Implement special origin database handling for Isolated Apps

- Factor out SandboxOriginDatabase interface to SandboxOriginDatabaseInterface - Implement SandboxIsolatedOriginDatabase which implements the same interface and only handles a single origin without database BUG=242272 TEST=SandboxIsolatedOriginDatabaseTest.* TEST=manually tested (launch Chrome w/o change, launch an app which uses HTML5 FS API, write some data -> launch Chrome with change, make sure the same contents appear & origin database's gone) TBR=tzik@chromium.org Review URL: https://codereview.chromium.org/16150002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@203139 0039d316-1c4b-4281-b951-d872f2087c98

Implement special origin database handling for Isolated Apps
- Factor out SandboxOriginDatabase interface to SandboxOriginDatabaseInterface - Implement SandboxIsolatedOriginDatabase which implements the same interface and only handles a single origin without database BUG=242272 TEST=SandboxIsolatedOriginDatabaseTest.* TEST=manually tested (launch Chrome w/o change, launch an app which uses HTML5 FS API, write some data -> launch Chrome with change, make sure the same contents appear & origin database's gone) TBR=tzik@chromium.org Review URL: https://codereview.chromium.org/16150002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@203139 0039d316-1c4b-4281-b951-d872f2087c98
0b7fcc16 · kinuko@chromium.org · 1cbf878f · 0b7fcc16 · 0b7fcc16 · 0b7fcc16
Commit 0b7fcc16 authored May 30, 2013 by kinuko@chromium.org
12 changed files
--- a/content/content_tests.gypi
+++ b/content/content_tests.gypi
@@ -453,6 +453,7 @@
        '../webkit/browser/fileapi/sandbox_directory_database_unittest.cc',
        '../webkit/browser/fileapi/sandbox_file_system_test_helper.cc',
        '../webkit/browser/fileapi/sandbox_file_system_test_helper.h',
+        '../webkit/browser/fileapi/sandbox_isolated_origin_database_unittest.cc',
        '../webkit/browser/fileapi/sandbox_mount_point_provider_unittest.cc',
        '../webkit/browser/fileapi/sandbox_origin_database_unittest.cc',
        '../webkit/browser/fileapi/syncable/canned_syncable_file_system.cc',

--- a/webkit/browser/fileapi/obfuscated_file_util.cc
+++ b/webkit/browser/fileapi/obfuscated_file_util.cc
@@ -24,7 +24,9 @@
 #include "webkit/browser/fileapi/file_system_operation_context.h"
 #include "webkit/browser/fileapi/file_system_url.h"
 #include "webkit/browser/fileapi/native_file_util.h"
+#include "webkit/browser/fileapi/sandbox_isolated_origin_database.h"
 #include "webkit/browser/fileapi/sandbox_mount_point_provider.h"
+#include "webkit/browser/fileapi/sandbox_origin_database.h"
 #include "webkit/browser/fileapi/syncable/syncable_file_system_util.h"
 #include "webkit/browser/quota/quota_manager.h"
 #include "webkit/common/fileapi/file_system_util.h"
@@ -210,7 +212,7 @@ class ObfuscatedOriginEnumerator
 public:
  typedef SandboxOriginDatabase::OriginRecord OriginRecord;
  ObfuscatedOriginEnumerator(
-      SandboxOriginDatabase* origin_database,
+      SandboxOriginDatabaseInterface* origin_database,
      const base::FilePath& base_file_path)
      : base_file_path_(base_file_path) {
    if (origin_database)
@@ -240,7 +242,8 @@ class ObfuscatedOriginEnumerator
      NOTREACHED();
      return false;
    }
-    base::FilePath path = base_file_path_.Append(current_.path).Append(type_string);
+    base::FilePath path =
+        base_file_path_.Append(current_.path).Append(type_string);
    return file_util::DirectoryExists(path);
  }

@@ -251,8 +254,10 @@ class ObfuscatedOriginEnumerator
 };

 ObfuscatedFileUtil::ObfuscatedFileUtil(
+    quota::SpecialStoragePolicy* special_storage_policy,
    const base::FilePath& file_system_directory)
-    : file_system_directory_(file_system_directory) {
+    : special_storage_policy_(special_storage_policy),
+      file_system_directory_(file_system_directory) {
 }

