Chromium Code Reviews Chromium Code Reviews
Issue 2563843002:
Restrict app sandbox's CSP to disallow loading web content in them. (Closed)
| Index: chrome/browser/extensions/chrome_content_browser_client_extensions_part.cc |
| diff --git a/chrome/browser/extensions/chrome_content_browser_client_extensions_part.cc b/chrome/browser/extensions/chrome_content_browser_client_extensions_part.cc |
| index bee125700dff5cec5d9e36c0a39c0d82fe99cefb..93f51cd19aec0c42e8b88e5d1744483386202044 100644 |
| --- a/chrome/browser/extensions/chrome_content_browser_client_extensions_part.cc |
| +++ b/chrome/browser/extensions/chrome_content_browser_client_extensions_part.cc |
| @@ -305,16 +305,10 @@ bool ChromeContentBrowserClientExtensionsPart::DoesSiteRequireDedicatedProcess( |
| if (extension->id() == kWebStoreAppId) |
| return true; |
| - // --isolate-extensions should isolate extensions, except for a) hosted |
| - // apps, b) platform apps. |
| - // a) Isolating hosted apps is a good idea, but ought to be a separate |
| - // knob. |
| - // b) Sandbox pages in platform app can load web content in iframes; |
| - // isolating the app and the iframe leads to StoragePartition mismatch |
| - // in the two processes. |
| - // TODO(lazyboy): We should deprecate this behaviour and not let web |
| - // content load in platform app's process; see http://crbug.com/615585. |
| - if (extension->is_hosted_app() || extension->is_platform_app()) |
| + // --isolate-extensions should isolate extensions, except for hosted |
| + // app. Isolating hosted apps is a good idea, but ought to be a separate |
|
Charlie Reis
2016/12/09 19:55:07
nit: s/app/apps/
lazyboy
2016/12/14 00:49:04
Done.
|
| + // knob. |
| + if (extension->is_hosted_app()) |
| return false; |
| // Isolate all extensions. |
