Start replicating sandbox flags for OOPIF

content/renderer/render_frame_impl.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/renderer/render_frame_impl.h"
 
 #include <map>
 #include <string>
 
 #include "base/auto_reset.h"
@@ skipping 471 matching lines @@
       RenderThreadImpl::current()->SharedMainThreadContextProvider().get();
   if (!provider)
     return media::Context3D();
   return media::Context3D(provider->ContextGL(), provider->GrContext());
 }
 #endif
 
 RenderFrameImpl::CreateRenderFrameImplFunction g_create_render_frame_impl =
     nullptr;
 
+// Check that blink::WebSandboxFlags is kept in sync with
+// content::SandboxFlags.
+COMPILE_ASSERT(blink::WebSandboxFlags::None ==
+                   static_cast<blink::WebSandboxFlags>(
+                       content::SandboxFlags::NONE),

[Charlie Reis, 2015/01/12 20:25:12]

nit: No need for content:: here since we're already in that namespace.  You can
also use ContentToWebSandboxFlags rather than the static_cast, so this should
fit on one fewer line.

[alexmos, 2015/01/14 19:35:19]

Done.  Removed unnecessary content::, but couldn't use ContentToWebSandboxFlags
as it can't be resolved at compile time (and C++11's constexpr is banned on
https://chromium-cpp.appspot.com/).

[Charlie Reis, 2015/01/14 19:46:45]

Huh, I guess that's why people cast both sides to int elsewhere.  Oh well.

+               enum_values_must_match_for_sandbox_flags);
+COMPILE_ASSERT(blink::WebSandboxFlags::Navigation ==
+                   static_cast<blink::WebSandboxFlags>(
+                       content::SandboxFlags::NAVIGATION),
+               enum_values_must_match_for_sandbox_flags);
+COMPILE_ASSERT(blink::WebSandboxFlags::Plugins ==
+                   static_cast<blink::WebSandboxFlags>(
+                       content::SandboxFlags::PLUGINS),
+               enum_values_must_match_for_sandbox_flags);
+COMPILE_ASSERT(blink::WebSandboxFlags::Origin ==
+                   static_cast<blink::WebSandboxFlags>(
+                       content::SandboxFlags::ORIGIN),
+               enum_values_must_match_for_sandbox_flags);
+COMPILE_ASSERT(blink::WebSandboxFlags::Forms ==
+                   static_cast<blink::WebSandboxFlags>(
+                       content::SandboxFlags::FORMS),
+               enum_values_must_match_for_sandbox_flags);
+COMPILE_ASSERT(blink::WebSandboxFlags::Scripts ==
+                   static_cast<blink::WebSandboxFlags>(
+                       content::SandboxFlags::SCRIPTS),
+               enum_values_must_match_for_sandbox_flags);
+COMPILE_ASSERT(blink::WebSandboxFlags::TopNavigation ==
+                   static_cast<blink::WebSandboxFlags>(
+                       content::SandboxFlags::TOP_NAVIGATION),
+               enum_values_must_match_for_sandbox_flags);
+COMPILE_ASSERT(blink::WebSandboxFlags::Popups ==
+                   static_cast<blink::WebSandboxFlags>(
+                       content::SandboxFlags::POPUPS),
+               enum_values_must_match_for_sandbox_flags);
+COMPILE_ASSERT(
+    blink::WebSandboxFlags::AutomaticFeatures ==
+        static_cast<blink::WebSandboxFlags>(
+            content::SandboxFlags::AUTOMATIC_FEATURES),
+    enum_values_must_match_for_sandbox_flags);
+COMPILE_ASSERT(blink::WebSandboxFlags::PointerLock ==
+                   static_cast<blink::WebSandboxFlags>(
+                       content::SandboxFlags::POINTER_LOCK),
+               enum_values_must_match_for_sandbox_flags);
+COMPILE_ASSERT(blink::WebSandboxFlags::DocumentDomain ==
+                   static_cast<blink::WebSandboxFlags>(
+                       content::SandboxFlags::DOCUMENT_DOMAIN),
+               enum_values_must_match_for_sandbox_flags);
+COMPILE_ASSERT(blink::WebSandboxFlags::OrientationLock ==
+                   static_cast<blink::WebSandboxFlags>(
+                       content::SandboxFlags::ORIENTATION_LOCK),
+               enum_values_must_match_for_sandbox_flags);
+COMPILE_ASSERT(blink::WebSandboxFlags::All ==
+                   static_cast<blink::WebSandboxFlags>(
+                       content::SandboxFlags::ALL),
+               enum_values_must_match_for_sandbox_flags);
+
 }  // namespace
 
-
 // static
 RenderFrameImpl* RenderFrameImpl::Create(RenderViewImpl* render_view,
                                          int32 routing_id) {
   DCHECK(routing_id != MSG_ROUTING_NONE);
 
   if (g_create_render_frame_impl)
     return g_create_render_frame_impl(render_view, routing_id);
   else
     return new RenderFrameImpl(render_view, routing_id);
 }
 
 // static
 RenderFrameImpl* RenderFrameImpl::FromRoutingID(int32 routing_id) {
   RoutingIDFrameMap::iterator iter =
       g_routing_id_frame_map.Get().find(routing_id);
   if (iter != g_routing_id_frame_map.Get().end())
     return iter->second;
   return NULL;
 }
 
