Google Git
Sign in
android / platform / external / chromium_org / 116680a4aac90f2aa7413d9095a592090648e557 / . / content / browser / frame_host / render_frame_host_manager.cc
blob: 9973a8657557899523f41b4e45c838445fc7a3ce [file] [log] [blame]
// Copyright 2013 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "content/browser/frame_host/render_frame_host_manager.h"
#include <utility>
#include "base/command_line.h"
#include "base/debug/trace_event.h"
#include "base/logging.h"
#include "base/stl_util.h"
#include "content/browser/child_process_security_policy_impl.h"
#include "content/browser/devtools/render_view_devtools_agent_host.h"
#include "content/browser/frame_host/cross_site_transferring_request.h"
#include "content/browser/frame_host/debug_urls.h"
#include "content/browser/frame_host/interstitial_page_impl.h"
#include "content/browser/frame_host/navigation_controller_impl.h"
#include "content/browser/frame_host/navigation_entry_impl.h"
#include "content/browser/frame_host/navigation_request.h"
#include "content/browser/frame_host/navigation_request_info.h"
#include "content/browser/frame_host/navigator.h"
#include "content/browser/frame_host/render_frame_host_factory.h"
#include "content/browser/frame_host/render_frame_host_impl.h"
#include "content/browser/frame_host/render_frame_proxy_host.h"
#include "content/browser/renderer_host/render_process_host_impl.h"
#include "content/browser/renderer_host/render_view_host_factory.h"
#include "content/browser/renderer_host/render_view_host_impl.h"
#include "content/browser/site_instance_impl.h"
#include "content/browser/webui/web_ui_controller_factory_registry.h"
#include "content/browser/webui/web_ui_impl.h"
#include "content/common/view_messages.h"
#include "content/public/browser/content_browser_client.h"
#include "content/public/browser/notification_service.h"
#include "content/public/browser/notification_types.h"
#include "content/public/browser/render_widget_host_iterator.h"
#include "content/public/browser/render_widget_host_view.h"
#include "content/public/browser/user_metrics.h"
#include "content/public/browser/web_ui_controller.h"
#include "content/public/common/content_switches.h"
#include "content/public/common/url_constants.h"
namespace content {
RenderFrameHostManager::PendingNavigationParams::PendingNavigationParams(
const GlobalRequestID& global_request_id,
scoped_ptr<CrossSiteTransferringRequest> cross_site_transferring_request,
const std::vector<GURL>& transfer_url_chain,
Referrer referrer,
PageTransition page_transition,
int render_frame_id,
bool should_replace_current_entry)
: global_request_id(global_request_id),
cross_site_transferring_request(cross_site_transferring_request.Pass()),
transfer_url_chain(transfer_url_chain),
referrer(referrer),
page_transition(page_transition),
render_frame_id(render_frame_id),
should_replace_current_entry(should_replace_current_entry) {
}
RenderFrameHostManager::PendingNavigationParams::~PendingNavigationParams() {}
bool RenderFrameHostManager::ClearRFHsPendingShutdown(FrameTreeNode* node) {
node->render_manager()->pending_delete_hosts_.clear();
return true;
}
RenderFrameHostManager::RenderFrameHostManager(
FrameTreeNode* frame_tree_node,
RenderFrameHostDelegate* render_frame_delegate,
RenderViewHostDelegate* render_view_delegate,
RenderWidgetHostDelegate* render_widget_delegate,
Delegate* delegate)
: frame_tree_node_(frame_tree_node),
delegate_(delegate),
cross_navigation_pending_(false),
render_frame_delegate_(render_frame_delegate),
render_view_delegate_(render_view_delegate),
render_widget_delegate_(render_widget_delegate),
interstitial_page_(NULL),
weak_factory_(this) {
DCHECK(frame_tree_node_);
}
RenderFrameHostManager::~RenderFrameHostManager() {
if (pending_render_frame_host_)
CancelPending();
// We should always have a current RenderFrameHost except in some tests.
SetRenderFrameHost(scoped_ptr<RenderFrameHostImpl>());
// Delete any swapped out RenderFrameHosts.
