Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(20)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/child_process_security_policy.cc

Issue 9801002: Simplest backport of 117417. (Closed) Base URL: svn://svn.chromium.org/chrome/branches/963/src/
Patch Set: Created 8 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/chrome_content_browser_client.cc ('k') | content/browser/mock_content_browser_client.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/browser/child_process_security_policy.h" 5 #include "content/browser/child_process_security_policy.h"
6 6
7 #include "base/file_path.h" 7 #include "base/file_path.h"
8 #include "base/logging.h" 8 #include "base/logging.h"
9 #include "base/metrics/histogram.h" 9 #include "base/metrics/histogram.h"
10 #include "base/platform_file.h" 10 #include "base/platform_file.h"
11 #include "base/stl_util.h" 11 #include "base/stl_util.h"
12 #include "base/string_util.h" 12 #include "base/string_util.h"
13 #include "content/browser/site_instance.h" 13 #include "content/browser/site_instance.h"
14 #include "content/public/browser/content_browser_client.h"
14 #include "content/public/common/bindings_policy.h" 15 #include "content/public/common/bindings_policy.h"
15 #include "content/public/common/url_constants.h" 16 #include "content/public/common/url_constants.h"
16 #include "googleurl/src/gurl.h" 17 #include "googleurl/src/gurl.h"
17 #include "net/url_request/url_request.h" 18 #include "net/url_request/url_request.h"
18 19
19 static const int kReadFilePermissions = 20 static const int kReadFilePermissions =
20 base::PLATFORM_FILE_OPEN | 21 base::PLATFORM_FILE_OPEN |
21 base::PLATFORM_FILE_READ | 22 base::PLATFORM_FILE_READ |
22 base::PLATFORM_FILE_EXCLUSIVE_READ | 23 base::PLATFORM_FILE_EXCLUSIVE_READ |
23 base::PLATFORM_FILE_ASYNC; 24 base::PLATFORM_FILE_ASYNC;
(...skipping 351 matching lines...) Expand 10 before | Expand all | Expand 10 after
375 376
376 if (LowerCaseEqualsASCII(url.spec(), chrome::kAboutBlankURL)) 377 if (LowerCaseEqualsASCII(url.spec(), chrome::kAboutBlankURL))
377 return true; // Every child process can request <about:blank>. 378 return true; // Every child process can request <about:blank>.
378 379
379 // URLs like <about:memory> and <about:crash> shouldn't be requestable by 380 // URLs like <about:memory> and <about:crash> shouldn't be requestable by
380 // any child process. Also, this case covers <javascript:...>, which should 381 // any child process. Also, this case covers <javascript:...>, which should
381 // be handled internally by the process and not kicked up to the browser. 382 // be handled internally by the process and not kicked up to the browser.
382 return false; 383 return false;
383 } 384 }
384 385
385 if (!net::URLRequest::IsHandledURL(url)) 386 if (!content::GetContentClient()->browser()->IsHandledURL(url) &&
387 !net::URLRequest::IsHandledURL(url))
386 return true; // This URL request is destined for ShellExecute. 388 return true; // This URL request is destined for ShellExecute.
387 389
388 { 390 {
389 base::AutoLock lock(lock_); 391 base::AutoLock lock(lock_);
390 392
391 SecurityStateMap::iterator state = security_state_.find(child_id); 393 SecurityStateMap::iterator state = security_state_.find(child_id);
392 if (state == security_state_.end()) 394 if (state == security_state_.end())
393 return false; 395 return false;
394 396
395 // Otherwise, we consult the child process's security state to see if it is 397 // Otherwise, we consult the child process's security state to see if it is
(...skipping 79 matching lines...) Expand 10 before | Expand all | Expand 10 after
475 477
476 void ChildProcessSecurityPolicy::LockToOrigin(int child_id, const GURL& gurl) { 478 void ChildProcessSecurityPolicy::LockToOrigin(int child_id, const GURL& gurl) {
477 // "gurl" can be currently empty in some cases, such as file://blah. 479 // "gurl" can be currently empty in some cases, such as file://blah.
478 DCHECK(SiteInstance::GetSiteForURL(NULL, gurl) == gurl); 480 DCHECK(SiteInstance::GetSiteForURL(NULL, gurl) == gurl);
479 base::AutoLock lock(lock_); 481 base::AutoLock lock(lock_);
480 SecurityStateMap::iterator state = security_state_.find(child_id); 482 SecurityStateMap::iterator state = security_state_.find(child_id);
481 DCHECK(state != security_state_.end()); 483 DCHECK(state != security_state_.end());
482 state->second->LockToOrigin(gurl); 484 state->second->LockToOrigin(gurl);
483 } 485 }
484 486
OLDNEW
« no previous file with comments | « chrome/browser/chrome_content_browser_client.cc ('k') | content/browser/mock_content_browser_client.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698