• Lukasz Anforowicz's avatar
    Support for field trials of origin isolation. · 0672f8a0
    Lukasz Anforowicz authored
    CL overview
    ===========
    
    This CL adds a base::Feature for origin isolation to support turning on
    this feature in a field trial.  List of origins to isolate can be
    specified via a field trial param (see also internal documentation at
    cs/finch/experiment-params.md).
    
    
    Testing
    =======
    
    I've tested this CL with the following repro steps:
    
    1. Build Chrome with the CL patched-in (and with r518725 included).
    
    2. Test the default behavior.
       2.1. Launch Chrome without any special command-line flags
            (except --user-data-dir).
       2.2. Go to https://csreis.github.io/tests/cross-site-iframe.html
       2.3. Click "Go cross-site (complex-page)" button
       2.4. In Chrome Task Manager verify that the subframe
            stays in the main frame's process
    
    3. Test the field trial behavior.
       3.1. Launch Chrome with the following command-line flags:
          --enable-features="IsolateOrigins<MyTrialName" \
          --force-fieldtrials=MyTrialName/MyTrialGroup \
          --force-fieldtrial-params=MyTrialName.MyTrialGroup:OriginsList/https%3A%2F%2Fchromium-build.appspot.com
       3.2. Go to https://csreis.github.io/tests/cross-site-iframe.html
       3.3. Click "Go cross-site (complex-page)" button
       3.4. In Chrome Task Manager verify that there are 3 separate
            processes:
          - One for main frame (https://csreis.github.io/)
          - One for the isolated origin (https://chromium-build.appspot.com)
          - One for a subframe inside the isolated origin
            (https://chromium-status.appspot.com)
    
    Note that in step 3.1 some characters in the field trial param had to be
    escaped using percent encoding.
    
    
    Other notes
    ===========
    
    This CL refactors SiteIsolationPolicy and
    ChildProcessSecurityPolicyImpl, so that
    
    1) One can add a set of isolated origins to ChildProcessSecurityPolicyImpl
       regardless of the source (ContentBrowserClient vs cmdline/field-trial).
       After this CL, ChildProcessSecurityPolicyImpl exposes only a single
           void AddIsolatedOrigins(std::vector<url::Origin> origins);
       method (and doesn't anymore offer adding a single origin or
       parsing cmdline).
    
       One extra benefit of this change is that the
       ChildProcessSecurityPolicyImpl::lock_ is not taken and released
       once per every single origin (after this CL it is taken and released
       only once per batch of origins passed to AddIsolatedOrigins).
    
    2) Parsing of a string with a list of origins can be reused for parsing
       cmdline arg and for parsing a field trial param.  After this CL,
       parsing is done via SiteIsolationPolicy::ParseIsolatedOrigins.
       Unit tests have correspondingly been moved from
       child_process_security_policy_unittest.cc to
       site_isolation_policy_unittest.cc
    
    
    Bug: 780133
    Change-Id: I28578bfd7f141ea8bdf0330f2342a1fb77619148
    Reviewed-on: https://chromium-review.googlesource.com/786276
    Commit-Queue: Łukasz Anforowicz <lukasza@chromium.org>
    Reviewed-by: default avatarAlex Moshchuk <alexmos@chromium.org>
    Cr-Commit-Position: refs/heads/master@{#520360}
    0672f8a0
site_isolation_policy.cc 2.4 KB