Implement a prototype to render cross-site iframes in a separate process from their parent.

content/browser/loader/resource_loader.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/browser/loader/resource_loader.h"
 
 #include "base/command_line.h"
 #include "base/message_loop.h"
 #include "base/time.h"
 #include "content/browser/child_process_security_policy_impl.h"
 #include "content/browser/loader/doomed_resource_handler.h"
 #include "content/browser/loader/resource_loader_delegate.h"
 #include "content/browser/loader/resource_request_info_impl.h"
 #include "content/browser/ssl/ssl_client_auth_handler.h"
 #include "content/browser/ssl/ssl_manager.h"
 #include "content/common/ssl_status_serialization.h"
 #include "content/public/browser/cert_store.h"
 #include "content/public/browser/resource_dispatcher_host_login_delegate.h"
+#include "content/public/browser/site_instance.h"
 #include "content/public/common/content_client.h"
 #include "content/public/common/content_switches.h"
 #include "content/public/common/resource_response.h"
+#include "content/public/common/url_constants.h"
 #include "net/base/load_flags.h"
 #include "net/http/http_response_headers.h"
 #include "webkit/appcache/appcache_interceptor.h"
 
 using base::TimeDelta;
 using base::TimeTicks;
 
 namespace content {
 namespace {
 
@@ skipping 436 matching lines @@
                               weak_ptr_factory_.GetWeakPtr()));
   }
 }
 
 void ResourceLoader::CompleteResponseStarted() {
   ResourceRequestInfoImpl* info = GetRequestInfo();
 
   scoped_refptr<ResourceResponse> response(new ResourceResponse());
   PopulateResourceResponse(request_.get(), response);
 
+  // The --site-per-process flag enables an out-of-process iframes
+  // prototype. It works by changing the MIME type of cross-site subframe
+  // responses to a Chrome specific one. This new type causes the subframe
+  // to be replaced by a <webview> tag with the same URL, which results in
+  // using a renderer in a different process.
+  //
+  // For prototyping purposes, we will use a small hack to ensure same site
+  // iframes are not changed. We can compare the URL for the subframe
+  // request with the referrer. If the two don't match, then it should be a
+  // cross-site iframe.
+  // Also, we don't do the MIME type change for chrome:// URLs, as those
+  // require different privileges and are not allowed in regular renderers.
+  //
+  // The usage of SiteInstance::IsSameWebSite is safe on the IO thread,
+  // if the browser_context parameter is NULL. This does not work for hosted
+  // apps, but should be fine for prototyping.
+  // TODO(nasko): Once the SiteInstance check is fixed, ensure we do the
+  // right thing here. http://crbug.com/160576
+  const CommandLine& command_line = *CommandLine::ForCurrentProcess();
+  if (command_line.HasSwitch(switches::kSitePerProcess) &&
+      GetRequestInfo()->GetResourceType() == ResourceType::SUB_FRAME &&
+      response->head.mime_type == "text/html" &&
+      !request_->url().SchemeIs(chrome::kChromeUIScheme) &&
+      !SiteInstance::IsSameWebSite(NULL, request_->url(),
+          request_->GetSanitizedReferrer())) {
+    response->head.mime_type = "application/browser-plugin";
+  }
+
   if (request_->ssl_info().cert) {
     int cert_id =
         CertStore::GetInstance()->StoreCert(request_->ssl_info().cert,
                                             info->GetChildID());
     response->head.security_info = SerializeSecurityInfo(
         cert_id,
         request_->ssl_info().cert_status,
         request_->ssl_info().security_bits,
         request_->ssl_info().connection_status);
   } else {
@@ skipping 101 matching lines @@
     // we resume.
     deferred_stage_ = DEFERRED_FINISH;
   }
 }
 
 void ResourceLoader::CallDidFinishLoading() {
   delegate_->DidFinishLoading(this);
 }
 
 }  // namespace content