Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(301)

Side by Side Diff: content/browser/loader/resource_dispatcher_host_impl.cc

Issue 1208143002: Move existing kSitePerProcess checks to a policy-oracle object (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@swapped_out_cmdline_checks
Patch Set: Partial fixes to Nasko's comments. Created 5 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // See http://dev.chromium.org/developers/design-documents/multi-process-resourc e-loading 5 // See http://dev.chromium.org/developers/design-documents/multi-process-resourc e-loading
6 6
7 #include "content/browser/loader/resource_dispatcher_host_impl.h" 7 #include "content/browser/loader/resource_dispatcher_host_impl.h"
8 8
9 #include <algorithm> 9 #include <algorithm>
10 #include <set> 10 #include <set>
(...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after
70 #include "content/public/browser/global_request_id.h" 70 #include "content/public/browser/global_request_id.h"
71 #include "content/public/browser/plugin_service.h" 71 #include "content/public/browser/plugin_service.h"
72 #include "content/public/browser/resource_dispatcher_host_delegate.h" 72 #include "content/public/browser/resource_dispatcher_host_delegate.h"
73 #include "content/public/browser/resource_request_details.h" 73 #include "content/public/browser/resource_request_details.h"
74 #include "content/public/browser/resource_throttle.h" 74 #include "content/public/browser/resource_throttle.h"
75 #include "content/public/browser/stream_handle.h" 75 #include "content/public/browser/stream_handle.h"
76 #include "content/public/browser/stream_info.h" 76 #include "content/public/browser/stream_info.h"
77 #include "content/public/browser/user_metrics.h" 77 #include "content/public/browser/user_metrics.h"
78 #include "content/public/common/content_switches.h" 78 #include "content/public/common/content_switches.h"
79 #include "content/public/common/process_type.h" 79 #include "content/public/common/process_type.h"
80 #include "content/public/common/site_isolation_policy.h"
80 #include "ipc/ipc_message_macros.h" 81 #include "ipc/ipc_message_macros.h"
81 #include "ipc/ipc_message_start.h" 82 #include "ipc/ipc_message_start.h"
82 #include "net/base/auth.h" 83 #include "net/base/auth.h"
83 #include "net/base/load_flags.h" 84 #include "net/base/load_flags.h"
84 #include "net/base/mime_util.h" 85 #include "net/base/mime_util.h"
85 #include "net/base/net_errors.h" 86 #include "net/base/net_errors.h"
86 #include "net/base/registry_controlled_domains/registry_controlled_domain.h" 87 #include "net/base/registry_controlled_domains/registry_controlled_domain.h"
87 #include "net/base/request_priority.h" 88 #include "net/base/request_priority.h"
88 #include "net/base/upload_data_stream.h" 89 #include "net/base/upload_data_stream.h"
89 #include "net/cert/cert_status_flags.h" 90 #include "net/cert/cert_status_flags.h"
(...skipping 1289 matching lines...) Expand 10 before | Expand all | Expand 10 after
1379 // CrossSiteResourceHandler is not needed. This codepath is not used for the 1380 // CrossSiteResourceHandler is not needed. This codepath is not used for the
1380 // actual navigation request, but only the subsequent blob URL load. This does 1381 // actual navigation request, but only the subsequent blob URL load. This does
1381 // not require request transfers. 1382 // not require request transfers.
1382 if (!base::CommandLine::ForCurrentProcess()->HasSwitch( 1383 if (!base::CommandLine::ForCurrentProcess()->HasSwitch(
1383 switches::kEnableBrowserSideNavigation)) { 1384 switches::kEnableBrowserSideNavigation)) {
1384 // Install a CrossSiteResourceHandler for all main frame requests. This will 1385 // Install a CrossSiteResourceHandler for all main frame requests. This will
1385 // check whether a transfer is required and, if so, pause for the UI thread 1386 // check whether a transfer is required and, if so, pause for the UI thread
1386 // to drive the transfer. 1387 // to drive the transfer.
1387 bool is_swappable_navigation = 1388 bool is_swappable_navigation =
1388 request_data.resource_type == RESOURCE_TYPE_MAIN_FRAME; 1389 request_data.resource_type == RESOURCE_TYPE_MAIN_FRAME;
1389 // If we are using --site-per-process, install it for subframes as well. 1390 // If out-of-process iframes are possible, then all subframe requests need
1391 // to go through the CrossSiteResourceHandler to enforce the site isolation
1392 // policy.
1390 if (!is_swappable_navigation && 1393 if (!is_swappable_navigation &&
1391 base::CommandLine::ForCurrentProcess()->HasSwitch( 1394 SiteIsolationPolicy::AreCrossProcessFramesPossible()) {
1392 switches::kSitePerProcess)) {
1393 is_swappable_navigation = 1395 is_swappable_navigation =
1394 request_data.resource_type == RESOURCE_TYPE_SUB_FRAME; 1396 request_data.resource_type == RESOURCE_TYPE_SUB_FRAME;
1395 } 1397 }
1396 if (is_swappable_navigation && process_type == PROCESS_TYPE_RENDERER) 1398 if (is_swappable_navigation && process_type == PROCESS_TYPE_RENDERER)
1397 handler.reset(new CrossSiteResourceHandler(handler.Pass(), request)); 1399 handler.reset(new CrossSiteResourceHandler(handler.Pass(), request));
1398 } 1400 }
1399 1401
1400 return AddStandardHandlers(request, request_data.resource_type, 1402 return AddStandardHandlers(request, request_data.resource_type,
1401 resource_context, filter_->appcache_service(), 1403 resource_context, filter_->appcache_service(),
1402 child_id, route_id, handler.Pass()); 1404 child_id, route_id, handler.Pass());
(...skipping 949 matching lines...) Expand 10 before | Expand all | Expand 10 after
2352 if ((load_flags & net::LOAD_REPORT_RAW_HEADERS) 2354 if ((load_flags & net::LOAD_REPORT_RAW_HEADERS)
2353 && !policy->CanReadRawCookies(child_id)) { 2355 && !policy->CanReadRawCookies(child_id)) {
2354 VLOG(1) << "Denied unauthorized request for raw headers"; 2356 VLOG(1) << "Denied unauthorized request for raw headers";
2355 load_flags &= ~net::LOAD_REPORT_RAW_HEADERS; 2357 load_flags &= ~net::LOAD_REPORT_RAW_HEADERS;
2356 } 2358 }
2357 2359
2358 return load_flags; 2360 return load_flags;
2359 } 2361 }
2360 2362
2361 } // namespace content 2363 } // namespace content
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698