content_browser_client.h revision 7d4cd473f85ac64c3747c96c277f9e506a0d2246
1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef CONTENT_PUBLIC_BROWSER_CONTENT_BROWSER_CLIENT_H_ 6#define CONTENT_PUBLIC_BROWSER_CONTENT_BROWSER_CLIENT_H_ 7 8#include <map> 9#include <string> 10#include <utility> 11#include <vector> 12 13#include "base/callback_forward.h" 14#include "base/memory/linked_ptr.h" 15#include "base/memory/scoped_ptr.h" 16#include "base/memory/scoped_vector.h" 17#include "content/public/browser/certificate_request_result_type.h" 18#include "content/public/browser/file_descriptor_info.h" 19#include "content/public/common/content_client.h" 20#include "content/public/common/socket_permission_request.h" 21#include "content/public/common/window_container_type.h" 22#include "net/base/mime_util.h" 23#include "net/cookies/canonical_cookie.h" 24#include "net/url_request/url_request_job_factory.h" 25#include "third_party/WebKit/public/web/WebNotificationPresenter.h" 26#include "webkit/glue/resource_type.h" 27 28#if defined(OS_POSIX) && !defined(OS_MACOSX) 29#include "base/posix/global_descriptors.h" 30#endif 31 32class CommandLine; 33class GURL; 34struct WebPreferences; 35 36namespace base { 37class FilePath; 38} 39namespace crypto { 40class CryptoModuleBlockingPasswordDelegate; 41} 42 43namespace gfx { 44class ImageSkia; 45} 46 47namespace net { 48class CookieOptions; 49class HttpNetworkSession; 50class NetLog; 51class SSLCertRequestInfo; 52class SSLInfo; 53class URLRequest; 54class URLRequestContext; 55class URLRequestContextGetter; 56class X509Certificate; 57} 58 59namespace sandbox { 60class TargetPolicy; 61} 62 63namespace ui { 64class SelectFilePolicy; 65} 66 67namespace fileapi { 68class FileSystemMountPointProvider; 69} 70 71namespace content { 72 73class AccessTokenStore; 74class BrowserChildProcessHost; 75class BrowserContext; 76class BrowserMainParts; 77class BrowserPpapiHost; 78class BrowserURLHandler; 79class LocationProvider; 80class MediaObserver; 81class QuotaPermissionContext; 82class RenderProcessHost; 83class RenderViewHost; 84class RenderViewHostDelegateView; 85class ResourceContext; 86class SiteInstance; 87class SpeechRecognitionManagerDelegate; 88class WebContents; 89class WebContentsViewDelegate; 90class WebContentsViewPort; 91struct MainFunctionParams; 92struct ShowDesktopNotificationHostMsgParams; 93 94// A mapping from the scheme name to the protocol handler that services its 95// content. 96typedef std::map< 97 std::string, linked_ptr<net::URLRequestJobFactory::ProtocolHandler> > 98 ProtocolHandlerMap; 99 100// Embedder API (or SPI) for participating in browser logic, to be implemented 101// by the client of the content browser. See ChromeContentBrowserClient for the 102// principal implementation. The methods are assumed to be called on the UI 103// thread unless otherwise specified. Use this "escape hatch" sparingly, to 104// avoid the embedder interface ballooning and becoming very specific to Chrome. 105// (Often, the call out to the client can happen in a different part of the code 106// that either already has a hook out to the embedder, or calls out to one of 107// the observer interfaces.) 108class CONTENT_EXPORT ContentBrowserClient { 109 public: 110 virtual ~ContentBrowserClient() {} 111 112 // Allows the embedder to set any number of custom BrowserMainParts 113 // implementations for the browser startup code. See comments in 114 // browser_main_parts.h. 115 virtual BrowserMainParts* CreateBrowserMainParts( 116 const MainFunctionParams& parameters); 117 118 // Allows an embedder to return their own WebContentsViewPort implementation. 119 // Return NULL to let the default one for the platform be created. Otherwise 120 // |render_view_host_delegate_view| also needs to be provided, and it is 121 // owned by the embedder. 