electron/atom/browser/atom_browser_client.h

232 lines
9.4 KiB
C
Raw Normal View History

// Copyright (c) 2013 GitHub, Inc.
2014-04-25 09:49:37 +00:00
// Use of this source code is governed by the MIT license that can be
2013-04-12 01:46:58 +00:00
// found in the LICENSE file.
2014-03-16 00:58:59 +00:00
#ifndef ATOM_BROWSER_ATOM_BROWSER_CLIENT_H_
#define ATOM_BROWSER_ATOM_BROWSER_CLIENT_H_
2013-04-12 01:46:58 +00:00
#include <map>
#include <memory>
#include <set>
2014-05-29 13:24:22 +00:00
#include <string>
#include <vector>
2014-05-29 13:24:22 +00:00
#include "base/synchronization/lock.h"
#include "content/public/browser/content_browser_client.h"
#include "content/public/browser/render_process_host_observer.h"
#include "net/ssl/client_cert_identity.h"
2013-04-12 01:46:58 +00:00
namespace content {
class QuotaPermissionContext;
2015-06-03 20:57:06 +00:00
class ClientCertificateDelegate;
2018-04-18 01:44:10 +00:00
} // namespace content
2015-06-03 20:57:06 +00:00
namespace net {
class SSLCertRequestInfo;
}
2013-04-12 01:46:58 +00:00
namespace atom {
class AtomResourceDispatcherHostDelegate;
class NotificationPresenter;
class PlatformNotificationService;
class AtomBrowserClient : public content::ContentBrowserClient,
public content::RenderProcessHostObserver {
2013-04-12 15:16:16 +00:00
public:
static AtomBrowserClient* Get();
static void SetApplicationLocale(const std::string& locale);
2013-04-12 01:46:58 +00:00
AtomBrowserClient();
~AtomBrowserClient() override;
2013-04-12 01:46:58 +00:00
2015-11-18 02:07:03 +00:00
using Delegate = content::ContentBrowserClient;
void set_delegate(Delegate* delegate) { delegate_ = delegate; }
// Returns the WebContents for pending render processes.
content::WebContents* GetWebContentsFromProcessID(int process_id);
// Don't force renderer process to restart for once.
static void SuppressRendererProcessRestartForOnce();
NotificationPresenter* GetNotificationPresenter();
void WebNotificationAllowed(int render_process_id,
const base::Callback<void(bool, bool)>& callback);
// content::NavigatorDelegate
std::vector<std::unique_ptr<content::NavigationThrottle>>
CreateThrottlesForNavigation(content::NavigationHandle* handle) override;
// content::ContentBrowserClient:
std::string GetApplicationLocale() override;
fix: use appropriate site instance for cross-site nav's (#15821) * fix: use Chromium's determined new site instance as candidate when navigating. When navigating to a new address, consider using Chromium's determined site instance for the new page as it should belong to an existing browsing instance when the navigation was triggered by window.open(). fixes 8100. * Revert "fix: use Chromium's determined new site instance as candidate when navigating." This reverts commit eb95f935654a2c4d4457821297670836c10fdfd5. * fix: delegate site instance creation back to content when sandboxed. * fix: ensure site isolation is on * test: adapt ut for cross-site navigation * fix: register pending processes during a navigation. * refactor: dont call loadURL for a window constructed from an existing webContents. * test: add sandboxed affinity UT's. * fix: check affinity before deciding if to force a new site instance. * chore: adapt subsequent patch. * refactor: constify logically const methods. * fix: do not reuse site instances when navigation redirects cross-site. * test: ensure localStorage accessible after x-site redirect. * test: adapt localStorage acess denied UT for site isolation. * fix: do not send render-view-deleted for speculative frames. * chore: amend tests after rebase. * test: add ut for webContents' render-view-deleted emission * fix: introduce current-render-view-deleted for current RVH's deletions. Revert render-view-deleted to being emitted with any RVH's deletion. current-render-view-deleted is emitted only when the RVH being deleted is the current one. * refactor: style and comments fixed.
