Update process sharing rules for hosted and isolated apps.

chrome/browser/chrome_content_browser_client.cc

Index: chrome/browser/chrome_content_browser_client.cc
diff --git a/chrome/browser/chrome_content_browser_client.cc b/chrome/browser/chrome_content_browser_client.cc
index 51655428fd4a9499cc25e3ad85c48374b3ff9163..552375366026a867c198bcd804c31592179d0780 100644
--- a/chrome/browser/chrome_content_browser_client.cc
+++ b/chrome/browser/chrome_content_browser_client.cc
@@ -163,8 +163,9 @@ bool HandleWebUI(GURL* url, content::BrowserContext* browser_context) {
 // sure URLs are served by hosts with the right set of privileges.
 enum RenderProcessHostPrivilege {
   PRIV_NORMAL,
-  PRIV_EXTENSION,
+  PRIV_HOSTED,
   PRIV_ISOLATED,
+  PRIV_EXTENSION,
 };
 
 RenderProcessHostPrivilege GetPrivilegeRequiredByUrl(
@@ -181,9 +182,10 @@ RenderProcessHostPrivilege GetPrivilegeRequiredByUrl(
 
   if (url.SchemeIs(chrome::kExtensionScheme)) {
     const Extension* extension = service->GetExtensionByURL(url);
-    if (extension && extension->is_storage_isolated()) {
+    if (extension && extension->is_storage_isolated())
       return PRIV_ISOLATED;
-    }
+    if (extension && extension->is_hosted_app())
+      return PRIV_HOSTED;
 
     return PRIV_EXTENSION;
   }
@@ -195,8 +197,6 @@ RenderProcessHostPrivilege GetProcessPrivilege(
     content::RenderProcessHost* process_host,
     extensions::ProcessMap* process_map,
     ExtensionService* service) {
-  // TODO(aa): It seems like hosted apps should be grouped separately from
-  // extensions: crbug.com/102533.
   std::set<std::string> extension_ids =
       process_map->GetExtensionsInProcess(process_host->GetID());
   if (extension_ids.empty())
@@ -207,11 +207,34 @@ RenderProcessHostPrivilege GetProcessPrivilege(
     const Extension* extension = service->GetExtensionById(*iter, false);
     if (extension && extension->is_storage_isolated())
       return PRIV_ISOLATED;
+    if (extension && extension->is_hosted_app())
+      return PRIV_HOSTED;
   }
 
   return PRIV_EXTENSION;
 }
 
+bool IsIsolatedAppInProcess(const GURL& site_url,
+                            content::RenderProcessHost* process_host,
+                            extensions::ProcessMap* process_map,
+                            ExtensionService* service) {
+  std::set<std::string> extension_ids =
+      process_map->GetExtensionsInProcess(process_host->GetID());
+  if (extension_ids.empty())
+    return false;
+
+  for (std::set<std::string>::iterator iter = extension_ids.begin();
+       iter != extension_ids.end(); ++iter) {
+    const Extension* extension = service->GetExtensionById(*iter, false);
+    if (extension &&
+        extension->url() == site_url &&
+        extension->is_storage_isolated())

[awong, 2011/11/24 00:03:49]

nit: check is_storage_isolated() first.  Might as well do the O(1) test earlier.

[Charlie Reis, 2011/11/24 00:26:45]

Done.

+      return true;
+  }
+
+  return false;
+}
+
 }  // namespace
 
 namespace chrome {
@@ -421,8 +444,16 @@ bool ChromeContentBrowserClient::IsSuitableHost(
   if (command_line.HasSwitch(switches::kEnableStrictSiteIsolation))
     return false;
 
-  return GetProcessPrivilege(process_host, process_map, service) ==
+  // An isolated app is only allowed to share with the exact same app.

[awong, 2011/11/24 00:03:49]

Add short sentence for why?

[Charlie Reis, 2011/11/24 00:26:45]

Done.

+  RenderProcessHostPrivilege privilege_required =
       GetPrivilegeRequiredByUrl(site_url, service);
+  if (privilege_required == PRIV_ISOLATED)
+    return IsIsolatedAppInProcess(site_url, process_host, process_map, service);

[awong, 2011/11/24 00:03:49]

Sad that we have to double-iterate the extension map, but oh well.

[Charlie Reis, 2011/11/24 00:26:45]

We don't, do we?  We either iterate it in IsIsolatedAppInProcess or in
GetProcessPrivilege, but not both.

[awong, 2011/11/24 00:31:28]

You're right...I'm just mis-reading.

+
+  // Otherwise, just make sure the process privilege matches the privilege
+  // required by the site.
+  return GetProcessPrivilege(process_host, process_map, service) ==
+      privilege_required;
 }
 
 void ChromeContentBrowserClient::SiteInstanceGotProcess(