Chromium Code Reviews Chromium Code Reviews
Issue 9958107:
Limiting the "Cookies and site data" form to "web safe" schemes. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/browsing_data_database_helper.h" | 5 #include "chrome/browser/browsing_data_database_helper.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/callback.h" | 8 #include "base/callback.h" |
| 9 #include "base/file_util.h" | 9 #include "base/file_util.h" |
| 10 #include "base/message_loop.h" | 10 #include "base/message_loop.h" |
| 11 #include "base/utf_string_conversions.h" | 11 #include "base/utf_string_conversions.h" |
| 12 #include "chrome/browser/profiles/profile.h" | 12 #include "chrome/browser/profiles/profile.h" |
| 13 #include "content/public/browser/browser_thread.h" | 13 #include "content/public/browser/browser_thread.h" |
| 14 #include "content/public/browser/child_process_security_policy.h" | |
| 14 #include "net/base/completion_callback.h" | 15 #include "net/base/completion_callback.h" |
| 15 #include "net/base/net_errors.h" | 16 #include "net/base/net_errors.h" |
| 17 #include "third_party/WebKit/Source/WebKit/chromium/public/WebSecurityOrigin.h" | |
|
jochen (gone - plz use gerrit)
2012/04/03 09:41:21
nit. W > p
Mike West
2012/04/03 14:45:51
Not according to vim! :)
Fixed.
| |
| 16 #include "third_party/WebKit/Source/WebKit/chromium/public/platform/WebCString.h " | 18 #include "third_party/WebKit/Source/WebKit/chromium/public/platform/WebCString.h " |
| 17 #include "third_party/WebKit/Source/WebKit/chromium/public/WebSecurityOrigin.h" | |
| 18 #include "third_party/WebKit/Source/WebKit/chromium/public/platform/WebString.h" | 19 #include "third_party/WebKit/Source/WebKit/chromium/public/platform/WebString.h" |
| 19 | 20 |
| 20 using content::BrowserContext; | 21 using content::BrowserContext; |
| 21 using content::BrowserThread; | 22 using content::BrowserThread; |
| 22 using WebKit::WebSecurityOrigin; | 23 using WebKit::WebSecurityOrigin; |
| 23 | 24 |
| 24 BrowsingDataDatabaseHelper::DatabaseInfo::DatabaseInfo() | 25 BrowsingDataDatabaseHelper::DatabaseInfo::DatabaseInfo() |
| 25 : size(0) { | 26 : size(0) { |
| 26 } | 27 } |
| 27 | 28 |
| (...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 84 BrowserThread::PostTask( | 85 BrowserThread::PostTask( |
| 85 BrowserThread::FILE, FROM_HERE, | 86 BrowserThread::FILE, FROM_HERE, |
| 86 base::Bind(&BrowsingDataDatabaseHelper::DeleteDatabaseOnFileThread, this, | 87 base::Bind(&BrowsingDataDatabaseHelper::DeleteDatabaseOnFileThread, this, |
| 87 origin, name)); | 88 origin, name)); |
| 88 } | 89 } |
| 89 | 90 |
| 90 void BrowsingDataDatabaseHelper::FetchDatabaseInfoOnFileThread() { | 91 void BrowsingDataDatabaseHelper::FetchDatabaseInfoOnFileThread() { |
| 91 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::FILE)); | 92 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::FILE)); |
| 92 std::vector<webkit_database::OriginInfo> origins_info; | 93 std::vector<webkit_database::OriginInfo> origins_info; |
| 93 if (tracker_.get() && tracker_->GetAllOriginsInfo(&origins_info)) { | 94 if (tracker_.get() && tracker_->GetAllOriginsInfo(&origins_info)) { |
| 95 content::ChildProcessSecurityPolicy* policy = | |
| 96 content::ChildProcessSecurityPolicy::GetInstance(); | |
| 94 for (std::vector<webkit_database::OriginInfo>::const_iterator ori = | 97 for (std::vector<webkit_database::OriginInfo>::const_iterator ori = |
| 95 origins_info.begin(); ori != origins_info.end(); ++ori) { | 98 origins_info.begin(); ori != origins_info.end(); ++ori) { |
| 96 const std::string origin_identifier(UTF16ToUTF8(ori->GetOrigin())); | 99 const GURL origin(UTF16ToUTF8(ori->GetOrigin())); |
| 97 if (StartsWithASCII(origin_identifier, | 100 if (policy->IsWebSafeScheme(origin.scheme())) { |
|
jochen (gone - plz use gerrit)
2012/04/03 09:41:21
forgot ! ?
