search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
(parent: 610e5de) | patch
Allow trusted brokers to restrict connections for spawned applications to whitelisted...
commit2dd70fcff791aa32b77360c9c8ed413d791e5b47
authorben <ben@chromium.org>
Fri, 24 Jul 2015 22:22:09 +0000 (24 15:22 -0700)
committerCommit bot <commit-bot@chromium.org>
Fri, 24 Jul 2015 22:23:09 +0000 (24 22:23 +0000)
tree00568483c25b7d81c741dbbf4acc913354981c0dtree | snapshot (tar.gz zip)
parent610e5de27b9f4bc34c43eb6ee78db1acf49e8ef9commit | diff
Allow trusted brokers to restrict connections for spawned applications to whitelisted applications and interfaces.

Currently, filters are not inherited when a restricted application starts a new application. If I did that immediately there is an opportunity for races if a restricted app starts a trusted app before the trusted broker can. I need to think through that in more detail. For now, any filters must be explicitly specified with every call to ConnectToApplication.

I'm not handling content handlers properly yet in this round. TBD.

http://crbug.com/510210

Review URL: https://codereview.chromium.org/1244233002

Cr-Commit-Position: refs/heads/master@{#340352}
30 files changed:
components/html_viewer/devtools_agent_impl.cc diff | blob | blame | history
components/html_viewer/media_factory.cc diff | blob | blame | history
components/resource_provider/public/cpp/resource_loader.cc diff | blob | blame | history
content/browser/frame_host/frame_mojo_shell.cc diff | blob | blame | history
content/browser/frame_host/frame_mojo_shell.h diff | blob | blame | history
content/browser/mojo/mojo_app_connection_impl.cc diff | blob | blame | history
content/browser/mojo/mojo_shell_context.cc diff | blob | blame | history
content/browser/mojo/mojo_shell_context.h diff | blob | blame | history
mandoline/ui/aura/surface_binding.cc diff | blob | blame | history
mojo/application/public/cpp/application_connection.h diff | blob | blame | history
mojo/application/public/cpp/application_impl.h diff | blob | blame | history
mojo/application/public/cpp/lib/application_impl.cc diff | blob | blame | history
mojo/application/public/cpp/lib/application_test_base.cc diff | blob | blame | history
mojo/application/public/cpp/lib/service_registry.cc diff | blob | blame | history
mojo/application/public/cpp/lib/service_registry.h diff | blob | blame | history
mojo/application/public/interfaces/application.mojom diff | blob | blame | history
mojo/application/public/interfaces/shell.mojom diff | blob | blame | history
mojo/mojo_shell.gyp diff | blob | blame | history
mojo/runner/context.cc diff | blob | blame | history
mojo/runner/native_runner_unittest.cc diff | blob | blame | history
mojo/runner/shell_test_base.cc diff | blob | blame | history
mojo/shell/BUILD.gn diff | blob | blame | history
mojo/shell/application_instance.cc diff | blob | blame | history
mojo/shell/application_instance.h diff | blob | blame | history
mojo/shell/application_manager.cc diff | blob | blame | history
mojo/shell/application_manager.h diff | blob | blame | history
mojo/shell/application_manager_unittest.cc diff | blob | blame | history
mojo/shell/capability_filter_unittest.cc [new file with mode: 0644] blob
mojo/shell/capability_filter_unittest.mojom [new file with mode: 0644] blob
mojo/shell/content_handler_connection.cc diff | blob | blame | history