Whitelisting exts and plugins from cross-site document blocking

content/child/site_isolation_policy.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/child/site_isolation_policy.h"
 
 #include "base/basictypes.h"
 #include "base/command_line.h"
 #include "base/logging.h"
 #include "base/metrics/histogram.h"
+#include "base/process/process_handle.h"

[Charlie Reis, 2013/09/03 16:43:23]

Is this just for the logging statement?  We should remove both.

 #include "base/strings/string_piece.h"
 #include "base/strings/string_util.h"
 #include "content/public/common/content_switches.h"
 #include "net/base/registry_controlled_domains/registry_controlled_domain.h"
 #include "net/http/http_response_headers.h"
 #include "third_party/WebKit/public/platform/WebHTTPHeaderVisitor.h"
 #include "third_party/WebKit/public/platform/WebString.h"
 #include "third_party/WebKit/public/platform/WebURL.h"
 #include "third_party/WebKit/public/platform/WebURLRequest.h"
 #include "third_party/WebKit/public/platform/WebURLResponse.h"
@@ skipping 17 matching lines @@
 const char kTextXml[] = "text/xml";
 const char xAppRssXml[] = "application/rss+xml";
 const char kAppXml[] = "application/xml";
 const char kAppJson[] = "application/json";
 const char kTextJson[] = "text/json";
 const char kTextXjson[] = "text/x-json";
 const char kTextPlain[] = "text/plain";
 
 }  // anonymous namespace
 
+// The cross-site document blocking/UMA data collection is deactivated by
+// default, and only activated for a rederer process backed-up by

[Charlie Reis, 2013/09/03 16:43:23]

nit: renderer

Also, "backed up by RenderProcessImpl (so we exclude plugin processes too)" is
redundant with "renderer process."

+// RenderProcessImpl (so we exclude plugin processes too), when the renderer is
+// not for extensions.
+bool SiteIsolationPolicy::g_policy_activated = false;
+
 SiteIsolationPolicy::ResponseMetaData::ResponseMetaData() {}
 
+void SiteIsolationPolicy::SetPolicyActivationFlag(bool flag) {
+  LOG(ERROR) << "setpolicyactivationflag:" << flag << ":" <<

[Charlie Reis, 2013/09/03 16:43:23]

We should remove this.

[dsjang, 2013/09/03 19:13:11]

Done.

+      base::GetCurrentProcId();
+  g_policy_activated = flag;
+}
+
 void SiteIsolationPolicy::OnReceivedResponse(
     int request_id,
     GURL& frame_origin,
     GURL& response_url,
     ResourceType::Type resource_type,
     const webkit_glue::ResourceResponseInfo& info) {
+  if (!g_policy_activated) {

[Charlie Reis, 2013/09/03 16:43:23]

nit: No braces needed on one-line body.

+    return;
+  }
+
   UMA_HISTOGRAM_COUNTS("SiteIsolation.AllResponses", 1);
 
   // See if this is for navigation. If it is, don't block it, under the
   // assumption that we will put it in an appropriate process.
   if (ResourceType::IsFrame(resource_type))
     return;
 
   if (!IsBlockableScheme(response_url))
     return;
 
@@ skipping 83 matching lines @@
     } else { \
       SITE_ISOLATION_POLICY_COUNT_NOTBLOCK(BUCKET_PREFIX) \
     } \
   }
 
 bool SiteIsolationPolicy::ShouldBlockResponse(
     int request_id,
     const char* data,
     int length,
     std::string* alternative_data) {
+  if (!g_policy_activated)
+    return false;
+
   RequestIdToMetaDataMap* metadata_map = GetRequestIdToMetaDataMap();
   RequestIdToResultMap* result_map = GetRequestIdToResultMap();
 
   // If there's an entry for |request_id| in blocked_map, this request's first
   // data packet has already been examined. We can return the result here.
   if (result_map->count(request_id) != 0) {
     if ((*result_map)[request_id]) {
       // Here, the blocking result has been set for the previous run of
       // ShouldBlockResponse(), so we set alternative data to an empty string so
       // that ResourceDispatcher doesn't call its peer's onReceivedData() with
@@ skipping 94 matching lines @@
   if (!command_line.HasSwitch(switches::kBlockCrossSiteDocuments))
     result = false;
   (*result_map)[request_id] = result;
 
   if (result) {
     alternative_data->erase();
     alternative_data->insert(0, " ");
     LOG(ERROR) << resp_data.response_url
                << " is blocked as an illegal cross-site document from "
                << resp_data.frame_origin;
-
   }
   return result;
 }
 
 #undef SITE_ISOLATION_POLICY_COUNT_NOTBLOCK
 #undef SITE_ISOLATION_POLICY_SNIFF_AND_COUNT
 #undef SITE_ISOLATION_POLICY_COUNT_BLOCK
 
 void SiteIsolationPolicy::OnRequestComplete(int request_id) {
+  if (!g_policy_activated)
+    return;
   RequestIdToMetaDataMap* metadata_map = GetRequestIdToMetaDataMap();
   RequestIdToResultMap* result_map = GetRequestIdToResultMap();
   metadata_map->erase(request_id);
   result_map->erase(request_id);
 }
 
 SiteIsolationPolicy::ResponseMetaData::CanonicalMimeType
 SiteIsolationPolicy::GetCanonicalMimeType(const std::string& mime_type) {
   if (LowerCaseEqualsASCII(mime_type, kTextHtml)) {
     return SiteIsolationPolicy::ResponseMetaData::HTML;
@@ skipping 259 matching lines @@
   return &metadata_map_;
 }
 
 SiteIsolationPolicy::RequestIdToResultMap*
 SiteIsolationPolicy::GetRequestIdToResultMap() {
   CR_DEFINE_STATIC_LOCAL(RequestIdToResultMap, result_map_, ());
   return &result_map_;
 }
 
 }  // namespace content