OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CONTENT_COMMON_SITE_ISOLATION_POLICY_H_ | 5 #ifndef CONTENT_COMMON_SITE_ISOLATION_POLICY_H_ |
6 #define CONTENT_COMMON_SITE_ISOLATION_POLICY_H_ | 6 #define CONTENT_COMMON_SITE_ISOLATION_POLICY_H_ |
7 | 7 |
8 #include "base/basictypes.h" | 8 #include "base/basictypes.h" |
9 #include "content/common/content_export.h" | 9 #include "content/common/content_export.h" |
10 #include "url/gurl.h" | 10 #include "url/gurl.h" |
11 | 11 |
12 namespace content { | 12 namespace content { |
13 | 13 |
14 // A centralized place for making policy decisions about out-of-process iframes, | 14 // A centralized place for making policy decisions about out-of-process iframes, |
15 // site isolation, --site-per-process, and related features. | 15 // site isolation, --site-per-process, and related features. |
16 // | 16 // |
17 // This is currently static because all these modes are controlled by command- | 17 // This is currently static because all these modes are controlled by command- |
18 // line flags. | 18 // line flags. |
19 // | 19 // |
20 // These methods can be called from any thread. | 20 // These methods can be called from any thread. |
21 class CONTENT_EXPORT SiteIsolationPolicy { | 21 class CONTENT_EXPORT SiteIsolationPolicy { |
22 public: | 22 public: |
23 // Returns true if the current process model might allow the use of cross- | 23 // Returns true if the current process model might allow the use of cross- |
24 // process iframes. This should typically used to avoid executing codepaths | 24 // process iframes. This should typically used to avoid executing codepaths |
25 // that only matter for cross-process iframes, to protect the default | 25 // that only matter for cross-process iframes, to protect the default |
26 // behavior. | 26 // behavior. |
27 // | 27 // |
28 // Note: Since cross-process frames will soon be possible by default (e.g. for | 28 // Note: Since cross-process frames will soon be possible by default, usage |
29 // <iframe src="http://..."> in an extension process), usage should be limited | 29 // should be limited to temporary stop-gaps. |
30 // to temporary stop-gaps. | |
31 // | 30 // |
32 // Instead of calling this method, prefer to examine object state to see | 31 // Instead of calling this method, prefer to examine object state to see |
33 // whether a particular frame happens to have a cross-process relationship | 32 // whether a particular frame happens to have a cross-process relationship |
34 // with another, or to consult DoesSiteRequireDedicatedProcess() to see if a | 33 // with another, or to consult DoesSiteRequireDedicatedProcess() to see if a |
35 // particular site merits protection. | 34 // particular site merits protection. |
36 static bool AreCrossProcessFramesPossible(); | 35 static bool AreCrossProcessFramesPossible(); |
37 | 36 |
38 // Returns true if pages loaded from |url|'s site ought to be handled only by | 37 // Returns true if pages loaded from |effective_url| ought to be handled only |
39 // a renderer process isolated from other sites. If --site-per-process is on | 38 // by a renderer process isolated from other sites. If --site-per-process is |
40 // the command line, this is true for all sites. | 39 // on the command line, this is true for all sites. In other site isolation |
| 40 // modes, only a subset of sites will require dedicated processes. |
41 // | 41 // |
42 // Eventually, this function will be made to return true for only some schemes | 42 // |effective_url| must be an effective URL -- practically speaking, that |
43 // (e.g. extensions) or a whitelist of sites that we should protect for this | 43 // means that this function should only be called on the UI thread in the |
44 // user. | 44 // browser process. |
45 // | 45 static bool DoesSiteRequireDedicatedProcess(const GURL& effective_url); |
46 // Although |url| is currently ignored, callers can assume for now that they | |
47 // can pass a full URL here -- they needn't canonicalize it to a site. | |
48 static bool DoesSiteRequireDedicatedProcess(const GURL& url); | |
49 | 46 |
50 // Returns true if navigation and history code should maintain per-frame | 47 // Returns true if navigation and history code should maintain per-frame |
51 // navigation entries. This is an in-progress feature related to site | 48 // navigation entries. This is an in-progress feature related to site |
52 // isolation, so the return value is currently tied to --site-per-process. | 49 // isolation, so the return value is currently tied to --site-per-process. |
53 // TODO(creis, avi): Make this the default, and eliminate this. | 50 // TODO(creis, avi): Make this the default, and eliminate this. |
54 static bool UseSubframeNavigationEntries(); | 51 static bool UseSubframeNavigationEntries(); |
55 | 52 |
56 // Returns true if we are currently in a mode where the swapped out state | 53 // Returns true if we are currently in a mode where the swapped out state |
57 // should not be used. Currently (as an implementation strategy) swapped out | 54 // should not be used. Currently (as an implementation strategy) swapped out |
58 // is forbidden under --site-per-process, but our goal is to eliminate the | 55 // is forbidden under --site-per-process, but our goal is to eliminate the |
(...skipping 14 matching lines...) Expand all Loading... |
73 | 70 |
74 private: | 71 private: |
75 SiteIsolationPolicy(); // Not instantiable. | 72 SiteIsolationPolicy(); // Not instantiable. |
76 | 73 |
77 DISALLOW_COPY_AND_ASSIGN(SiteIsolationPolicy); | 74 DISALLOW_COPY_AND_ASSIGN(SiteIsolationPolicy); |
78 }; | 75 }; |
79 | 76 |
80 } // namespace content | 77 } // namespace content |
81 | 78 |
82 #endif // CONTENT_COMMON_SITE_ISOLATION_POLICY_H_ | 79 #endif // CONTENT_COMMON_SITE_ISOLATION_POLICY_H_ |
OLD | NEW |