122 virtual WebContentsViewPort* OverrideCreateWebContentsView( 123 WebContents* web_contents, 124 RenderViewHostDelegateView** render_view_host_delegate_view); 125 126 // If content creates the WebContentsView implementation, it will ask the 127 // embedder to return an (optional) delegate to customize it. The view will 128 // own the delegate. 129 virtual WebContentsViewDelegate* GetWebContentsViewDelegate( 130 WebContents* web_contents); 131 132 // Notifies that a guest WebContents has been attached to a BrowserPlugin. 133 // A guest is attached to a BrowserPlugin when the guest has acquired an 134 // embedder WebContents. This happens on initial navigation or when a new 135 // window is attached to a BrowserPlugin. 136 virtual void GuestWebContentsAttached(WebContents* guest_web_contents, 137 WebContents* embedder_web_contents, 138 int browser_plugin_instance_id) {} 139 140 // Notifies that a RenderProcessHost has been created. This is called before 141 // the content layer adds its own BrowserMessageFilters, so that the 142 // embedder's IPC filters have priority. 143 virtual void RenderProcessHostCreated(RenderProcessHost* host) {} 144 145 // Notifies that a BrowserChildProcessHost has been created. 146 virtual void BrowserChildProcessHostCreated(BrowserChildProcessHost* host) {} 147 148 // Determines whether a navigation from |current_instance| to |url| would be a 149 // valid entry point to a "privileged site," based on whether it 150 // |is_renderer_initiated|. A privileged site requires careful process 151 // isolation to ensure its privileges do not leak, and it can only be entered 152 // via known navigation paths. 153 // 154 // If this is a valid entry to a privileged site, this function should rewrite 155 // the origin of |url| with a non-http(s) origin that represents the 156 // privileged site. This will distinguish the resulting SiteInstance from 157 // other SiteInstances in the process model. 158 virtual GURL GetPossiblyPrivilegedURL( 159 content::BrowserContext* browser_context, 160 const GURL& url, 161 bool is_renderer_initiated, 162 SiteInstance* current_instance); 163 164 // Get the effective URL for the given actual URL, to allow an embedder to 165 // group different url schemes in the same SiteInstance. 166 virtual GURL GetEffectiveURL(BrowserContext* browser_context, 167 const GURL& url); 168 169 // Returns whether all instances of the specified effective URL should be 170 // rendered by the same process, rather than using process-per-site-instance. 171 virtual bool ShouldUseProcessPerSite(BrowserContext* browser_context, 172 const GURL& effective_url); 173 174 // Returns a list additional WebUI schemes, if any. These additional schemes 175 // act as aliases to the chrome: scheme. The additional schemes may or may 176 // not serve specific WebUI pages depending on the particular URLDataSource 177 // and its override of URLDataSource::ShouldServiceRequest. 178 virtual void GetAdditionalWebUISchemes( 179 std::vector<std::string>* additional_schemes) {} 180 181 // Creates the main net::URLRequestContextGetter. Should only be called once 182 // per ContentBrowserClient object. 183 // TODO(ajwong): Remove once http://crbug.com/159193 is resolved. 184 virtual net::URLRequestContextGetter* CreateRequestContext( 185 BrowserContext* browser_context, 186 ProtocolHandlerMap* protocol_handlers); 187 188 // Creates the net::URLRequestContextGetter for a StoragePartition. Should 189 // only be called once per partition_path per ContentBrowserClient object. 190 // TODO(ajwong): Remove once http://crbug.com/159193 is resolved. 191 virtual net::URLRequestContextGetter* CreateRequestContextForStoragePartition( 192 BrowserContext* browser_context, 193 const base::FilePath& partition_path, 194 bool in_memory, 195 ProtocolHandlerMap* protocol_handlers); 196 197 // Returns whether a specified URL is handled by the embedder's internal 198 // protocol handlers. 