content_browser_client.h revision c2e0dbddbe15c98d52c4786dac06cb8952a8ae6d
1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef CONTENT_PUBLIC_BROWSER_CONTENT_BROWSER_CLIENT_H_ 6#define CONTENT_PUBLIC_BROWSER_CONTENT_BROWSER_CLIENT_H_ 7 8#include <map> 9#include <string> 10#include <utility> 11#include <vector> 12 13#include "base/callback_forward.h" 14#include "base/memory/linked_ptr.h" 15#include "base/memory/scoped_ptr.h" 16#include "base/memory/scoped_vector.h" 17#include "content/public/browser/file_descriptor_info.h" 18#include "content/public/common/content_client.h" 19#include "content/public/common/socket_permission_request.h" 20#include "content/public/common/window_container_type.h" 21#include "net/base/mime_util.h" 22#include "net/cookies/canonical_cookie.h" 23#include "net/url_request/url_request_job_factory.h" 24#include "third_party/WebKit/Source/WebKit/chromium/public/WebNotificationPresenter.h" 25#include "webkit/glue/resource_type.h" 26 27#if defined(OS_POSIX) && !defined(OS_MACOSX) 28#include "base/posix/global_descriptors.h" 29#endif 30 31class CommandLine; 32class GURL; 33struct WebPreferences; 34 35namespace base { 36class FilePath; 37} 38namespace crypto { 39class CryptoModuleBlockingPasswordDelegate; 40} 41 42namespace gfx { 43class ImageSkia; 44} 45 46namespace net { 47class CookieOptions; 48class HttpNetworkSession; 49class NetLog; 50class SSLCertRequestInfo; 51class SSLInfo; 52class URLRequest; 53class URLRequestContext; 54class URLRequestContextGetter; 55class X509Certificate; 56} 57 58namespace sandbox { 59class TargetPolicy; 60} 61 62namespace ui { 63class SelectFilePolicy; 64} 65 66namespace fileapi { 67class FileSystemMountPointProvider; 68} 69 70namespace content { 71 72class AccessTokenStore; 73class BrowserChildProcessHost; 74class BrowserContext; 75class BrowserMainParts; 76class BrowserPpapiHost; 77class BrowserURLHandler; 78class MediaObserver; 79class QuotaPermissionContext; 80class RenderProcessHost; 81class RenderViewHost; 82class RenderViewHostDelegateView; 83class ResourceContext; 84class SiteInstance; 85class SpeechRecognitionManagerDelegate; 86class WebContents; 87class WebContentsViewDelegate; 88class WebContentsViewPort; 89struct MainFunctionParams; 90struct ShowDesktopNotificationHostMsgParams; 91 92// A mapping from the scheme name to the protocol handler that services its 93// content. 94typedef std::map< 95 std::string, linked_ptr<net::URLRequestJobFactory::ProtocolHandler> > 96 ProtocolHandlerMap; 97 98// Embedder API (or SPI) for participating in browser logic, to be implemented 99// by the client of the content browser. See ChromeContentBrowserClient for the 100// principal implementation. The methods are assumed to be called on the UI 101// thread unless otherwise specified. Use this "escape hatch" sparingly, to 102// avoid the embedder interface ballooning and becoming very specific to Chrome. 103// (Often, the call out to the client can happen in a different part of the code 104// that either already has a hook out to the embedder, or calls out to one of 105// the observer interfaces.) 106class CONTENT_EXPORT ContentBrowserClient { 107 public: 108 virtual ~ContentBrowserClient() {} 109 110 // Allows the embedder to set any number of custom BrowserMainParts 111 // implementations for the browser startup code. See comments in 112 // browser_main_parts.h. 113 virtual BrowserMainParts* CreateBrowserMainParts( 114 const MainFunctionParams& parameters); 115 116 // Allows an embedder to return their own WebContentsViewPort implementation. 117 // Return NULL to let the default one for the platform be created. Otherwise 118 // |render_view_host_delegate_view| also needs to be provided, and it is 119 // owned by the embedder. 120 virtual WebContentsViewPort* OverrideCreateWebContentsView( 121 WebContents* web_contents, 122 RenderViewHostDelegateView** render_view_host_delegate_view); 123 124 // If content creates the WebContentsView implementation, it will ask the 125 // embedder to return an (optional) delegate to customize it. The view will 126 // own the delegate. 127 virtual WebContentsViewDelegate* GetWebContentsViewDelegate( 128 WebContents* web_contents); 129 130 // Notifies that a <webview> guest WebContents has been created. 131 virtual void GuestWebContentsCreated(WebContents* guest_web_contents, 132 WebContents* embedder_web_contents) {} 133 134 // Notifies that a RenderProcessHost has been created. This is called before 135 // the content layer adds its own BrowserMessageFilters, so that the 136 // embedder's IPC filters have priority. 