Clarify requirements for Storage Service data dir

ContentBrowserClient::GetSandboxedStorageServiceDataDir returns a
FilePath in which to isolate sandboxed Storage Service instances.
This path must be absolute or the service will reject it and fail to
function properly.

This CL merely updates the documentation on ContentBrowserClient to
clarify the absolute path requirement, and adds a browser process DCHECK
at service launch time to make such errors more obvious.

This requirement exists in lieu of the browser manually resolving a
relative path if needed, because that may be a blocking operation.
We don't want it janking the UI thread or delaying service startup.

Chrome always provides an absolute path here, so this is more about
clarifying requirements for other embedders.

Bug: 1090988
Change-Id: I3c407f92ca52104773c784876f074398531aa35a
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2476453
Auto-Submit: Ken Rockot <rockot@google.com>
Reviewed-by: Alex Moshchuk <alexmos@chromium.org>
Commit-Queue: Alex Moshchuk <alexmos@chromium.org>
Commit-Queue: Ken Rockot <rockot@google.com>
Cr-Commit-Position: refs/heads/master@{#817588}

content/browser/storage_partition_impl.cc

@@ -189,6 +189,9 @@ mojo::Remote<storage::mojom::StorageService>& GetStorageServiceRemote() {
         !sandboxed_data_dir.empty() && !single_process_mode &&
         !g_force_in_process_storage_service;
     if (oop_storage_enabled) {
+      DCHECK(sandboxed_data_dir.IsAbsolute())
+          << "Storage Service data directory must be an absolute path, but \""
+          << sandboxed_data_dir << "\" is not an absolute path.";
       remote = ServiceProcessHost::Launch<storage::mojom::StorageService>(
           ServiceProcessHost::Options()
               .WithDisplayName("Storage Service")

content/public/browser/content_browser_client.h

@@ -1700,9 +1700,9 @@ class CONTENT_EXPORT ContentBrowserClient {
       int64_t recv_bytes,
       int64_t sent_bytes);
 
-  // Returns the path to a root directory to which sandboxed out-of-process
-  // Storage Service instances should be confined. By default this is empty,
-  // and the browser cannot create sandboxed Storage Service instances.
+  // Returns the absolute path to a directory in which sandboxed out-of-process
+  // Storage Service instances should be confined. By default this is empty, and
+  // the browser cannot create sandboxed Storage Service instances.
   virtual base::FilePath GetSandboxedStorageServiceDataDirectory();
 
   // Returns true if the audio service should be sandboxed. false otherwise.