Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1539)

Side by Side Diff: content/common/site_isolation_policy.h

Issue 1378203002: Handle hosted apps consistently in --isolate-extensions. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef CONTENT_COMMON_SITE_ISOLATION_POLICY_H_ 5 #ifndef CONTENT_COMMON_SITE_ISOLATION_POLICY_H_
6 #define CONTENT_COMMON_SITE_ISOLATION_POLICY_H_ 6 #define CONTENT_COMMON_SITE_ISOLATION_POLICY_H_
7 7
8 #include "base/basictypes.h" 8 #include "base/basictypes.h"
9 #include "content/common/content_export.h" 9 #include "content/common/content_export.h"
10 #include "url/gurl.h" 10 #include "url/gurl.h"
11 11
12 namespace content { 12 namespace content {
13 13
14 // A centralized place for making policy decisions about out-of-process iframes, 14 // A centralized place for making policy decisions about out-of-process iframes,
15 // site isolation, --site-per-process, and related features. 15 // site isolation, --site-per-process, and related features.
16 // 16 //
17 // This is currently static because all these modes are controlled by command- 17 // This is currently static because all these modes are controlled by command-
18 // line flags. 18 // line flags.
19 // 19 //
20 // These methods can be called from any thread. 20 // These methods can be called from any thread.
21 class CONTENT_EXPORT SiteIsolationPolicy { 21 class CONTENT_EXPORT SiteIsolationPolicy {
22 public: 22 public:
23 // Returns true if the current process model might allow the use of cross- 23 // Returns true if the current process model might allow the use of cross-
24 // process iframes. This should typically used to avoid executing codepaths 24 // process iframes. This should typically used to avoid executing codepaths
25 // that only matter for cross-process iframes, to protect the default 25 // that only matter for cross-process iframes, to protect the default
26 // behavior. 26 // behavior.
27 // 27 //
28 // Note: Since cross-process frames will soon be possible by default (e.g. for 28 // Note: Since cross-process frames will soon be possible by default, usage
29 // <iframe src="http://..."> in an extension process), usage should be limited 29 // should be limited to temporary stop-gaps.
30 // to temporary stop-gaps.
31 // 30 //
32 // Instead of calling this method, prefer to examine object state to see 31 // Instead of calling this method, prefer to examine object state to see
33 // whether a particular frame happens to have a cross-process relationship 32 // whether a particular frame happens to have a cross-process relationship
34 // with another, or to consult DoesSiteRequireDedicatedProcess() to see if a 33 // with another, or to consult DoesSiteRequireDedicatedProcess() to see if a
35 // particular site merits protection. 34 // particular site merits protection.
36 static bool AreCrossProcessFramesPossible(); 35 static bool AreCrossProcessFramesPossible();
37 36
38 // Returns true if pages loaded from |url|'s site ought to be handled only by 37 // Returns true if pages loaded from |effective_url| ought to be handled only
39 // a renderer process isolated from other sites. If --site-per-process is on 38 // by a renderer process isolated from other sites. If --site-per-process is
40 // the command line, this is true for all sites. 39 // on the command line, this is true for all sites. In other site isolation
40 // modes, only a subset of sites will require dedicated processes.
41 // 41 //
42 // Eventually, this function will be made to return true for only some schemes 42 // |effective_url| must be an effective URL -- practically speaking, that
43 // (e.g. extensions) or a whitelist of sites that we should protect for this 43 // means that this function should only be called on the UI thread in the
44 // user. 44 // browser process.
45 // 45 static bool DoesSiteRequireDedicatedProcess(const GURL& effective_url);
46 // Although |url| is currently ignored, callers can assume for now that they
47 // can pass a full URL here -- they needn't canonicalize it to a site.
48 static bool DoesSiteRequireDedicatedProcess(const GURL& url);
49 46
50 // Returns true if navigation and history code should maintain per-frame 47 // Returns true if navigation and history code should maintain per-frame
51 // navigation entries. This is an in-progress feature related to site 48 // navigation entries. This is an in-progress feature related to site
52 // isolation, so the return value is currently tied to --site-per-process. 49 // isolation, so the return value is currently tied to --site-per-process.
53 // TODO(creis, avi): Make this the default, and eliminate this. 50 // TODO(creis, avi): Make this the default, and eliminate this.
54 static bool UseSubframeNavigationEntries(); 51 static bool UseSubframeNavigationEntries();
55 52
56 // Returns true if we are currently in a mode where the swapped out state 53 // Returns true if we are currently in a mode where the swapped out state
57 // should not be used. Currently (as an implementation strategy) swapped out 54 // should not be used. Currently (as an implementation strategy) swapped out
58 // is forbidden under --site-per-process, but our goal is to eliminate the 55 // is forbidden under --site-per-process, but our goal is to eliminate the
(...skipping 14 matching lines...) Expand all
73 70
74 private: 71 private:
75 SiteIsolationPolicy(); // Not instantiable. 72 SiteIsolationPolicy(); // Not instantiable.
76 73
77 DISALLOW_COPY_AND_ASSIGN(SiteIsolationPolicy); 74 DISALLOW_COPY_AND_ASSIGN(SiteIsolationPolicy);
78 }; 75 };
79 76
80 } // namespace content 77 } // namespace content
81 78
82 #endif // CONTENT_COMMON_SITE_ISOLATION_POLICY_H_ 79 #endif // CONTENT_COMMON_SITE_ISOLATION_POLICY_H_
OLDNEW
« no previous file with comments | « content/browser/loader/cross_site_resource_handler.cc ('k') | content/common/site_isolation_policy.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698