OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CONTENT_PUBLIC_BROWSER_SITE_INSTANCE_H_ | 5 #ifndef CONTENT_PUBLIC_BROWSER_SITE_INSTANCE_H_ |
6 #define CONTENT_PUBLIC_BROWSER_SITE_INSTANCE_H_ | 6 #define CONTENT_PUBLIC_BROWSER_SITE_INSTANCE_H_ |
7 | 7 |
8 #include "base/basictypes.h" | 8 #include "base/basictypes.h" |
9 #include "base/memory/ref_counted.h" | 9 #include "base/memory/ref_counted.h" |
10 #include "content/common/content_export.h" | 10 #include "content/common/content_export.h" |
11 #include "url/gurl.h" | 11 #include "url/gurl.h" |
12 | 12 |
13 namespace content { | 13 namespace content { |
14 class BrowserContext; | 14 class BrowserContext; |
15 class RenderProcessHost; | 15 class RenderProcessHost; |
16 | 16 |
17 /////////////////////////////////////////////////////////////////////////////// | 17 /////////////////////////////////////////////////////////////////////////////// |
18 // SiteInstance interface. | 18 // SiteInstance interface. |
19 // | 19 // |
20 // A SiteInstance represents a group of web pages that may be able to | 20 // A SiteInstance represents a group of web pages that must live in the same |
21 // synchronously script each other, and thus must live in the same renderer | 21 // renderer process. Pages able to synchronously script each other will always |
22 // process. | 22 // be placed in the same SiteInstance. Pages unable to synchronously script |
| 23 // each other may also be placed in the same SiteInstance, as determined by the |
| 24 // process model. |
23 // | 25 // |
24 // We identify this group using a combination of where the page comes from | 26 // A page's SiteInstance is determined by a combination of where the page comes |
25 // (the site) and which tabs have references to each other (the instance). | 27 // from (the site) and which frames have references to each other (the |
26 // Here, a "site" is similar to the page's origin, but it only includes the | 28 // instance). Here, a "site" is similar to the page's origin but includes only |
27 // registered domain name and scheme, not the port or subdomains. This accounts | 29 // the registered domain name and scheme, not the port or subdomains. This |
28 // for the fact that changes to document.domain allow similar origin pages with | 30 // accounts for the fact that changes to document.domain allow similar origin |
29 // different ports or subdomains to script each other. An "instance" includes | 31 // pages with different ports or subdomains to script each other. An "instance" |
30 // all tabs that might be able to script each other because of how they were | 32 // includes all frames that might be able to script each other because of how |
31 // created (e.g., window.open or targeted links). We represent instances using | 33 // they were created (e.g., window.open or targeted links). We represent |
32 // the BrowsingInstance class. | 34 // instances using the BrowsingInstance class. |
33 // | 35 // |
34 // Process models: | 36 // Four process models are currently supported: |
35 // | 37 // |
36 // In process-per-site-instance (the current default process model), | 38 // PROCESS PER SITE INSTANCE (the current default): SiteInstances are created |
37 // SiteInstances are created (1) when the user manually creates a new tab | 39 // (1) when the user manually creates a new tab (which also creates a new |
38 // (which also creates a new BrowsingInstance), and (2) when the user navigates | 40 // BrowsingInstance), and (2) when the user navigates across site boundaries |
39 // across site boundaries (which uses the same BrowsingInstance). If the user | 41 // (which uses the same BrowsingInstance). If the user navigates within a site, |
40 // navigates within a site, the same SiteInstance is used. | 42 // the same SiteInstance is used. Caveat: we currently allow renderer-initiated |
41 // (Caveat: we currently allow renderer-initiated cross-site navigations to | 43 // cross-site navigations to stay in the same SiteInstance, to preserve |
42 // stay in the same SiteInstance, to preserve compatibility in cases like | 44 // compatibility in cases like cross-site iframes that open popups. |
43 // cross-site iframes that open popups.) | |
44 // | 45 // |
45 // In --process-per-tab, SiteInstances are created when the user manually | 46 // SITE PER PROCESS (currently experimental): is the most granular process |
46 // creates a new tab, but not when navigating across site boundaries (unless | 47 // model and is made possible by our support for out-of-process iframes. A |
47 // a process swap is required for security reasons, such as navigating from | 48 // subframe will be given a different SiteInstance if its site differs from the |
48 // a privileged WebUI page to a normal web page). This corresponds to one | 49 // containing document. Cross-site navigation of top-level frames or subframes |
49 // process per BrowsingInstance. | 50 // will trigger a change of SiteInstances, even if the navigation is renderer |
| 51 // initiated. In this model, each process can be dedicated to documents from |
| 52 // just one site, allowing the same origin policy to be enforced by the sandbox. |
50 // | 53 // |
51 // In --process-per-site, we consolidate all SiteInstances for a given site into | 54 // PROCESS PER TAB: SiteInstances are created when the user manually creates a |
52 // the same process, throughout the entire browser context. This ensures that | 55 // new tab, but not when navigating across site boundaries (unless a process |
53 // only one process will be used for each site. | 56 // swap is required for security reasons, such as navigating from a privileged |
