OLD | NEW |
(Empty) | |
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #ifndef CONTENT_COMMON_SITE_ISOLATION_POLICY_H_ |
| 6 #define CONTENT_COMMON_SITE_ISOLATION_POLICY_H_ |
| 7 |
| 8 #include "base/basictypes.h" |
| 9 #include "content/common/content_export.h" |
| 10 #include "url/gurl.h" |
| 11 |
| 12 namespace content { |
| 13 |
| 14 // A centralized place for making policy decisions about out-of-process iframes, |
| 15 // site isolation, --site-per-process, and related features. |
| 16 // |
| 17 // This is currently static because all these modes are controlled by command- |
| 18 // line flags. |
| 19 // |
| 20 // These methods can be called from any thread. |
| 21 class CONTENT_EXPORT SiteIsolationPolicy { |
| 22 public: |
| 23 // Returns true if the current process model might allow the use of cross- |
| 24 // process iframes. This should typically used to avoid executing codepaths |
| 25 // that only matter for cross-process iframes, to protect the default |
| 26 // behavior. |
| 27 // |
| 28 // Note: Since cross-process frames will soon be possible by default (e.g. for |
| 29 // <iframe src="http://..."> in an extension process), usage should be limited |
| 30 // to temporary stop-gaps. |
| 31 // |
| 32 // Instead of calling this method, prefer to examine object state to see |
| 33 // whether a particular frame happens to have a cross-process relationship |
| 34 // with another, or to consult DoesSiteRequireDedicatedProcess() to see if a |
| 35 // particular site merits protection. |
| 36 static bool AreCrossProcessFramesPossible(); |
| 37 |
| 38 // Returns true if pages loaded from |url|'s site ought to be handled only by |
| 39 // a renderer process isolated from other sites. If --site-per-process is on |
| 40 // the command line, this is true for all sites. |
| 41 // |
| 42 // Eventually, this function will be made to return true for only some schemes |
| 43 // (e.g. extensions) or a whitelist of sites that we should protect for this |
| 44 // user. |
| 45 // |
| 46 // Although |url| is currently ignored, callers can assume for now that they |
| 47 // can pass a full URL here -- they needn't canonicalize it to a site. |
| 48 static bool DoesSiteRequireDedicatedProcess(const GURL& url); |
| 49 |
| 50 // Returns true if navigation and history code should maintain per-frame |
| 51 // navigation entries. This is an in-progress feature related to site |
| 52 // isolation, so the return value is currently tied to --site-per-process. |
| 53 // TODO(creis, avi): Make this the default, and eliminate this. |
| 54 static bool UseSubframeNavigationEntries(); |
| 55 |
| 56 private: |
| 57 SiteIsolationPolicy(); // Not instantiable. |
| 58 |
| 59 DISALLOW_COPY_AND_ASSIGN(SiteIsolationPolicy); |
| 60 }; |
| 61 |
| 62 } // namespace content |
| 63 |
| 64 #endif // CONTENT_COMMON_SITE_ISOLATION_POLICY_H_ |
OLD | NEW |