 ObfuscatedFileUtil::~ObfuscatedFileUtil() {
@@ -880,8 +885,8 @@ base::FilePath ObfuscatedFileUtil::GetDirectoryForOriginAndType(
 bool ObfuscatedFileUtil::DeleteDirectoryForOriginAndType(
    const GURL& origin, FileSystemType type) {
  base::PlatformFileError error = base::PLATFORM_FILE_OK;
-  base::FilePath origin_type_path = GetDirectoryForOriginAndType(origin, type, false,
-                                                           &error);
+  base::FilePath origin_type_path = GetDirectoryForOriginAndType(
+      origin, type, false, &error);
  if (origin_type_path.empty())
    return true;

@@ -974,7 +979,8 @@ bool ObfuscatedFileUtil::DestroyDirectoryDatabase(
  }

  PlatformFileError error = base::PLATFORM_FILE_OK;
-  base::FilePath path = GetDirectoryForOriginAndType(origin, type, false, &error);
+  base::FilePath path = GetDirectoryForOriginAndType(
+      origin, type, false, &error);
  if (path.empty() || error == base::PLATFORM_FILE_ERROR_NOT_FOUND)
    return true;
  return SandboxDirectoryDatabase::DestroyDatabase(path);
@@ -1047,8 +1053,8 @@ PlatformFileError ObfuscatedFileUtil::CreateFile(
      dest_origin, dest_type, true);

  PlatformFileError error = base::PLATFORM_FILE_OK;
-  base::FilePath root = GetDirectoryForOriginAndType(dest_origin, dest_type, false,
-                                               &error);
+  base::FilePath root = GetDirectoryForOriginAndType(
+      dest_origin, dest_type, false, &error);
  if (error != base::PLATFORM_FILE_OK)
    return error;

@@ -1119,7 +1125,8 @@ PlatformFileError ObfuscatedFileUtil::CreateFile(
 base::FilePath ObfuscatedFileUtil::DataPathToLocalPath(
    const GURL& origin, FileSystemType type, const base::FilePath& data_path) {
  PlatformFileError error = base::PLATFORM_FILE_OK;
-  base::FilePath root = GetDirectoryForOriginAndType(origin, type, false, &error);
+  base::FilePath root = GetDirectoryForOriginAndType(
+      origin, type, false, &error);
  if (error != base::PLATFORM_FILE_OK)
    return base::FilePath();
  return root.Append(data_path);
@@ -1146,7 +1153,8 @@ SandboxDirectoryDatabase* ObfuscatedFileUtil::GetDirectoryDatabase(
  }

  PlatformFileError error = base::PLATFORM_FILE_OK;
-  base::FilePath path = GetDirectoryForOriginAndType(origin, type, create, &error);
+  base::FilePath path = GetDirectoryForOriginAndType(
+      origin, type, create, &error);
  if (error != base::PLATFORM_FILE_OK) {
    LOG(WARNING) << "Failed to get origin+type directory: " << path.value();
    return NULL;
@@ -1159,6 +1167,14 @@ SandboxDirectoryDatabase* ObfuscatedFileUtil::GetDirectoryDatabase(

 base::FilePath ObfuscatedFileUtil::GetDirectoryForOrigin(
    const GURL& origin, bool create, base::PlatformFileError* error_code) {
+  if (special_storage_policy_ &&
+      special_storage_policy_->HasIsolatedStorage(origin)) {
+    CHECK(isolated_origin_.is_empty() || isolated_origin_ == origin)
+        << "multiple origins for an isolated site: "
+        << isolated_origin_.spec() << " vs " << origin.spec();
+    isolated_origin_ = origin;
+  }
+
  if (!InitOriginDatabase(create)) {
    if (error_code) {
      *error_code = create ?
@@ -1233,7 +1249,9 @@ void ObfuscatedFileUtil::DropDatabases() {
 }

 bool ObfuscatedFileUtil::InitOriginDatabase(bool create) {
-  if (!origin_database_) {
+  if (origin_database_)
+    return true;
+
  if (!create && !file_util::DirectoryExists(file_system_directory_))
    return false;
  if (!file_util::CreateDirectory(file_system_directory_)) {
@@ -1241,9 +1259,19 @@ bool ObfuscatedFileUtil::InitOriginDatabase(bool create) {
        file_system_directory_.value();
    return false;
  }
+
+  if (!isolated_origin_.is_empty()) {
+    DCHECK(special_storage_policy_->HasIsolatedStorage(isolated_origin_));
+    origin_database_.reset(
+        new SandboxIsolatedOriginDatabase(
+            UTF16ToUTF8(webkit_base::GetOriginIdentifierFromURL(
+                    isolated_origin_)),
+            file_system_directory_));
+    return true;
+  }
+
  origin_database_.reset(
      new SandboxOriginDatabase(file_system_directory_));
-  }
  return true;
 }