2018-12-05 08:03:39 +00:00
// content::ContentBrowserClient:
bool ShouldEnableStrictSiteIsolation() override;
protected:
void RenderProcessWillLaunch(
content::RenderProcessHost* host,
service_manager::mojom::ServiceRequest* service_request) override;
content::SpeechRecognitionManagerDelegate*
2018-04-18 01:44:10 +00:00
CreateSpeechRecognitionManagerDelegate() override;
content::TtsControllerDelegate* GetTtsControllerDelegate() override;
void OverrideWebkitPrefs(content::RenderViewHost* render_view_host,
content::WebPreferences* prefs) override;
fix: use appropriate site instance for cross-site nav's (#15821) * fix: use Chromium's determined new site instance as candidate when navigating. When navigating to a new address, consider using Chromium's determined site instance for the new page as it should belong to an existing browsing instance when the navigation was triggered by window.open(). fixes 8100. * Revert "fix: use Chromium's determined new site instance as candidate when navigating." This reverts commit eb95f935654a2c4d4457821297670836c10fdfd5. * fix: delegate site instance creation back to content when sandboxed. * fix: ensure site isolation is on * test: adapt ut for cross-site navigation * fix: register pending processes during a navigation. * refactor: dont call loadURL for a window constructed from an existing webContents. * test: add sandboxed affinity UT's. * fix: check affinity before deciding if to force a new site instance. * chore: adapt subsequent patch. * refactor: constify logically const methods. * fix: do not reuse site instances when navigation redirects cross-site. * test: ensure localStorage accessible after x-site redirect. * test: adapt localStorage acess denied UT for site isolation. * fix: do not send render-view-deleted for speculative frames. * chore: amend tests after rebase. * test: add ut for webContents' render-view-deleted emission * fix: introduce current-render-view-deleted for current RVH's deletions. Revert render-view-deleted to being emitted with any RVH's deletion. current-render-view-deleted is emitted only when the RVH being deleted is the current one. * refactor: style and comments fixed.
2018-12-05 08:03:39 +00:00
SiteInstanceForNavigationType ShouldOverrideSiteInstanceForNavigation(
content::RenderFrameHost* current_rfh,
content::RenderFrameHost* speculative_rfh,
content::BrowserContext* browser_context,
fix: use appropriate site instance for cross-site nav's (#15821) * fix: use Chromium's determined new site instance as candidate when navigating. When navigating to a new address, consider using Chromium's determined site instance for the new page as it should belong to an existing browsing instance when the navigation was triggered by window.open(). fixes 8100. * Revert "fix: use Chromium's determined new site instance as candidate when navigating." This reverts commit eb95f935654a2c4d4457821297670836c10fdfd5. * fix: delegate site instance creation back to content when sandboxed. * fix: ensure site isolation is on * test: adapt ut for cross-site navigation * fix: register pending processes during a navigation. * refactor: dont call loadURL for a window constructed from an existing webContents. * test: add sandboxed affinity UT's. * fix: check affinity before deciding if to force a new site instance. * chore: adapt subsequent patch. * refactor: constify logically const methods. * fix: do not reuse site instances when navigation redirects cross-site. * test: ensure localStorage accessible after x-site redirect. * test: adapt localStorage acess denied UT for site isolation. * fix: do not send render-view-deleted for speculative frames. * chore: amend tests after rebase. * test: add ut for webContents' render-view-deleted emission * fix: introduce current-render-view-deleted for current RVH's deletions. Revert render-view-deleted to being emitted with any RVH's deletion. current-render-view-deleted is emitted only when the RVH being deleted is the current one. * refactor: style and comments fixed.
2018-12-05 08:03:39 +00:00
const GURL& url,
bool has_request_started,
fix: use appropriate site instance for cross-site nav's (#15821) * fix: use Chromium's determined new site instance as candidate when navigating. When navigating to a new address, consider using Chromium's determined site instance for the new page as it should belong to an existing browsing instance when the navigation was triggered by window.open(). fixes 8100. * Revert "fix: use Chromium's determined new site instance as candidate when navigating." This reverts commit eb95f935654a2c4d4457821297670836c10fdfd5. * fix: delegate site instance creation back to content when sandboxed. * fix: ensure site isolation is on * test: adapt ut for cross-site navigation * fix: register pending processes during a navigation. * refactor: dont call loadURL for a window constructed from an existing webContents. * test: add sandboxed affinity UT's. * fix: check affinity before deciding if to force a new site instance. * chore: adapt subsequent patch. * refactor: constify logically const methods. * fix: do not reuse site instances when navigation redirects cross-site. * test: ensure localStorage accessible after x-site redirect. * test: adapt localStorage acess denied UT for site isolation. * fix: do not send render-view-deleted for speculative frames. * chore: amend tests after rebase. * test: add ut for webContents' render-view-deleted emission * fix: introduce current-render-view-deleted for current RVH's deletions. Revert render-view-deleted to being emitted with any RVH's deletion. current-render-view-deleted is emitted only when the RVH being deleted is the current one. * refactor: style and comments fixed.