137 virtual void RenderProcessHostCreated(RenderProcessHost* host) {} 138 139 // Notifies that a BrowserChildProcessHost has been created. 140 virtual void BrowserChildProcessHostCreated(BrowserChildProcessHost* host) {} 141 142 // Determines whether a navigation from |current_instance| to |url| would be a 143 // valid entry point to a "privileged site," based on whether it 144 // |is_renderer_initiated|. A privileged site requires careful process 145 // isolation to ensure its privileges do not leak, and it can only be entered 146 // via known navigation paths. 147 // 148 // If this is a valid entry to a privileged site, this function should rewrite 149 // the origin of |url| with a non-http(s) origin that represents the 150 // privileged site. This will distinguish the resulting SiteInstance from 151 // other SiteInstances in the process model. 152 virtual GURL GetPossiblyPrivilegedURL( 153 content::BrowserContext* browser_context, 154 const GURL& url, 155 bool is_renderer_initiated, 156 SiteInstance* current_instance); 157 158 // Get the effective URL for the given actual URL, to allow an embedder to 159 // group different url schemes in the same SiteInstance. 160 virtual GURL GetEffectiveURL(BrowserContext* browser_context, 161 const GURL& url); 162 163 // Returns whether all instances of the specified effective URL should be 164 // rendered by the same process, rather than using process-per-site-instance. 165 virtual bool ShouldUseProcessPerSite(BrowserContext* browser_context, 166 const GURL& effective_url); 167 168 // Returns a list additional WebUI schemes, if any. These additional schemes 169 // act as aliases to the chrome: scheme. The additional schemes may or may 170 // not serve specific WebUI pages depending on the particular URLDataSource 171 // and its override of URLDataSource::ShouldServiceRequest. 172 virtual void GetAdditionalWebUISchemes( 173 std::vector<std::string>* additional_schemes) {} 174 175 // Creates the main net::URLRequestContextGetter. Should only be called once 176 // per ContentBrowserClient object. 177 // TODO(ajwong): Remove once http://crbug.com/159193 is resolved. 178 virtual net::URLRequestContextGetter* CreateRequestContext( 179 BrowserContext* browser_context, 180 ProtocolHandlerMap* protocol_handlers); 181 182 // Creates the net::URLRequestContextGetter for a StoragePartition. Should 183 // only be called once per partition_path per ContentBrowserClient object. 184 // TODO(ajwong): Remove once http://crbug.com/159193 is resolved. 185 virtual net::URLRequestContextGetter* CreateRequestContextForStoragePartition( 186 BrowserContext* browser_context, 187 const base::FilePath& partition_path, 188 bool in_memory, 189 ProtocolHandlerMap* protocol_handlers); 190 191 // Returns whether a specified URL is handled by the embedder's internal 192 // protocol handlers. 193 virtual bool IsHandledURL(const GURL& url); 194 195 // Returns whether a new view for a given |site_url| can be launched in a 196 // given |process_host|. 197 virtual bool IsSuitableHost(RenderProcessHost* process_host, 198 const GURL& site_url); 199 200 // Returns whether a new process should be created or an existing one should 201 // be reused based on the URL we want to load. This should return false, 202 // unless there is a good reason otherwise. 203 virtual bool ShouldTryToUseExistingProcessHost( 204 BrowserContext* browser_context, const GURL& url); 205 206 // Called when a site instance is first associated with a process. 207 virtual void SiteInstanceGotProcess(SiteInstance* site_instance) {} 208 209 // Called from a site instance's destructor. 210 virtual void SiteInstanceDeleting(SiteInstance* site_instance) {} 211 212 // Returns true if for the navigation from |current_url| to |new_url| 213 // in |site_instance|, the process should be swapped (even if we are in a 214 // process model that doesn't usually swap). 215 virtual bool ShouldSwapProcessesForNavigation(SiteInstance* site_instance, 216 const GURL& current_url, 217 const GURL& new_url); 218 219 // Returns true if the given navigation redirect should cause a renderer 220 // process swap. 221 // This is called on the IO thread. 222 virtual bool ShouldSwapProcessesForRedirect(ResourceContext* resource_context, 223 const GURL& current_url, 224 const GURL& new_url); 225 226 // See CharacterEncoding's comment. 