Initial support for partitioning cookies for isolated apps.

This CL adds experimental support for letting installed apps request isolated
storage in their manifest.  An isolated app will have its own cookie store
that is not shared with other apps or normal pages, even if they share an
origin.  The feature is currently behind a --enable-experimental-app-manifests
flag.

BUG=69335
TEST=ExtensionManifestTest.IsolatedApps
TEST=IsolatedAppApiTest.CookieIsolation*

Review URL: http://codereview.chromium.org/6201005

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@78301 0039d316-1c4b-4281-b951-d872f2087c98

3 files changed, 108 insertions, 0 deletions

diff --git a/chrome/browser/net/chrome_url_request_context.cc b/chrome/browser/net/chrome_url_request_context.cc
index 32066a1..e8b68be 100644
--- a/chrome/browser/net/chrome_url_request_context.cc
+++ b/chrome/browser/net/chrome_url_request_context.cc
@@ -77,6 +77,29 @@ class FactoryForExtensions : public ChromeURLRequestContextFactory {
   const scoped_refptr<const ProfileIOData> profile_io_data_;
 };
 
+// Factory that creates the ChromeURLRequestContext for a given isolated app.
+class FactoryForIsolatedApp : public ChromeURLRequestContextFactory {
+ public:
+  FactoryForIsolatedApp(const ProfileIOData* profile_io_data,
+                        const std::string& app_id,
+                        ChromeURLRequestContextGetter* main_context)
+      : profile_io_data_(profile_io_data),
+        app_id_(app_id),
+        main_request_context_getter_(main_context) {}
+
+  virtual scoped_refptr<ChromeURLRequestContext> Create() {
+    // We will copy most of the state from the main request context.
+    return profile_io_data_->GetIsolatedAppRequestContext(
+        main_request_context_getter_->GetIOContext(), app_id_);
+  }
+
+ private:
+  const scoped_refptr<const ProfileIOData> profile_io_data_;
+  const std::string app_id_;
+  scoped_refptr<ChromeURLRequestContextGetter>
+      main_request_context_getter_;
+};
+
 // Factory that creates the ChromeURLRequestContext for media.
 class FactoryForMedia : public ChromeURLRequestContextFactory {
  public:
@@ -215,6 +238,20 @@ ChromeURLRequestContextGetter::CreateOriginalForExtensions(
 
 // static
 ChromeURLRequestContextGetter*
+ChromeURLRequestContextGetter::CreateOriginalForIsolatedApp(
+    Profile* profile,
+    const ProfileIOData* profile_io_data,
+    const std::string& app_id) {
+  DCHECK(!profile->IsOffTheRecord());
+  ChromeURLRequestContextGetter* main_context =
+      static_cast<ChromeURLRequestContextGetter*>(profile->GetRequestContext());
+  return new ChromeURLRequestContextGetter(
+      profile,
+      new FactoryForIsolatedApp(profile_io_data, app_id, main_context));
+}
+
+// static
+ChromeURLRequestContextGetter*
 ChromeURLRequestContextGetter::CreateOffTheRecord(
     Profile* profile, const ProfileIOData* profile_io_data) {
   DCHECK(profile->IsOffTheRecord());
@@ -231,6 +268,20 @@ ChromeURLRequestContextGetter::CreateOffTheRecordForExtensions(
       profile, new FactoryForExtensions(profile_io_data));
 }
 
+// static
+ChromeURLRequestContextGetter*
+ChromeURLRequestContextGetter::CreateOffTheRecordForIsolatedApp(
+    Profile* profile,
+    const ProfileIOData* profile_io_data,
+    const std::string& app_id) {
+  DCHECK(profile->IsOffTheRecord());
+  ChromeURLRequestContextGetter* main_context =
+      static_cast<ChromeURLRequestContextGetter*>(profile->GetRequestContext());
+  return new ChromeURLRequestContextGetter(
+      profile,
+      new FactoryForIsolatedApp(profile_io_data, app_id, main_context));
+}
+
 void ChromeURLRequestContextGetter::CleanupOnUIThread() {
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
   // Unregister for pref notifications.
@@ -324,6 +375,24 @@ ChromeURLRequestContext::ChromeURLRequestContext()
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
 }
 
