// Copyright 2020 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifndef CONTENT_BROWSER_RENDERER_HOST_POLICY_CONTAINER_HOST_H_ #define CONTENT_BROWSER_RENDERER_HOST_POLICY_CONTAINER_HOST_H_ #include <iosfwd> #include <memory> #include <vector> #include "content/browser/child_process_host_impl.h" #include "content/common/content_export.h" #include "mojo/public/cpp/bindings/associated_receiver.h" #include "mojo/public/cpp/bindings/pending_associated_remote.h" #include "mojo/public/cpp/bindings/unique_receiver_set.h" #include "services/network/public/cpp/cross_origin_embedder_policy.h" #include "services/network/public/cpp/cross_origin_opener_policy.h" #include "services/network/public/cpp/document_isolation_policy.h" #include "services/network/public/cpp/web_sandbox_flags.h" #include "services/network/public/mojom/content_security_policy.mojom-forward.h" #include "services/network/public/mojom/ip_address_space.mojom-shared.h" #include "services/network/public/mojom/referrer_policy.mojom-shared.h" #include "services/network/public/mojom/url_response_head.mojom-forward.h" #include "third_party/blink/public/common/tokens/tokens.h" #include "third_party/blink/public/mojom/frame/policy_container.mojom.h" #include "url/gurl.h" namespace content { class ContentBrowserClient; // The contents of a PolicyContainerHost. struct CONTENT_EXPORT PolicyContainerPolicies { … }; // PolicyContainerPolicies structs are comparable for equality. CONTENT_EXPORT bool operator==(const PolicyContainerPolicies& lhs, const PolicyContainerPolicies& rhs); CONTENT_EXPORT bool operator!=(const PolicyContainerPolicies& lhs, const PolicyContainerPolicies& rhs); // Streams a human-readable string representation of |policies| to |out|. CONTENT_EXPORT std::ostream& operator<<( std::ostream& out, const PolicyContainerPolicies& policies); // PolicyContainerHost serves as a container for several security policies. It // should be owned by a RenderFrameHost. It keep tracks of the policies assigned // to a document. When a document creates/opens another document with a local // scheme (about:blank, about:srcdoc, data, blob, filesystem), the // PolicyContainerHost of the opener is cloned and a copy is attached to the new // document, so that the same security policies are applied to it. It implements // a mojo interface that allows updates coming from Blink. // // Although it is owned through a scoped_refptr, a PolicyContainerHost should // not be shared between different owners. A RenderFrameHost gets a // PolicyContainerHost at creation time, and it gets a new one from the // NavigationRequest every time a NavigationRequest commits. // While a navigation is in flight, it is kept alive by // NavigationStateKeepAlive, which means it can outlive its RenderFrameHost. // At that point, it can be accessed through // RenderFrameHostImpl::GetPolicyContainerHost. class CONTENT_EXPORT PolicyContainerHost : public base::RefCounted<PolicyContainerHost>, public blink::mojom::PolicyContainerHost { … }; } // namespace content #endif // CONTENT_BROWSER_RENDERER_HOST_POLICY_CONTAINER_HOST_H_
Codebase Browser
chromium