diff options
| author | rafaelw@chromium.org <rafaelw@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-12-07 04:52:55 +0000 |
|---|---|---|
| committer | rafaelw@chromium.org <rafaelw@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-12-07 04:52:55 +0000 |
| commit | b281ab6e72be9b1df735395da6979c21712a8e5d (patch) | |
| tree | 083a068bf5056e4c37790b793afe04c26d60a44e /chrome/browser/renderer_host/render_process_host.h | |
| parent | b792af76625e5f3d9801277b628352243fdcbb18 (diff) | |
| download | chromium_src-b281ab6e72be9b1df735395da6979c21712a8e5d.zip chromium_src-b281ab6e72be9b1df735395da6979c21712a8e5d.tar.gz chromium_src-b281ab6e72be9b1df735395da6979c21712a8e5d.tar.bz2 | |
Allow silent extension installations from the extensions gallery - Part 1.
In this episode we:
-Create a new ChildProcess privilege (SILENT_INSTALL_EXTENSION) which is granted to the extension gallery pages.
-Ensure that extension gallery pages are isolated into their own process which is never shared with other urls.
Important: The SILENT_INSTALL_EXTENSION privilege is never granted any additional abilities in this patch, so this patch only has the effect of grouping gallery URLs into a separate process.
In subsequent patch(es) we plan to (a) observe this new privilege and allow gallery urls to install extensions bypassing the normal prompts, (b) polish this UI flow [in particular, do not show the black "loading" dilaog, (c) check the id of the extension to be installed (from the crx) matches the expected id (from gallery url).
BUG=27431
Review URL: http://codereview.chromium.org/400018
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@33952 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/browser/renderer_host/render_process_host.h')
| -rw-r--r-- | chrome/browser/renderer_host/render_process_host.h | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/chrome/browser/renderer_host/render_process_host.h b/chrome/browser/renderer_host/render_process_host.h index aad1f83..0949ffb 100644 --- a/chrome/browser/renderer_host/render_process_host.h +++ b/chrome/browser/renderer_host/render_process_host.h @@ -38,12 +38,16 @@ class RenderProcessHost : public IPC::Channel::Sender, // We classify renderers according to their highest privilege, and try // to group pages into renderers with similar privileges. - // Note: it may be possible for a renderer to have multiple privileges, - // in which case we call it an "extension" renderer. + // Note: it may be possible for a renderer to have both DOMUI and EXTENSION + // privileges, in which case we call it an "extension" renderer. + // TYPE_EXTENSION_GALLERY should never be TYPE_DOMUI and/or TYPE_EXTENSION + // as well. enum Type { - TYPE_NORMAL, // Normal renderer, no extra privileges. - TYPE_DOMUI, // Renderer with DOMUI privileges, like New Tab. - TYPE_EXTENSION, // Renderer with extension privileges. + TYPE_NORMAL, // Normal renderer, no extra privileges. + TYPE_EXTENSION_GALLERY, // Renderer with silent extension installation + // privileges. + TYPE_DOMUI, // Renderer with DOMUI privileges, like New Tab. + TYPE_EXTENSION // Renderer with extension privileges. }; // Details for RENDERER_PROCESS_CLOSED notifications. @@ -175,6 +179,9 @@ class RenderProcessHost : public IPC::Channel::Sender, // Called when a received message cannot be decoded. virtual void ReceivedBadMessage(uint32 msg_type) = 0; + // Called when a renderer security policy is violated. + virtual void PolicyViolated(const std::string& policy_name) = 0; + // Track the count of visible widgets. Called by listeners to register and // unregister visibility. virtual void WidgetRestored() = 0; |