Append --iframe-security to renderer process.

browser/atom_browser_client.cc

@@ -4,9 +4,15 @@
 
 #include "browser/atom_browser_client.h"
 
+#include "base/command_line.h"
 #include "browser/atom_browser_context.h"
 #include "browser/atom_browser_main_parts.h"
+#include "browser/native_window.h"
 #include "browser/net/atom_url_request_context_getter.h"
+#include "browser/window_list.h"
+#include "common/options_switches.h"
+#include "content/public/browser/render_process_host.h"
+#include "content/public/browser/web_contents.h"
 #include "webkit/common/webpreferences.h"
 
 namespace atom {
@@ -54,6 +60,23 @@ bool AtomBrowserClient::ShouldSwapProcessesForNavigation(
   return true;
 }
 
+void AtomBrowserClient::AppendExtraCommandLineSwitches(
+    CommandLine* command_line,
+    int child_process_id) {
+  // Append --iframe-security to renderer process.
+  WindowList* list = WindowList::GetInstance();
+  for (WindowList::const_iterator iter = list->begin(); iter != list->end();
+       ++iter) {
+    NativeWindow* window = *iter;
+    int id = window->GetWebContents()->GetRenderProcessHost()->GetID();
+    if (id == child_process_id) {
+      command_line->AppendSwitchASCII(switches::kIframeSecurity,
+                                      window->iframe_security());
+      return;
+    }
+  }
+}
+
 brightray::BrowserMainParts* AtomBrowserClient::OverrideCreateBrowserMainParts(
     const content::MainFunctionParams&) {
   return new AtomBrowserMainParts;

browser/atom_browser_client.h

@@ -25,6 +25,8 @@ class AtomBrowserClient : public brightray::BrowserClient {
       content::SiteInstance* site_instance,
       const GURL& current_url,
       const GURL& new_url) OVERRIDE;
+  virtual void AppendExtraCommandLineSwitches(CommandLine* command_line,
+                                              int child_process_id) OVERRIDE;
 
  private:
   virtual brightray::BrowserMainParts* OverrideCreateBrowserMainParts(

browser/native_window.cc

@@ -48,16 +48,19 @@ NativeWindow::NativeWindow(content::WebContents* web_contents,
     : content::WebContentsObserver(web_contents),
       has_frame_(true),
       is_closed_(false),
+      iframe_security_("full"),
       weak_factory_(this),
       inspectable_web_contents_(
           brightray::InspectableWebContents::Create(web_contents)) {
   options->GetBoolean(switches::kFrame, &has_frame_);
 
+  // Read icon before window is created.
   std::string icon;
-  if (options->GetString(switches::kIcon, &icon)) {
-    if (!SetIcon(icon))
-      LOG(ERROR) << "Failed to set icon to " << icon;
-  }
+  if (options->GetString(switches::kIcon, &icon) && !SetIcon(icon))
+    LOG(ERROR) << "Failed to set icon to " << icon;
+
+  // Read iframe security before any navigation.
+  options->GetString(switches::kIframeSecurity, &iframe_security_);
 
   web_contents->SetDelegate(this);
 

browser/native_window.h

@@ -140,6 +140,7 @@ class NativeWindow : public brightray::DefaultWebContentsDelegate,
   }
 
   bool has_frame() const { return has_frame_; }
+  std::string iframe_security() const { return iframe_security_; }
 
  protected:
   explicit NativeWindow(content::WebContents* web_contents,
@@ -219,6 +220,9 @@ class NativeWindow : public brightray::DefaultWebContentsDelegate,
   // The windows has been closed.
   bool is_closed_;
 
+  // The security token of iframe.
+  std::string iframe_security_;
+
   // Closure that would be called when window is unresponsive when closing,
   // it should be cancelled when we can prove that the window is responsive.
   base::CancelableClosure window_unresposive_closure_;

common/options_switches.cc

@@ -31,6 +31,8 @@ const char kKiosk[] = "kiosk";
 // Make windows stays on the top of all other windows.
 const char kAlwaysOnTop[] = "always-on-top";
 
+const char kIframeSecurity[] = "iframe-security";
+
 }  // namespace switches
 
 }  // namespace atom

common/options_switches.h

@@ -26,6 +26,7 @@ extern const char kResizable[];
 extern const char kFullscreen[];
 extern const char kKiosk[];
 extern const char kAlwaysOnTop[];
+extern const char kIframeSecurity[];
 
 }  // namespace switches