| // Copyright 2014 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #ifndef CONTENT_COMMON_FRAME_REPLICATION_STATE_H_ |
| #define CONTENT_COMMON_FRAME_REPLICATION_STATE_H_ |
| |
| #include "content/common/content_export.h" |
| #include "url/origin.h" |
| |
| namespace content { |
| |
| // Sandboxing flags for iframes. These flags are set via an iframe's "sandbox" |
| // attribute in the renderer process and forwarded to the browser process, |
| // which replicates them to other processes as needed. For a list of sandbox |
| // flags, see |
| // http://www.whatwg.org/specs/web-apps/current-work/#attr-iframe-sandbox |
| // Must be kept in sync with blink::WebSandboxFlags. Enforced in |
| // render_frame_impl.cc. |
| enum class SandboxFlags : int { |
| NONE = 0, |
| NAVIGATION = 1, |
| PLUGINS = 1 << 1, |
| ORIGIN = 1 << 2, |
| FORMS = 1 << 3, |
| SCRIPTS = 1 << 4, |
| TOP_NAVIGATION = 1 << 5, |
| POPUPS = 1 << 6, |
| AUTOMATIC_FEATURES = 1 << 7, |
| POINTER_LOCK = 1 << 8, |
| DOCUMENT_DOMAIN = 1 << 9, |
| ORIENTATION_LOCK = 1 << 10, |
| ALL = -1 |
| }; |
| |
| inline SandboxFlags operator&(SandboxFlags a, SandboxFlags b) { |
| return static_cast<SandboxFlags>(static_cast<int>(a) & static_cast<int>(b)); |
| } |
| |
| inline SandboxFlags operator~(SandboxFlags flags) { |
| return static_cast<SandboxFlags>(~static_cast<int>(flags)); |
| } |
| |
| // This structure holds information that needs to be replicated between a |
| // RenderFrame and any of its associated RenderFrameProxies. |
| struct CONTENT_EXPORT FrameReplicationState { |
| FrameReplicationState(); |
| FrameReplicationState(const std::string& name, SandboxFlags sandbox_flags); |
| ~FrameReplicationState(); |
| |
| // Current serialized security origin of the frame. Unique origins are |
| // represented as the string "null" per RFC 6454. This field is updated |
| // whenever a frame navigation commits. |
| // |
| // TODO(alexmos): For now, |origin| updates are immediately sent to all frame |
| // proxies when in --site-per-process mode. This isn't ideal, since Blink |
| // typically needs a proxy's origin only when performing security checks on |
| // the ancestors of a local frame. So, as a future improvement, we could |
| // delay sending origin updates to proxies until they have a local descendant |
| // (if ever). This would reduce leaking a user's browsing history into a |
| // compromized renderer. |
| url::Origin origin; |
| |
| // Current sandbox flags of the frame. |sandbox_flags| are initialized for |
| // new child frames using the value of the <iframe> element's "sandbox" |
| // attribute. They are updated dynamically whenever a parent frame updates an |
| // <iframe>'s sandbox attribute via JavaScript. |
| // |
| // Updates to |sandbox_flags| are sent to proxies, but only after a |
| // subsequent navigation of the (sandboxed) frame, since the flags only take |
| // effect on navigation (see also FrameTreeNode::effective_sandbox_flags_). |
| // The proxies need updated flags so that they can be inherited properly if a |
| // proxy ever becomes a parent of a local frame. |
| SandboxFlags sandbox_flags; |
| |
| // The assigned name of the frame. This name can be empty, unlike the unique |
| // name generated internally in the DOM tree. |
| // |
| // |name| is set when a new child frame is created using the value of the |
| // <iframe> element's "name" attribute (see |
| // RenderFrameHostImpl::OnCreateChildFrame), and it is updated dynamically |
| // whenever a frame sets its window.name. |
| // |
| // |name| updates are immediately sent to all frame proxies (when in |
| // --site-per-process mode), so that other frames can look up or navigate a |
| // frame using its updated name (e.g., using window.open(url, frame_name)). |
| std::string name; |
| |
| // TODO(alexmos): Eventually, this structure can also hold other state that |
| // needs to be replicated, such as frame sizing info. |
| }; |
| |
| } // namespace content |
| |
| #endif // CONTENT_COMMON_FRAME_REPLICATION_STATE_H_ |