STLDeleteValues(&proxy_hosts_);
}
void RenderFrameHostManager::Init(BrowserContext* browser_context,
SiteInstance* site_instance,
int view_routing_id,
int frame_routing_id) {
// Create a RenderViewHost and RenderFrameHost, once we have an instance. It
// is important to immediately give this SiteInstance to a RenderViewHost so
// that the SiteInstance is ref counted.
if (!site_instance)
site_instance = SiteInstance::Create(browser_context);
SetRenderFrameHost(CreateRenderFrameHost(site_instance,
view_routing_id,
frame_routing_id,
false,
delegate_->IsHidden()));
// Keep track of renderer processes as they start to shut down or are
// crashed/killed.
registrar_.Add(this, NOTIFICATION_RENDERER_PROCESS_CLOSED,
NotificationService::AllSources());
registrar_.Add(this, NOTIFICATION_RENDERER_PROCESS_CLOSING,
NotificationService::AllSources());
}
RenderViewHostImpl* RenderFrameHostManager::current_host() const {
if (!render_frame_host_)
return NULL;
return render_frame_host_->render_view_host();
}
RenderViewHostImpl* RenderFrameHostManager::pending_render_view_host() const {
if (!pending_render_frame_host_)
return NULL;
return pending_render_frame_host_->render_view_host();
}
RenderWidgetHostView* RenderFrameHostManager::GetRenderWidgetHostView() const {
if (interstitial_page_)
return interstitial_page_->GetView();
if (!render_frame_host_)
return NULL;
return render_frame_host_->render_view_host()->GetView();
}
RenderFrameProxyHost* RenderFrameHostManager::GetProxyToParent() {
if (frame_tree_node_->IsMainFrame())
return NULL;
RenderFrameProxyHostMap::iterator iter =
proxy_hosts_.find(frame_tree_node_->parent()
->render_manager()
->current_frame_host()
->GetSiteInstance()
->GetId());
if (iter == proxy_hosts_.end())
return NULL;
return iter->second;
}
void RenderFrameHostManager::SetPendingWebUI(const NavigationEntryImpl& entry) {
pending_web_ui_.reset(
delegate_->CreateWebUIForRenderManager(entry.GetURL()));
pending_and_current_web_ui_.reset();
// If we have assigned (zero or more) bindings to this NavigationEntry in the
// past, make sure we're not granting it different bindings than it had
// before. If so, note it and don't give it any bindings, to avoid a
// potential privilege escalation.
if (pending_web_ui_.get() &&
entry.bindings() != NavigationEntryImpl::kInvalidBindings &&
pending_web_ui_->GetBindings() != entry.bindings()) {
RecordAction(
base::UserMetricsAction("ProcessSwapBindingsMismatch_RVHM"));
pending_web_ui_.reset();
}
}
RenderFrameHostImpl* RenderFrameHostManager::Navigate(
const NavigationEntryImpl& entry) {
TRACE_EVENT0("browser", "RenderFrameHostManager:Navigate");
// Create a pending RenderFrameHost to use for the navigation.
RenderFrameHostImpl* dest_render_frame_host = UpdateStateForNavigate(entry);
if (!dest_render_frame_host)
return NULL; // We weren't able to create a pending render frame host.
// If the current render_frame_host_ isn't live, we should create it so
// that we don't show a sad tab while the dest_render_frame_host fetches
// its first page. (Bug 1145340)
if (dest_render_frame_host != render_frame_host_ &&
!render_frame_host_->render_view_host()->IsRenderViewLive()) {
// Note: we don't call InitRenderView here because we are navigating away
// soon anyway, and we don't have the NavigationEntry for this host.
delegate_->CreateRenderViewForRenderManager(
render_frame_host_->render_view_host(), MSG_ROUTING_NONE,
MSG_ROUTING_NONE, frame_tree_node_->IsMainFrame());
}
// If the renderer crashed, then try to create a new one to satisfy this
// navigation request.
if (!dest_render_frame_host->render_view_host()->IsRenderViewLive()) {
// Recreate the opener chain.
int opener_route_id = delegate_->CreateOpenerRenderViewsForRenderManager(
dest_render_frame_host->GetSiteInstance());
if (!InitRenderView(dest_render_frame_host->render_view_host(),
opener_route_id,
MSG_ROUTING_NONE,
frame_tree_node_->IsMainFrame()))
return NULL;
// Now that we've created a new renderer, be sure to hide it if it isn't
// our primary one. Otherwise, we might crash if we try to call Show()
// on it later.
