tree: 2ec459d5f8aa262e2c81d0319c5cd6fa29b32b2f [path history] [tgz]
  1. BUILD.gn
  2. DEPS
  3. DIR_METADATA
  4. OWNERS
  5. README.md
  6. cert_verifier_with_trust_anchors.cc
  7. cert_verifier_with_trust_anchors.h
  8. cert_verifier_with_trust_anchors_unittest.cc
  9. chunked_data_pipe_upload_data_stream.cc
  10. chunked_data_pipe_upload_data_stream.h
  11. chunked_data_pipe_upload_data_stream_unittest.cc
  12. conditional_cache_deletion_helper.cc
  13. conditional_cache_deletion_helper.h
  14. content_security_policy_fuzzer.cc
  15. cookie_access_delegate_impl.cc
  16. cookie_access_delegate_impl.h
  17. cookie_manager.cc
  18. cookie_manager.h
  19. cookie_manager_unittest.cc
  20. cookie_settings.cc
  21. cookie_settings.h
  22. cookie_settings_unittest.cc
  23. cors/
  24. crash_keys.cc
  25. crash_keys.h
  26. crl_set_distributor.cc
  27. crl_set_distributor.h
  28. cross_origin_read_blocking_exception_for_plugin.cc
  29. cross_origin_read_blocking_exception_for_plugin.h
  30. cross_origin_read_blocking_explainer.md
  31. data_pipe_element_reader.cc
  32. data_pipe_element_reader.h
  33. data_pipe_element_reader_unittest.cc
  34. dhcp_pac_file_fetcher_mojo.cc
  35. dhcp_pac_file_fetcher_mojo.h
  36. dhcp_pac_file_fetcher_mojo_unittest.cc
  37. dns_config_change_manager.cc
  38. dns_config_change_manager.h
  39. dns_config_change_manager_unittest.cc
  40. expect_ct_reporter.cc
  41. expect_ct_reporter.h
  42. expect_ct_reporter_unittest.cc
  43. first_party_sets/
  44. host_resolver.cc
  45. host_resolver.h
  46. host_resolver_mdns_listener.cc
  47. host_resolver_mdns_listener.h
  48. host_resolver_unittest.cc
  49. http_auth_cache_copier.cc
  50. http_auth_cache_copier.h
  51. http_cache_data_counter.cc
  52. http_cache_data_counter.h
  53. http_cache_data_counter_unittest.cc
  54. http_cache_data_remover.cc
  55. http_cache_data_remover.h
  56. http_cache_data_remover_unittest.cc
  57. http_server_properties_pref_delegate.cc
  58. http_server_properties_pref_delegate.h
  59. ignore_errors_cert_verifier.cc
  60. ignore_errors_cert_verifier.h
  61. ignore_errors_cert_verifier_unittest.cc
  62. keepalive_statistics_recorder.cc
  63. keepalive_statistics_recorder.h
  64. keepalive_statistics_recorder_unittest.cc
  65. legacy_tls_config_distributor.cc
  66. legacy_tls_config_distributor.h
  67. mdns_responder.cc
  68. mdns_responder.h
  69. mdns_responder_unittest.cc
  70. mock_mojo_dhcp_wpad_url_client.cc
  71. mock_mojo_dhcp_wpad_url_client.h
  72. mojo_host_resolver_impl.cc
  73. mojo_host_resolver_impl.h
  74. mojo_host_resolver_impl_unittest.cc
  75. mojo_socket_test_util.cc
  76. mojo_socket_test_util.h
  77. net_log_exporter.cc
  78. net_log_exporter.h
  79. net_log_proxy_sink.cc
  80. net_log_proxy_sink.h
  81. net_log_proxy_sink_unittest.cc
  82. network_change_manager.cc
  83. network_change_manager.h
  84. network_change_manager_unittest.cc
  85. network_context.cc
  86. network_context.h
  87. network_context_unittest.cc
  88. network_qualities_pref_delegate.cc
  89. network_qualities_pref_delegate.h
  90. network_qualities_pref_delegate_unittest.cc
  91. network_quality_estimator_manager.cc
  92. network_quality_estimator_manager.h
  93. network_quality_estimator_manager_unittest.cc
  94. network_sandbox_hook_linux.cc
  95. network_sandbox_hook_linux.h
  96. network_service.cc
  97. network_service.h
  98. network_service_network_delegate.cc
  99. network_service_network_delegate.h
  100. network_service_proxy_delegate.cc
  101. network_service_proxy_delegate.h
  102. network_service_proxy_delegate_unittest.cc
  103. network_service_unittest.cc
  104. network_usage_accumulator.cc
  105. network_usage_accumulator.h
