Universal access for Child process security policy

rogerwang · rogerwang · commit d4743a737e59 · 2013-10-14T12:36:41.000+08:00
Support for nwjs/nw.js#927
diff --git a/content/browser/child_process_security_policy_impl.cc b/content/browser/child_process_security_policy_impl.cc
@@ -75,7 +75,8 @@ class ChildProcessSecurityPolicyImpl::SecurityState {
  public:
   SecurityState()
     : enabled_bindings_(0),
-      can_read_raw_cookies_(false) { }
+      can_read_raw_cookies_(false),
+      universal_access_(false) { }
 
   ~SecurityState() {
     scheme_policy_.clear();
@@ -90,6 +91,10 @@ class ChildProcessSecurityPolicyImpl::SecurityState {
                          file_permissions_.size());
   }
 
+  void GrantUniversalAccess() {
+    universal_access_ = true;
+  }
+
   // Grant permission to request URLs with the specified scheme.
   void GrantScheme(const std::string& scheme) {
     scheme_policy_[scheme] = true;
@@ -152,6 +157,9 @@ class ChildProcessSecurityPolicyImpl::SecurityState {
 
   // Determine whether permission has been granted to request |url|.
   bool CanRequestURL(const GURL& url) {
+    if (universal_access_)
+      return true;
+
     // Having permission to a scheme implies permssion to all of its URLs.
     SchemeMap::const_iterator judgment(scheme_policy_.find(url.scheme()));
     if (judgment != scheme_policy_.end())
@@ -170,6 +178,9 @@ class ChildProcessSecurityPolicyImpl::SecurityState {
 
   // Determine if the certain permissions have been granted to a file.
   bool HasPermissionsForFile(const base::FilePath& file, int permissions) {
+    if (universal_access_)
+      return true;
+
     if (!permissions || file.empty() || !file.IsAbsolute())
       return false;
     base::FilePath current_path = file.StripTrailingSeparators();
@@ -194,6 +205,9 @@ class ChildProcessSecurityPolicyImpl::SecurityState {
   }
 
   bool CanLoadPage(const GURL& gurl) {
+    if (universal_access_)
+      return true;
+
     if (origin_lock_.is_empty())
       return true;
 
@@ -205,6 +219,9 @@ class ChildProcessSecurityPolicyImpl::SecurityState {
   }
 
   bool CanAccessCookiesForOrigin(const GURL& gurl) {
+    if (universal_access_)
+      return true;
+
     if (origin_lock_.is_empty())
       return true;
     // TODO(creis): We must pass the valid browser_context to convert hosted
@@ -215,6 +232,9 @@ class ChildProcessSecurityPolicyImpl::SecurityState {
   }
 
   bool CanSendCookiesForOrigin(const GURL& gurl) {
+    if (universal_access_)
+      return true;
+
     // We only block cross-site cookies on network requests if the
     // --enable-strict-site-isolation flag is passed.  This is expected to break
     // compatibility with many sites.  The similar --site-per-process flag only
@@ -242,6 +262,9 @@ class ChildProcessSecurityPolicyImpl::SecurityState {
   }
 
   bool can_read_raw_cookies() const {
+    if (universal_access_)
+      return true;
+
     return can_read_raw_cookies_;
   }
 
@@ -275,6 +298,8 @@ class ChildProcessSecurityPolicyImpl::SecurityState {
   // The set of isolated filesystems the child process is permitted to access.
   FileSystemMap filesystem_permissions_;
 
+  bool universal_access_;
+
   DISALLOW_COPY_AND_ASSIGN(SecurityState);
 };
 
@@ -366,6 +391,15 @@ bool ChildProcessSecurityPolicyImpl::IsPseudoScheme(
   return (pseudo_schemes_.find(scheme) != pseudo_schemes_.end());
 }
 
+void ChildProcessSecurityPolicyImpl::GrantUniversalAccess(
+    int child_id) {
+  base::AutoLock lock(lock_);
+  SecurityStateMap::iterator state = security_state_.find(child_id);
+  if (state == security_state_.end())
+    return;
+  state->second->GrantUniversalAccess();
+}
+
 void ChildProcessSecurityPolicyImpl::GrantRequestURL(
     int child_id, const GURL& url) {
 
diff --git a/content/browser/child_process_security_policy_impl.h b/content/browser/child_process_security_policy_impl.h
@@ -42,6 +42,7 @@ class CONTENT_EXPORT ChildProcessSecurityPolicyImpl
   // ChildProcessSecurityPolicy implementation.
   virtual void RegisterWebSafeScheme(const std::string& scheme) OVERRIDE;
   virtual bool IsWebSafeScheme(const std::string& scheme) OVERRIDE;
+  virtual void GrantUniversalAccess(int child_id) OVERRIDE;
   virtual void GrantReadFile(int child_id, const base::FilePath& file) OVERRIDE;
   virtual void GrantCreateReadWriteFile(int child_id,
                                         const base::FilePath& file) OVERRIDE;
diff --git a/content/public/browser/child_process_security_policy.h b/content/public/browser/child_process_security_policy.h
@@ -40,7 +40,9 @@ class ChildProcessSecurityPolicy {
   // Returns true iff |scheme| has been registered as a web-safe scheme.
   virtual bool IsWebSafeScheme(const std::string& scheme) = 0;
 
-  // This permission grants only read access to a file.
+  // node-webkit: grant all to node.js frames
+  virtual void GrantUniversalAccess(int child_id) = 0;
+
   // Whenever the user picks a file from a <input type="file"> element, the
   // browser should call this function to grant the child process the capability
   // to upload the file to the web. Grants FILE_PERMISSION_READ_ONLY.