if (dest_render_frame_host != render_frame_host_ &&
dest_render_frame_host->render_view_host()->GetView()) {
dest_render_frame_host->render_view_host()->GetView()->Hide();
} else {
// Notify here as we won't be calling CommitPending (which does the
// notify).
delegate_->NotifySwappedFromRenderManager(
NULL, render_frame_host_.get(), frame_tree_node_->IsMainFrame());
}
}
// If entry includes the request ID of a request that is being transferred,
// the destination render frame will take ownership, so release ownership of
// the request.
if (pending_nav_params_ &&
pending_nav_params_->global_request_id ==
entry.transferred_global_request_id()) {
pending_nav_params_->cross_site_transferring_request->ReleaseRequest();
}
return dest_render_frame_host;
}
void RenderFrameHostManager::Stop() {
render_frame_host_->render_view_host()->Stop();
// If we are cross-navigating, we should stop the pending renderers. This
// will lead to a DidFailProvisionalLoad, which will properly destroy them.
if (cross_navigation_pending_) {
pending_render_frame_host_->render_view_host()->Send(new ViewMsg_Stop(
pending_render_frame_host_->render_view_host()->GetRoutingID()));
}
}
void RenderFrameHostManager::SetIsLoading(bool is_loading) {
render_frame_host_->render_view_host()->SetIsLoading(is_loading);
if (pending_render_frame_host_)
pending_render_frame_host_->render_view_host()->SetIsLoading(is_loading);
}
bool RenderFrameHostManager::ShouldCloseTabOnUnresponsiveRenderer() {
if (!cross_navigation_pending_)
return true;
// We should always have a pending RFH when there's a cross-process navigation
// in progress. Sanity check this for http://crbug.com/276333.
CHECK(pending_render_frame_host_);
// If the tab becomes unresponsive during {before}unload while doing a
// cross-site navigation, proceed with the navigation. (This assumes that
// the pending RenderFrameHost is still responsive.)
if (render_frame_host_->render_view_host()->IsWaitingForUnloadACK()) {
// The request has been started and paused while we're waiting for the
// unload handler to finish. We'll pretend that it did. The pending
// renderer will then be swapped in as part of the usual DidNavigate logic.
// (If the unload handler later finishes, this call will be ignored because
// the pending_nav_params_ state will already be cleaned up.)
current_host()->OnSwappedOut(true);
} else if (render_frame_host_->render_view_host()->
is_waiting_for_beforeunload_ack()) {
// Haven't gotten around to starting the request, because we're still
// waiting for the beforeunload handler to finish. We'll pretend that it
// did finish, to let the navigation proceed. Note that there's a danger
// that the beforeunload handler will later finish and possibly return
// false (meaning the navigation should not proceed), but we'll ignore it
// in this case because it took too long.
if (pending_render_frame_host_->render_view_host()->
are_navigations_suspended()) {
pending_render_frame_host_->render_view_host()->SetNavigationsSuspended(
false, base::TimeTicks::Now());
}
}
return false;
}
void RenderFrameHostManager::OnBeforeUnloadACK(
bool for_cross_site_transition,
bool proceed,
const base::TimeTicks& proceed_time) {
if (for_cross_site_transition) {
// Ignore if we're not in a cross-site navigation.
if (!cross_navigation_pending_)
return;
if (proceed) {
// Ok to unload the current page, so proceed with the cross-site
// navigation. Note that if navigations are not currently suspended, it
// might be because the renderer was deemed unresponsive and this call was
// already made by ShouldCloseTabOnUnresponsiveRenderer. In that case, it
// is ok to do nothing here.
if (pending_render_frame_host_ &&
pending_render_frame_host_->render_view_host()->
are_navigations_suspended()) {
pending_render_frame_host_->render_view_host()->
SetNavigationsSuspended(false, proceed_time);
}
} else {
// Current page says to cancel.
