OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/child_process_security_policy.h" | 5 #include "content/browser/child_process_security_policy.h" |
6 | 6 |
7 #include "base/file_path.h" | 7 #include "base/file_path.h" |
8 #include "base/logging.h" | 8 #include "base/logging.h" |
9 #include "base/metrics/histogram.h" | 9 #include "base/metrics/histogram.h" |
10 #include "base/platform_file.h" | 10 #include "base/platform_file.h" |
11 #include "base/stl_util.h" | 11 #include "base/stl_util.h" |
12 #include "base/string_util.h" | 12 #include "base/string_util.h" |
13 #include "content/browser/site_instance.h" | 13 #include "content/browser/site_instance.h" |
| 14 #include "content/public/browser/content_browser_client.h" |
14 #include "content/public/common/bindings_policy.h" | 15 #include "content/public/common/bindings_policy.h" |
15 #include "content/public/common/url_constants.h" | 16 #include "content/public/common/url_constants.h" |
16 #include "googleurl/src/gurl.h" | 17 #include "googleurl/src/gurl.h" |
17 #include "net/url_request/url_request.h" | 18 #include "net/url_request/url_request.h" |
18 | 19 |
19 static const int kReadFilePermissions = | 20 static const int kReadFilePermissions = |
20 base::PLATFORM_FILE_OPEN | | 21 base::PLATFORM_FILE_OPEN | |
21 base::PLATFORM_FILE_READ | | 22 base::PLATFORM_FILE_READ | |
22 base::PLATFORM_FILE_EXCLUSIVE_READ | | 23 base::PLATFORM_FILE_EXCLUSIVE_READ | |
23 base::PLATFORM_FILE_ASYNC; | 24 base::PLATFORM_FILE_ASYNC; |
(...skipping 351 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
375 | 376 |
376 if (LowerCaseEqualsASCII(url.spec(), chrome::kAboutBlankURL)) | 377 if (LowerCaseEqualsASCII(url.spec(), chrome::kAboutBlankURL)) |
377 return true; // Every child process can request <about:blank>. | 378 return true; // Every child process can request <about:blank>. |
378 | 379 |
379 // URLs like <about:memory> and <about:crash> shouldn't be requestable by | 380 // URLs like <about:memory> and <about:crash> shouldn't be requestable by |
380 // any child process. Also, this case covers <javascript:...>, which should | 381 // any child process. Also, this case covers <javascript:...>, which should |
381 // be handled internally by the process and not kicked up to the browser. | 382 // be handled internally by the process and not kicked up to the browser. |
382 return false; | 383 return false; |
383 } | 384 } |
384 | 385 |
385 if (!net::URLRequest::IsHandledURL(url)) | 386 if (!content::GetContentClient()->browser()->IsHandledURL(url) && |
| 387 !net::URLRequest::IsHandledURL(url)) |
386 return true; // This URL request is destined for ShellExecute. | 388 return true; // This URL request is destined for ShellExecute. |
387 | 389 |
388 { | 390 { |
389 base::AutoLock lock(lock_); | 391 base::AutoLock lock(lock_); |
390 | 392 |
391 SecurityStateMap::iterator state = security_state_.find(child_id); | 393 SecurityStateMap::iterator state = security_state_.find(child_id); |
392 if (state == security_state_.end()) | 394 if (state == security_state_.end()) |
393 return false; | 395 return false; |
394 | 396 |
395 // Otherwise, we consult the child process's security state to see if it is | 397 // Otherwise, we consult the child process's security state to see if it is |
(...skipping 79 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
475 | 477 |
476 void ChildProcessSecurityPolicy::LockToOrigin(int child_id, const GURL& gurl) { | 478 void ChildProcessSecurityPolicy::LockToOrigin(int child_id, const GURL& gurl) { |
477 // "gurl" can be currently empty in some cases, such as file://blah. | 479 // "gurl" can be currently empty in some cases, such as file://blah. |
478 DCHECK(SiteInstance::GetSiteForURL(NULL, gurl) == gurl); | 480 DCHECK(SiteInstance::GetSiteForURL(NULL, gurl) == gurl); |
479 base::AutoLock lock(lock_); | 481 base::AutoLock lock(lock_); |
480 SecurityStateMap::iterator state = security_state_.find(child_id); | 482 SecurityStateMap::iterator state = security_state_.find(child_id); |
481 DCHECK(state != security_state_.end()); | 483 DCHECK(state != security_state_.end()); |
482 state->second->LockToOrigin(gurl); | 484 state->second->LockToOrigin(gurl); |
483 } | 485 } |
484 | 486 |
OLD | NEW |