Chromium Code Reviews Chromium Code Reviews
Issue 1208143002:
Move existing kSitePerProcess checks to a policy-oracle object (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@swapped_out_cmdline_checks| Index: content/browser/child_process_security_policy_impl.cc |
| diff --git a/content/browser/child_process_security_policy_impl.cc b/content/browser/child_process_security_policy_impl.cc |
| index bb4a3e217a5a38a496ba7c7d7ea9da9f2ab4284a..c1da0e9ec4737a2442e9d9789256a19740b8ab20 100644 |
| --- a/content/browser/child_process_security_policy_impl.cc |
| +++ b/content/browser/child_process_security_policy_impl.cc |
| @@ -16,7 +16,7 @@ |
| #include "content/public/browser/content_browser_client.h" |
| #include "content/public/browser/render_process_host.h" |
| #include "content/public/common/bindings_policy.h" |
| -#include "content/public/common/content_switches.h" |
| +#include "content/public/common/site_isolation_policy.h" |
| #include "content/public/common/url_constants.h" |
| #include "net/base/filename_util.h" |
| #include "net/url_request/url_request.h" |
| @@ -566,11 +566,11 @@ bool ChildProcessSecurityPolicyImpl::CanLoadPage(int child_id, |
| ResourceType resource_type) { |
| // If --site-per-process flag is passed, we should enforce |
| // stronger security restrictions on page navigation. |
| - if (base::CommandLine::ForCurrentProcess()->HasSwitch( |
| - switches::kSitePerProcess) && |
| + if (SiteIsolationPolicy::DoesSiteRequireDedicatedProcess(url) && |
| IsResourceTypeFrame(resource_type)) { |
| // TODO(nasko): Do the proper check for site-per-process, once |
| // out-of-process iframes is ready to go. |
| + // TODO(nick): Can we trust |resource_type| here? |
| return true; |
|
Charlie Reis
2015/07/13 22:13:14
This whole function is in kind of a weird state.
ncarter (slow)
2015/07/20 17:45:46
I've got another CL to rip this out completely.
|
| } |
| return true; |