| 57 // WebUI page to a normal web page). This corresponds to one process per |
| 58 // BrowsingInstance. |
| 59 // |
| 60 // PROCESS PER SITE: We consolidate all SiteInstances for a given site into the |
| 61 // same process, throughout the entire browser context. This ensures that only |
| 62 // one process will be used for each site. |
54 // | 63 // |
55 // Each NavigationEntry for a WebContents points to the SiteInstance that | 64 // Each NavigationEntry for a WebContents points to the SiteInstance that |
56 // rendered it. Each RenderViewHost also points to the SiteInstance that it is | 65 // rendered it. Each RenderFrameHost also points to the SiteInstance that it is |
57 // associated with. A SiteInstance keeps track of the number of these | 66 // associated with. A SiteInstance keeps track of the number of these |
58 // references and deletes itself when the count goes to zero. This means that | 67 // references and deletes itself when the count goes to zero. This means that |
59 // a SiteInstance is only live as long as it is accessible, either from new | 68 // a SiteInstance is only live as long as it is accessible, either from new |
60 // tabs with no NavigationEntries or in NavigationEntries in the history. | 69 // tabs with no NavigationEntries or in NavigationEntries in the history. |
61 // | 70 // |
62 /////////////////////////////////////////////////////////////////////////////// | 71 /////////////////////////////////////////////////////////////////////////////// |
63 class CONTENT_EXPORT SiteInstance : public base::RefCounted<SiteInstance> { | 72 class CONTENT_EXPORT SiteInstance : public base::RefCounted<SiteInstance> { |
64 public: | 73 public: |
65 // Returns a unique ID for this SiteInstance. | 74 // Returns a unique ID for this SiteInstance. |
66 virtual int32 GetId() = 0; | 75 virtual int32 GetId() = 0; |
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
103 | 112 |
104 // Returns whether the given SiteInstance is in the same BrowsingInstance as | 113 // Returns whether the given SiteInstance is in the same BrowsingInstance as |
105 // this one. If so, JavaScript interactions that are permitted across | 114 // this one. If so, JavaScript interactions that are permitted across |
106 // origins (e.g., postMessage) should be supported. | 115 // origins (e.g., postMessage) should be supported. |
107 virtual bool IsRelatedSiteInstance(const SiteInstance* instance) = 0; | 116 virtual bool IsRelatedSiteInstance(const SiteInstance* instance) = 0; |
108 | 117 |
109 // Returns the total active WebContents count for this SiteInstance and all | 118 // Returns the total active WebContents count for this SiteInstance and all |
110 // related SiteInstances in the same BrowsingInstance. | 119 // related SiteInstances in the same BrowsingInstance. |
111 virtual size_t GetRelatedActiveContentsCount() = 0; | 120 virtual size_t GetRelatedActiveContentsCount() = 0; |
112 | 121 |
| 122 // Returns true if this SiteInstance is for a site that requires a dedicated |
| 123 // process. This only returns true under the "site per process" process model. |
| 124 virtual bool RequiresDedicatedProcess() = 0; |
| 125 |
113 // Factory method to create a new SiteInstance. This will create a new | 126 // Factory method to create a new SiteInstance. This will create a new |
114 // new BrowsingInstance, so it should only be used when creating a new tab | 127 // new BrowsingInstance, so it should only be used when creating a new tab |
115 // from scratch (or similar circumstances). Callers should ensure that | 128 // from scratch (or similar circumstances). Callers should ensure that |
116 // this SiteInstance becomes ref counted, by storing it in a scoped_refptr. | 129 // this SiteInstance becomes ref counted, by storing it in a scoped_refptr. |
117 // | 130 // |
118 // The render process host factory may be nullptr. See SiteInstance | 131 // The render process host factory may be nullptr. See SiteInstance |
119 // constructor. | 132 // constructor. |
120 // | 133 // |
121 // TODO(creis): This may be an argument to build a pass_refptr<T> class, as | 134 // TODO(creis): This may be an argument to build a pass_refptr<T> class, as |
122 // Darin suggests. | 135 // Darin suggests. |
123 static SiteInstance* Create(content::BrowserContext* browser_context); | 136 static SiteInstance* Create(content::BrowserContext* browser_context); |
124 | 137 |
125 // Factory method to get the appropriate SiteInstance for the given URL, in | 138 // Factory method to get the appropriate SiteInstance for the given URL, in |
126 // a new BrowsingInstance. Use this instead of Create when you know the URL, | 139 // a new BrowsingInstance. Use this instead of Create when you know the URL, |
127 // since it allows special site grouping rules to be applied (for example, | 140 // since it allows special site grouping rules to be applied (for example, |
128 // to group chrome-ui pages into the same instance). | 141 // to group chrome-ui pages into the same instance). |
(...skipping 20 matching lines...) Expand all Loading... |
149 protected: | 162 protected: |
150 friend class base::RefCounted<SiteInstance>; | 163 friend class base::RefCounted<SiteInstance>; |
151 | 164 |
152 SiteInstance() {} | 165 SiteInstance() {} |
153 virtual ~SiteInstance() {} | 166 virtual ~SiteInstance() {} |
154 }; | 167 }; |
155 | 168 |
156 } // namespace content. | 169 } // namespace content. |
157 | 170 |
158 #endif // CONTENT_PUBLIC_BROWSER_SITE_INSTANCE_H_ | 171 #endif // CONTENT_PUBLIC_BROWSER_SITE_INSTANCE_H_ |
OLD | NEW |