File: site_isolation_policy.h

package info (click to toggle)
chromium 138.0.7204.183-1~deb12u1
  • links: PTS, VCS
  • area: main
  • in suites: bookworm-proposed-updates
  • size: 6,080,960 kB
  • sloc: cpp: 34,937,079; ansic: 7,176,967; javascript: 4,110,704; python: 1,419,954; asm: 946,768; xml: 739,971; pascal: 187,324; sh: 89,623; perl: 88,663; objc: 79,944; sql: 50,304; cs: 41,786; fortran: 24,137; makefile: 21,811; php: 13,980; tcl: 13,166; yacc: 8,925; ruby: 7,485; awk: 3,720; lisp: 3,096; lex: 1,327; ada: 727; jsp: 228; sed: 36
file content (114 lines) | stat: -rw-r--r-- 4,670 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
 
// Copyright 2019 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifndef COMPONENTS_SITE_ISOLATION_SITE_ISOLATION_POLICY_H_
#define COMPONENTS_SITE_ISOLATION_SITE_ISOLATION_POLICY_H_

#include <vector>

#include "content/public/browser/child_process_security_policy.h"

class GURL;

namespace content {
enum class SiteIsolationMode;
class BrowserContext;
}

namespace url {
class Origin;
}

namespace site_isolation {

// A centralized place for making policy decisions about site isolation modes
// which can be shared between content embedders. This supplements
// content::SiteIsolationPolicy with features that may be useful to embedders.
//
// These methods can be called from any thread.
class SiteIsolationPolicy {
 public:
  SiteIsolationPolicy() = delete;
  SiteIsolationPolicy(const SiteIsolationPolicy&) = delete;
  SiteIsolationPolicy& operator=(const SiteIsolationPolicy&) = delete;

  // Returns true if the site isolation mode for isolating sites where users
  // enter passwords is enabled.
  static bool IsIsolationForPasswordSitesEnabled();

  // Returns true if the site isolation mode for isolating sites where users
  // log in via OAuth, as determined by runtime heuristics.
  static bool IsIsolationForOAuthSitesEnabled();

  // Returns true if Site Isolation related enterprise policies should take
  // effect (e.g. such policies might not be applicable to low-end Android
  // devices because of 1) performance impact and 2) infeasibility of
  // Spectre-like attacks on such devices).
  static bool IsEnterprisePolicyApplicable();

  // Saves a new dynamic isolated origin to user prefs associated with
  // `context` so that it can be persisted across restarts. `source`
  // specifies why the isolated origin was added; different sources may have
  // different persistence policies.
  static void PersistIsolatedOrigin(
      content::BrowserContext* context,
      const url::Origin& origin,
      content::ChildProcessSecurityPolicy::IsolatedOriginSource source);

  // Reads and applies any isolated origins stored in user prefs associated with
  // |browser_context|.  This is expected to be called on startup after user
  // prefs have been loaded.
  static void ApplyPersistedIsolatedOrigins(
      content::BrowserContext* browser_context);

  // Helper to register all passed-in `logged_in_sites` as isolated sites in
  // the provided `browser_context`. Should be called on startup before any
  // navigations in `browser_context`.
  static void IsolateStoredOAuthSites(
      content::BrowserContext* browser_context,
      const std::vector<url::Origin>& logged_in_sites);

  // Called when runtime heuristics have determined a user logging in via
  // OAuth on `signed_in_url`, so that site isolation can be applied to the
  // corresponding site (i.e., scheme + eTLD+1).  Used only when site isolation
  // for OAuth sites is enabled (see IsIsolationForOAuthSitesEnabled() above),
  // which is typically on Android.
  static void IsolateNewOAuthURL(content::BrowserContext* browser_context,
                                 const GURL& signed_in_url);

  // Determines whether Site Isolation should be disabled because the device
  // does not have the minimum required amount of memory. `site_isolation_mode`
  // determines the type of memory threshold to apply; for example, strict site
  // isolation on Android might require a higher memory threshold than partial
  // site isolation.
  static bool ShouldDisableSiteIsolationDueToMemoryThreshold(
      content::SiteIsolationMode site_isolation_mode);

  // Determines whether Origin Isolation should be disabled because the device
  // does not have the minimum required amount of memory.
  static bool ShouldDisableOriginIsolationDueToMemoryThreshold();

  // Returns true if the PDF compositor should be enabled to allow out-of-
  // process iframes (OOPIF's) to print properly.
  static bool ShouldPdfCompositorBeEnabledForOopifs();

  // When set to true bypasses the caching of the results of
  // ShouldDisableSiteIsolationDueToMemoryThreshold(). Setting to false allows
  // caching.
  static void SetDisallowMemoryThresholdCachingForTesting(
      bool disallow_caching);

 private:
  // Helpers for implementing PersistIsolatedOrigin().
  static void PersistUserTriggeredIsolatedOrigin(
      content::BrowserContext* context,
      const url::Origin& origin);
  static void PersistWebTriggeredIsolatedOrigin(
      content::BrowserContext* context,
      const url::Origin& origin);
};

}  // namespace site_isolation

#endif  // COMPONENTS_SITE_ISOLATION_SITE_ISOLATION_POLICY_H_