OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/site_instance_impl.h" | 5 #include "content/browser/site_instance_impl.h" |
6 | 6 |
7 #include "content/browser/browsing_instance.h" | 7 #include "content/browser/browsing_instance.h" |
8 #include "content/browser/child_process_security_policy_impl.h" | 8 #include "content/browser/child_process_security_policy_impl.h" |
9 #include "content/browser/frame_host/debug_urls.h" | 9 #include "content/browser/frame_host/debug_urls.h" |
10 #include "content/browser/renderer_host/render_process_host_impl.h" | 10 #include "content/browser/renderer_host/render_process_host_impl.h" |
(...skipping 195 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
206 // If the site URL is an extension (e.g., for hosted apps or WebUI) but the | 206 // If the site URL is an extension (e.g., for hosted apps or WebUI) but the |
207 // process is not (or vice versa), make sure we notice and fix it. | 207 // process is not (or vice versa), make sure we notice and fix it. |
208 GURL site_url = GetSiteForURL(browsing_instance_->browser_context(), url); | 208 GURL site_url = GetSiteForURL(browsing_instance_->browser_context(), url); |
209 return !RenderProcessHostImpl::IsSuitableHost( | 209 return !RenderProcessHostImpl::IsSuitableHost( |
210 GetProcess(), browsing_instance_->browser_context(), site_url); | 210 GetProcess(), browsing_instance_->browser_context(), site_url); |
211 } | 211 } |
212 | 212 |
213 bool SiteInstanceImpl::RequiresDedicatedProcess() { | 213 bool SiteInstanceImpl::RequiresDedicatedProcess() { |
214 if (!has_site_) | 214 if (!has_site_) |
215 return false; | 215 return false; |
216 return SiteIsolationPolicy::DoesSiteRequireDedicatedProcess(site_); | 216 return SiteInstanceImpl::DoesSiteRequireDedicatedProcess(GetBrowserContext(), |
| 217 site_); |
217 } | 218 } |
218 | 219 |
219 void SiteInstanceImpl::IncrementRelatedActiveContentsCount() { | 220 void SiteInstanceImpl::IncrementRelatedActiveContentsCount() { |
220 browsing_instance_->increment_active_contents_count(); | 221 browsing_instance_->increment_active_contents_count(); |
221 } | 222 } |
222 | 223 |
223 void SiteInstanceImpl::DecrementRelatedActiveContentsCount() { | 224 void SiteInstanceImpl::DecrementRelatedActiveContentsCount() { |
224 browsing_instance_->decrement_active_contents_count(); | 225 browsing_instance_->decrement_active_contents_count(); |
225 } | 226 } |
226 | 227 |
227 void SiteInstanceImpl::set_render_process_host_factory( | 228 void SiteInstanceImpl::set_render_process_host_factory( |
228 const RenderProcessHostFactory* rph_factory) { | 229 const RenderProcessHostFactory* rph_factory) { |
229 g_render_process_host_factory_ = rph_factory; | 230 g_render_process_host_factory_ = rph_factory; |
230 } | 231 } |
231 | 232 |
232 BrowserContext* SiteInstanceImpl::GetBrowserContext() const { | 233 BrowserContext* SiteInstanceImpl::GetBrowserContext() const { |
233 return browsing_instance_->browser_context(); | 234 return browsing_instance_->browser_context(); |
234 } | 235 } |
235 | 236 |
236 /*static*/ | 237 // static |
237 SiteInstance* SiteInstance::Create(BrowserContext* browser_context) { | 238 SiteInstance* SiteInstance::Create(BrowserContext* browser_context) { |
238 return new SiteInstanceImpl(new BrowsingInstance(browser_context)); | 239 return new SiteInstanceImpl(new BrowsingInstance(browser_context)); |
239 } | 240 } |
240 | 241 |
241 /*static*/ | 242 // static |
242 SiteInstance* SiteInstance::CreateForURL(BrowserContext* browser_context, | 243 SiteInstance* SiteInstance::CreateForURL(BrowserContext* browser_context, |
243 const GURL& url) { | 244 const GURL& url) { |
244 // This will create a new SiteInstance and BrowsingInstance. | 245 // This will create a new SiteInstance and BrowsingInstance. |
245 scoped_refptr<BrowsingInstance> instance( | 246 scoped_refptr<BrowsingInstance> instance( |
246 new BrowsingInstance(browser_context)); | 247 new BrowsingInstance(browser_context)); |
247 return instance->GetSiteInstanceForURL(url); | 248 return instance->GetSiteInstanceForURL(url); |
248 } | 249 } |