199 virtual bool IsHandledURL(const GURL& url); 200 201 // Returns whether the given process is allowed to commit |url|. This is a 202 // more conservative check than IsSuitableHost, since it is used after a 203 // navigation has committed to ensure that the process did not exceed its 204 // authority. 205 virtual bool CanCommitURL(RenderProcessHost* process_host, const GURL& url); 206 207 // Returns whether a new view for a given |site_url| can be launched in a 208 // given |process_host|. 209 virtual bool IsSuitableHost(RenderProcessHost* process_host, 210 const GURL& site_url); 211 212 // Returns whether a new process should be created or an existing one should 213 // be reused based on the URL we want to load. This should return false, 214 // unless there is a good reason otherwise. 215 virtual bool ShouldTryToUseExistingProcessHost( 216 BrowserContext* browser_context, const GURL& url); 217 218 // Called when a site instance is first associated with a process. 219 virtual void SiteInstanceGotProcess(SiteInstance* site_instance) {} 220 221 // Called from a site instance's destructor. 222 virtual void SiteInstanceDeleting(SiteInstance* site_instance) {} 223 224 // Returns true if for the navigation from |current_url| to |new_url| 225 // in |site_instance|, the process should be swapped (even if we are in a 226 // process model that doesn't usually swap). 227 virtual bool ShouldSwapProcessesForNavigation(SiteInstance* site_instance, 228 const GURL& current_url, 229 const GURL& new_url); 230 231 // Returns true if the given navigation redirect should cause a renderer 232 // process swap. 233 // This is called on the IO thread. 234 virtual bool ShouldSwapProcessesForRedirect(ResourceContext* resource_context, 235 const GURL& current_url, 236 const GURL& new_url); 237 238 // See CharacterEncoding's comment. 239 virtual std::string GetCanonicalEncodingNameByAliasName( 240 const std::string& alias_name); 241 242 // Allows the embedder to pass extra command line flags. 243 // switches::kProcessType will already be set at this point. 244 virtual void AppendExtraCommandLineSwitches(CommandLine* command_line, 245 int child_process_id) {} 246 247 // Returns the locale used by the application. 248 // This is called on the UI and IO threads. 249 virtual std::string GetApplicationLocale(); 250 251 // Returns the languages used in the Accept-Languages HTTP header. 252 // (Not called GetAcceptLanguages so it doesn't clash with win32). 253 virtual std::string GetAcceptLangs(BrowserContext* context); 254 255 // Returns the default favicon. The callee doesn't own the given bitmap. 256 virtual gfx::ImageSkia* GetDefaultFavicon(); 257 258 // Allow the embedder to control if an AppCache can be used for the given url. 259 // This is called on the IO thread. 260 virtual bool AllowAppCache(const GURL& manifest_url, 261 const GURL& first_party, 262 ResourceContext* context); 263 264 // Allow the embedder to control if the given cookie can be read. 265 // This is called on the IO thread. 266 virtual bool AllowGetCookie(const GURL& url, 267 const GURL& first_party, 268 const net::CookieList& cookie_list, 269 ResourceContext* context, 270 int render_process_id, 271 int render_view_id); 272 273 // Allow the embedder to control if the given cookie can be set. 274 // This is called on the IO thread. 275 virtual bool AllowSetCookie(const GURL& url, 276 const GURL& first_party, 277 const std::string& cookie_line, 278 ResourceContext* context, 279 int render_process_id, 280 int render_view_id, 281 net::CookieOptions* options); 282 283 // This is called on the IO thread. 284 virtual bool AllowSaveLocalState(ResourceContext* context); 285 286 // Allow the embedder to control if access to web database by a shared worker 287 // is allowed. |render_views| is a vector of pairs of 288 // RenderProcessID/RenderViewID of RenderViews that are using this worker. 289 // This is called on the IO thread. 