+void ChromeURLRequestContext::CopyFrom(ChromeURLRequestContext* other) {
+  URLRequestContext::CopyFrom(other);
+
+  // Copy ChromeURLRequestContext parameters.
+  set_user_script_dir_path(other->user_script_dir_path());
+  set_appcache_service(other->appcache_service());
+  set_database_tracker(other->database_tracker());
+  set_chrome_cookie_policy(other->chrome_cookie_policy_);
+  set_host_content_settings_map(other->host_content_settings_map());
+  set_host_zoom_map(other->host_zoom_map_);
+  set_blob_storage_context(other->blob_storage_context());
+  set_file_system_context(other->file_system_context());
+  set_extension_info_map(other->extension_info_map_);
+  set_prerender_manager(other->prerender_manager());
+  // ChromeURLDataManagerBackend is unique per context.
+  set_is_incognito(other->is_incognito());
+}
+
 void ChromeURLRequestContext::set_chrome_cookie_policy(
     ChromeCookiePolicy* cookie_policy) {
   chrome_cookie_policy_ = cookie_policy;  // Take a strong reference.
diff --git a/chrome/browser/net/chrome_url_request_context.h b/chrome/browser/net/chrome_url_request_context.h
index fab3f71..b8a87d2 100644
--- a/chrome/browser/net/chrome_url_request_context.h
+++ b/chrome/browser/net/chrome_url_request_context.h
@@ -47,6 +47,9 @@ class ChromeURLRequestContext : public net::URLRequestContext {
  public:
   ChromeURLRequestContext();
 
+  // Copies the state from |other| into this context.
+  void CopyFrom(ChromeURLRequestContext* other);
+
   // Gets the path to the directory user scripts are stored in.
   FilePath user_script_dir_path() const {
     return user_script_dir_path_;
@@ -140,6 +143,11 @@ class ChromeURLRequestContext : public net::URLRequestContext {
   virtual ~ChromeURLRequestContext();
 
  private:
+  // ---------------------------------------------------------------------------
+  // Important: When adding any new members below, consider whether they need to
+  // be added to CopyFrom.
+  // ---------------------------------------------------------------------------
+
   // Path to the directory user scripts are stored in.
   FilePath user_script_dir_path_;
 
@@ -158,6 +166,11 @@ class ChromeURLRequestContext : public net::URLRequestContext {
 
   bool is_incognito_;
 
+  // ---------------------------------------------------------------------------
+  // Important: When adding any new members above, consider whether they need to
+  // be added to CopyFrom.
+  // ---------------------------------------------------------------------------
+
   DISALLOW_COPY_AND_ASSIGN(ChromeURLRequestContext);
 };
 
@@ -213,6 +226,13 @@ class ChromeURLRequestContextGetter : public URLRequestContextGetter,
   static ChromeURLRequestContextGetter* CreateOriginalForExtensions(
       Profile* profile, const ProfileIOData* profile_io_data);
 
+  // Create an instance for an original profile for an app with isolated
+  // storage. This is expected to get called on UI thread.
+  static ChromeURLRequestContextGetter* CreateOriginalForIsolatedApp(
+      Profile* profile,
+      const ProfileIOData* profile_io_data,
+      const std::string& app_id);
+
   // Create an instance for use with an OTR profile. This is expected to get
   // called on the UI thread.
   static ChromeURLRequestContextGetter* CreateOffTheRecord(
@@ -223,6 +243,13 @@ class ChromeURLRequestContextGetter : public URLRequestContextGetter,
   static ChromeURLRequestContextGetter* CreateOffTheRecordForExtensions(
       Profile* profile, const ProfileIOData* profile_io_data);
 
+  // Create an instance for an OTR profile for an app with isolated storage.
+  // This is expected to get called on UI thread.
+  static ChromeURLRequestContextGetter* CreateOffTheRecordForIsolatedApp(
+      Profile* profile,
+      const ProfileIOData* profile_io_data,
+      const std::string& app_id);
+
   // Clean up UI thread resources. This is expected to get called on the UI
   // thread before the instance is deleted on the IO thread.
   void CleanupOnUIThread();
diff --git a/chrome/browser/net/sqlite_persistent_cookie_store.cc b/chrome/browser/net/sqlite_persistent_cookie_store.cc
index 6b92bfd..495efb5 100644
--- a/chrome/browser/net/sqlite_persistent_cookie_store.cc
+++ b/chrome/browser/net/sqlite_persistent_cookie_store.cc
@@ -18,6 +18,7 @@
 #include "base/scoped_ptr.h"
 #include "base/string_util.h"
 #include "base/threading/thread.h"
+#include "base/threading/thread_restrictions.h"
 #include "chrome/browser/diagnostics/sqlite_diagnostics.h"
 #include "content/browser/browser_thread.h"
 #include "googleurl/src/gurl.h"
@@ -156,6 +157,17 @@ bool SQLitePersistentCookieStore::Backend::Load(
   // This function should be called only once per instance.
   DCHECK(!db_.get());
 
+  // Ensure the parent directory for storing cookies is created before reading
+  // from it.  We make an exception to allow IO on the UI thread here because
+  // we are going to disk anyway in db_->Open.  (This code will be moved to the
+  // DB thread as part of http://crbug.com/52909.)
+  {
+    base::ThreadRestrictions::ScopedAllowIO allow_io;
+    const FilePath dir = path_.DirName();
+    if (!file_util::PathExists(dir) && !file_util::CreateDirectory(dir))
+      return false;
+  }
+
   db_.reset(new sql::Connection);
   if (!db_->Open(path_)) {
     NOTREACHED() << "Unable to open cookie DB.";