249 | 250 |
250 /*static*/ | 251 // static |
251 bool SiteInstance::IsSameWebSite(BrowserContext* browser_context, | 252 bool SiteInstance::IsSameWebSite(BrowserContext* browser_context, |
252 const GURL& real_src_url, | 253 const GURL& real_src_url, |
253 const GURL& real_dest_url) { | 254 const GURL& real_dest_url) { |
254 GURL src_url = SiteInstanceImpl::GetEffectiveURL(browser_context, | 255 GURL src_url = SiteInstanceImpl::GetEffectiveURL(browser_context, |
255 real_src_url); | 256 real_src_url); |
256 GURL dest_url = SiteInstanceImpl::GetEffectiveURL(browser_context, | 257 GURL dest_url = SiteInstanceImpl::GetEffectiveURL(browser_context, |
257 real_dest_url); | 258 real_dest_url); |
258 | 259 |
259 // We infer web site boundaries based on the registered domain name of the | 260 // We infer web site boundaries based on the registered domain name of the |
260 // top-level page and the scheme. We do not pay attention to the port if | 261 // top-level page and the scheme. We do not pay attention to the port if |
(...skipping 19 matching lines...) Expand all Loading... |
280 // If the schemes differ, they aren't part of the same site. | 281 // If the schemes differ, they aren't part of the same site. |
281 if (src_url.scheme() != dest_url.scheme()) | 282 if (src_url.scheme() != dest_url.scheme()) |
282 return false; | 283 return false; |
283 | 284 |
284 return net::registry_controlled_domains::SameDomainOrHost( | 285 return net::registry_controlled_domains::SameDomainOrHost( |
285 src_url, | 286 src_url, |
286 dest_url, | 287 dest_url, |
287 net::registry_controlled_domains::INCLUDE_PRIVATE_REGISTRIES); | 288 net::registry_controlled_domains::INCLUDE_PRIVATE_REGISTRIES); |
288 } | 289 } |
289 | 290 |
290 /*static*/ | 291 // static |
291 GURL SiteInstance::GetSiteForURL(BrowserContext* browser_context, | 292 GURL SiteInstance::GetSiteForURL(BrowserContext* browser_context, |
292 const GURL& real_url) { | 293 const GURL& real_url) { |
293 // TODO(fsamuel, creis): For some reason appID is not recognized as a host. | 294 // TODO(fsamuel, creis): For some reason appID is not recognized as a host. |
294 if (real_url.SchemeIs(kGuestScheme)) | 295 if (real_url.SchemeIs(kGuestScheme)) |
295 return real_url; | 296 return real_url; |
296 | 297 |
297 GURL url = SiteInstanceImpl::GetEffectiveURL(browser_context, real_url); | 298 GURL url = SiteInstanceImpl::GetEffectiveURL(browser_context, real_url); |
298 | 299 |
299 // If the url has a host, then determine the site. | 300 // If the url has a host, then determine the site. |
300 if (url.has_host()) { | 301 if (url.has_host()) { |
(...skipping 24 matching lines...) Expand all Loading... |
325 // If there is no host but there is a scheme, return the scheme. | 326 // If there is no host but there is a scheme, return the scheme. |
326 // This is useful for cases like file URLs. | 327 // This is useful for cases like file URLs. |
327 if (url.has_scheme()) | 328 if (url.has_scheme()) |
328 return GURL(url.scheme() + ":"); | 329 return GURL(url.scheme() + ":"); |
329 | 330 |
330 // Otherwise the URL should be invalid; return an empty site. | 331 // Otherwise the URL should be invalid; return an empty site. |
331 DCHECK(!url.is_valid()); | 332 DCHECK(!url.is_valid()); |
332 return GURL(); | 333 return GURL(); |
333 } | 334 } |
334 | 335 |
335 /*static*/ | 336 // static |
336 GURL SiteInstanceImpl::GetEffectiveURL(BrowserContext* browser_context, | 337 GURL SiteInstanceImpl::GetEffectiveURL(BrowserContext* browser_context, |
337 const GURL& url) { | 338 const GURL& url) { |
338 return GetContentClient()->browser()-> | 339 return GetContentClient()->browser()-> |
339 GetEffectiveURL(browser_context, url); | 340 GetEffectiveURL(browser_context, url); |
340 } | 341 } |
341 | 342 |
| 343 // static |
| 344 bool SiteInstanceImpl::DoesSiteRequireDedicatedProcess( |
| 345 BrowserContext* browser_context, |
| 346 const GURL& effective_url) { |
| 347 // If --site-per-process is enabled, site isolation is enabled everywhere. |
| 348 if (SiteIsolationPolicy::UseDedicatedProcessesForAllSites()) |
| 349 return true; |