CancelPending();
cross_navigation_pending_ = false;
}
} else {
// Non-cross site transition means closing the entire tab.
bool proceed_to_fire_unload;
delegate_->BeforeUnloadFiredFromRenderManager(proceed, proceed_time,
&proceed_to_fire_unload);
if (proceed_to_fire_unload) {
// If we're about to close the tab and there's a pending RFH, cancel it.
// Otherwise, if the navigation in the pending RFH completes before the
// close in the current RFH, we'll lose the tab close.
if (pending_render_frame_host_) {
CancelPending();
cross_navigation_pending_ = false;
}
// This is not a cross-site navigation, the tab is being closed.
render_frame_host_->render_view_host()->ClosePage();
}
}
}
void RenderFrameHostManager::OnCrossSiteResponse(
RenderFrameHostImpl* pending_render_frame_host,
const GlobalRequestID& global_request_id,
scoped_ptr<CrossSiteTransferringRequest> cross_site_transferring_request,
const std::vector<GURL>& transfer_url_chain,
const Referrer& referrer,
PageTransition page_transition,
bool should_replace_current_entry) {
// This should be called either when the pending RFH is ready to commit or
// when we realize that the current RFH's request requires a transfer.
DCHECK(pending_render_frame_host == pending_render_frame_host_ ||
pending_render_frame_host == render_frame_host_);
// TODO(creis): Eventually we will want to check all navigation responses
// here, but currently we pass information for a transfer if
// ShouldSwapProcessesForRedirect returned true in the network stack.
// In that case, we should set up a transfer after the unload handler runs.
// If |cross_site_transferring_request| is NULL, we will just run the unload
// handler and resume.
pending_nav_params_.reset(new PendingNavigationParams(
global_request_id, cross_site_transferring_request.Pass(),
transfer_url_chain, referrer, page_transition,
pending_render_frame_host->GetRoutingID(),
should_replace_current_entry));
// Run the unload handler of the current page.
SwapOutOldPage();
}
void RenderFrameHostManager::OnDeferredAfterResponseStarted(
const GlobalRequestID& global_request_id,
RenderFrameHostImpl* pending_render_frame_host) {
DCHECK(!response_started_id_.get());
response_started_id_.reset(new GlobalRequestID(global_request_id));
}
void RenderFrameHostManager::ResumeResponseDeferredAtStart() {
DCHECK(response_started_id_.get());
RenderProcessHostImpl* process =
static_cast<RenderProcessHostImpl*>(render_frame_host_->GetProcess());
process->ResumeResponseDeferredAtStart(*response_started_id_);
render_frame_host_->SetHasPendingTransitionRequest(false);
response_started_id_.reset();
}
void RenderFrameHostManager::SwappedOut(
RenderFrameHostImpl* render_frame_host) {
// Make sure this is from our current RFH, and that we have a pending
// navigation from OnCrossSiteResponse. (There may be no pending navigation
// for data URLs that don't make network requests, for example.) If not,
// just return early and ignore.
if (render_frame_host != render_frame_host_ || !pending_nav_params_.get()) {
pending_nav_params_.reset();
return;
}
// Now that the unload handler has run, we need to either initiate the
// pending transfer (if there is one) or resume the paused response (if not).
// TODO(creis): The blank swapped out page is visible during this time, but
// we can shorten this by delivering the response directly, rather than
// forcing an identical request to be made.
if (pending_nav_params_->cross_site_transferring_request) {
// Sanity check that the params are for the correct frame and process.
// These should match the RenderFrameHost that made the request.
// If it started as a cross-process navigation via OpenURL, this is the
// pending one. If it wasn't cross-process until the transfer, this is the
// current one.
int render_frame_id = pending_render_frame_host_ ?
pending_render_frame_host_->GetRoutingID() :
render_frame_host_->GetRoutingID();
DCHECK_EQ(render_frame_id, pending_nav_params_->render_frame_id);
int process_id = pending_render_frame_host_ ?
pending_render_frame_host_->GetProcess()->GetID() :
render_frame_host_->GetProcess()->GetID();
DCHECK_EQ(process_id, pending_nav_params_->global_request_id.child_id);
// Treat the last URL in the chain as the destination and the remainder as
// the redirect chain.
