diff options
| author | ericu@google.com <ericu@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-10-23 02:20:02 +0000 |
|---|---|---|
| committer | ericu@google.com <ericu@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-10-23 02:20:02 +0000 |
| commit | 04807c299fd6d05b5c288fd86f7905884a3cc19b (patch) | |
| tree | 02e2c7e8ffed9ad22553cd2918b92e9dc0dbf08c /chrome/browser/worker_host | |
| parent | 6a558a36f77d504f7fdf21c1e4d0ad63caa5909a (diff) | |
| download | chromium_src-04807c299fd6d05b5c288fd86f7905884a3cc19b.zip chromium_src-04807c299fd6d05b5c288fd86f7905884a3cc19b.tar.gz chromium_src-04807c299fd6d05b5c288fd86f7905884a3cc19b.tar.bz2 | |
Workers who want to use FileWriter need to be granted permission to access files in the user's FileSystem directory.
BUG=none; you need tests I haven't checked in yet to repro this problem.
TEST=none; tests are in review, but will go in after this fix.
Review URL: http://codereview.chromium.org/3991007
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@63619 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/browser/worker_host')
| -rw-r--r-- | chrome/browser/worker_host/worker_process_host.cc | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/chrome/browser/worker_host/worker_process_host.cc b/chrome/browser/worker_host/worker_process_host.cc index c8df23d..4bb38c0 100644 --- a/chrome/browser/worker_host/worker_process_host.cc +++ b/chrome/browser/worker_host/worker_process_host.cc @@ -37,6 +37,7 @@ #include "net/base/mime_util.h" #include "ipc/ipc_switches.h" #include "net/base/registry_controlled_domain.h" +#include "webkit/fileapi/file_system_path_manager.h" // Notifies RenderViewHost that one or more worker objects crashed. class WorkerCrashTask : public Task { @@ -184,6 +185,28 @@ bool WorkerProcessHost::Init() { cmd_line); ChildProcessSecurityPolicy::GetInstance()->Add(id()); + if (!CommandLine::ForCurrentProcess()->HasSwitch( + switches::kDisableFileSystem)) { + // Grant most file permissions to this worker. + // PLATFORM_FILE_TEMPORARY, PLATFORM_FILE_HIDDEN and + // PLATFORM_FILE_DELETE_ON_CLOSE are not granted, because no existing API + // requests them. + ChildProcessSecurityPolicy::GetInstance()->GrantPermissionsForFile( + id(), + request_context_->file_system_host_context()-> + path_manager()->base_path(), + base::PLATFORM_FILE_OPEN | + base::PLATFORM_FILE_CREATE | + base::PLATFORM_FILE_OPEN_ALWAYS | + base::PLATFORM_FILE_CREATE_ALWAYS | + base::PLATFORM_FILE_READ | + base::PLATFORM_FILE_WRITE | + base::PLATFORM_FILE_EXCLUSIVE_READ | + base::PLATFORM_FILE_EXCLUSIVE_WRITE | + base::PLATFORM_FILE_ASYNC | + base::PLATFORM_FILE_TRUNCATE | + base::PLATFORM_FILE_WRITE_ATTRIBUTES); + } return true; } |