290 virtual bool AllowWorkerDatabase( 291 const GURL& url, 292 const string16& name, 293 const string16& display_name, 294 unsigned long estimated_size, 295 ResourceContext* context, 296 const std::vector<std::pair<int, int> >& render_views); 297 298 // Allow the embedder to control if access to file system by a shared worker 299 // is allowed. 300 // This is called on the IO thread. 301 virtual bool AllowWorkerFileSystem( 302 const GURL& url, 303 ResourceContext* context, 304 const std::vector<std::pair<int, int> >& render_views); 305 306 // Allow the embedder to control if access to IndexedDB by a shared worker 307 // is allowed. 308 // This is called on the IO thread. 309 virtual bool AllowWorkerIndexedDB( 310 const GURL& url, 311 const string16& name, 312 ResourceContext* context, 313 const std::vector<std::pair<int, int> >& render_views); 314 315 // Allow the embedder to override the request context based on the URL for 316 // certain operations, like cookie access. Returns NULL to indicate the 317 // regular request context should be used. 318 // This is called on the IO thread. 319 virtual net::URLRequestContext* OverrideRequestContextForURL( 320 const GURL& url, ResourceContext* context); 321 322 // Allow the embedder to specify a string version of the storage partition 323 // config with a site. 324 virtual std::string GetStoragePartitionIdForSite( 325 content::BrowserContext* browser_context, 326 const GURL& site); 327 328 // Allows the embedder to provide a validation check for |partition_id|s. 329 // This domain of valid entries should match the range of outputs for 330 // GetStoragePartitionIdForChildProcess(). 331 virtual bool IsValidStoragePartitionId(BrowserContext* browser_context, 332 const std::string& partition_id); 333 334 // Allows the embedder to provide a storage parititon configuration for a 335 // site. A storage partition configuration includes a domain of the embedder's 336 // choice, an optional name within that domain, and whether the partition is 337 // in-memory only. 338 // 339 // If |can_be_default| is false, the caller is telling the embedder that the 340 // |site| is known to not be in the default partition. This is useful in 341 // some shutdown situations where the bookkeeping logic that maps sites to 342 // their partition configuration are no longer valid. 343 // 344 // The |partition_domain| is [a-z]* UTF-8 string, specifying the domain in 345 // which partitions live (similar to namespace). Within a domain, partitions 346 // can be uniquely identified by the combination of |partition_name| and 347 // |in_memory| values. When a partition is not to be persisted, the 348 // |in_memory| value must be set to true. 349 virtual void GetStoragePartitionConfigForSite( 350 content::BrowserContext* browser_context, 351 const GURL& site, 352 bool can_be_default, 353 std::string* partition_domain, 354 std::string* partition_name, 355 bool* in_memory); 356 357 // Create and return a new quota permission context. 358 virtual QuotaPermissionContext* CreateQuotaPermissionContext(); 359 360 // Informs the embedder that a certificate error has occured. If 361 // |overridable| is true and if |strict_enforcement| is false, the user 362 // can ignore the error and continue. The embedder can call the callback 363 // asynchronously. If |result| is not set to 364 // CERTIFICATE_REQUEST_RESULT_TYPE_CONTINUE, the request will be cancelled 365 // or denied immediately, and the callback won't be run. 366 virtual void AllowCertificateError( 367 int render_process_id, 368 int render_view_id, 369 int cert_error, 370 const net::SSLInfo& ssl_info, 371 const GURL& request_url, 372 ResourceType::Type resource_type, 373 bool overridable, 374 bool strict_enforcement, 375 const base::Callback<void(bool)>& callback, 376 CertificateRequestResultType* result) {} 377 378 // Selects a SSL client certificate and returns it to the |callback|. If no 379 // certificate was selected NULL is returned to the |callback|. 