CHECK(pending_nav_params_->transfer_url_chain.size());
GURL transfer_url = pending_nav_params_->transfer_url_chain.back();
pending_nav_params_->transfer_url_chain.pop_back();
// We don't know whether the original request had |user_action| set to true.
// However, since we force the navigation to be in the current tab, it
// doesn't matter.
render_frame_host->frame_tree_node()->navigator()->RequestTransferURL(
render_frame_host,
transfer_url,
pending_nav_params_->transfer_url_chain,
pending_nav_params_->referrer,
pending_nav_params_->page_transition,
CURRENT_TAB,
pending_nav_params_->global_request_id,
pending_nav_params_->should_replace_current_entry,
true);
} else if (pending_render_frame_host_) {
RenderProcessHostImpl* pending_process =
static_cast<RenderProcessHostImpl*>(
pending_render_frame_host_->GetProcess());
pending_process->ResumeDeferredNavigation(
pending_nav_params_->global_request_id);
}
pending_nav_params_.reset();
}
void RenderFrameHostManager::DidNavigateFrame(
RenderFrameHostImpl* render_frame_host) {
if (!cross_navigation_pending_) {
DCHECK(!pending_render_frame_host_);
// We should only hear this from our current renderer.
DCHECK_EQ(render_frame_host_, render_frame_host);
// Even when there is no pending RVH, there may be a pending Web UI.
if (pending_web_ui())
CommitPending();
return;
}
if (render_frame_host == pending_render_frame_host_) {
// The pending cross-site navigation completed, so show the renderer.
// If it committed without sending network requests (e.g., data URLs),
// then we still need to swap out the old RFH first and run its unload
// handler, only if it hasn't happened yet. OK for that to happen in the
// background.
if (pending_render_frame_host_->render_view_host()->
HasPendingCrossSiteRequest() &&
pending_render_frame_host_->render_view_host()->rvh_state() ==
RenderViewHostImpl::STATE_DEFAULT) {
SwapOutOldPage();
}
CommitPending();
cross_navigation_pending_ = false;
} else if (render_frame_host == render_frame_host_) {
// A navigation in the original page has taken place. Cancel the pending
// one.
CancelPending();
cross_navigation_pending_ = false;
} else {
// No one else should be sending us DidNavigate in this state.
DCHECK(false);
}
}
// TODO(creis): Take in RenderFrameHost instead, since frames can have openers.
void RenderFrameHostManager::DidDisownOpener(RenderViewHost* render_view_host) {
// Notify all swapped out hosts, including the pending RVH.
for (RenderFrameProxyHostMap::iterator iter = proxy_hosts_.begin();
iter != proxy_hosts_.end();
++iter) {
DCHECK_NE(iter->second->GetSiteInstance(),
current_frame_host()->GetSiteInstance());
iter->second->GetRenderViewHost()->DisownOpener();
}
}
void RenderFrameHostManager::RendererProcessClosing(
RenderProcessHost* render_process_host) {
// Remove any swapped out RVHs from this process, so that we don't try to
// swap them back in while the process is exiting. Start by finding them,
// since there could be more than one.
std::list<int> ids_to_remove;
for (RenderFrameProxyHostMap::iterator iter = proxy_hosts_.begin();
iter != proxy_hosts_.end();
++iter) {
if (iter->second->GetProcess() == render_process_host)
ids_to_remove.push_back(iter->first);
}
// Now delete them.
while (!ids_to_remove.empty()) {
delete proxy_hosts_[ids_to_remove.back()];
proxy_hosts_.erase(ids_to_remove.back());
ids_to_remove.pop_back();
}
}
void RenderFrameHostManager::SwapOutOldPage() {
// Should only see this while we have a pending renderer or transfer.
CHECK(cross_navigation_pending_ || pending_nav_params_.get());
// Tell the renderer to suppress any further modal dialogs so that we can swap
// it out. This must be done before canceling any current dialog, in case
// there is a loop creating additional dialogs.
// TODO(creis): Handle modal dialogs in subframe processes.
render_frame_host_->render_view_host()->SuppressDialogsUntilSwapOut();
// Now close any modal dialogs that would prevent us from swapping out. This
// must be done separately from SwapOut, so that the PageGroupLoadDeferrer is
// no longer on the stack when we send the SwapOut message.
delegate_->CancelModalDialogsForRenderManager();
// Create the RenderFrameProxyHost that will replace the
// RenderFrameHost which is swapping out. If one exists, ensure it is deleted
// from the map and not leaked.