 // static
-void RenderFrameImpl::CreateFrame(int routing_id,
-                                  int parent_routing_id,
-                                  int proxy_routing_id) {
+void RenderFrameImpl::CreateFrame(
+    int routing_id,
+    int parent_routing_id,
+    int proxy_routing_id,
+    const FrameReplicationState& replicated_state) {
   // TODO(nasko): For now, this message is only sent for subframes, as the
   // top level frame is created when the RenderView is created through the
   // ViewMsg_New IPC.
   CHECK_NE(MSG_ROUTING_NONE, parent_routing_id);
 
   blink::WebLocalFrame* web_frame;
   RenderFrameImpl* render_frame;
   if (proxy_routing_id == MSG_ROUTING_NONE) {
     RenderFrameProxy* parent_proxy =
         RenderFrameProxy::FromRoutingID(parent_routing_id);
     // If the browser is sending a valid parent routing id, it should already
     // be created and registered.
     CHECK(parent_proxy);
     blink::WebRemoteFrame* parent_web_frame = parent_proxy->web_frame();
 
     // Create the RenderFrame and WebLocalFrame, linking the two.
     render_frame =
         RenderFrameImpl::Create(parent_proxy->render_view(), routing_id);
-    web_frame = parent_web_frame->createLocalChild("", render_frame);
+    web_frame = parent_web_frame->createLocalChild("",
+        ContentToWebSandboxFlags(replicated_state.sandbox_flags),
+        render_frame);
   } else {
     RenderFrameProxy* proxy =
         RenderFrameProxy::FromRoutingID(proxy_routing_id);
     CHECK(proxy);
     render_frame = RenderFrameImpl::Create(proxy->render_view(), routing_id);
     web_frame = blink::WebLocalFrame::create(render_frame);
     render_frame->proxy_routing_id_ = proxy_routing_id;
     web_frame->initializeToReplaceRemoteFrame(proxy->web_frame());
   }
   render_frame->SetWebFrame(web_frame);
@@ skipping 13 matching lines @@
   return NULL;
 }
 
 // static
 void RenderFrameImpl::InstallCreateHook(
     CreateRenderFrameImplFunction create_render_frame_impl) {
   CHECK(!g_create_render_frame_impl);
   g_create_render_frame_impl = create_render_frame_impl;
 }
 
+// static
+content::SandboxFlags RenderFrameImpl::WebToContentSandboxFlags(
+    blink::WebSandboxFlags flags) {
+  return static_cast<content::SandboxFlags>(flags);
+}
+
+// static
+blink::WebSandboxFlags RenderFrameImpl::ContentToWebSandboxFlags(
+    content::SandboxFlags flags) {
+  return static_cast<blink::WebSandboxFlags>(flags);
+}
+
+
 // RenderFrameImpl ----------------------------------------------------------
 RenderFrameImpl::RenderFrameImpl(RenderViewImpl* render_view, int routing_id)
     : frame_(NULL),
       render_view_(render_view->AsWeakPtr()),
       routing_id_(routing_id),
       is_swapped_out_(false),
       render_frame_proxy_(NULL),
       is_detaching_(false),
       proxy_routing_id_(MSG_ROUTING_NONE),
 #if defined(ENABLE_PLUGINS)
@@ skipping 1349 matching lines @@
 }
 
 void RenderFrameImpl::didAccessInitialDocument(blink::WebLocalFrame* frame) {
   DCHECK(!frame_ || frame_ == frame);
   // Notify the browser process that it is no longer safe to show the pending
   // URL of the main frame, since a URL spoof is now possible.
   if (!frame->parent() && render_view_->page_id_ == -1)
     Send(new FrameHostMsg_DidAccessInitialDocument(routing_id_));
 }
 
+// TODO(alexmos): Remove once Blink is updated to use the version that takes
+// sandbox flags.
+blink::WebFrame* RenderFrameImpl::createChildFrame(
+    blink::WebLocalFrame* parent,
+    const blink::WebString& name) {
+  return createChildFrame(parent, name, blink::WebSandboxFlags::None);
+}
+
 blink::WebFrame* RenderFrameImpl::createChildFrame(
     blink::WebLocalFrame* parent,
-    const blink::WebString& name) {
+    const blink::WebString& name,
+    blink::WebSandboxFlags sandbox_flags) {
   // Synchronously notify the browser of a child frame creation to get the
   // routing_id for the RenderFrame.
   int child_routing_id = MSG_ROUTING_NONE;
-  CHECK(Send(new FrameHostMsg_CreateChildFrame(routing_id_,
-                                               base::UTF16ToUTF8(name),
-                                               &child_routing_id)));
+  CHECK(Send(new FrameHostMsg_CreateChildFrame(
+      routing_id_,
+      base::UTF16ToUTF8(name),
+      WebToContentSandboxFlags(sandbox_flags),
+      &child_routing_id)));
 
   // Allocation of routing id failed, so we can't create a child frame. This can
   // happen if this RenderFrameImpl's IPCs are being filtered when in swapped
   // out state.
   if (child_routing_id == MSG_ROUTING_NONE) {
 #if !defined(OS_LINUX)
     // DumpWithoutCrashing() crashes on Linux in renderer processes when
     // breakpad and sandboxing are enabled: crbug.com/349600
     base::debug::Alias(parent);
     base::debug::Alias(&routing_id_);
@@ skipping 2372 matching lines @@
 
 #if defined(ENABLE_BROWSER_CDMS)
 RendererCdmManager* RenderFrameImpl::GetCdmManager() {
   if (!cdm_manager_)
     cdm_manager_ = new RendererCdmManager(this);
   return cdm_manager_;
 }
 #endif  // defined(ENABLE_BROWSER_CDMS)
 
 }  // namespace content