1// Copyright (c) 2011 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef CHROME_COMMON_MAC_CFBUNDLE_BLOCKER_H_ 6#define CHROME_COMMON_MAC_CFBUNDLE_BLOCKER_H_ 7 8#if defined(__OBJC__) 9@class NSString; 10#else 11class NSString; 12#endif 13 14namespace chrome { 15namespace common { 16namespace mac { 17 18// Arranges to block loading of some third-party plug-in code that might try 19// to inject itself into the process. Modules loaded by CFBundle are blocked 20// if located within specific directories. Because NSBundle uses CFBundle 21// behind the scenes, this also blocks modules loaded by NSBundle when located 22// in those same specific directories. 23// 24// Blocked modules include input managers, contextual menu items, and 25// scripting additions installed in per-user (~/Library), per-machine 26// (/Library), or network (/Network/Library) locations. Modules installed in 27// the operating system location (/System/Library) are never blocked. 28// 29// This mechanism does not prevent CFBundle (or NSBundle) objects from being 30// created, but it does block them from loading modules into the process. 31void EnableCFBundleBlocker(); 32 33// Returns true if |bundle_id| and |version| identify a bundle that is allowed 34// to be loaded even when found in a blocked directory. 35// 36// Exposed only for testing. Do not call from outside the implementation. 37bool IsBundleAllowed(NSString* bundle_id, NSString* version); 38 39} // namespace mac 40} // namespace common 41} // namespace chrome 42 43#endif // CHROME_COMMON_MAC_CFBUNDLE_BLOCKER_H_ 44