RenderFrameProxyHostMap::iterator iter = proxy_hosts_.find(
render_frame_host_->GetSiteInstance()->GetId());
if (iter != proxy_hosts_.end()) {
delete iter->second;
proxy_hosts_.erase(iter);
}
RenderFrameProxyHost* proxy = new RenderFrameProxyHost(
render_frame_host_->GetSiteInstance(), frame_tree_node_);
proxy_hosts_[render_frame_host_->GetSiteInstance()->GetId()] = proxy;
// Tell the old frame it is being swapped out. This will fire the unload
// handler in the background (without firing the beforeunload handler a second
// time). When the navigation completes, we will send a message to the
// ResourceDispatcherHost, allowing the pending RVH's response to resume.
render_frame_host_->SwapOut(proxy);
// ResourceDispatcherHost has told us to run the onunload handler, which
// means it is not a download or unsafe page, and we are going to perform the
// navigation. Thus, we no longer need to remember that the RenderFrameHost
// is part of a pending cross-site request.
if (pending_render_frame_host_) {
pending_render_frame_host_->render_view_host()->
SetHasPendingCrossSiteRequest(false);
}
}
void RenderFrameHostManager::ClearPendingShutdownRFHForSiteInstance(
int32 site_instance_id,
RenderFrameHostImpl* rfh) {
RFHPendingDeleteMap::iterator iter =
pending_delete_hosts_.find(site_instance_id);
if (iter != pending_delete_hosts_.end() && iter->second.get() == rfh)
pending_delete_hosts_.erase(site_instance_id);
}
void RenderFrameHostManager::ResetProxyHosts() {
STLDeleteValues(&proxy_hosts_);
}
void RenderFrameHostManager::OnBeginNavigation(
const FrameHostMsg_BeginNavigation_Params& params) {
// TODO(clamy): Check if navigations are blocked and if so, return
// immediately.
NavigationRequestInfo info(params);
info.first_party_for_cookies = frame_tree_node_->IsMainFrame() ?
params.url : frame_tree_node_->frame_tree()->root()->current_url();
info.is_main_frame = frame_tree_node_->IsMainFrame();
info.parent_is_main_frame = !frame_tree_node_->parent() ?
false : frame_tree_node_->parent()->IsMainFrame();
info.is_showing = GetRenderWidgetHostView()->IsShowing();
navigation_request_.reset(
new NavigationRequest(info, frame_tree_node_->frame_tree_node_id()));
navigation_request_->BeginNavigation(params.request_body);
// TODO(clamy): If we have no live RenderFrameHost to handle the request (eg
// cross-site navigation) spawn one speculatively here and keep track of it.
}
void RenderFrameHostManager::Observe(
int type,
const NotificationSource& source,
const NotificationDetails& details) {
switch (type) {
case NOTIFICATION_RENDERER_PROCESS_CLOSED:
case NOTIFICATION_RENDERER_PROCESS_CLOSING:
RendererProcessClosing(
Source<RenderProcessHost>(source).ptr());
break;
default:
NOTREACHED();
}
}
bool RenderFrameHostManager::ClearProxiesInSiteInstance(
int32 site_instance_id,
FrameTreeNode* node) {
RenderFrameProxyHostMap::iterator iter =
node->render_manager()->proxy_hosts_.find(site_instance_id);
if (iter != node->render_manager()->proxy_hosts_.end()) {
RenderFrameProxyHost* proxy = iter->second;
// If the RVH is pending swap out, it needs to switch state to
// pending shutdown. Otherwise it is deleted.