@@ -1259,8 +1287,8 @@ PlatformFileError ObfuscatedFileUtil::GenerateNewLocalPath(
    return base::PLATFORM_FILE_ERROR_FAILED;

  PlatformFileError error = base::PLATFORM_FILE_OK;
-  base::FilePath new_local_path = GetDirectoryForOriginAndType(origin, type,
-                                                               false, &error);
+  base::FilePath new_local_path = GetDirectoryForOriginAndType(
+      origin, type, false, &error);
  if (error != base::PLATFORM_FILE_OK)
    return base::PLATFORM_FILE_ERROR_FAILED;


--- a/webkit/browser/fileapi/obfuscated_file_util.h
+++ b/webkit/browser/fileapi/obfuscated_file_util.h
@@ -16,7 +16,6 @@
 #include "webkit/browser/fileapi/file_system_file_util.h"
 #include "webkit/browser/fileapi/file_system_url.h"
 #include "webkit/browser/fileapi/sandbox_directory_database.h"
-#include "webkit/browser/fileapi/sandbox_origin_database.h"
 #include "webkit/common/blob/shareable_file_reference.h"
 #include "webkit/common/fileapi/file_system_types.h"
 #include "webkit/storage/webkit_storage_export.h"
@@ -25,11 +24,16 @@ namespace base {
 class Time;
 }

+namespace quota {
+class SpecialStoragePolicy;
+}
+
 class GURL;

 namespace fileapi {

 class FileSystemOperationContext;
+class SandboxOriginDatabaseInterface;

 // The overall implementation philosophy of this class is that partial failures
 // should leave us with an intact database; we'd prefer to leak the occasional
@@ -55,7 +59,9 @@ class WEBKIT_STORAGE_EXPORT_PRIVATE ObfuscatedFileUtil
    virtual bool HasFileSystemType(FileSystemType type) const = 0;
  };

-  explicit ObfuscatedFileUtil(const base::FilePath& file_system_directory);
+  ObfuscatedFileUtil(
+      quota::SpecialStoragePolicy* special_storage_policy,
+      const base::FilePath& file_system_directory);
  virtual ~ObfuscatedFileUtil();

  // FileSystemFileUtil overrides.
@@ -250,10 +256,15 @@ class WEBKIT_STORAGE_EXPORT_PRIVATE ObfuscatedFileUtil

  typedef std::map<std::string, SandboxDirectoryDatabase*> DirectoryMap;
  DirectoryMap directories_;
-  scoped_ptr<SandboxOriginDatabase> origin_database_;
+  scoped_ptr<SandboxOriginDatabaseInterface> origin_database_;
+  scoped_refptr<quota::SpecialStoragePolicy> special_storage_policy_;
  base::FilePath file_system_directory_;
  base::OneShotTimer<ObfuscatedFileUtil> timer_;

+  // If this instance is initialized for an isolated origin, this should
+  // only see a single origin.
+  GURL isolated_origin_;
+
  DISALLOW_COPY_AND_ASSIGN(ObfuscatedFileUtil);
 };