Mike West
2012/04/03 14:45:51
Done.
| |
| 98 std::string(chrome::kExtensionScheme), | 101 // Non-websafe state is not considered browsing data. |
| 99 true)) { | |
| 100 // Extension state is not considered browsing data. | |
| 101 continue; | 102 continue; |
| 102 } | 103 } |
| 103 WebSecurityOrigin web_security_origin = | 104 WebSecurityOrigin web_security_origin = |
| 104 WebSecurityOrigin::createFromDatabaseIdentifier( | 105 WebSecurityOrigin::createFromDatabaseIdentifier( |
| 105 ori->GetOrigin()); | 106 ori->GetOrigin()); |
| 106 std::vector<string16> databases; | 107 std::vector<string16> databases; |
| 107 ori->GetAllDatabaseNames(&databases); | 108 ori->GetAllDatabaseNames(&databases); |
| 108 for (std::vector<string16>::const_iterator db = databases.begin(); | 109 for (std::vector<string16>::const_iterator db = databases.begin(); |
| 109 db != databases.end(); ++db) { | 110 db != databases.end(); ++db) { |
| 110 FilePath file_path = tracker_->GetFullDBFilePath(ori->GetOrigin(), *db); | 111 FilePath file_path = tracker_->GetFullDBFilePath(ori->GetOrigin(), *db); |
| 111 base::PlatformFileInfo file_info; | 112 base::PlatformFileInfo file_info; |
| 112 if (file_util::GetFileInfo(file_path, &file_info)) { | 113 if (file_util::GetFileInfo(file_path, &file_info)) { |
| 113 database_info_.push_back(DatabaseInfo( | 114 database_info_.push_back(DatabaseInfo( |
| 114 web_security_origin.host().utf8(), | 115 web_security_origin.host().utf8(), |
| 115 UTF16ToUTF8(*db), | 116 UTF16ToUTF8(*db), |
| 116 origin_identifier, | 117 UTF16ToUTF8(ori->GetOrigin()), |
| 117 UTF16ToUTF8(ori->GetDatabaseDescription(*db)), | 118 UTF16ToUTF8(ori->GetDatabaseDescription(*db)), |
| 118 web_security_origin.toString().utf8(), | 119 web_security_origin.toString().utf8(), |
| 119 file_info.size, | 120 file_info.size, |
| 120 file_info.last_modified)); | 121 file_info.last_modified)); |
| 121 } | 122 } |
| 122 } | 123 } |
| 123 } | 124 } |
| 124 } | 125 } |
| 125 | 126 |
| 126 BrowserThread::PostTask( | 127 BrowserThread::PostTask( |
| (...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 179 clone->pending_database_info_ = pending_database_info_; | 180 clone->pending_database_info_ = pending_database_info_; |
| 180 clone->database_info_ = database_info_; | 181 clone->database_info_ = database_info_; |
| 181 return clone; | 182 return clone; |
| 182 } | 183 } |
| 183 | 184 |
| 184 void CannedBrowsingDataDatabaseHelper::AddDatabase( | 185 void CannedBrowsingDataDatabaseHelper::AddDatabase( |
| 185 const GURL& origin, | 186 const GURL& origin, |
| 186 const std::string& name, | 187 const std::string& name, |
| 187 const std::string& description) { | 188 const std::string& description) { |
| 188 base::AutoLock auto_lock(lock_); | 189 base::AutoLock auto_lock(lock_); |
| 189 pending_database_info_.push_back(PendingDatabaseInfo( | 190 content::ChildProcessSecurityPolicy* policy = |
| 190 origin, name, description)); | 191 content::ChildProcessSecurityPolicy::GetInstance(); |
| 192 if (policy->IsWebSafeScheme(origin.scheme())) { | |
| 193 pending_database_info_.push_back(PendingDatabaseInfo( | |
| 194 origin, name, description)); | |
| 195 } | |
| 191 } | 196 } |
| 192 | 197 |
| 193 void CannedBrowsingDataDatabaseHelper::Reset() { | 198 void CannedBrowsingDataDatabaseHelper::Reset() { |
| 194 base::AutoLock auto_lock(lock_); | 199 base::AutoLock auto_lock(lock_); |
| 195 database_info_.clear(); | 200 database_info_.clear(); |
| 196 pending_database_info_.clear(); | 201 pending_database_info_.clear(); |
| 197 } | 202 } |
| 198 | 203 |
| 199 bool CannedBrowsingDataDatabaseHelper::empty() const { | 204 bool CannedBrowsingDataDatabaseHelper::empty() const { |
| 200 base::AutoLock auto_lock(lock_); | 205 base::AutoLock auto_lock(lock_); |
| (...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 248 web_security_origin.toString().utf8(), | 253 web_security_origin.toString().utf8(), |
| 249 0, | 254 0, |
| 250 base::Time())); | 255 base::Time())); |
| 251 } | 256 } |
| 252 pending_database_info_.clear(); | 257 pending_database_info_.clear(); |
| 253 | 258 |
| 254 BrowserThread::PostTask( | 259 BrowserThread::PostTask( |
| 255 BrowserThread::UI, FROM_HERE, | 260 BrowserThread::UI, FROM_HERE, |
| 256 base::Bind(&CannedBrowsingDataDatabaseHelper::NotifyInUIThread, this)); | 261 base::Bind(&CannedBrowsingDataDatabaseHelper::NotifyInUIThread, this)); |
| 257 } | 262 } |
| OLD | NEW |
