Implement a prototype to render cross-site iframes in a separate process from their parent.

content/browser/loader/resource_loader.cc

Index: content/browser/loader/resource_loader.cc
diff --git a/content/browser/loader/resource_loader.cc b/content/browser/loader/resource_loader.cc
index 4c4959005a73a21b8bc4518ffc1723bb77b19040..c2ed6e0e09fbfc8ddfb57c829304dfd47fb60173 100644
--- a/content/browser/loader/resource_loader.cc
+++ b/content/browser/loader/resource_loader.cc
@@ -16,9 +16,11 @@
 #include "content/common/ssl_status_serialization.h"
 #include "content/public/browser/cert_store.h"
 #include "content/public/browser/resource_dispatcher_host_login_delegate.h"
+#include "content/public/browser/site_instance.h"
 #include "content/public/common/content_client.h"
 #include "content/public/common/content_switches.h"
 #include "content/public/common/resource_response.h"
+#include "content/public/common/url_constants.h"
 #include "net/base/load_flags.h"
 #include "net/http/http_response_headers.h"
 #include "webkit/appcache/appcache_interceptor.h"
@@ -475,6 +477,29 @@ void ResourceLoader::CompleteResponseStarted() {
   scoped_refptr<ResourceResponse> response(new ResourceResponse());
   PopulateResourceResponse(request_.get(), response);
 
+  // Change the MIME type of the response if --site-per-process flag

[Charlie Reis, 2013/01/17 19:44:54]

We should introduce this comment very clearly saying that it's a temporary
prototype for out-of-process iframes, and explain briefly how it works.  The
simple comment was fine when it was just for us, but others are going to wonder
what it's for if we land it.

[nasko, 2013/01/17 22:19:13]

Done.

+  // is passed and the current request is for the Sub-Frame page. Avoid

[Charlie Reis, 2013/01/17 19:44:54]

nit: the Sub-Frame page -> for a subframe.

[nasko, 2013/01/17 22:19:13]

Done.

+  // doing this for chrome:// URLs, as those require different privileges
+  // and are not allowed in regular renderers.
+  //
+  // We are going to use a small hack for prototyping purposes - compare
+  // the URL for the subframe with the referrer. If the two don't match,
+  // then it should be a cross-site iframe.
+  // The usage of SiteInstance::IsSameWebSite is safe on the IO thread,
+  // if the browser_context parameter is NULL. This does not work for hosted
+  // apps, but should be fine for prototyping.
+  // TODO(nasko): Once the SiteInstance check is fixed, ensure we do the
+  // right thing here. http://crbug.com/160576
+  const CommandLine& command_line = *CommandLine::ForCurrentProcess();
+  if (command_line.HasSwitch(switches::kSitePerProcess) &&
+      GetRequestInfo()->GetResourceType() == ResourceType::SUB_FRAME &&
+      response->head.mime_type == "text/html" &&
+      !request_->url().SchemeIs(chrome::kChromeUIScheme) &&
+      !SiteInstance::IsSameWebSite(NULL, request_->url(),
+          request_->GetSanitizedReferrer())) {
+    response->head.mime_type = "application/browser-plugin";
+  }
+
   if (request_->ssl_info().cert) {
     int cert_id =
         CertStore::GetInstance()->StoreCert(request_->ssl_info().cert,