if (proxy->GetRenderViewHost()->rvh_state() ==
RenderViewHostImpl::STATE_PENDING_SWAP_OUT) {
scoped_ptr<RenderFrameHostImpl> swapped_out_rfh =
proxy->PassFrameHostOwnership();
swapped_out_rfh->SetPendingShutdown(base::Bind(
&RenderFrameHostManager::ClearPendingShutdownRFHForSiteInstance,
node->render_manager()->weak_factory_.GetWeakPtr(),
site_instance_id,
swapped_out_rfh.get()));
RFHPendingDeleteMap::iterator pending_delete_iter =
node->render_manager()->pending_delete_hosts_.find(site_instance_id);
if (pending_delete_iter ==
node->render_manager()->pending_delete_hosts_.end() ||
pending_delete_iter->second.get() != swapped_out_rfh) {
node->render_manager()->pending_delete_hosts_[site_instance_id] =
linked_ptr<RenderFrameHostImpl>(swapped_out_rfh.release());
}
}
delete proxy;
node->render_manager()->proxy_hosts_.erase(site_instance_id);
}
return true;
}
bool RenderFrameHostManager::ShouldTransitionCrossSite() {
// False in the single-process mode, as it makes RVHs to accumulate
// in swapped_out_hosts_.
// True if we are using process-per-site-instance (default) or
// process-per-site (kProcessPerSite).
return
!CommandLine::ForCurrentProcess()->HasSwitch(switches::kSingleProcess) &&
!CommandLine::ForCurrentProcess()->HasSwitch(switches::kProcessPerTab);
}
bool RenderFrameHostManager::ShouldSwapBrowsingInstancesForNavigation(
const NavigationEntry* current_entry,
const NavigationEntryImpl* new_entry) const {
DCHECK(new_entry);
// If new_entry already has a SiteInstance, assume it is correct. We only
// need to force a swap if it is in a different BrowsingInstance.
if (new_entry->site_instance()) {
return !new_entry->site_instance()->IsRelatedSiteInstance(
render_frame_host_->GetSiteInstance());
}
// Check for reasons to swap processes even if we are in a process model that
// doesn't usually swap (e.g., process-per-tab). Any time we return true,
// the new_entry will be rendered in a new SiteInstance AND BrowsingInstance.
// We use the effective URL here, since that's what is used in the
// SiteInstance's site and when we later call IsSameWebSite. If there is no
// current_entry, check the current SiteInstance's site, which might already
// be committed to a Web UI URL (such as the NTP).
BrowserContext* browser_context =
delegate_->GetControllerForRenderManager().GetBrowserContext();
const GURL& current_url = (current_entry) ?
SiteInstanceImpl::GetEffectiveURL(browser_context,
current_entry->GetURL()) :
render_frame_host_->GetSiteInstance()->GetSiteURL();
const GURL& new_url = SiteInstanceImpl::GetEffectiveURL(browser_context,
new_entry->GetURL());
// Don't force a new BrowsingInstance for debug URLs that are handled in the
// renderer process, like javascript: or chrome://crash.
if (IsRendererDebugURL(new_url))
return false;
// For security, we should transition between processes when one is a Web UI
// page and one isn't.
if (WebUIControllerFactoryRegistry::GetInstance()->UseWebUIForURL(
browser_context, current_url)) {
// If so, force a swap if destination is not an acceptable URL for Web UI.
// Here, data URLs are never allowed.
if (!WebUIControllerFactoryRegistry::GetInstance()->IsURLAcceptableForWebUI(
browser_context, new_url)) {
return true;
}
} else {
// Force a swap if it's a Web UI URL.
if (WebUIControllerFactoryRegistry::GetInstance()->UseWebUIForURL(
browser_context, new_url)) {
return true;
}
}
// Check with the content client as well. Important to pass current_url here,
// which uses the SiteInstance's site if there is no current_entry.
if (GetContentClient()->browser()->ShouldSwapBrowsingInstancesForNavigation(
render_frame_host_->GetSiteInstance(),
current_url, new_url)) {
return true;
}
// We can't switch a RenderView between view source and non-view source mode
// without screwing up the session history sometimes (when navigating between
// "view-source:http://foo.com/" and "http://foo.com/", Blink doesn't treat
// it as a new navigation). So require a BrowsingInstance switch.