--- a/webkit/browser/fileapi/sandbox_isolated_origin_database.cc
+++ b/webkit/browser/fileapi/sandbox_isolated_origin_database.cc
+// Copyright 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "webkit/browser/fileapi/sandbox_isolated_origin_database.h"
+
+#include "base/file_util.h"
+#include "base/logging.h"
+#include "webkit/browser/fileapi/sandbox_origin_database.h"
+
+namespace fileapi {
+
+// Special directory name for isolated origin.
+const base::FilePath::CharType kOriginDirectory[] = FILE_PATH_LITERAL("iso");
+
+SandboxIsolatedOriginDatabase::SandboxIsolatedOriginDatabase(
+    const std::string& origin,
+    const base::FilePath& file_system_directory)
+    : migration_checked_(false),
+      origin_(origin),
+      file_system_directory_(file_system_directory) {
+}
+
+SandboxIsolatedOriginDatabase::~SandboxIsolatedOriginDatabase() {
+}
+
+bool SandboxIsolatedOriginDatabase::HasOriginPath(
+    const std::string& origin) {
+  MigrateDatabaseIfNeeded();
+  return (origin_ == origin);
+}
+
+bool SandboxIsolatedOriginDatabase::GetPathForOrigin(
+    const std::string& origin, base::FilePath* directory) {
+  MigrateDatabaseIfNeeded();
+  if (origin != origin_)
+    return false;
+  *directory = base::FilePath(kOriginDirectory);
+  return true;
+}
+
+bool SandboxIsolatedOriginDatabase::RemovePathForOrigin(
+    const std::string& origin) {
+  return true;
+}
+
+bool SandboxIsolatedOriginDatabase::ListAllOrigins(
+    std::vector<OriginRecord>* origins) {
+  MigrateDatabaseIfNeeded();
+  origins->push_back(OriginRecord(origin_, base::FilePath(kOriginDirectory)));
+  return true;
+}
+
+void SandboxIsolatedOriginDatabase::DropDatabase() {
+}
+
+void SandboxIsolatedOriginDatabase::MigrateDatabaseIfNeeded() {
+  if (migration_checked_)
+    return;
+
+  migration_checked_ = true;
+  // See if we have non-isolated version of sandbox database.
+  scoped_ptr<SandboxOriginDatabase> database(
+      new SandboxOriginDatabase(file_system_directory_));
+  if (!database->HasOriginPath(origin_))
+    return;
+
+  base::FilePath directory_name;
+  if (database->GetPathForOrigin(origin_, &directory_name) &&
+      directory_name != base::FilePath(kOriginDirectory)) {
+    base::FilePath from_path = file_system_directory_.Append(directory_name);
+    base::FilePath to_path = file_system_directory_.Append(kOriginDirectory);
+
+    if (file_util::PathExists(to_path))
+      file_util::Delete(to_path, true /* recursive */);
+    file_util::Move(from_path, to_path);
+  }
+
+  database->RemoveDatabase();
+}
+
+}  // namespace fileapi
--- a/webkit/browser/fileapi/sandbox_isolated_origin_database.h
+++ b/webkit/browser/fileapi/sandbox_isolated_origin_database.h
+// Copyright 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef WEBKIT_BROWSER_FILEAPI_SANDBOX_ISOLATED_ORIGIN_DATABASE_H_
+#define WEBKIT_BROWSER_FILEAPI_SANDBOX_ISOLATED_ORIGIN_DATABASE_H_
+
+#include "webkit/browser/fileapi/sandbox_origin_database_interface.h"
+
+namespace fileapi {
+
+class WEBKIT_STORAGE_EXPORT_PRIVATE SandboxIsolatedOriginDatabase
+    : public SandboxOriginDatabaseInterface {
+ public:
+  explicit SandboxIsolatedOriginDatabase(
+      const std::string& origin,
+      const base::FilePath& file_system_directory);
+  virtual ~SandboxIsolatedOriginDatabase();
+
+  // SandboxOriginDatabaseInterface overrides.
+  virtual bool HasOriginPath(const std::string& origin) OVERRIDE;
+  virtual bool GetPathForOrigin(const std::string& origin,
+                                base::FilePath* directory) OVERRIDE;
+  virtual bool RemovePathForOrigin(const std::string& origin) OVERRIDE;
+  virtual bool ListAllOrigins(std::vector<OriginRecord>* origins) OVERRIDE;
+  virtual void DropDatabase() OVERRIDE;
+
+ private:
+  void MigrateDatabaseIfNeeded();
+
+  bool migration_checked_;
+  const std::string origin_;
+  const base::FilePath file_system_directory_;
+
+  DISALLOW_COPY_AND_ASSIGN(SandboxIsolatedOriginDatabase);
+};
+
+}  // namespace fileapi