| 350 |
| 351 // Let the content embedder enable site isolation for specific URLs. |
| 352 if (GetContentClient()->IsSupplementarySiteIsolationModeEnabled() && |
| 353 GetContentClient()->browser()->DoesSiteRequireDedicatedProcess( |
| 354 browser_context, effective_url)) { |
| 355 return true; |
| 356 } |
| 357 |
| 358 return false; |
| 359 } |
| 360 |
342 void SiteInstanceImpl::RenderProcessHostDestroyed(RenderProcessHost* host) { | 361 void SiteInstanceImpl::RenderProcessHostDestroyed(RenderProcessHost* host) { |
343 DCHECK_EQ(process_, host); | 362 DCHECK_EQ(process_, host); |
344 process_->RemoveObserver(this); | 363 process_->RemoveObserver(this); |
345 process_ = NULL; | 364 process_ = NULL; |
346 } | 365 } |
347 | 366 |
348 void SiteInstanceImpl::LockToOrigin() { | 367 void SiteInstanceImpl::LockToOrigin() { |
349 // TODO(nick): When all sites are isolated, this operation provides strong | 368 // TODO(nick): When all sites are isolated, this operation provides strong |
350 // protection. If only some sites are isolated, we need additional logic to | 369 // protection. If only some sites are isolated, we need additional logic to |
351 // prevent the non-isolated sites from requesting resources for isolated | 370 // prevent the non-isolated sites from requesting resources for isolated |
352 // sites. https://crbug.com/509125 | 371 // sites. https://crbug.com/509125 |
353 if (SiteIsolationPolicy::DoesSiteRequireDedicatedProcess(site_)) { | 372 if (RequiresDedicatedProcess()) { |
354 // Guest processes cannot be locked to its site because guests always have | 373 // Guest processes cannot be locked to its site because guests always have |
355 // a fixed SiteInstance. The site of GURLs a guest loads doesn't match that | 374 // a fixed SiteInstance. The site of GURLs a guest loads doesn't match that |
356 // SiteInstance. So we skip locking the guest process to the site. | 375 // SiteInstance. So we skip locking the guest process to the site. |
357 // TODO(ncarter): Remove this exclusion once we can make origin lock per | 376 // TODO(ncarter): Remove this exclusion once we can make origin lock per |
358 // RenderFrame routing id. | 377 // RenderFrame routing id. |
359 if (site_.SchemeIs(content::kGuestScheme)) | 378 if (site_.SchemeIs(content::kGuestScheme)) |
360 return; | 379 return; |
361 | 380 |
362 // TODO(creis, nick) https://crbug.com/510588 Chrome UI pages use the same | 381 // TODO(creis, nick) https://crbug.com/510588 Chrome UI pages use the same |
363 // site (chrome://chrome), so they can't be locked because the site being | 382 // site (chrome://chrome), so they can't be locked because the site being |
364 // loaded doesn't match the SiteInstance. | 383 // loaded doesn't match the SiteInstance. |
365 if (site_.SchemeIs(content::kChromeUIScheme)) | 384 if (site_.SchemeIs(content::kChromeUIScheme)) |
366 return; | 385 return; |
367 | 386 |
368 // TODO(creis, nick): Until we can handle sites with effective URLs at the | 387 // TODO(creis, nick): Until we can handle sites with effective URLs at the |
369 // call sites of ChildProcessSecurityPolicy::CanAccessDataForOrigin, we | 388 // call sites of ChildProcessSecurityPolicy::CanAccessDataForOrigin, we |
370 // must give the embedder a chance to exempt some sites to avoid process | 389 // must give the embedder a chance to exempt some sites to avoid process |
371 // kills. | 390 // kills. |
372 if (!GetContentClient()->browser()->ShouldLockToOrigin( | 391 if (!GetContentClient()->browser()->ShouldLockToOrigin( |
373 browsing_instance_->browser_context(), site_)) | 392 browsing_instance_->browser_context(), site_)) |
374 return; | 393 return; |
375 | 394 |
376 ChildProcessSecurityPolicyImpl* policy = | 395 ChildProcessSecurityPolicyImpl* policy = |
377 ChildProcessSecurityPolicyImpl::GetInstance(); | 396 ChildProcessSecurityPolicyImpl::GetInstance(); |
378 policy->LockToOrigin(process_->GetID(), site_); | 397 policy->LockToOrigin(process_->GetID(), site_); |
379 } | 398 } |
380 } | 399 } |
381 | 400 |
382 } // namespace content | 401 } // namespace content |
OLD | NEW |