summaryrefslogtreecommitdiffstats
path: root/content/browser/child_process_security_policy_impl.cc
Commit message (Collapse)AuthorAgeFilesLines
* Implement ChildProcessSecurityPolicy::HasPermissionsForFileSystemFile()kinuko@chromium.org2013-07-011-0/+51
| | | | | | | | | | | | | | | | | | | | | | | | | | | | In content/ layer: - Add CPSP::HasPermissionsForFileSystemFile() for central FileSystem permission check. - Replace all permission check code for FileSystem files with the newly added CPSP method In webkit/browser/fileapi layer: - Each MountPointProvider's GetPermissionPolicy() is replaced with a central static FileSystemContext::GetPermissionPolicy() method. Now the permission policy is statically defined for each type and used by CPSP. Some FS-specific security checks are moved into each FS's private implementation. - For SandboxMountPointProvider: moved some API-specific validity check code into a private IsAcessValid() method. - For CrosMountPointProvider: IsAccessAllowed() method is still called every time when a new FileSystemOperation is created, but doesn't participate the CPSP's permission check. BUG=174550 TEST=ChildProcessSecurityPolicyTest::FileSystemFilePermissions R=aedla@chromium.org, darin@chromium.org, tbarzic@chromium.org, tsepez@chromium.org Review URL: https://codereview.chromium.org/12310099 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@209418 0039d316-1c4b-4281-b951-d872f2087c98
* Use a direct include of strings headers in content/browser/, part 1.avi@chromium.org2013-06-111-1/+1
| | | | | | | | | | BUG=247723 TEST=none TBR=ben@chromium.org Review URL: https://chromiumcodereview.appspot.com/16755004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@205449 0039d316-1c4b-4281-b951-d872f2087c98
* DisabledScheme policy existed before we had URLBlacklist. csorba@chromium.org2013-06-061-15/+0
| | | | | | | | | | | | Using URLBlacklist we can block complete schemes, so we translate the DisabledSchemes policy to URLBlacklist. URLBlacklist did not handle some schemes before (e.g.: chrome, file) which are now added to the URLBlacklistManager. BUG=111489, 128735 Review URL: https://chromiumcodereview.appspot.com/16305008 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@204630 0039d316-1c4b-4281-b951-d872f2087c98
* content: Move kViewSourceScheme constant into content namespace.tfarina@chromium.org2013-05-301-5/+5
| | | | | | | | | BUG=None R=thestig@chromium.org,grt@chromium.org,joi@chromium.org,eroman@chromium.org Review URL: https://chromiumcodereview.appspot.com/15950011 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@203241 0039d316-1c4b-4281-b951-d872f2087c98
* Move more browser-specific webkit/fileapi code to webkit/browser/fileapikinuko@chromium.org2013-05-241-1/+1
| | | | | | | | | | | | | | | | | | | | Moves following files (25 files, 55/130 -> 80/130): - external_mount_points* - file_observers.h - file_system_task_runners* - isolated_context* - isolated_mount_point_provider* - local_file_system_operation* - mock_* - mount_points* - task_runner_bound_observer_list.h BUG=239710 TBR=tzik@chromium.org Review URL: https://codereview.chromium.org/15994002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@202079 0039d316-1c4b-4281-b951-d872f2087c98
* content: Move two more url constants into content namespace.tfarina@chromium.org2013-05-151-1/+1
| | | | | | | | TBR=joi@chromium.org, thestig@chromium.org Review URL: https://codereview.chromium.org/14698018 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@200165 0039d316-1c4b-4281-b951-d872f2087c98
* Move file_path.h to base/files.brettw@chromium.org2013-02-241-1/+1
| | | | | | TBR=sky git-svn-id: svn://svn.chromium.org/chrome/trunk/src@184344 0039d316-1c4b-4281-b951-d872f2087c98
* Use base namespace for FilePath in content/browserbrettw@chromium.org2013-02-071-24/+24
| | | | | | Review URL: https://codereview.chromium.org/12213066 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@181349 0039d316-1c4b-4281-b951-d872f2087c98
* Implement a prototype to render cross-site iframes in a separate process ↵nasko@chromium.org2013-01-231-9/+3
| | | | | | | | | | | | | | from their parent. This is a very early prototype and should not be used for general browsing of the web. To enable it, run Chrome with --site-per-process and --enable-browser-plugin-for-all-view-types command line parameters. (initial implementation by irobert@chromium.org) BUG=99379 Review URL: https://chromiumcodereview.appspot.com/11772005 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@178292 0039d316-1c4b-4281-b951-d872f2087c98
* Media Galleries: Add write support.thestig@chromium.org2013-01-171-5/+12