2018-12-05 08:03:39 +00:00
content::SiteInstance** affinity_site_instance) const override;
void RegisterPendingSiteInstance(
content::RenderFrameHost* render_frame_host,
content::SiteInstance* pending_site_instance) override;
void AppendExtraCommandLineSwitches(base::CommandLine* command_line,
int child_process_id) override;
void AdjustUtilityServiceProcessCommandLine(
const service_manager::Identity& identity,
base::CommandLine* command_line) override;
2015-04-28 15:45:58 +00:00
void DidCreatePpapiPlugin(content::BrowserPpapiHost* browser_host) override;
std::string GetGeolocationApiKey() override;
content::QuotaPermissionContext* CreateQuotaPermissionContext() override;
content::GeneratedCodeCacheSettings GetGeneratedCodeCacheSettings(
content::BrowserContext* context) override;
2015-11-18 02:39:25 +00:00
void AllowCertificateError(
2016-03-08 14:28:53 +00:00
content::WebContents* web_contents,
2015-11-18 02:39:25 +00:00
int cert_error,
const net::SSLInfo& ssl_info,
const GURL& request_url,
content::ResourceType resource_type,
bool strict_enforcement,
bool expired_previous_decision,
2016-11-30 07:30:03 +00:00
const base::Callback<void(content::CertificateRequestResultType)>&
callback) override;
2015-06-03 20:57:06 +00:00
void SelectClientCertificate(
content::WebContents* web_contents,
net::SSLCertRequestInfo* cert_request_info,
net::ClientCertIdentityList client_certs,
2016-05-23 01:59:39 +00:00
std::unique_ptr<content::ClientCertificateDelegate> delegate) override;
void ResourceDispatcherHostCreated() override;
2018-04-18 01:44:10 +00:00
bool CanCreateWindow(content::RenderFrameHost* opener,
const GURL& opener_url,
const GURL& opener_top_level_frame_url,
const GURL& source_origin,
content::mojom::WindowContainerType container_type,
const GURL& target_url,
const content::Referrer& referrer,
const std::string& frame_name,
WindowOpenDisposition disposition,
const blink::mojom::WindowFeatures& features,
const std::vector<std::string>& additional_features,
const scoped_refptr<network::ResourceRequestBody>& body,
2018-04-18 01:44:10 +00:00
bool user_gesture,
bool opener_suppressed,
bool* no_javascript_access) override;
void GetAdditionalAllowedSchemesForFileSystem(
std::vector<std::string>* additional_schemes) override;
void GetAdditionalWebUISchemes(
std::vector<std::string>* additional_schemes) override;
void SiteInstanceDeleting(content::SiteInstance* site_instance) override;
std::unique_ptr<net::ClientCertStore> CreateClientCertStore(
content::ResourceContext* resource_context) override;
std::unique_ptr<device::LocationProvider> OverrideSystemLocationProvider()
override;
network::mojom::NetworkContextPtr CreateNetworkContext(
content::BrowserContext* browser_context,
bool in_memory,
const base::FilePath& relative_partition_path) override;
void RegisterOutOfProcessServices(OutOfProcessServiceMap* services) override;
std::unique_ptr<base::Value> GetServiceManifestOverlay(
base::StringPiece name) override;
net::NetLog* GetNetLog() override;
content::MediaObserver* GetMediaObserver() override;
content::DevToolsManagerDelegate* GetDevToolsManagerDelegate() override;
content::PlatformNotificationService* GetPlatformNotificationService()
override;
content::BrowserMainParts* CreateBrowserMainParts(
const content::MainFunctionParams&) override;
base::FilePath GetDefaultDownloadDirectory() override;
scoped_refptr<network::SharedURLLoaderFactory>
GetSystemSharedURLLoaderFactory() override;
void OnNetworkServiceCreated(
network::mojom::NetworkService* network_service) override;
fix: use appropriate site instance for cross-site nav's (#15821) * fix: use Chromium's determined new site instance as candidate when navigating. When navigating to a new address, consider using Chromium's determined site instance for the new page as it should belong to an existing browsing instance when the navigation was triggered by window.open(). fixes 8100. * Revert "fix: use Chromium's determined new site instance as candidate when navigating." This reverts commit eb95f935654a2c4d4457821297670836c10fdfd5. * fix: delegate site instance creation back to content when sandboxed. * fix: ensure site isolation is on * test: adapt ut for cross-site navigation * fix: register pending processes during a navigation. * refactor: dont call loadURL for a window constructed from an existing webContents. * test: add sandboxed affinity UT's. * fix: check affinity before deciding if to force a new site instance. * chore: adapt subsequent patch. * refactor: constify logically const methods. * fix: do not reuse site instances when navigation redirects cross-site. * test: ensure localStorage accessible after x-site redirect. * test: adapt localStorage acess denied UT for site isolation. * fix: do not send render-view-deleted for speculative frames. * chore: amend tests after rebase. * test: add ut for webContents' render-view-deleted emission * fix: introduce current-render-view-deleted for current RVH's deletions. Revert render-view-deleted to being emitted with any RVH's deletion. current-render-view-deleted is emitted only when the RVH being deleted is the current one. * refactor: style and comments fixed.