380 virtual void SelectClientCertificate( 381 int render_process_id, 382 int render_view_id, 383 const net::HttpNetworkSession* network_session, 384 net::SSLCertRequestInfo* cert_request_info, 385 const base::Callback<void(net::X509Certificate*)>& callback) {} 386 387 // Adds a new installable certificate or private key. 388 // Typically used to install an X.509 user certificate. 389 // Note that it's up to the embedder to verify that the data is 390 // well-formed. |cert_data| will be NULL if file_size is 0. 391 virtual void AddCertificate( 392 net::URLRequest* request, 393 net::CertificateMimeType cert_type, 394 const void* cert_data, 395 size_t cert_size, 396 int render_process_id, 397 int render_view_id) {} 398 399 // Returns a class to get notifications about media event. The embedder can 400 // return NULL if they're not interested. 401 virtual MediaObserver* GetMediaObserver(); 402 403 // Asks permission to show desktop notifications. 404 virtual void RequestDesktopNotificationPermission( 405 const GURL& source_origin, 406 int callback_context, 407 int render_process_id, 408 int render_view_id) {} 409 410 // Checks if the given page has permission to show desktop notifications. 411 // This is called on the IO thread. 412 virtual WebKit::WebNotificationPresenter::Permission 413 CheckDesktopNotificationPermission( 414 const GURL& source_url, 415 ResourceContext* context, 416 int render_process_id); 417 418 // Show a desktop notification. If |worker| is true, the request came from an 419 // HTML5 web worker, otherwise, it came from a renderer. 420 virtual void ShowDesktopNotification( 421 const ShowDesktopNotificationHostMsgParams& params, 422 int render_process_id, 423 int render_view_id, 424 bool worker) {} 425 426 // Cancels a displayed desktop notification. 427 virtual void CancelDesktopNotification( 428 int render_process_id, 429 int render_view_id, 430 int notification_id) {} 431 432 // Returns true if the given page is allowed to open a window of the given 433 // type. If true is returned, |no_javascript_access| will indicate whether 434 // the window that is created should be scriptable/in the same process. 435 // This is called on the IO thread. 436 virtual bool CanCreateWindow( 437 const GURL& opener_url, 438 const GURL& source_origin, 439 WindowContainerType container_type, 440 ResourceContext* context, 441 int render_process_id, 442 bool* no_javascript_access); 443 444 // Returns a title string to use in the task manager for a process host with 445 // the given URL, or the empty string to fall back to the default logic. 446 // This is called on the IO thread. 447 virtual std::string GetWorkerProcessTitle(const GURL& url, 448 ResourceContext* context); 449 450 // Notifies the embedder that the ResourceDispatcherHost has been created. 451 // This is when it can optionally add a delegate. 452 virtual void ResourceDispatcherHostCreated() {} 453 454 // Allows the embedder to return a delegate for the SpeechRecognitionManager. 455 // The delegate will be owned by the manager. It's valid to return NULL. 456 virtual SpeechRecognitionManagerDelegate* 457 GetSpeechRecognitionManagerDelegate(); 458 459 // Getters for common objects. 460 virtual net::NetLog* GetNetLog(); 461 462 // Creates a new AccessTokenStore for gelocation. 463 virtual AccessTokenStore* CreateAccessTokenStore(); 464 465 // Returns true if fast shutdown is possible. 466 virtual bool IsFastShutdownPossible(); 467 468 // Called by WebContents to override the WebKit preferences that are used by 469 // the renderer. The content layer will add its own settings, and then it's up 470 // to the embedder to update it if it wants. 471 virtual void OverrideWebkitPrefs(RenderViewHost* render_view_host, 472 const GURL& url, 473 WebPreferences* prefs) {} 474 475 // Inspector setting was changed and should be persisted. 