+
+#endif  // WEBKIT_BROWSER_FILEAPI_SANDBOX_ISOLATED_ORIGIN_DATABASE_H_
--- a/webkit/browser/fileapi/sandbox_isolated_origin_database_unittest.cc
+++ b/webkit/browser/fileapi/sandbox_isolated_origin_database_unittest.cc
+// Copyright 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "base/basictypes.h"
+#include "base/file_util.h"
+#include "base/files/scoped_temp_dir.h"
+#include "testing/gtest/include/gtest/gtest.h"
+#include "webkit/browser/fileapi/sandbox_isolated_origin_database.h"
+#include "webkit/browser/fileapi/sandbox_origin_database.h"
+
+namespace fileapi {
+
+TEST(SandboxIsolatedOriginDatabaseTest, BasicTest) {
+  base::ScopedTempDir dir;
+  ASSERT_TRUE(dir.CreateUniqueTempDir());
+
+  std::string kOrigin("origin");
+  SandboxIsolatedOriginDatabase database(kOrigin, dir.path());
+
+  EXPECT_TRUE(database.HasOriginPath(kOrigin));
+
+  base::FilePath path1, path2;
+
+  EXPECT_FALSE(database.GetPathForOrigin(std::string(), &path1));
+  EXPECT_FALSE(database.GetPathForOrigin("foo", &path1));
+
+  EXPECT_TRUE(database.HasOriginPath(kOrigin));
+  EXPECT_TRUE(database.GetPathForOrigin(kOrigin, &path1));
+  EXPECT_TRUE(database.GetPathForOrigin(kOrigin, &path2));
+  EXPECT_FALSE(path1.empty());
+  EXPECT_FALSE(path2.empty());
+  EXPECT_EQ(path1, path2);
+}
+
+TEST(SandboxIsolatedOriginDatabaseTest, MigrationTest) {
+  base::ScopedTempDir dir;
+  ASSERT_TRUE(dir.CreateUniqueTempDir());
+
+  std::string kOrigin("origin");
+  std::string kFakeDirectoryData("0123456789");
+  base::FilePath path;
+  base::FilePath old_db_path;
+
+  // Initialize the directory with one origin using the regular
+  // SandboxOriginDatabase.
+  {
+    SandboxOriginDatabase database_old(dir.path());
+    old_db_path = database_old.GetDatabasePath();
+    EXPECT_FALSE(file_util::PathExists(old_db_path));
+    EXPECT_TRUE(database_old.GetPathForOrigin(kOrigin, &path));
+    EXPECT_FALSE(path.empty());
+    EXPECT_TRUE(file_util::DirectoryExists(old_db_path));
+
+    // Populate the origin directory with some fake data.
+    base::FilePath directory_db_path = dir.path().Append(path);
+    ASSERT_TRUE(file_util::CreateDirectory(directory_db_path));
+    EXPECT_EQ(static_cast<int>(kFakeDirectoryData.size()),
+              file_util::WriteFile(directory_db_path.AppendASCII("dummy"),
+                                   kFakeDirectoryData.data(),
+                                   kFakeDirectoryData.size()));
+  }
+
+  // Re-open the directory using sandboxIsolatedOriginDatabase.
+  SandboxIsolatedOriginDatabase database(kOrigin, dir.path());
+
+  // The database is migrated from the old one, so we should still
+  // see the same origin.
+  EXPECT_TRUE(database.HasOriginPath(kOrigin));
+  EXPECT_TRUE(database.GetPathForOrigin(kOrigin, &path));
+  EXPECT_FALSE(path.empty());
+
+  // The directory content must be kept (or migrated if necessary),
+  // so we should see the same fake data.
+  std::string origin_db_data;
+  base::FilePath directory_db_path = dir.path().Append(path);
+  EXPECT_TRUE(file_util::DirectoryExists(directory_db_path));
+  EXPECT_TRUE(file_util::PathExists(directory_db_path.AppendASCII("dummy")));
+  EXPECT_TRUE(file_util::ReadFileToString(
+      directory_db_path.AppendASCII("dummy"), &origin_db_data));
+  EXPECT_EQ(kFakeDirectoryData, origin_db_data);
+
+  // After the migration the database must be gone.
+  EXPECT_FALSE(file_util::PathExists(old_db_path));
+}
+
+}  // namespace fileapi
--- a/webkit/browser/fileapi/sandbox_mount_point_provider.cc
+++ b/webkit/browser/fileapi/sandbox_mount_point_provider.cc
@@ -153,6 +153,7 @@ SandboxMountPointProvider::SandboxMountPointProvider(
      sandbox_file_util_(
          new AsyncFileUtilAdapter(
              new ObfuscatedFileUtil(
+                  special_storage_policy,
                  profile_path.Append(kFileSystemDirectory)))),
      file_system_usage_cache_(new FileSystemUsageCache(file_task_runner)),
      quota_observer_(new SandboxQuotaObserver(