2018-12-05 08:03:39 +00:00
bool ShouldBypassCORB(int render_process_id) const override;
2013-04-12 01:46:58 +00:00
// content::RenderProcessHostObserver:
void RenderProcessHostDestroyed(content::RenderProcessHost* host) override;
2017-05-16 00:41:45 +00:00
void RenderProcessReady(content::RenderProcessHost* host) override;
void RenderProcessExited(
content::RenderProcessHost* host,
const content::ChildProcessTerminationInfo& info) override;
bool HandleExternalProtocol(
const GURL& url,
content::ResourceRequestInfo::WebContentsGetter web_contents_getter,
int child_id,
content::NavigationUIData* navigation_data,
bool is_main_frame,
ui::PageTransition page_transition,
bool has_user_gesture,
const std::string& method,
const net::HttpRequestHeaders& headers) override;
private:
struct ProcessPreferences {
bool sandbox = false;
bool native_window_open = false;
bool disable_popups = false;
bool web_security = true;
};
fix: use appropriate site instance for cross-site nav's (#15821) * fix: use Chromium's determined new site instance as candidate when navigating. When navigating to a new address, consider using Chromium's determined site instance for the new page as it should belong to an existing browsing instance when the navigation was triggered by window.open(). fixes 8100. * Revert "fix: use Chromium's determined new site instance as candidate when navigating." This reverts commit eb95f935654a2c4d4457821297670836c10fdfd5. * fix: delegate site instance creation back to content when sandboxed. * fix: ensure site isolation is on * test: adapt ut for cross-site navigation * fix: register pending processes during a navigation. * refactor: dont call loadURL for a window constructed from an existing webContents. * test: add sandboxed affinity UT's. * fix: check affinity before deciding if to force a new site instance. * chore: adapt subsequent patch. * refactor: constify logically const methods. * fix: do not reuse site instances when navigation redirects cross-site. * test: ensure localStorage accessible after x-site redirect. * test: adapt localStorage acess denied UT for site isolation. * fix: do not send render-view-deleted for speculative frames. * chore: amend tests after rebase. * test: add ut for webContents' render-view-deleted emission * fix: introduce current-render-view-deleted for current RVH's deletions. Revert render-view-deleted to being emitted with any RVH's deletion. current-render-view-deleted is emitted only when the RVH being deleted is the current one. * refactor: style and comments fixed.
2018-12-05 08:03:39 +00:00
bool ShouldForceNewSiteInstance(content::RenderFrameHost* current_rfh,
content::RenderFrameHost* speculative_rfh,
content::BrowserContext* browser_context,
const GURL& dest_url,
bool has_request_started) const;
bool NavigationWasRedirectedCrossSite(
content::BrowserContext* browser_context,
content::SiteInstance* current_instance,
content::SiteInstance* speculative_instance,
const GURL& dest_url,
bool has_request_started) const;
void AddProcessPreferences(int process_id, ProcessPreferences prefs);
void RemoveProcessPreferences(int process_id);
fix: use appropriate site instance for cross-site nav's (#15821) * fix: use Chromium's determined new site instance as candidate when navigating. When navigating to a new address, consider using Chromium's determined site instance for the new page as it should belong to an existing browsing instance when the navigation was triggered by window.open(). fixes 8100. * Revert "fix: use Chromium's determined new site instance as candidate when navigating." This reverts commit eb95f935654a2c4d4457821297670836c10fdfd5. * fix: delegate site instance creation back to content when sandboxed. * fix: ensure site isolation is on * test: adapt ut for cross-site navigation * fix: register pending processes during a navigation. * refactor: dont call loadURL for a window constructed from an existing webContents. * test: add sandboxed affinity UT's. * fix: check affinity before deciding if to force a new site instance. * chore: adapt subsequent patch. * refactor: constify logically const methods. * fix: do not reuse site instances when navigation redirects cross-site. * test: ensure localStorage accessible after x-site redirect. * test: adapt localStorage acess denied UT for site isolation. * fix: do not send render-view-deleted for speculative frames. * chore: amend tests after rebase. * test: add ut for webContents' render-view-deleted emission * fix: introduce current-render-view-deleted for current RVH's deletions. Revert render-view-deleted to being emitted with any RVH's deletion. current-render-view-deleted is emitted only when the RVH being deleted is the current one. * refactor: style and comments fixed.