227 virtual std::string GetCanonicalEncodingNameByAliasName( 228 const std::string& alias_name); 229 230 // Allows the embedder to pass extra command line flags. 231 // switches::kProcessType will already be set at this point. 232 virtual void AppendExtraCommandLineSwitches(CommandLine* command_line, 233 int child_process_id) {} 234 235 // Returns the locale used by the application. 236 // This is called on the UI and IO threads. 237 virtual std::string GetApplicationLocale(); 238 239 // Returns the languages used in the Accept-Languages HTTP header. 240 // (Not called GetAcceptLanguages so it doesn't clash with win32). 241 virtual std::string GetAcceptLangs(BrowserContext* context); 242 243 // Returns the default favicon. The callee doesn't own the given bitmap. 244 virtual gfx::ImageSkia* GetDefaultFavicon(); 245 246 // Allow the embedder to control if an AppCache can be used for the given url. 247 // This is called on the IO thread. 248 virtual bool AllowAppCache(const GURL& manifest_url, 249 const GURL& first_party, 250 ResourceContext* context); 251 252 // Allow the embedder to control if the given cookie can be read. 253 // This is called on the IO thread. 254 virtual bool AllowGetCookie(const GURL& url, 255 const GURL& first_party, 256 const net::CookieList& cookie_list, 257 ResourceContext* context, 258 int render_process_id, 259 int render_view_id); 260 261 // Allow the embedder to control if the given cookie can be set. 262 // This is called on the IO thread. 263 virtual bool AllowSetCookie(const GURL& url, 264 const GURL& first_party, 265 const std::string& cookie_line, 266 ResourceContext* context, 267 int render_process_id, 268 int render_view_id, 269 net::CookieOptions* options); 270 271 // This is called on the IO thread. 272 virtual bool AllowSaveLocalState(ResourceContext* context); 273 274 // Allow the embedder to control if access to web database by a shared worker 275 // is allowed. |render_views| is a vector of pairs of 276 // RenderProcessID/RenderViewID of RenderViews that are using this worker. 277 // This is called on the IO thread. 278 virtual bool AllowWorkerDatabase( 279 const GURL& url, 280 const string16& name, 281 const string16& display_name, 282 unsigned long estimated_size, 283 ResourceContext* context, 284 const std::vector<std::pair<int, int> >& render_views); 285 286 // Allow the embedder to control if access to file system by a shared worker 287 // is allowed. 288 // This is called on the IO thread. 289 virtual bool AllowWorkerFileSystem( 290 const GURL& url, 291 ResourceContext* context, 292 const std::vector<std::pair<int, int> >& render_views); 293 294 // Allow the embedder to control if access to IndexedDB by a shared worker 295 // is allowed. 296 // This is called on the IO thread. 297 virtual bool AllowWorkerIndexedDB( 298 const GURL& url, 299 const string16& name, 300 ResourceContext* context, 301 const std::vector<std::pair<int, int> >& render_views); 302 303 // Allow the embedder to override the request context based on the URL for 304 // certain operations, like cookie access. Returns NULL to indicate the 305 // regular request context should be used. 306 // This is called on the IO thread. 307 virtual net::URLRequestContext* OverrideRequestContextForURL( 308 const GURL& url, ResourceContext* context); 309 310 // Allow the embedder to specify a string version of the storage partition 311 // config with a site. 312 virtual std::string GetStoragePartitionIdForSite( 313 content::BrowserContext* browser_context, 314 const GURL& site); 315 316 // Allows the embedder to provide a validation check for |partition_id|s. 317 // This domain of valid entries should match the range of outputs for 318 // GetStoragePartitionIdForChildProcess(). 319 virtual bool IsValidStoragePartitionId(BrowserContext* browser_context, 320 const std::string& partition_id); 321 322 // Allows the embedder to provide a storage parititon configuration for a 323 // site. A storage partition configuration includes a domain of the embedder's 324 // choice, an optional name within that domain, and whether the partition is 325 // in-memory only. 326 // 327 // If |can_be_default| is false, the caller is telling the embedder that the 328 // |site| is known to not be in the default partition. This is useful in 329 // some shutdown situations where the bookkeeping logic that maps sites to 330 // their partition configuration are no longer valid. 