summaryrefslogtreecommitdiffstats
path: root/dom/ipc/ProcessIsolation.h
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 00:47:55 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 00:47:55 +0000
commit26a029d407be480d791972afb5975cf62c9360a6 (patch)
treef435a8308119effd964b339f76abb83a57c29483 /dom/ipc/ProcessIsolation.h
parentInitial commit. (diff)
downloadfirefox-26a029d407be480d791972afb5975cf62c9360a6.tar.xz
firefox-26a029d407be480d791972afb5975cf62c9360a6.zip
Adding upstream version 124.0.1.upstream/124.0.1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'dom/ipc/ProcessIsolation.h')
-rw-r--r--dom/ipc/ProcessIsolation.h111
1 files changed, 111 insertions, 0 deletions
diff --git a/dom/ipc/ProcessIsolation.h b/dom/ipc/ProcessIsolation.h
new file mode 100644
index 0000000000..e9703a8d7a
--- /dev/null
+++ b/dom/ipc/ProcessIsolation.h
@@ -0,0 +1,111 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef mozilla_dom_ProcessIsolation_h
+#define mozilla_dom_ProcessIsolation_h
+
+#include <stdint.h>
+
+#include "mozilla/Logging.h"
+#include "mozilla/dom/RemoteType.h"
+#include "mozilla/dom/SessionHistoryEntry.h"
+#include "mozilla/dom/WorkerPrivate.h"
+#include "nsString.h"
+#include "nsIPrincipal.h"
+#include "nsIURI.h"
+
+namespace mozilla::dom {
+
+class CanonicalBrowsingContext;
+class WindowGlobalParent;
+
+extern mozilla::LazyLogModule gProcessIsolationLog;
+
+constexpr nsLiteralCString kHighValueCOOPPermission = "highValueCOOP"_ns;
+constexpr nsLiteralCString kHighValueHasSavedLoginPermission =
+ "highValueHasSavedLogin"_ns;
+constexpr nsLiteralCString kHighValueIsLoggedInPermission =
+ "highValueIsLoggedIn"_ns;
+
+// NavigationIsolationOptions is passed through the methods to store the state
+// of the possible process and/or browsing context change.
+struct NavigationIsolationOptions {
+ nsCString mRemoteType;
+ bool mReplaceBrowsingContext = false;
+ uint64_t mSpecificGroupId = 0;
+ bool mTryUseBFCache = false;
+ RefPtr<SessionHistoryEntry> mActiveSessionHistoryEntry;
+};
+
+/**
+ * Given a specific channel, determines which process the navigation should
+ * complete in, and whether or not to perform a BrowsingContext-replace load
+ * or enter the BFCache.
+ *
+ * This method will always return a `NavigationIsolationOptions` even if the
+ * current remote type is compatible. Compatibility with the current process
+ * should be checked at the call-site. An error should only be returned in
+ * exceptional circumstances, and should lead to the load being cancelled.
+ *
+ * This method is only intended for use with document navigations.
+ */
+Result<NavigationIsolationOptions, nsresult> IsolationOptionsForNavigation(
+ CanonicalBrowsingContext* aTopBC, WindowGlobalParent* aParentWindow,
+ nsIURI* aChannelCreationURI, nsIChannel* aChannel,
+ const nsACString& aCurrentRemoteType, bool aHasCOOPMismatch,
+ bool aForNewTab, uint32_t aLoadStateLoadType,
+ const Maybe<uint64_t>& aChannelId,
+ const Maybe<nsCString>& aRemoteTypeOverride);
+
+// WorkerIsolationOptions is passed back to the RemoteWorkerManager to store the
+// destination process information for remote worker loads.
+struct WorkerIsolationOptions {
+ nsCString mRemoteType;
+};
+
+/**
+ * Given a specific worker principal and kind, determines which process the
+ * remote worker load should complete in.
+ *
+ * This method is only intended for use with remote workers.
+ */
+Result<WorkerIsolationOptions, nsresult> IsolationOptionsForWorker(
+ nsIPrincipal* aPrincipal, WorkerKind aWorkerKind,
+ const nsACString& aCurrentRemoteType, bool aUseRemoteSubframes);
+
+/**
+ * Adds a `highValue` permission to the permissions database, and make loads of
+ * that origin isolated.
+ *
+ * The 'aPermissionType' parameter indicates why the site is treated as a high
+ * value site. The possible values are:
+ *
+ * kHighValueCOOPPermission
+ * Called when a document request responds with a
+ * `Cross-Origin-Opener-Policy` header.
+ *
+ * kHighValueHasSavedLoginPermission
+ * Called for sites that have an associated login saved in the password
+ * manager.
+ *
+ * kHighValueIsLoggedInPermission
+ * Called when we detect a form with a password is submitted.
+ */
+void AddHighValuePermission(nsIPrincipal* aResultPrincipal,
+ const nsACString& aPermissionType);
+
+void AddHighValuePermission(const nsACString& aOrigin,
+ const nsACString& aPermissionType);
+
+/**
+ * Returns true when fission is enabled and the
+ * `fission.webContentIsolationStrategy` pref is set to `IsolateHighValue`.
+ */
+bool IsIsolateHighValueSiteEnabled();
+
+} // namespace mozilla::dom
+
+#endif