| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #ifndef CONTENT_PUBLIC_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ |
| 6 #define CONTENT_PUBLIC_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ |
| 7 #pragma once |
| 8 |
| 9 #include <set> |
| 10 #include <string> |
| 11 |
| 12 #include "base/basictypes.h" |
| 13 #include "content/common/content_export.h" |
| 14 |
| 15 class FilePath; |
| 16 |
| 17 namespace content { |
| 18 |
| 19 // The ChildProcessSecurityPolicy class is used to grant and revoke security |
| 20 // capabilities for child processes. For example, it restricts whether a child |
| 21 // process is permitted to load file:// URLs based on whether the process |
| 22 // has ever been commanded to load file:// URLs by the browser. |
| 23 // |
| 24 // ChildProcessSecurityPolicy is a singleton that may be used on any thread. |
| 25 // |
| 26 class ChildProcessSecurityPolicy { |
| 27 public: |
| 28 virtual ~ChildProcessSecurityPolicy() {} |
| 29 |
| 30 // There is one global ChildProcessSecurityPolicy object for the entire |
| 31 // browser process. The object returned by this method may be accessed on |
| 32 // any thread. |
| 33 static CONTENT_EXPORT ChildProcessSecurityPolicy* GetInstance(); |
| 34 |
| 35 // Web-safe schemes can be requested by any child process. Once a web-safe |
| 36 // scheme has been registered, any child process can request URLs with |
| 37 // that scheme. There is no mechanism for revoking web-safe schemes. |
| 38 virtual void RegisterWebSafeScheme(const std::string& scheme) = 0; |
| 39 |
| 40 // Returns true iff |scheme| has been registered as a web-safe scheme. |
| 41 virtual bool IsWebSafeScheme(const std::string& scheme) = 0; |
| 42 |
| 43 // Sets the list of disabled schemes. |
| 44 // URLs using these schemes won't be loaded at all. The previous list of |
| 45 // schemes is overwritten. An empty |schemes| disables this feature. |
| 46 // Schemes listed as disabled take precedence over Web-safe schemes. |
| 47 virtual void RegisterDisabledSchemes( |
| 48 const std::set<std::string>& schemes) = 0; |
| 49 |
| 50 // Grants certain permissions to a file. |permissions| must be a bit-set of |
| 51 // base::PlatformFileFlags. |
| 52 virtual void GrantPermissionsForFile(int child_id, |
| 53 const FilePath& file, |
| 54 int permissions) = 0; |
| 55 |
| 56 // Whenever the user picks a file from a <input type="file"> element, the |
| 57 // browser should call this function to grant the child process the capability |
| 58 // to upload the file to the web. |
| 59 virtual void GrantReadFile(int child_id, const FilePath& file) = 0; |
| 60 |
| 61 // Grants the child process the capability to access URLs of the provided |
| 62 // scheme. |
| 63 virtual void GrantScheme(int child_id, const std::string& scheme) = 0; |
| 64 }; |
| 65 |
| 66 }; // namespace content |
| 67 |
| 68 #endif // CONTENT_PUBLIC_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 9360014:
Create a content public browser API around the ChildProcessSecurityPolicy class. The implementati... (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/