331 // 332 // The |partition_domain| is [a-z]* UTF-8 string, specifying the domain in 333 // which partitions live (similar to namespace). Within a domain, partitions 334 // can be uniquely identified by the combination of |partition_name| and 335 // |in_memory| values. When a partition is not to be persisted, the 336 // |in_memory| value must be set to true. 337 virtual void GetStoragePartitionConfigForSite( 338 content::BrowserContext* browser_context, 339 const GURL& site, 340 bool can_be_default, 341 std::string* partition_domain, 342 std::string* partition_name, 343 bool* in_memory); 344 345 // Create and return a new quota permission context. 346 virtual QuotaPermissionContext* CreateQuotaPermissionContext(); 347 348 // Informs the embedder that a certificate error has occured. If 349 // |overridable| is true and if |strict_enforcement| is false, the user 350 // can ignore the error and continue. The embedder can call the callback 351 // asynchronously. If |cancel_request| is set to true, the request will be 352 // cancelled immediately and the callback won't be run. 353 virtual void AllowCertificateError( 354 int render_process_id, 355 int render_view_id, 356 int cert_error, 357 const net::SSLInfo& ssl_info, 358 const GURL& request_url, 359 ResourceType::Type resource_type, 360 bool overridable, 361 bool strict_enforcement, 362 const base::Callback<void(bool)>& callback, 363 bool* cancel_request) {} 364 365 // Selects a SSL client certificate and returns it to the |callback|. If no 366 // certificate was selected NULL is returned to the |callback|. 367 virtual void SelectClientCertificate( 368 int render_process_id, 369 int render_view_id, 370 const net::HttpNetworkSession* network_session, 371 net::SSLCertRequestInfo* cert_request_info, 372 const base::Callback<void(net::X509Certificate*)>& callback) {} 373 374 // Adds a new installable certificate or private key. 375 // Typically used to install an X.509 user certificate. 376 // Note that it's up to the embedder to verify that the data is 377 // well-formed. |cert_data| will be NULL if file_size is 0. 378 virtual void AddCertificate( 379 net::URLRequest* request, 380 net::CertificateMimeType cert_type, 381 const void* cert_data, 382 size_t cert_size, 383 int render_process_id, 384 int render_view_id) {} 385 386 // Returns a class to get notifications about media event. The embedder can 387 // return NULL if they're not interested. 388 virtual MediaObserver* GetMediaObserver(); 389 390 // Asks permission to show desktop notifications. 391 virtual void RequestDesktopNotificationPermission( 392 const GURL& source_origin, 393 int callback_context, 394 int render_process_id, 395 int render_view_id) {} 396 397 // Checks if the given page has permission to show desktop notifications. 398 // This is called on the IO thread. 399 virtual WebKit::WebNotificationPresenter::Permission 400 CheckDesktopNotificationPermission( 401 const GURL& source_url, 402 ResourceContext* context, 403 int render_process_id); 404 405 // Show a desktop notification. If |worker| is true, the request came from an 406 // HTML5 web worker, otherwise, it came from a renderer. 407 virtual void ShowDesktopNotification( 408 const ShowDesktopNotificationHostMsgParams& params, 409 int render_process_id, 410 int render_view_id, 411 bool worker) {} 412 413 // Cancels a displayed desktop notification. 414 virtual void CancelDesktopNotification( 415 int render_process_id, 416 int render_view_id, 417 int notification_id) {} 418 419 // Returns true if the given page is allowed to open a window of the given 420 // type. If true is returned, |no_javascript_access| will indicate whether 421 // the window that is created should be scriptable/in the same process. 422 // This is called on the IO thread. 423 virtual bool CanCreateWindow( 424 const GURL& opener_url, 425 const GURL& source_origin, 426 WindowContainerType container_type, 427 ResourceContext* context, 428 int render_process_id, 429 bool* no_javascript_access); 430 431 // Returns a title string to use in the task manager for a process host with 432 // the given URL, or the empty string to fall back to the default logic. 433 // This is called on the IO thread. 434 virtual std::string GetWorkerProcessTitle(const GURL& url, 435 ResourceContext* context); 436 437 // Notifies the embedder that the ResourceDispatcherHost has been created. 438 // This is when it can optionally add a delegate. 439 virtual void ResourceDispatcherHostCreated() {} 440 441 // Allows the embedder to return a delegate for the SpeechRecognitionManager. 