  106. network_usage_accumulator_unittest.cc
  107. nss_temp_certs_cache_chromeos.cc
  108. nss_temp_certs_cache_chromeos.h
  109. nss_temp_certs_cache_chromeos_unittest.cc
  110. origin_policy/
  111. p2p/
  112. pending_callback_chain.cc
  113. pending_callback_chain.h
  114. pending_callback_chain_unittest.cc
  115. proxy_auto_config_library.cc
  116. proxy_auto_config_library.h
  117. proxy_auto_config_library_unittest.cc
  118. proxy_config_service_mojo.cc
  119. proxy_config_service_mojo.h
  120. proxy_config_service_mojo_unittest.cc
  121. proxy_lookup_request.cc
  122. proxy_lookup_request.h
  123. proxy_resolver_factory_mojo.cc
  124. proxy_resolver_factory_mojo.h
  125. proxy_resolver_factory_mojo_unittest.cc
  126. proxy_resolving_client_socket.cc
  127. proxy_resolving_client_socket.h
  128. proxy_resolving_client_socket_factory.cc
  129. proxy_resolving_client_socket_factory.h
  130. proxy_resolving_client_socket_unittest.cc
  131. proxy_resolving_socket_factory_mojo.cc
  132. proxy_resolving_socket_factory_mojo.h
  133. proxy_resolving_socket_mojo.cc
  134. proxy_resolving_socket_mojo.h
  135. proxy_resolving_socket_mojo_unittest.cc
  136. proxy_service_mojo.cc
  137. proxy_service_mojo.h
  138. proxy_service_mojo_unittest.cc
  139. public/
  140. quic_transport.cc
  141. quic_transport.h
  142. quic_transport_unittest.cc
  143. resolve_host_request.cc
  144. resolve_host_request.h
  145. resource_scheduler/
  146. restricted_cookie_manager.cc
  147. restricted_cookie_manager.h
  148. restricted_cookie_manager_unittest.cc
  149. sct_auditing_cache.cc
  150. sct_auditing_cache.h
  151. sct_auditing_cache_unittest.cc
  152. sec_header_helpers.cc
  153. sec_header_helpers.h
  154. sec_header_helpers_unittest.cc
  155. session_cleanup_cookie_store.cc
  156. session_cleanup_cookie_store.h
  157. session_cleanup_cookie_store_unittest.cc
  158. socket_data_pump.cc
  159. socket_data_pump.h
  160. socket_data_pump_unittest.cc
  161. socket_factory.cc
  162. socket_factory.h
  163. ssl_config_service_mojo.cc
  164. ssl_config_service_mojo.h
  165. ssl_config_service_mojo_unittest.cc
  166. ssl_config_type_converter.cc
  167. ssl_config_type_converter.h
  168. tcp_bound_socket.cc
  169. tcp_bound_socket.h
  170. tcp_bound_socket_unittest.cc
  171. tcp_connected_socket.cc
  172. tcp_connected_socket.h
  173. tcp_server_socket.cc
  174. tcp_server_socket.h
  175. tcp_socket_unittest.cc
  176. test/
  177. test_chunked_data_pipe_getter.cc
  178. test_chunked_data_pipe_getter.h
  179. test_mojo_proxy_resolver_factory.cc
  180. test_mojo_proxy_resolver_factory.h
  181. throttling/
  182. tls_client_socket.cc
  183. tls_client_socket.h
  184. tls_client_socket_unittest.cc
  185. tls_socket_factory.cc
  186. tls_socket_factory.h
  187. transitional_url_loader_factory_owner.cc
  188. transitional_url_loader_factory_owner.h
  189. transitional_url_loader_factory_owner_unittest.cc
  190. trust_tokens/
  191. udp_socket.cc
  192. udp_socket.h
  193. udp_socket_unittest.cc
  194. upload_progress_tracker.cc
  195. upload_progress_tracker.h
  196. upload_progress_tracker_unittest.cc
  197. url_loader.cc
  198. url_loader.h
  199. url_loader.md
  200. url_loader_factory.cc
  201. url_loader_factory.h
  202. url_loader_unittest.cc
  203. url_request_context_builder_mojo.cc
  204. url_request_context_builder_mojo.h
  205. url_request_context_builder_mojo_unittest.cc
  206. url_request_context_owner.cc
  207. url_request_context_owner.h
  208. websocket.cc
  209. websocket.h
  210. websocket_factory.cc
  211. websocket_factory.h
  212. websocket_throttler.cc
  213. websocket_throttler.h
  214. websocket_throttler_unittest.cc
services/network/README.md

