Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(870)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/child_process_security_policy_impl.h

Issue 2921063003: Fix process reuse for dedicated processes when over process limit. (Closed)
Patch Set: Rebase Created 3 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | content/browser/child_process_security_policy_impl.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ 5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_
6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ 6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_
7 7
8 #include <map> 8 #include <map>
9 #include <memory> 9 #include <memory>
10 #include <set> 10 #include <set>
(...skipping 158 matching lines...) Expand 10 before | Expand all | Expand 10 after
169 bool CanCopyIntoFileSystemFile(int child_id, 169 bool CanCopyIntoFileSystemFile(int child_id,
170 const storage::FileSystemURL& filesystem_url); 170 const storage::FileSystemURL& filesystem_url);
171 bool CanDeleteFileSystemFile(int child_id, 171 bool CanDeleteFileSystemFile(int child_id,
172 const storage::FileSystemURL& filesystem_url); 172 const storage::FileSystemURL& filesystem_url);
173 173
174 // Returns true if the specified child_id has been granted ReadRawCookies. 174 // Returns true if the specified child_id has been granted ReadRawCookies.
175 bool CanReadRawCookies(int child_id); 175 bool CanReadRawCookies(int child_id);
176 176
177 // Sets the process as only permitted to use and see the cookies for the 177 // Sets the process as only permitted to use and see the cookies for the
178 // given origin. 178 // given origin.
179 // Origin lock is applied only if the --site-per-process flag is used.
180 void LockToOrigin(int child_id, const GURL& gurl); 179 void LockToOrigin(int child_id, const GURL& gurl);
181 180
181 // Used to indicate the result of comparing a process's origin lock to
182 // another value:
183 enum class CheckOriginLockResult {
184 // The process does not exist, or it has no origin lock.
185 NO_LOCK,
186 // The process has an origin lock and it matches the passed-in value.
187 HAS_EQUAL_LOCK,
188 // The process has an origin lock and it does not match the passed-in
189 // value.
190 HAS_WRONG_LOCK,
191 };
192
193 // Check the origin lock of the process specified by |child_id| against
194 // |site_url|. See the definition of |CheckOriginLockResult| for possible
195 // returned values.
196 CheckOriginLockResult CheckOriginLock(int child_id, const GURL& site_url);
197
182 // Register FileSystem type and permission policy which should be used 198 // Register FileSystem type and permission policy which should be used
183 // for the type. The |policy| must be a bitwise-or'd value of 199 // for the type. The |policy| must be a bitwise-or'd value of
184 // storage::FilePermissionPolicy. 200 // storage::FilePermissionPolicy.
185 void RegisterFileSystemPermissionPolicy(storage::FileSystemType type, 201 void RegisterFileSystemPermissionPolicy(storage::FileSystemType type,
186 int policy); 202 int policy);
187 203
188 // Returns true if sending system exclusive messages is allowed. 204 // Returns true if sending system exclusive messages is allowed.
189 bool CanSendMidiSysExMessage(int child_id); 205 bool CanSendMidiSysExMessage(int child_id);
190 206
191 // Add an origin to the list of origins that require process isolation. 207 // Add an origin to the list of origins that require process isolation.
(...skipping 120 matching lines...) Expand 10 before | Expand all | Expand 10 after
312 // eTLD+1. Each of these origins requires a dedicated process. This set is 328 // eTLD+1. Each of these origins requires a dedicated process. This set is
313 // protected by |lock_|. 329 // protected by |lock_|.
314 std::set<url::Origin> isolated_origins_; 330 std::set<url::Origin> isolated_origins_;
315 331
316 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicyImpl); 332 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicyImpl);
317 }; 333 };
318 334
319 } // namespace content 335 } // namespace content
320 336
321 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ 337 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_
OLDNEW
« no previous file with comments | « no previous file | content/browser/child_process_security_policy_impl.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698