content/browser/site_instance.cc - Issue 8496027: Enhance --enable-strict-site-isolation to prevent a site-isolated renderer

Side by Side Diff: content/browser/site_instance.cc

Issue 8496027: Enhance --enable-strict-site-isolation to prevent a site-isolated renderer (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/

Patch Set: '' Created 9 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« content/browser/renderer_host/render_message_filter.cc ('K') | « content/browser/renderer_host/resource_dispatcher_host.cc ('k') | content/public/common/content_switches.cc » ('j') | content/renderer/render_view_impl.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "content/browser/site_instance.h"	5 #include "content/browser/site_instance.h"

6	6

	7 #include "base/command_line.h"

7 #include "content/browser/browsing_instance.h"	8 #include "content/browser/browsing_instance.h"

	9 #include "content/browser/child_process_security_policy.h"

8 #include "content/browser/renderer_host/browser_render_process_host.h"	10 #include "content/browser/renderer_host/browser_render_process_host.h"

9 #include "content/browser/webui/web_ui_factory.h"	11 #include "content/browser/webui/web_ui_factory.h"

10 #include "content/public/browser/content_browser_client.h"	12 #include "content/public/browser/content_browser_client.h"

11 #include "content/public/browser/notification_service.h"	13 #include "content/public/browser/notification_service.h"

12 #include "content/public/browser/notification_types.h"	14 #include "content/public/browser/notification_types.h"

	15 #include "content/public/common/content_switches.h"

13 #include "content/public/common/url_constants.h"	16 #include "content/public/common/url_constants.h"

14 #include "net/base/registry_controlled_domain.h"	17 #include "net/base/registry_controlled_domain.h"

15	18

16 static bool IsURLSameAsAnySiteInstance(const GURL& url) {	19 static bool IsURLSameAsAnySiteInstance(const GURL& url) {

17 if (!url.is_valid())	20 if (!url.is_valid())

18 return false;	21 return false;

19	22

20 // We treat javascript: as the same site as any URL since it is actually	23 // We treat javascript: as the same site as any URL since it is actually

21 // a modifier on existing pages.	24 // a modifier on existing pages.

22 if (url.SchemeIs(chrome::kJavaScriptScheme))	25 if (url.SchemeIs(chrome::kJavaScriptScheme))

(...skipping 55 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
78 } else {	81 } else {

79 process_ =	82 process_ =

80 new BrowserRenderProcessHost(browsing_instance_->browser_context());	83 new BrowserRenderProcessHost(browsing_instance_->browser_context());

81 }	84 }

82 }	85 }

83	86

84 content::GetContentClient()->browser()->SiteInstanceGotProcess(this);	87 content::GetContentClient()->browser()->SiteInstanceGotProcess(this);

85	88

86 // Make sure the process starts at the right max_page_id	89 // Make sure the process starts at the right max_page_id

87 process_->UpdateMaxPageID(max_page_id_);	90 process_->UpdateMaxPageID(max_page_id_);

	91

	92 const CommandLine& command_line = *CommandLine::ForCurrentProcess();

	93 if (command_line.HasSwitch(switches::kEnableStrictSiteIsolation)) {

	94 ChildProcessSecurityPolicy* policy =

	95 ChildProcessSecurityPolicy::GetInstance();

	96 policy->LockToOrigin(process_->id(), site_);
	Charlie Reis 2011/11/22 19:06:59 Hmm, a SiteInstance's site_ isn't always set by th Hmm, a SiteInstance's site_ isn't always set by the time GetProcess() is called (which helps deal with redirects). For example, if you open a bookmark in a new tab, GetProcess gets called before SetSite. If you open a bookmark in the current tab, SetSite gets called before GetProcess. I think we might have to move this to a helper and call it from both GetProcess and SetSite, whichever comes first (e.g., checking if has_site here, and if process_ below).
	97 }

88 }	98 }

89 DCHECK(process_);	99 DCHECK(process_);

90	100

91 return process_;	101 return process_;

92 }	102 }

93	103

94 void SiteInstance::SetSite(const GURL& url) {	104 void SiteInstance::SetSite(const GURL& url) {

95 // A SiteInstance's site should not change.	105 // A SiteInstance's site should not change.

96 // TODO(creis): When following links or script navigations, we can currently	106 // TODO(creis): When following links or script navigations, we can currently

97 // render pages from other sites in this SiteInstance. This will eventually	107 // render pages from other sites in this SiteInstance. This will eventually

(...skipping 122 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
220 }	230 }

221	231

222 void SiteInstance::Observe(int type,	232 void SiteInstance::Observe(int type,

223 const content::NotificationSource& source,	233 const content::NotificationSource& source,

224 const content::NotificationDetails& details) {	234 const content::NotificationDetails& details) {

225 DCHECK(type == content::NOTIFICATION_RENDERER_PROCESS_TERMINATED);	235 DCHECK(type == content::NOTIFICATION_RENDERER_PROCESS_TERMINATED);

226 RenderProcessHost* rph = content::Source<RenderProcessHost>(source).ptr();	236 RenderProcessHost* rph = content::Source<RenderProcessHost>(source).ptr();

227 if (rph == process_)	237 if (rph == process_)

228 process_ = NULL;	238 process_ = NULL;

229 }	239 }

OLD	NEW