442 // The delegate will be owned by the manager. It's valid to return NULL. 443 virtual SpeechRecognitionManagerDelegate* 444 GetSpeechRecognitionManagerDelegate(); 445 446 // Getters for common objects. 447 virtual net::NetLog* GetNetLog(); 448 449 // Creates a new AccessTokenStore for gelocation. 450 virtual AccessTokenStore* CreateAccessTokenStore(); 451 452 // Returns true if fast shutdown is possible. 453 virtual bool IsFastShutdownPossible(); 454 455 // Called by WebContents to override the WebKit preferences that are used by 456 // the renderer. The content layer will add its own settings, and then it's up 457 // to the embedder to update it if it wants. 458 virtual void OverrideWebkitPrefs(RenderViewHost* render_view_host, 459 const GURL& url, 460 WebPreferences* prefs) {} 461 462 // Inspector setting was changed and should be persisted. 463 virtual void UpdateInspectorSetting(RenderViewHost* rvh, 464 const std::string& key, 465 const std::string& value) {} 466 467 // Notifies that BrowserURLHandler has been created, so that the embedder can 468 // optionally add their own handlers. 469 virtual void BrowserURLHandlerCreated(BrowserURLHandler* handler) {} 470 471 // Clears browser cache. 472 virtual void ClearCache(RenderViewHost* rvh) {} 473 474 // Clears browser cookies. 475 virtual void ClearCookies(RenderViewHost* rvh) {} 476 477 // Returns the default download directory. 478 // This can be called on any thread. 479 virtual base::FilePath GetDefaultDownloadDirectory(); 480 481 // Returns the default filename used in downloads when we have no idea what 482 // else we should do with the file. 483 virtual std::string GetDefaultDownloadName(); 484 485 // Notification that a pepper plugin has just been spawned. This allows the 486 // embedder to add filters onto the host to implement interfaces. 487 // This is called on the IO thread. 488 virtual void DidCreatePpapiPlugin(BrowserPpapiHost* browser_host) {} 489 490 // Gets the host for an external out-of-process plugin. 491 virtual content::BrowserPpapiHost* GetExternalBrowserPpapiHost( 492 int plugin_child_id); 493 494 // Returns true if the given browser_context and site_url support hosting 495 // BrowserPlugins. 496 virtual bool SupportsBrowserPlugin(BrowserContext* browser_context, 497 const GURL& site_url); 498 499 // Returns true if renderer processes can use Pepper TCP/UDP sockets from 500 // the given origin and connection type. 501 virtual bool AllowPepperSocketAPI(BrowserContext* browser_context, 502 const GURL& url, 503 const SocketPermissionRequest& params); 504 505 // Returns the directory containing hyphenation dictionaries. 506 virtual base::FilePath GetHyphenDictionaryDirectory(); 507 508 // Returns an implementation of a file selecition policy. Can return NULL. 509 virtual ui::SelectFilePolicy* CreateSelectFilePolicy( 510 WebContents* web_contents); 511 512 // Returns additional allowed scheme set which can access files in 513 // FileSystem API. 514 virtual void GetAdditionalAllowedSchemesForFileSystem( 515 std::vector<std::string>* additional_schemes) {} 516 517 // Returns additional MountPointProviders for FileSystem API. 518 virtual void GetAdditionalFileSystemMountPointProviders( 519 const base::FilePath& storage_partition_path, 520 ScopedVector<fileapi::FileSystemMountPointProvider>* 521 additional_providers) {} 522 523#if defined(OS_POSIX) && !defined(OS_MACOSX) 524 // Populates |mappings| with all files that need to be mapped before launching 525 // a child process. 526 virtual void GetAdditionalMappedFilesForChildProcess( 527 const CommandLine& command_line, 528 int child_process_id, 529 std::vector<FileDescriptorInfo>* mappings) {} 530#endif 531 532#if defined(OS_WIN) 533 // Returns the name of the dll that contains cursors and other resources. 534 virtual const wchar_t* GetResourceDllName(); 535 536 // This is called on the PROCESS_LAUNCHER thread before the renderer process 537 // is launched. It gives the embedder a chance to add loosen the sandbox 538 // policy. 539 virtual void PreSpawnRenderer(sandbox::TargetPolicy* policy, 540 bool* success) {} 541#endif 542 543#if defined(USE_NSS) 544 // Return a delegate to authenticate and unlock |module|. 545 // This is called on a worker thread. 546 virtual 547 crypto::CryptoModuleBlockingPasswordDelegate* GetCryptoPasswordDelegate( 548 const GURL& url); 549#endif 550}; 551 552} // namespace content 553 554#endif // CONTENT_PUBLIC_BROWSER_CONTENT_BROWSER_CLIENT_H_ 555