--- a/webkit/browser/fileapi/sandbox_origin_database.cc
+++ b/webkit/browser/fileapi/sandbox_origin_database.cc
@@ -5,6 +5,7 @@
 #include "webkit/browser/fileapi/sandbox_origin_database.h"

 #include <set>
+#include <utility>

 #include "base/file_util.h"
 #include "base/format_macros.h"
@@ -55,17 +56,6 @@ const char* LastPathKey() {

 namespace fileapi {

-SandboxOriginDatabase::OriginRecord::OriginRecord() {
-}
-
-SandboxOriginDatabase::OriginRecord::OriginRecord(
-    const std::string& origin_in, const base::FilePath& path_in)
-    : origin(origin_in), path(path_in) {
-}
-
-SandboxOriginDatabase::OriginRecord::~OriginRecord() {
-}
-
 SandboxOriginDatabase::SandboxOriginDatabase(
    const base::FilePath& file_system_directory)
    : file_system_directory_(file_system_directory) {
@@ -74,12 +64,16 @@ SandboxOriginDatabase::SandboxOriginDatabase(
 SandboxOriginDatabase::~SandboxOriginDatabase() {
 }

-bool SandboxOriginDatabase::Init(RecoveryOption recovery_option) {
+bool SandboxOriginDatabase::Init(InitOption init_option,
+                                 RecoveryOption recovery_option) {
  if (db_)
    return true;

-  std::string path =
-      FilePathToString(file_system_directory_.Append(kOriginDatabaseName));
+  base::FilePath db_path = GetDatabasePath();
+  if (init_option == FAIL_IF_NONEXISTENT && !file_util::PathExists(db_path))
+    return false;
+
+  std::string path = FilePathToString(db_path);
  leveldb::Options options;
  options.create_if_missing = true;
  leveldb::DB* db;
@@ -117,7 +111,7 @@ bool SandboxOriginDatabase::Init(RecoveryOption recovery_option) {
        return false;
      if (!file_util::CreateDirectory(file_system_directory_))
        return false;
-      return Init(FAIL_ON_CORRUPTION);
+      return Init(init_option, FAIL_ON_CORRUPTION);
  }
  NOTREACHED();
  return false;
@@ -126,7 +120,7 @@ bool SandboxOriginDatabase::Init(RecoveryOption recovery_option) {
 bool SandboxOriginDatabase::RepairDatabase(const std::string& db_path) {
  DCHECK(!db_.get());
  if (!leveldb::RepairDB(db_path, leveldb::Options()).ok() ||
-      !Init(FAIL_ON_CORRUPTION)) {
+      !Init(FAIL_IF_NONEXISTENT, FAIL_ON_CORRUPTION)) {
    LOG(WARNING) << "Failed to repair SandboxOriginDatabase.";
    return false;
  }
@@ -214,7 +208,7 @@ void SandboxOriginDatabase::ReportInitStatus(const leveldb::Status& status) {
 }

 bool SandboxOriginDatabase::HasOriginPath(const std::string& origin) {
-  if (!Init(REPAIR_ON_CORRUPTION))
+  if (!Init(FAIL_IF_NONEXISTENT, REPAIR_ON_CORRUPTION))
    return false;
  if (origin.empty())
    return false;
@@ -231,7 +225,7 @@ bool SandboxOriginDatabase::HasOriginPath(const std::string& origin) {

 bool SandboxOriginDatabase::GetPathForOrigin(
    const std::string& origin, base::FilePath* directory) {
-  if (!Init(REPAIR_ON_CORRUPTION))
+  if (!Init(CREATE_IF_NONEXISTENT, REPAIR_ON_CORRUPTION))
    return false;
  DCHECK(directory);
  if (origin.empty())
@@ -264,7 +258,7 @@ bool SandboxOriginDatabase::GetPathForOrigin(
 }

 bool SandboxOriginDatabase::RemovePathForOrigin(const std::string& origin) {
-  if (!Init(REPAIR_ON_CORRUPTION))
+  if (!Init(CREATE_IF_NONEXISTENT, REPAIR_ON_CORRUPTION))
    return false;
  leveldb::Status status =
      db_->Delete(leveldb::WriteOptions(), OriginToOriginKey(origin));
@@ -276,9 +270,11 @@ bool SandboxOriginDatabase::RemovePathForOrigin(const std::string& origin) {