Network Service

This is a service for networking. It‘s meant to be oblivious to Chrome’s features. Some design goals

  • this only contains features that go over the network. e.g. no file loading, data URLs etc...
  • only the lowest-level of networking should be here. e.g. http, sockets, web sockets. Anything that is built on top of this should be in higher layers.
  • higher level web platform and browser features should be built outside of this code. Safe browsing, Service Worker, extensions, devtools etc... should not have hooks here. The only exception is when it's impossible for these features to function without some hooks in the network service. In that case, we add the minimal code required. Some examples included traffic shaping for devtools, CORB blocking, and CORS.
  • every PostTask, thread hop and process hop (IPC) should be counted carefully as they introduce delays which could harm this performance critical code.
  • NetworkContext and NetworkService are trusted interfaces that aren't meant to be sent to the renderer. Only the browser should have access to them.

See https://bugs.chromium.org/p/chromium/issues/detail?id=598073

See the design doc https://docs.google.com/document/d/1wAHLw9h7gGuqJNCgG1mP1BmLtCGfZ2pys-PdZQ1vg7M/edit?pref=2&pli=1#

Related docs

Where does the network service run?

Note: For more background about this section, see also Multi-process Architecture for an overview of the processes in Chromium.

The network service is designed as a Mojo service that in general doesn't need to be aware of which thread/process it runs on. The browser process launches the network service and decides whether to run it inside the browser process (in-process) or in a dedicated utility process (out-of-process).

The out-of-process configuration is preferred for isolation and stability, and is the default on most platforms. The in-process configuration is the default on Android because of some unresolved issues; see https://crbug.com/1049008. It can also be useful for debugging; for example, it‘s used in Chromium’s --single-process mode.

In the out-of-process case: The network service runs on the IO thread of the utility process (see this comment in content/utility/services.cc for why). The utility process houses only the network service, so there is nothing running on its main thread.

In the in-process case: The network service runs on its own dedicated thread in the browser process. Exception: on Chrome OS, it currently runs on the IO thread; see https://crbug.com/1086738.

How does the network service start?

In the out-of-process case: The browser creates the utility process and asks it to launch the network service. For the browser-side code, see GetNetworkService() in content/browser/network_service_instance_impl.cc. For the utility process code, see GetIOThreadServiceFactory in content/utility/services.cc. This calls RunNetworkService() which creates the network::NetworkService instance. For more background about Chromium's services architecture, see Mojo and Services.

In the in-process case: The browser process starts the network service. See CreateInProcessNetworkService() in content/browser/network_service_instance_impl.cc, which posts a task to create the network::NetworkService instance.

What happens if the network service crashes?

In the out-of-process case: If the network service crashes, it gets restarted in a new utility process. The goal is for the failure to be mostly recoverable. It is important to note that any URLLoaderFactories bound to the Network Service before it crashes become disconnected, and will no longer continue to work. Therefore it is useful to establish reconnection logic if it is detected that the URLLoaderFactory is no longer connected.

For example, a navigation request's URLLoaderFactory comes from StoragePartitionImpl::GetURLLoaderFactoryForBrowserProcessInternal in the browser process. This method has logic to detect if the URLLoaderFactory it would normally return is disconnected. In that case, it creates a new one which is used for all future navigation requests. Since most URLLoaderFactory users use factories that are not created out-of-band, and are provided by some service, reconnection logic is often implemented for free, and is usually not something to worry about.

In the in-process case: If the network service crashes in this case, of course, the entire browser crashes. This is one reason for the goal to always run it out-of-process.

Buildbot

The Network Service Linux buildbot runs browser tests with the network service in non-default but supported configurations. Ideally this bot would be on the CQ, but it is expensive and would affect CQ time, so it's on the main waterfall but not the CQ.

Its steps are:

  • network_service_in_process_browser_tests: Runs browser_tests with the network service in-process (--enable-features=NetworkServiceInProcess). This step is important because Chrome on Android runs with the network service in-process by default (https://crbug.com/1049008). However, browser_tests are not well-supported on Android (https://crbug.com/611756), so we run them on this Linux bot.
  • network_service_in_process_content_browsertests: Same as above but for content_browsertests. We might consider removing this from the bot, since the Android bots run content_browsertests which should give enough coverage.
  • network_service_web_request_proxy_browser_tests: Runs browser_tests while forcing the “network request proxying” code path that is taken when the browser has an extension installed that uses the Web Request API (--enable-features=ForceWebRequestProxyForTest). This step has caught bugs that would be Stable Release Blockers, so it's important to keep it.