Add "sandboxed" option to "webPreferences".

When "sandboxed" is passed as a web preference for `BrowserWindow`, the newly
created renderer won't run any node.js code/integration, only communicating with
the system via the IPC API of the content module. This is a requirement for
running the renderer under chrome OS-level sandbox.

Beyond that, certain behaviors of AtomBrowserClient are modified when dealing
with sandboxed renderers:

- `OverrideSiteInstanceNavigation` no longer create a new `SiteInstance` for
  every navigation. Instead, it reuses the source `SiteInstance` when not
  navigating to a different site.
- `CanCreateWindow` will return true and allow javascript access.
This commit is contained in:
Thiago de Arruda 2016-08-15 07:59:08 -03:00
parent 90c5972fce
commit c783ec72bc
7 changed files with 104 additions and 8 deletions

View file

@ -6,6 +6,7 @@
#define ATOM_BROWSER_ATOM_BROWSER_CLIENT_H_
#include <map>
#include <set>
#include <string>
#include <vector>
@ -108,8 +109,19 @@ class AtomBrowserClient : public brightray::BrowserClient,
void RenderProcessHostDestroyed(content::RenderProcessHost* host) override;
private:
bool ShouldCreateNewSiteInstance(content::BrowserContext* browser_context,
content::SiteInstance* current_instance,
const GURL& dest_url);
// Add/remove a process id to `sandboxed_renderers_`.
void AddSandboxedRendererId(int process_id);
void RemoveSandboxedRendererId(int process_id);
bool IsRendererSandboxed(int process_id);
// pending_render_process => current_render_process.
std::map<int, int> pending_processes_;
// Set that contains the process ids of all sandboxed renderers
std::set<int> sandboxed_renderers_;
base::Lock sandboxed_renderers_lock_;
std::unique_ptr<AtomResourceDispatcherHostDelegate>
resource_dispatcher_host_delegate_;