476 virtual void UpdateInspectorSetting(RenderViewHost* rvh, 477 const std::string& key, 478 const std::string& value) {} 479 480 // Notifies that BrowserURLHandler has been created, so that the embedder can 481 // optionally add their own handlers. 482 virtual void BrowserURLHandlerCreated(BrowserURLHandler* handler) {} 483 484 // Clears browser cache. 485 virtual void ClearCache(RenderViewHost* rvh) {} 486 487 // Clears browser cookies. 488 virtual void ClearCookies(RenderViewHost* rvh) {} 489 490 // Returns the default download directory. 491 // This can be called on any thread. 492 virtual base::FilePath GetDefaultDownloadDirectory(); 493 494 // Returns the default filename used in downloads when we have no idea what 495 // else we should do with the file. 496 virtual std::string GetDefaultDownloadName(); 497 498 // Notification that a pepper plugin has just been spawned. This allows the 499 // embedder to add filters onto the host to implement interfaces. 500 // This is called on the IO thread. 501 virtual void DidCreatePpapiPlugin(BrowserPpapiHost* browser_host) {} 502 503 // Gets the host for an external out-of-process plugin. 504 virtual content::BrowserPpapiHost* GetExternalBrowserPpapiHost( 505 int plugin_child_id); 506 507 // Returns true if the given browser_context and site_url support hosting 508 // BrowserPlugins. 509 virtual bool SupportsBrowserPlugin(BrowserContext* browser_context, 510 const GURL& site_url); 511 512 // Returns true if the socket operation specified by |params| is allowed 513 // from the given |browser_context| and |url|. |private_api| indicates whether 514 // this permission check is for the private Pepper socket API or the public 515 // one. 516 virtual bool AllowPepperSocketAPI(BrowserContext* browser_context, 517 const GURL& url, 518 bool private_api, 519 const SocketPermissionRequest& params); 520 521 // Returns the directory containing hyphenation dictionaries. 522 virtual base::FilePath GetHyphenDictionaryDirectory(); 523 524 // Returns an implementation of a file selecition policy. Can return NULL. 525 virtual ui::SelectFilePolicy* CreateSelectFilePolicy( 526 WebContents* web_contents); 527 528 // Returns additional allowed scheme set which can access files in 529 // FileSystem API. 530 virtual void GetAdditionalAllowedSchemesForFileSystem( 531 std::vector<std::string>* additional_schemes) {} 532 533 // Returns additional MountPointProviders for FileSystem API. 534 virtual void GetAdditionalFileSystemMountPointProviders( 535 const base::FilePath& storage_partition_path, 536 ScopedVector<fileapi::FileSystemMountPointProvider>* 537 additional_providers) {} 538 539 // Allows an embedder to return its own LocationProvider implementation. 540 // Return NULL to use the default one for the platform to be created. 541 virtual LocationProvider* OverrideSystemLocationProvider(); 542 543#if defined(OS_POSIX) && !defined(OS_MACOSX) 544 // Populates |mappings| with all files that need to be mapped before launching 545 // a child process. 546 virtual void GetAdditionalMappedFilesForChildProcess( 547 const CommandLine& command_line, 548 int child_process_id, 549 std::vector<FileDescriptorInfo>* mappings) {} 550#endif 551 552#if defined(OS_WIN) 553 // Returns the name of the dll that contains cursors and other resources. 554 virtual const wchar_t* GetResourceDllName(); 555 556 // This is called on the PROCESS_LAUNCHER thread before the renderer process 557 // is launched. It gives the embedder a chance to add loosen the sandbox 558 // policy. 559 virtual void PreSpawnRenderer(sandbox::TargetPolicy* policy, 560 bool* success) {} 561#endif 562 563#if defined(USE_NSS) 564 // Return a delegate to authenticate and unlock |module|. 565 // This is called on a worker thread. 566 virtual 567 crypto::CryptoModuleBlockingPasswordDelegate* GetCryptoPasswordDelegate( 568 const GURL& url); 569#endif 570}; 571 572} // namespace content 573 574#endif // CONTENT_PUBLIC_BROWSER_CONTENT_BROWSER_CLIENT_H_ 575