components/site_isolation/site_isolation_policy.h - chromium/src - Git at Google

 // Copyright 2019 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef COMPONENTS_SITE_ISOLATION_SITE_ISOLATION_POLICY_H_
 #define COMPONENTS_SITE_ISOLATION_SITE_ISOLATION_POLICY_H_

 #include "base/macros.h"

 namespace content {
 class BrowserContext;
 }

 namespace site_isolation {

 // A centralized place for making policy decisions about site isolation modes
 // which can be shared between content embedders. This supplements
 // content::SiteIsolationPolicy with features that may be useful to embedders.
 //
 // These methods can be called from any thread.
 class SiteIsolationPolicy {
  public:
   // Returns true if the site isolation mode for isolating sites where users
   // enter passwords is enabled.
   static bool IsIsolationForPasswordSitesEnabled();

   // Returns true if Site Isolation related enterprise policies should take
   // effect (e.g. such policies might not be applicable to low-end Android
   // devices because of 1) performance impact and 2) infeasibility of
   // Spectre-like attacks on such devices).
   static bool IsEnterprisePolicyApplicable();

   // Reads and applies any isolated origins stored in user prefs associated with
   // |browser_context|.  This is expected to be called on startup after user
   // prefs have been loaded.
   static void ApplyPersistedIsolatedOrigins(
       content::BrowserContext* browser_context);

   // Determines whether Site Isolation should be disabled because the device
   // does not have the minimum required amount of memory.
   //
   // TODO(alexmos): Currently, the memory threshold is shared for all site
   // isolation modes, including strict site isolation and password site
   // isolation.  In the future, some site isolation modes may require their own
   // memory threshold.
   static bool ShouldDisableSiteIsolationDueToMemoryThreshold();

   // Returns true if the PDF compositor should be enabled to allow out-of-
   // process iframes (OOPIF's) to print properly.
   static bool ShouldPdfCompositorBeEnabledForOopifs();

  private:
   DISALLOW_IMPLICIT_CONSTRUCTORS(SiteIsolationPolicy);
 };

 }  // namespace site_isolation

 #endif  // COMPONENTS_SITE_ISOLATION_SITE_ISOLATION_POLICY_H_
	// Copyright 2019 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef COMPONENTS_SITE_ISOLATION_SITE_ISOLATION_POLICY_H_
	#define COMPONENTS_SITE_ISOLATION_SITE_ISOLATION_POLICY_H_

	#include "base/macros.h"

	namespace content {
	class BrowserContext;
	}

	namespace site_isolation {

	// A centralized place for making policy decisions about site isolation modes
	// which can be shared between content embedders. This supplements
	// content::SiteIsolationPolicy with features that may be useful to embedders.
	//
	// These methods can be called from any thread.
	class SiteIsolationPolicy {
	public:
	// Returns true if the site isolation mode for isolating sites where users
	// enter passwords is enabled.
	static bool IsIsolationForPasswordSitesEnabled();

	// Returns true if Site Isolation related enterprise policies should take
	// effect (e.g. such policies might not be applicable to low-end Android
	// devices because of 1) performance impact and 2) infeasibility of
	// Spectre-like attacks on such devices).
	static bool IsEnterprisePolicyApplicable();

	// Reads and applies any isolated origins stored in user prefs associated with
	// \|browser_context\|. This is expected to be called on startup after user
	// prefs have been loaded.
	static void ApplyPersistedIsolatedOrigins(
	content::BrowserContext* browser_context);

	// Determines whether Site Isolation should be disabled because the device
	// does not have the minimum required amount of memory.
	//
	// TODO(alexmos): Currently, the memory threshold is shared for all site
	// isolation modes, including strict site isolation and password site
	// isolation. In the future, some site isolation modes may require their own
	// memory threshold.
	static bool ShouldDisableSiteIsolationDueToMemoryThreshold();

	// Returns true if the PDF compositor should be enabled to allow out-of-
	// process iframes (OOPIF's) to print properly.
	static bool ShouldPdfCompositorBeEnabledForOopifs();

	private:
	DISALLOW_IMPLICIT_CONSTRUCTORS(SiteIsolationPolicy);
	};

	} // namespace site_isolation

	#endif // COMPONENTS_SITE_ISOLATION_SITE_ISOLATION_POLICY_H_