 bool SandboxOriginDatabase::ListAllOrigins(
    std::vector<OriginRecord>* origins) {
-  if (!Init(REPAIR_ON_CORRUPTION))
-    return false;
  DCHECK(origins);
+  if (!Init(CREATE_IF_NONEXISTENT, REPAIR_ON_CORRUPTION)) {
+    origins->clear();
+    return false;
+  }
  scoped_ptr<leveldb::Iterator> iter(db_->NewIterator(leveldb::ReadOptions()));
  std::string origin_key_prefix = OriginToOriginKey(std::string());
  iter->Seek(origin_key_prefix);
@@ -298,9 +294,17 @@ void SandboxOriginDatabase::DropDatabase() {
  db_.reset();
 }

+base::FilePath SandboxOriginDatabase::GetDatabasePath() const {
+  return file_system_directory_.Append(kOriginDatabaseName);
+}
+
+void SandboxOriginDatabase::RemoveDatabase() {
+  DropDatabase();
+  file_util::Delete(GetDatabasePath(), true /* recursive */);
+}
+
 bool SandboxOriginDatabase::GetLastPathNumber(int* number) {
-  if (!Init(REPAIR_ON_CORRUPTION))
-    return false;
+  DCHECK(db_);
  DCHECK(number);
  std::string number_string;
  leveldb::Status status =

--- a/webkit/browser/fileapi/sandbox_origin_database.h
+++ b/webkit/browser/fileapi/sandbox_origin_database.h
@@ -5,14 +5,9 @@
 #ifndef WEBKIT_BROWSER_FILEAPI_SANDBOX_ORIGIN_DATABASE_H_
 #define WEBKIT_BROWSER_FILEAPI_SANDBOX_ORIGIN_DATABASE_H_

-#include <string>
-#include <utility>
-#include <vector>
-
-#include "base/files/file_path.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/time.h"
-#include "webkit/storage/webkit_storage_export.h"
+#include "webkit/browser/fileapi/sandbox_origin_database_interface.h"

 namespace leveldb {
 class DB;
@@ -27,35 +22,24 @@ namespace fileapi {

 // All methods of this class other than the constructor may be used only from
 // the browser's FILE thread.  The constructor may be used on any thread.
-class WEBKIT_STORAGE_EXPORT_PRIVATE SandboxOriginDatabase {
+class WEBKIT_STORAGE_EXPORT_PRIVATE SandboxOriginDatabase
+    : public SandboxOriginDatabaseInterface {
 public:
-  struct WEBKIT_STORAGE_EXPORT_PRIVATE OriginRecord {
-    std::string origin;
-    base::FilePath path;
-
-    OriginRecord();
-    OriginRecord(const std::string& origin, const base::FilePath& path);
-    ~OriginRecord();
-  };
-
  // Only one instance of SandboxOriginDatabase should exist for a given path
  // at a given time.
  explicit SandboxOriginDatabase(const base::FilePath& file_system_directory);
-  ~SandboxOriginDatabase();
-
-  bool HasOriginPath(const std::string& origin);
+  virtual ~SandboxOriginDatabase();

-  // This will produce a unique path and add it to its database, if it's not
-  // already present.
-  bool GetPathForOrigin(const std::string& origin, base::FilePath* directory);
+  // SandboxOriginDatabaseInterface overrides.
+  virtual bool HasOriginPath(const std::string& origin) OVERRIDE;
+  virtual bool GetPathForOrigin(const std::string& origin,
+                                base::FilePath* directory) OVERRIDE;
+  virtual bool RemovePathForOrigin(const std::string& origin) OVERRIDE;
+  virtual bool ListAllOrigins(std::vector<OriginRecord>* origins) OVERRIDE;
+  virtual void DropDatabase() OVERRIDE;

-  // Also returns success if the origin is not found.
-  bool RemovePathForOrigin(const std::string& origin);
-
-  bool ListAllOrigins(std::vector<OriginRecord>* origins);
-
-  // This will release all database resources in use; call it to save memory.
-  void DropDatabase();
+  base::FilePath GetDatabasePath() const;
+  void RemoveDatabase();

 private:
  enum RecoveryOption {
@@ -64,7 +48,12 @@ class WEBKIT_STORAGE_EXPORT_PRIVATE SandboxOriginDatabase {
    FAIL_ON_CORRUPTION,
  };