| | | | | | | | BUG=144509 Review URL: https://chromiumcodereview.appspot.com/11783023 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@177294 0039d316-1c4b-4281-b951-d872f2087c98
* Small extra validations on permission checks: reject "0" as a valid permissioncevans@chromium.org2013-01-071-0/+2
| | | | | | | | | | | | | mask and require the path be absolute. Also add some per-file security owners to child_process_security_policy_impl.cc since it is highly sensitive. BUG=168634 Review URL: https://chromiumcodereview.appspot.com/11734030 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@175390 0039d316-1c4b-4281-b951-d872f2087c98
* Prevent cross-site pages if the --site-per-process flag is passedirobert@chromium.org2012-12-111-0/+32
| | | | | | | | BUG=159215 Review URL: https://chromiumcodereview.appspot.com/11416121 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@172403 0039d316-1c4b-4281-b951-d872f2087c98
* Apply missing kParentDirectory checktsepez@chromium.org2012-11-201-2/+11
| | | | | | | | BUG=161564 Review URL: https://chromiumcodereview.appspot.com/11414046 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@168692 0039d316-1c4b-4281-b951-d872f2087c98
* Add an experimental --site-per-process flag.creis@chromium.org2012-11-151-4/+38
| | | | | | | | | | | | Ensures each renderer process is dedicated to pages from a single site. BUG=159215 TEST=Should get a cross-process navigation when clicking cross-site links. Review URL: https://chromiumcodereview.appspot.com/11312192 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@167813 0039d316-1c4b-4281-b951-d872f2087c98
* Move remaining files in content\browser to the content namespace.jam@chromium.org2012-10-301-5/+6
| | | | | | Review URL: https://codereview.chromium.org/11340029 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@164828 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 164120 - content/browser: Move more files into the content namespace.sail@chromium.org2012-10-251-6/+5
| | | | | | | | | | | | | | | Fixed most of the files found with the following command line: $ git grep --files-without-match --name-only "namespace content {" -- content/browser/{*.cc,*.h.*.mm} R=jam@chromium.org Review URL: https://codereview.chromium.org/11274038 TBR=tfarina@chromium.org Review URL: https://codereview.chromium.org/11273049 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@164122 0039d316-1c4b-4281-b951-d872f2087c98
* content/browser: Move more files into the content namespace.tfarina@chromium.org2012-10-251-5/+6
| | | | | | | | | | | | Fixed most of the files found with the following command line: $ git grep --files-without-match --name-only "namespace content {" -- content/browser/{*.cc,*.h.*.mm} R=jam@chromium.org Review URL: https://codereview.chromium.org/11274038 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@164120 0039d316-1c4b-4281-b951-d872f2087c98
* Add isWritableFileEntry to the fileSystem APIthorogood@chromium.org2012-07-191-0/+8
| | | | | | | | | | | isWritableFileEntry determines whether an existing FileEntry, obtained via getWritableFileEntry or chooseFile, is writable (otherwise, we assume it is readable). BUG=135689 TEST= Review URL: https://chromiumcodereview.appspot.com/10692104 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@147399 0039d316-1c4b-4281-b951-d872f2087c98
* Remove ugly writable flags from IsolatedContextkinuko@chromium.org2012-06-301-1/+0
| | | | | | | | | | | | | | For regular chrome centralize the read/write permission to ChildProcessSecurityPolicy and do nothing in fileapi layer. For DRT/content_shell disable writes at SimpleFileSystem layer as well as we do in FileAPIMessageFilter for chrome. BUG=none TEST=existing tests TEST=layout tests https://bugs.webkit.org/show_bug.cgi?id=89981 Review URL: https://chromiumcodereview.appspot.com/10692005 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@145063 0039d316-1c4b-4281-b951-d872f2087c98
* Relanding r144115: Manage Isolated Context with reference counts w/o DCHECKkinuko@chromium.org2012-06-261-1/+4
| | | | | | | | | | | Removed DCHECK for IsAbsolute() check since it doesn't seem practical to enforce it for all the testing. BUG=none TEST=existing tests should pass Review URL: https://chromiumcodereview.appspot.com/10656042 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@144172 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 144115 - Manage IsolatedContext with reference countskinuko@chromium.org2012-06-261-4/+1
| | | | | | | | | | | | | | | | to make it possible to be shared by multiple children. This patch itself should have no side effect. BUG=none TEST=existing tests should pass Review URL: https://chromiumcodereview.appspot.com/10536200 TBR=kinuko@chromium.org Review URL: https://chromiumcodereview.appspot.com/10658029 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@144133 0039d316-1c4b-4281-b951-d872f2087c98
