Avoid using ContentBrowserClient::IsIllegalOrigin in ResourceDispatcherHost.

content/public/browser/resource_dispatcher_host.h

Index: content/public/browser/resource_dispatcher_host.h
diff --git a/content/public/browser/resource_dispatcher_host.h b/content/public/browser/resource_dispatcher_host.h
index 3bdd0cae132f4bb9dbd61c3066db169bf5e1bbf0..3b9e93194789d678ddc53c74daeaa7a0371e9804 100644
--- a/content/public/browser/resource_dispatcher_host.h
+++ b/content/public/browser/resource_dispatcher_host.h
@@ -8,6 +8,7 @@
 #include <stdint.h>
 
 #include <memory>
+#include <set>
 
 #include "base/callback_forward.h"
 #include "content/common/content_export.h"
@@ -51,6 +52,46 @@ class CONTENT_EXPORT ResourceDispatcherHost {
   // Clears the ResourceDispatcherHostLoginDelegate associated with the request.
   virtual void ClearLoginDelegateForRequest(net::URLRequest* request) = 0;
 
+  // Specifies a scheme to be access checked. By default all schemes are
+  // allowed
+  virtual void AddSchemeForAccessCheck(const std::string& scheme) = 0;
+
+  // The following six methods add access information for the url origin
+  // passed in. Please note that the scheme has to be registered for access
+  // check via a call to the AddSchemeForAccessCheck() method above.
+
+  // Adds access information for the url |origin|. By access we mean whether
+  // the process attempting to request resources off the |origin| is allowed to
+  // do so, etc.
+  virtual void AddOriginAccessInformation(const ResourceContext* context,
+                                          const std::string& origin) = 0;
+
+  // Removes access information for the url |origin| passed in.
+  virtual void RemoveOriginAccessInformation(const ResourceContext* context,
+                                             const std::string& origin) = 0;
+
+  // Adds |owner_process_id| as an owner for the |origin|.
+  virtual void AddOwnerForOrigin(const ResourceContext* context,
+                                 const std::string& origin,
+                                 int owner_process_id) = 0;
+
+  // Removes |owner_process_id| as an owner for the |origin|.
+  virtual void RemoveOwnerForOrigin(const ResourceContext* context,
+                                    const std::string& origin,
+                                    int owner_process_id) = 0;
+
+  // Adds the |guest_process_id| to the list of processes allowed to access the
+  // origin.
+  virtual void AddGuestForOrigin(const ResourceContext* context,

[jam, 2016/08/01 20:06:01]

from the loading perspective, there's no need to differentiate between owner vs
guest process right? i.e. looking at the implementation inside content/, they're
treated the same way.

in that case, it seems the API could be simplified by having one set of methods:
AddProcessForOrigin/RemoveProcessForOrigin.

Also, do we really need AddOriginAccessInformation and
RemoveOriginAccessInformation? i.e. can't RDH automatically create/remove the
map as needed based on the AddProcessForOrigin/RemoveProcessForOrigin calls
automatically?

[ananta, 2016/08/02 00:40:50]

Done.

+                                 const std::string& origin,
+                                 int guest_process_id) = 0;
+
+  // Removes the |guest_process_id| from the list of processes allowed to
+  // access the origin.
+  virtual void RemoveGuestForOrigin(const ResourceContext* context,
+                                    const std::string& origin,
+                                    int guest_process_id) = 0;
+
  protected:
   virtual ~ResourceDispatcherHost() {}
 };