This adds a SiteIsolationPolicy::DisableFlagCachingForTesting(); call
that has fixed similar flag-related flakiness on other platforms.
Bug: 351023623
Change-Id: Ic56aa73a29a4c8239494746b947a9a9ed5baea3d
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5677330
Commit-Queue: Charlie Reis <creis@chromium.org>
Reviewed-by: Charlie Reis <creis@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1323089}
The --isolated-app-origins flag is being replaced by a feature
flag to enable Isolated Web Apps and the isolated-app:// scheme,
which will always indicate an origin is an IWA.
This means the IsApplicationIsolationLevelEnabled() method is
redundant and can be replaced with the kIsolatedWebApps feature
flag.
Existing tests which only set the original flag are updated.
Bug: 1333966
Change-Id: I0f2b0ab9fb9e3711396d7a437778572d6db5a226
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3971977
Commit-Queue: Alex Moshchuk <alexmos@chromium.org>
Reviewed-by: Scott Violet <sky@chromium.org>
Reviewed-by: Ian Kilpatrick <ikilpatrick@chromium.org>
Reviewed-by: Alex Moshchuk <alexmos@chromium.org>
Reviewed-by: Reilly Grant <reillyg@chromium.org>
Auto-Submit: Dmitrii Kuragin <kuragin@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1065053}
This CL moves the kRestrictedApiOrigins parsing logic from
ChromeContentBrowserClient to content::SiteIsolationPolicy, and updates
all isolated app runtime enforcement logic to be gated on the new
function.
After this CL, enabling isolated apps will require passing the app's
origin in the --restricted-api-origins flag, as well as having installed
a PWA on that origin with the isolated_storage flag set to true in its
manifest.
The new SiteIsolationPolicy::ShouldUrlUseApplicationIsolationLevel
function will check whether the given URL matches an origin specified in
kRestrictedApiOrigins, and then will delegate to
ContentBrowserClient::ShouldUrlUseApplicationIsolationLevel, which
allows content embedders to provide additional requirements, such as
having an installed PWA for //chrome.
Finally, this updates the kRestrictedApiOrigins parsing logic to remove
the port from any origins specified. This means that if localhost:1234
is specified, any localhost port could be treated as matching the flag's
value. This change was made because the site isolation system ignores
ports when computing site urls by default. Long term this requirement
will go away, but this will allow for shorter term testing.
Bug: 1280777
Change-Id: Id71aed55ffc564443544615113b50dbfa3b40cbf
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3434586
Reviewed-by: Alex Moshchuk <alexmos@chromium.org>
Reviewed-by: Daniel Murphy <dmurph@chromium.org>
Reviewed-by: Ian Kilpatrick <ikilpatrick@chromium.org>
Reviewed-by: Phillis Tang <phillis@chromium.org>
Reviewed-by: Reilly Grant <reillyg@chromium.org>
Reviewed-by: Scott Violet <sky@chromium.org>
Commit-Queue: Robbie McElrath <rmcelrath@chromium.org>
Cr-Commit-Position: refs/heads/main@{#971028}
This CL fixes flakiness introduced by caching the kDisableSiteIsolation
flag in SiteIsolationPolicy. See crbug.com/1231659 for more details.
Bug: 1231659, 1223206
Change-Id: I6e69e7e80af65d674b25c796f37087a3574d3a44
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3044234
Reviewed-by: Alex Moshchuk <alexmos@chromium.org>
Commit-Queue: Robbie McElrath <rmcelrath@chromium.org>
Cr-Commit-Position: refs/heads/master@{#904049}
This keeps the public directory just for the API. Tests, like other implementation details, are hidden out of it. Also add comment to document this.
Also remove injection_test_win.h which is no longer used.
Change-Id: I89d43d6f473253a6fb890df9e50728169aac2389
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2739143
Auto-Submit: John Abd-El-Malek <jam@chromium.org>
Commit-Queue: Charlie Reis <creis@chromium.org>
Reviewed-by: Charlie Reis <creis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#866931}
make SiteIsolationPolicy public.
The problem was that --site-per-process disabled extension
process sharing, but the site-per-process base::Feature (which
we've been field trialing) did not. This was due to the
extensions code checking only for the flag, and not considering
the field trial state as well.
components/printing actually got the logic right, but only by
reproducing a lot of business logic. Thus, it seems
appropriate to move SiteIsolationPolicy to content/public,
so that we can centralize the "what kind of oopifs are there"
logic. For printing, this change adds a new getter function
specific to oopif compositor, since that's basically a
derived policy of the process model.
For extensions, we've decided to disable LockToOrigin in
--site-per-process (rather than to enable it in the feature),
since origin-locking extensions doesn't help with the spectre
threat, and --site-per-process is about spectre these days.
[Charlie suggests we develop some kind of "extension isolation v2"
proposal, maybe reviving the --isolate-extension flag for that
purpose!]
Bug: 824966, 766267
Change-Id: Ibf7592c9d522fd0c99057358bcc34b5881780db8
Reviewed-on: https://chromium-review.googlesource.com/949966
Commit-Queue: Nick Carter <nick@chromium.org>
Reviewed-by: Devlin <rdevlin.cronin@chromium.org>
Reviewed-by: Wei Li <weili@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
Reviewed-by: Charlie Reis <creis@chromium.org>
Reviewed-by: Łukasz Anforowicz <lukasza@chromium.org>
Cr-Commit-Position: refs/heads/master@{#548645}
The move allows returning
ContentBrowserClient::GetOriginsRequiringDedicatedProcess from
SiteIsolationPolicy::GetIsolatedOrigins.
No expected behavior change.
This is a "reland" of r521893 (which got reverted in r521907).
Bug: 792162
Change-Id: I87cd203a12f1f5784dd9aa2745064a2b96532336
Tbr: alexmos@chromium.org
Reviewed-on: https://chromium-review.googlesource.com/827537
Reviewed-by: Łukasz Anforowicz <lukasza@chromium.org>
Commit-Queue: Łukasz Anforowicz <lukasza@chromium.org>
Cr-Commit-Position: refs/heads/master@{#524208}
This reverts commit 1aed2aaf6d.
Reason for revert: Causing merge conflicts on a CL that needs to be merged. (See https://crbug.com/786505.) Can land again afterward.
Original change's description:
> Move site_isolation_policy from content/common to content/browser.
>
> The move allows returning
> ContentBrowserClient::GetOriginsRequiringDedicatedProcess from
> SiteIsolationPolicy::GetIsolatedOrigins.
>
> No expected behavior change.
>
> Bug: 792162
> Change-Id: Idd79fbddf138c2043ff1811a2d3d58165bcb198b
> Reviewed-on: https://chromium-review.googlesource.com/794303
> Commit-Queue: Łukasz Anforowicz <lukasza@chromium.org>
> Reviewed-by: Alex Moshchuk <alexmos@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#521893}
TBR=alexmos@chromium.org,lukasza@chromium.org
Change-Id: I419b78c56adb2126eb93367e29bc569a004308f7
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: 792162
Reviewed-on: https://chromium-review.googlesource.com/810012
Reviewed-by: Charlie Reis <creis@chromium.org>
Commit-Queue: Charlie Reis <creis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#521907}