* Manage IsolatedContext with reference countskinuko@chromium.org2012-06-261-1/+4
| | | | | | | | | | | | | to make it possible to be shared by multiple children. This patch itself should have no side effect. BUG=none TEST=existing tests should pass Review URL: https://chromiumcodereview.appspot.com/10536200 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@144115 0039d316-1c4b-4281-b951-d872f2087c98
* Retry: Make Isolated file system writable only if it is configured sokinuko@chromium.org2012-06-121-0/+1
| | | | | | | | | | | | | | - CreateFileStreamWriter wiring in FSO - Add yet another write-protection at IsolatedContext (in addition to ChildProcessSecurityPolicy, so that we can make each fs read-only or writable in DRT/testing) BUG=none TEST=existing tests should pass Original review URL: https://chromiumcodereview.appspot.com/10540070 Review URL: https://chromiumcodereview.appspot.com/10532085 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@141650 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 141395 - Make Isolated file system writable only if it is configured sokinuko@chromium.org2012-06-111-1/+0
| | | | | | | | | | | | | | | - Use CreateFileStreamWriter in FSO - Add yet another write-protection at IsolatedContext (in addition to ChildProcessSecurityPolicy, so that we can make each fs read-only or writable in DRT/testing) BUG=none TEST=none (will add layout_test) Review URL: https://chromiumcodereview.appspot.com/10540070 TBR=kinuko@chromium.org Review URL: https://chromiumcodereview.appspot.com/10534088 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@141398 0039d316-1c4b-4281-b951-d872f2087c98
* Make Isolated file system writable only if it is configured sokinuko@chromium.org2012-06-111-0/+1
| | | | | | | | | | | | - Use CreateFileStreamWriter in FSO - Add yet another write-protection at IsolatedContext (in addition to ChildProcessSecurityPolicy, so that we can make each fs read-only or writable in DRT/testing) BUG=none TEST=none (will add layout_test) Review URL: https://chromiumcodereview.appspot.com/10540070 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@141395 0039d316-1c4b-4281-b951-d872f2087c98
* DragEnter grants RequestURL to entire file:// scheme.tsepez@chromium.org2012-06-081-9/+48
| | | | | | | | | | | | | | | | | | | | | | | DragEnter can't know if the end action of a dragged file will be to assign it to the value of a file input element, or to navigate to the file itself, so it grants the permissions required for both. The RequestURL permission, however, currently implies access to all of file:// even though we intend to request only one file. This change adds a method to ChildProcessSecurityPolicy for more granular permissions for file:// URLs which is applied to the existing renderer. A second change causes file:// navigations to be browser-navigations, so that the existing renderer will fork a new "file-privileged" renderer. The old renderer, having permissions for this one URL, will pass the checks required to lauch the new renderer for the URL, but will not have permission to fork renderers for other file:// URLs. This is a second attempt at resolving the issue, see also: http://codereview.chromium.org/10397002/ BUG=127525 Review URL: https://chromiumcodereview.appspot.com/10517009 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@141124 0039d316-1c4b-4281-b951-d872f2087c98
* Implement extension API chrome.fileSystem.getDisplayPath().benwells@chromium.org2012-06-081-1/+8
| | | | | | | | | | | | | This allows platform apps to get the full path of file entries in isolated file systems for display purposes. BUG=130452 TEST=Test added Review URL: https://chromiumcodereview.appspot.com/10477009 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@141119 0039d316-1c4b-4281-b951-d872f2087c98
* Add more detailed access control to isolated file systemkinuko@chromium.org2012-06-011-17/+65
| | | | | | | | | BUG=none TEST=to be added Review URL: https://chromiumcodereview.appspot.com/10459008 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@140000 0039d316-1c4b-4281-b951-d872f2087c98
* Create a content public browser API around the ChildProcessSecurityPolicy ↵ananta@chromium.org2012-02-091-0/+526
class. The implementation of this interface lives in content\browser\child_process_security_policy_impl.cc/.h. Moved some security checks from the TabContentsDelegate implementation (chrome\browser) to the TabContents code in content. BUG=98716 Review URL: https://chromiumcodereview.appspot.com/9360014 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@121137 0039d316-1c4b-4281-b951-d872f2087c98
generated by cgit v1.1 at 2025-02-16 07:17:02 +0000