATFORM_FILE_CREATE_ALWAYS | |
| 316 base::PLATFORM_FILE_WRITE); | 316 base::PLATFORM_FILE_WRITE); |
| 317 | 317 |
| 318 CHECK(!content::ExitedMainMessageLoop()); | 318 CHECK(!content::ExitedMainMessageLoop()); |
| 319 RegisterHost(GetID(), this); | 319 RegisterHost(GetID(), this); |
| 320 g_all_hosts.Get().set_check_on_null_data(true); | 320 g_all_hosts.Get().set_check_on_null_data(true); |
| 321 // Initialize |child_process_activity_time_| to a reasonable value. | 321 // Initialize |child_process_activity_time_| to a reasonable value. |
| 322 mark_child_process_activity_time(); | 322 mark_child_process_activity_time(); |
| 323 // Note: When we create the RenderProcessHostImpl, it's technically | 323 // Note: When we create the RenderProcessHostImpl, it's technically |
| 324 // backgrounded, because it has no visible listeners. But the process | 324 // backgrounded, because it has no visible listeners. But the process |
| 325 // doesn't actually exist yet, so we'll Background it later, after | 325 // doesn't actually exist yet, so we'll Background it later, after |
| 326 // creation. | 326 // creation. |
| 327 } | 327 } |
| 328 | 328 |
| 329 RenderProcessHostImpl::~RenderProcessHostImpl() { | 329 RenderProcessHostImpl::~RenderProcessHostImpl() { |
| 330 ChildProcessSecurityPolicy::GetInstance()->Remove(GetID()); | 330 ChildProcessSecurityPolicyImpl::GetInstance()->Remove(GetID()); |
| 331 | 331 |
| 332 // We may have some unsent messages at this point, but that's OK. | 332 // We may have some unsent messages at this point, but that's OK. |
| 333 channel_.reset(); | 333 channel_.reset(); |
| 334 while (!queued_messages_.empty()) { | 334 while (!queued_messages_.empty()) { |
| 335 delete queued_messages_.front(); | 335 delete queued_messages_.front(); |
| 336 queued_messages_.pop(); | 336 queued_messages_.pop(); |
| 337 } | 337 } |
| 338 | 338 |
| 339 ClearTransportDIBCache(); | 339 ClearTransportDIBCache(); |
| 340 UnregisterHost(GetID()); | 340 UnregisterHost(GetID()); |
| (...skipping 752 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1093 const GURL& site_url) { | 1093 const GURL& site_url) { |
| 1094 if (run_renderer_in_process()) | 1094 if (run_renderer_in_process()) |
| 1095 return true; | 1095 return true; |
| 1096 | 1096 |
| 1097 if (host->GetBrowserContext() != browser_context) | 1097 if (host->GetBrowserContext() != browser_context) |
| 1098 return false; | 1098 return false; |
| 1099 | 1099 |
| 1100 WebUIControllerFactory* factory = | 1100 WebUIControllerFactory* factory = |
| 1101 content::GetContentClient()->browser()->GetWebUIControllerFactory(); | 1101 content::GetContentClient()->browser()->GetWebUIControllerFactory(); |
| 1102 if (factory && | 1102 if (factory && |
| 1103 ChildProcessSecurityPolicy::GetInstance()->HasWebUIBindings( | 1103 ChildProcessSecurityPolicyImpl::GetInstance()->HasWebUIBindings( |
| 1104 host->GetID()) != | 1104 host->GetID()) != |
| 1105 factory->UseWebUIBindingsForURL(browser_context, site_url)) { | 1105 factory->UseWebUIBindingsForURL(browser_context, site_url)) { |
| 1106 return false; | 1106 return false; |
| 1107 } | 1107 } |
| 1108 | 1108 |
| 1109 return content::GetContentClient()->browser()->IsSuitableHost(host, site_url); | 1109 return content::GetContentClient()->browser()->IsSuitableHost(host, site_url); |
| 1110 } | 1110 } |
| 1111 | 1111 |
| 1112 // static | 1112 // static |
| 1113 bool content::RenderProcessHost::run_renderer_in_process() { | 1113 bool content::RenderProcessHost::run_renderer_in_process() { |
| (...skipping 174 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1288 } | 1288 } |
| 1289 } | 1289 } |
| 1290 | 1290 |
| 1291 void RenderProcessHostImpl::OnUserMetricsRecordAction( | 1291 void RenderProcessHostImpl::OnUserMetricsRecordAction( |
| 1292 const std::string& action) { | 1292 const std::string& action) { |
| 1293 content::RecordComputedAction(action); | 1293 content::RecordComputedAction(action); |
| 1294 } | 1294 } |
| 1295 | 1295 |
| 1296 void RenderProcessHostImpl::OnRevealFolderInOS(const FilePath& path) { | 1296 void RenderProcessHostImpl::OnRevealFolderInOS(const FilePath& path) { |
| 1297 // Only honor the request if appropriate persmissions are granted. | 1297 // Only honor the request if appropriate persmissions are granted. |
| 1298 if (ChildProcessSecurityPolicy::GetInstance()->CanReadFile(GetID(), path)) | 1298 if (ChildProcessSecurityPolicyImpl::GetInstance()->CanReadFile(GetID(), |
| 1299 path)) |
| 1299 content::GetContentClient()->browser()->OpenItem(path); | 1300 content::GetContentClient()->browser()->OpenItem(path); |
| 1300 } | 1301 } |
| 1301 | 1302 |
| 1302 void RenderProcessHostImpl::OnSavedPageAsMHTML(int job_id, int64 data_size) { | 1303 void RenderProcessHostImpl::OnSavedPageAsMHTML(int job_id, int64 data_size) { |
| 1303 content::GetContentClient()->browser()->GetMHTMLGenerationManager()-> | 1304 content::GetContentClient()->browser()->GetMHTMLGenerationManager()-> |
| 1304 MHTMLGenerated(job_id, data_size); | 1305 MHTMLGenerated(job_id, data_size); |
| 1305 } | 1306 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 9360014:
Create a content public browser API around the ChildProcessSecurityPolicy class. The implementati... (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/