-  bool Init(RecoveryOption recovery_option);
+  enum InitOption {
+    CREATE_IF_NONEXISTENT,
+    FAIL_IF_NONEXISTENT,
+  };
+
+  bool Init(InitOption init_option, RecoveryOption recovery_option);
  bool RepairDatabase(const std::string& db_path);
  void HandleError(const tracked_objects::Location& from_here,
                   const leveldb::Status& status);

--- a/webkit/browser/fileapi/sandbox_origin_database_interface.cc
+++ b/webkit/browser/fileapi/sandbox_origin_database_interface.cc
+// Copyright 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "webkit/browser/fileapi/sandbox_origin_database_interface.h"
+
+namespace fileapi {
+
+SandboxOriginDatabaseInterface::OriginRecord::OriginRecord() {
+}
+
+SandboxOriginDatabaseInterface::OriginRecord::OriginRecord(
+    const std::string& origin_in, const base::FilePath& path_in)
+    : origin(origin_in), path(path_in) {
+}
+
+SandboxOriginDatabaseInterface::OriginRecord::~OriginRecord() {
+}
+
+}  // namespace fileapi
--- a/webkit/browser/fileapi/sandbox_origin_database_interface.h
+++ b/webkit/browser/fileapi/sandbox_origin_database_interface.h
+// Copyright 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef WEBKIT_BROWSER_FILEAPI_SANDBOX_ORIGIN_DATABASE_INTERFACE_H_
+#define WEBKIT_BROWSER_FILEAPI_SANDBOX_ORIGIN_DATABASE_INTERFACE_H_
+
+#include <string>
+#include <vector>
+
+#include "base/files/file_path.h"
+#include "webkit/storage/webkit_storage_export.h"
+
+namespace fileapi {
+
+class WEBKIT_STORAGE_EXPORT_PRIVATE SandboxOriginDatabaseInterface {
+ public:
+  struct WEBKIT_STORAGE_EXPORT_PRIVATE OriginRecord {
+    std::string origin;
+    base::FilePath path;
+
+    OriginRecord();
+    OriginRecord(const std::string& origin, const base::FilePath& path);
+    ~OriginRecord();
+  };
+
+  virtual ~SandboxOriginDatabaseInterface() {}
+
+  // Returns true if the origin's path is included in this database.
+  virtual bool HasOriginPath(const std::string& origin) = 0;
+
+  // This will produce a unique path and add it to its database, if it's not
+  // already present.
+  virtual bool GetPathForOrigin(const std::string& origin,
+                                base::FilePath* directory) = 0;
+
+  // Removes the origin's path from the database.
+  // Returns success if the origin has been successfully removed, or
+  // the origin is not found.
+  // (This doesn't remove the actual path).
+  virtual bool RemovePathForOrigin(const std::string& origin) = 0;
+
+  // Lists all origins in this database.
+  virtual bool ListAllOrigins(std::vector<OriginRecord>* origins) = 0;
+
+  // This will release all database resources in use; call it to save memory.
+  virtual void DropDatabase() = 0;
+
+ protected:
+  SandboxOriginDatabaseInterface() {}
+};
+
+}  // namespace fileapi
+
+#endif  // WEBKIT_BROWSER_FILEAPI_SANDBOX_ORIGIN_DATABASE_INTERFACE_H_
--- a/webkit/browser/fileapi/webkit_browser_fileapi.gypi
+++ b/webkit/browser/fileapi/webkit_browser_fileapi.gypi
@@ -74,10 +74,14 @@
      '../browser/fileapi/sandbox_directory_database.h',
      '../browser/fileapi/sandbox_file_stream_writer.cc',
      '../browser/fileapi/sandbox_file_stream_writer.h',
+      '../browser/fileapi/sandbox_isolated_origin_database.cc',
+      '../browser/fileapi/sandbox_isolated_origin_database.h',
      '../browser/fileapi/sandbox_mount_point_provider.cc',
      '../browser/fileapi/sandbox_mount_point_provider.h',
      '../browser/fileapi/sandbox_origin_database.cc',
      '../browser/fileapi/sandbox_origin_database.h',
+      '../browser/fileapi/sandbox_origin_database_interface.cc',
+      '../browser/fileapi/sandbox_origin_database_interface.h',
      '../browser/fileapi/sandbox_quota_observer.cc',
      '../browser/fileapi/sandbox_quota_observer.h',
      '../browser/fileapi/syncable/file_change.cc',