OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #ifndef CONTENT_PUBLIC_COMMON_SITE_ISOLATION_POLICY_H_ | |
6 #define CONTENT_PUBLIC_COMMON_SITE_ISOLATION_POLICY_H_ | |
7 | |
8 #include "base/command_line.h" | |
9 #include "content/common/content_export.h" | |
10 #include "url/gurl.h" | |
11 | |
12 namespace content { | |
13 | |
14 // A centralized place for making policy decisions about out-of-process iframes, | |
15 // site isolation, --site-per-process, and related features. | |
16 // | |
17 // This is currently static because all these modes are controlled by command- | |
18 // line flags. | |
19 class CONTENT_EXPORT SiteIsolationPolicy { | |
20 public: | |
21 // Returns true if the current process model might dictate the use of cross- | |
22 // process iframes. This should typically used to avoid executing codepaths | |
23 // that only matter for cross-process iframes, to protect the default | |
24 // behavior. | |
25 // | |
26 // Note: Since cross process frames will soon be possible by default (e.g. for | |
nasko
2015/07/08 12:52:23
nit: You've standardized on having cross-process h
| |
27 // <iframe src="http://..."> in an extension process), usage should be limited | |
28 // to temporary stop-gaps. | |
29 // | |
30 // Instead of calling this method, prefer to examine object state to see | |
31 // whether a particular frame happens to have a cross-process relationship | |
32 // with another, or to consult DoesSiteRequireDedicatedProcess() to see if a | |
33 // particular site merits protection. | |
34 static bool AreCrossProcessFramesPossible(); | |
nasko
2015/07/08 12:52:23
nit: AreCrossProcessFramesEnabled? Possible to me
ncarter (slow)
2015/07/10 23:29:18
I prefer "possible" to "enabled", because there's
| |
35 | |
36 // Returns true if pages loaded from |site| ought to be handled only by a | |
37 // renderer process isolated from other sites. If --site-per-process | |
38 // is on the command line, this is true for all sites. | |
39 // | |
40 // Eventually, this function will be made to return true for only some schemes | |
41 // (e.g. extensions) or a whitelist of sites that we should protect for this | |
42 // user. | |
43 static bool DoesSiteRequireDedicatedProcess(const GURL& site); | |
44 | |
45 // Returns true if navigation and history code should maintain per-frame | |
46 // navigation entries. This is an in-progress feature related to site | |
47 // isolation, so the return value is currently tied to --site-per-process. | |
48 // TODO(creis, avi): Make this the default, and eliminate this. | |
49 static bool UseSubframeNavigationEntries(); | |
50 | |
51 // Returns true if <webview> should be implemented in terms of cross-process | |
52 // iframes. This is an in-progress feature related to site isolation, so the | |
53 // return value is currently tied to --site-per-process. | |
54 // TODO(lazyboy, nick): This should probably be a command line flag separate | |
55 // from full site isolation (--site-per-process). | |
56 static bool GuestsShouldUseCrossProcessFrames(); | |
57 | |
58 // Appends --site-per-process to the command line, enabling tests to exercise | |
59 // site isolation and cross-process iframes. | |
60 // | |
61 // TODO(nick): In some places this method is called from the top of a test | |
62 // body. That's not strictly safe (it's setting a command line after it | |
63 // already may have been read). We should try make that pattern safer, as it | |
64 // makes browser tests easier to write. | |
65 static void IsolateAllSitesForTesting(base::CommandLine* command_line); | |
66 | |
67 // Returns true if all sites are isolated. Typically used to bail from a test | |
68 // that is incompatible with --site-per-process. | |
69 static bool AreAllSitesIsolatedForTesting(); | |
70 | |
71 private: | |
72 SiteIsolationPolicy(); // Not instantiable. | |
73 | |
74 DISALLOW_COPY_AND_ASSIGN(SiteIsolationPolicy); | |
75 }; | |
76 | |
77 } // namespace content | |
78 | |
79 #endif // CONTENT_PUBLIC_COMMON_SITE_ISOLATION_POLICY_H_ | |
OLD | NEW |