| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chrome_content_browser_client.h" | 5 #include "chrome/browser/chrome_content_browser_client.h" |
| 6 | 6 |
| 7 #include <set> | 7 #include <set> |
| 8 #include <vector> | 8 #include <vector> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 380 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 391 } | 391 } |
| 392 | 392 |
| 393 bool ChromeContentBrowserClient::IsSuitableHost( | 393 bool ChromeContentBrowserClient::IsSuitableHost( |
| 394 RenderProcessHost* process_host, | 394 RenderProcessHost* process_host, |
| 395 const GURL& site_url) { | 395 const GURL& site_url) { |
| 396 Profile* profile = | 396 Profile* profile = |
| 397 Profile::FromBrowserContext(process_host->browser_context()); | 397 Profile::FromBrowserContext(process_host->browser_context()); |
| 398 ExtensionService* service = profile->GetExtensionService(); | 398 ExtensionService* service = profile->GetExtensionService(); |
| 399 extensions::ProcessMap* process_map = service->process_map(); | 399 extensions::ProcessMap* process_map = service->process_map(); |
| 400 | 400 |
| 401 // Don't allow the Task Manager to share a process with anything else. |
| 402 // Otherwise it can affect the renderers it is observing. |
| 403 // Note: we could create another RenderProcessHostPrivilege bucket for |
| 404 // this to allow multiple chrome://tasks instances to share, but that's |
| 405 // a very unlikely case without serious consequences. |
| 406 if (site_url.GetOrigin() == GURL(chrome::kChromeUITaskManagerURL).GetOrigin()) |
| 407 return false; |
| 408 |
| 401 // These may be NULL during tests. In that case, just assume any site can | 409 // These may be NULL during tests. In that case, just assume any site can |
| 402 // share any host. | 410 // share any host. |
| 403 if (!service || !process_map) | 411 if (!service || !process_map) |
| 404 return true; | 412 return true; |
| 405 | 413 |
| 406 // Experimental: | 414 // Experimental: |
| 407 // If --enable-strict-site-isolation is enabled, do not allow non-WebUI pages | 415 // If --enable-strict-site-isolation is enabled, do not allow non-WebUI pages |
| 408 // to share a renderer process. (We could allow pages from the same site or | 416 // to share a renderer process. (We could allow pages from the same site or |
| 409 // extensions of the same type to share, if we knew what the given process | 417 // extensions of the same type to share, if we knew what the given process |
| 410 // was dedicated to. Allowing no sharing is simpler for now.) This may | 418 // was dedicated to. Allowing no sharing is simpler for now.) This may |
| (...skipping 702 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1113 #if defined(USE_NSS) | 1121 #if defined(USE_NSS) |
| 1114 crypto::CryptoModuleBlockingPasswordDelegate* | 1122 crypto::CryptoModuleBlockingPasswordDelegate* |
| 1115 ChromeContentBrowserClient::GetCryptoPasswordDelegate( | 1123 ChromeContentBrowserClient::GetCryptoPasswordDelegate( |
| 1116 const GURL& url) { | 1124 const GURL& url) { |
| 1117 return browser::NewCryptoModuleBlockingDialogDelegate( | 1125 return browser::NewCryptoModuleBlockingDialogDelegate( |
| 1118 browser::kCryptoModulePasswordKeygen, url.host()); | 1126 browser::kCryptoModulePasswordKeygen, url.host()); |
| 1119 } | 1127 } |
| 1120 #endif | 1128 #endif |
| 1121 | 1129 |
| 1122 } // namespace chrome | 1130 } // namespace chrome |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 8520019:
Don't allow the task manager to share a process with anything else. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src