2018-12-05 08:03:39 +00:00
bool IsProcessObserved(int process_id) const;
bool IsRendererSandboxed(int process_id) const;
bool RendererUsesNativeWindowOpen(int process_id) const;
bool RendererDisablesPopups(int process_id) const;
std::string GetAffinityPreference(content::RenderFrameHost* rfh) const;
content::SiteInstance* GetSiteInstanceFromAffinity(
content::BrowserContext* browser_context,
const GURL& url,
content::RenderFrameHost* rfh) const;
void ConsiderSiteInstanceForAffinity(content::RenderFrameHost* rfh,
content::SiteInstance* site_instance);
// pending_render_process => web contents.
std::map<int, content::WebContents*> pending_processes_;
std::map<int, base::ProcessId> render_process_host_pids_;
// list of site per affinity. weak_ptr to prevent instance locking
fix: use appropriate site instance for cross-site nav's (#15821) * fix: use Chromium's determined new site instance as candidate when navigating. When navigating to a new address, consider using Chromium's determined site instance for the new page as it should belong to an existing browsing instance when the navigation was triggered by window.open(). fixes 8100. * Revert "fix: use Chromium's determined new site instance as candidate when navigating." This reverts commit eb95f935654a2c4d4457821297670836c10fdfd5. * fix: delegate site instance creation back to content when sandboxed. * fix: ensure site isolation is on * test: adapt ut for cross-site navigation * fix: register pending processes during a navigation. * refactor: dont call loadURL for a window constructed from an existing webContents. * test: add sandboxed affinity UT's. * fix: check affinity before deciding if to force a new site instance. * chore: adapt subsequent patch. * refactor: constify logically const methods. * fix: do not reuse site instances when navigation redirects cross-site. * test: ensure localStorage accessible after x-site redirect. * test: adapt localStorage acess denied UT for site isolation. * fix: do not send render-view-deleted for speculative frames. * chore: amend tests after rebase. * test: add ut for webContents' render-view-deleted emission * fix: introduce current-render-view-deleted for current RVH's deletions. Revert render-view-deleted to being emitted with any RVH's deletion. current-render-view-deleted is emitted only when the RVH being deleted is the current one. * refactor: style and comments fixed.
2018-12-05 08:03:39 +00:00
std::map<std::string, content::SiteInstance*> site_per_affinities_;
2016-05-23 01:59:39 +00:00
std::unique_ptr<AtomResourceDispatcherHostDelegate>
resource_dispatcher_host_delegate_;
std::unique_ptr<PlatformNotificationService> notification_service_;
std::unique_ptr<NotificationPresenter> notification_presenter_;
Delegate* delegate_ = nullptr;
2015-11-18 02:07:03 +00:00
fix: use appropriate site instance for cross-site nav's (#15821) * fix: use Chromium's determined new site instance as candidate when navigating. When navigating to a new address, consider using Chromium's determined site instance for the new page as it should belong to an existing browsing instance when the navigation was triggered by window.open(). fixes 8100. * Revert "fix: use Chromium's determined new site instance as candidate when navigating." This reverts commit eb95f935654a2c4d4457821297670836c10fdfd5. * fix: delegate site instance creation back to content when sandboxed. * fix: ensure site isolation is on * test: adapt ut for cross-site navigation * fix: register pending processes during a navigation. * refactor: dont call loadURL for a window constructed from an existing webContents. * test: add sandboxed affinity UT's. * fix: check affinity before deciding if to force a new site instance. * chore: adapt subsequent patch. * refactor: constify logically const methods. * fix: do not reuse site instances when navigation redirects cross-site. * test: ensure localStorage accessible after x-site redirect. * test: adapt localStorage acess denied UT for site isolation. * fix: do not send render-view-deleted for speculative frames. * chore: amend tests after rebase. * test: add ut for webContents' render-view-deleted emission * fix: introduce current-render-view-deleted for current RVH's deletions. Revert render-view-deleted to being emitted with any RVH's deletion. current-render-view-deleted is emitted only when the RVH being deleted is the current one. * refactor: style and comments fixed.
2018-12-05 08:03:39 +00:00
mutable base::Lock process_preferences_lock_;
std::map<int, ProcessPreferences> process_preferences_;
2013-04-12 01:46:58 +00:00
DISALLOW_COPY_AND_ASSIGN(AtomBrowserClient);
};
} // namespace atom
2014-03-16 00:58:59 +00:00
#endif // ATOM_BROWSER_ATOM_BROWSER_CLIENT_H_