// Copyright 2021 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifndef CONTENT_BROWSER_PROCESS_LOCK_H_ #define CONTENT_BROWSER_PROCESS_LOCK_H_ #include <optional> #include "content/browser/site_info.h" #include "content/browser/url_info.h" #include "content/browser/web_exposed_isolation_info.h" #include "content/public/browser/storage_partition_config.h" #include "content/public/browser/web_exposed_isolation_level.h" #include "url/origin.h" namespace content { class IsolationContext; // ProcessLock is a core part of Site Isolation, which is used to determine // which documents are allowed to load in a process and which site data the // process is allowed to access, based on the SiteInfo principal. // // If a process has a ProcessLock in the "invalid" state, then no SiteInstances // have been associated with the process and access should not be granted to // anything. // // Once a process is associated with its first SiteInstance, it transitions to // the "locked_to_site" or "allow_any_site" state depending on whether the // SiteInstance requires the process to be locked to a specific site or not. // If the SiteInstance does not require the process to be locked to a site, the // process will transition to the "allow_any_site" state and will allow any // site to commit in the process. Such a process can later be upgraded to the // "locked_to_site" state if something later determines that the process should // only allow access to a single site, but only if it hasn't otherwise been used // to render content. Once the process is in the "locked_to_site" state, it will // not be able to access site data from other sites. // // ProcessLock is currently defined in terms of a single SiteInfo with a process // lock URL, but it could be possible to define it in terms of multiple // SiteInfos that are compatible with each other. class CONTENT_EXPORT ProcessLock { … }; CONTENT_EXPORT std::ostream& operator<<(std::ostream& out, const ProcessLock& process_lock); } // namespace content #endif // CONTENT_BROWSER_PROCESS_LOCK_H_
Codebase Browser
chromium