if (current_entry &&
current_entry->IsViewSourceMode() != new_entry->IsViewSourceMode())
return true;
return false;
}
bool RenderFrameHostManager::ShouldReuseWebUI(
const NavigationEntry* current_entry,
const NavigationEntryImpl* new_entry) const {
NavigationControllerImpl& controller =
delegate_->GetControllerForRenderManager();
return current_entry && web_ui_.get() &&
(WebUIControllerFactoryRegistry::GetInstance()->GetWebUIType(
controller.GetBrowserContext(), current_entry->GetURL()) ==
WebUIControllerFactoryRegistry::GetInstance()->GetWebUIType(
controller.GetBrowserContext(), new_entry->GetURL()));
}
SiteInstance* RenderFrameHostManager::GetSiteInstanceForEntry(
const NavigationEntryImpl& entry,
SiteInstance* current_instance,
bool force_browsing_instance_swap) {
// Determine which SiteInstance to use for navigating to |entry|.
const GURL& dest_url = entry.GetURL();
NavigationControllerImpl& controller =
delegate_->GetControllerForRenderManager();
BrowserContext* browser_context = controller.GetBrowserContext();
// If the entry has an instance already we should use it.
if (entry.site_instance()) {
// If we are forcing a swap, this should be in a different BrowsingInstance.
if (force_browsing_instance_swap) {
CHECK(!entry.site_instance()->IsRelatedSiteInstance(
render_frame_host_->GetSiteInstance()));
}
return entry.site_instance();
}
// If a swap is required, we need to force the SiteInstance AND
// BrowsingInstance to be different ones, using CreateForURL.
if (force_browsing_instance_swap)
return SiteInstance::CreateForURL(browser_context, dest_url);
// (UGLY) HEURISTIC, process-per-site only:
//
// If this navigation is generated, then it probably corresponds to a search
// query. Given that search results typically lead to users navigating to
// other sites, we don't really want to use the search engine hostname to
// determine the site instance for this navigation.
//
// NOTE: This can be removed once we have a way to transition between
// RenderViews in response to a link click.
//
if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kProcessPerSite) &&
PageTransitionCoreTypeIs(entry.GetTransitionType(),
PAGE_TRANSITION_GENERATED)) {
return current_instance;
}
SiteInstanceImpl* current_site_instance =
static_cast<SiteInstanceImpl*>(current_instance);
// If we haven't used our SiteInstance (and thus RVH) yet, then we can use it
// for this entry. We won't commit the SiteInstance to this site until the
// navigation commits (in DidNavigate), unless the navigation entry was
// restored or it's a Web UI as described below.
if (!current_site_instance->HasSite()) {
// If we've already created a SiteInstance for our destination, we don't
// want to use this unused SiteInstance; use the existing one. (We don't
// do this check if the current_instance has a site, because for now, we
// want to compare against the current URL and not the SiteInstance's site.
// In this case, there is no current URL, so comparing against the site is
// ok. See additional comments below.)
//
// Also, if the URL should use process-per-site mode and there is an
// existing process for the site, we should use it. We can call
// GetRelatedSiteInstance() for this, which will eagerly set the site and
// thus use the correct process.
bool use_process_per_site =
RenderProcessHost::ShouldUseProcessPerSite(browser_context, dest_url) &&
RenderProcessHostImpl::GetProcessHostForSite(browser_context, dest_url);
if (current_site_instance->HasRelatedSiteInstance(dest_url) ||
use_process_per_site) {
return current_site_instance->GetRelatedSiteInstance(dest_url);
}
// For extensions, Web UI URLs (such as the new tab page), and apps we do
// not want to use the current_instance if it has no site, since it will
// have a RenderProcessHost of PRIV_NORMAL. Create a new SiteInstance for
// this URL instead (with the correct process type).
if (current_site_instance->HasWrongProcessForURL(dest_url))
return current_site_instance->GetRelatedSiteInstance(dest_url);
// View-source URLs must use a new SiteInstance and BrowsingInstance.
// TODO(nasko): This is the same condition as later in the function. This
// should be taken into account when refactoring this method as part of
// http://crbug.com/123007.
if (entry.IsViewSourceMode())
return SiteInstance::CreateForURL(browser_context, dest_url);
// If we are navigating from a blank SiteInstance to a WebUI, make sure we
// create a new SiteInstance.
if (WebUIControllerFactoryRegistry::GetInstance()->UseWebUIForURL(
browser_context, dest_url)) {
return SiteInstance::CreateForURL(browser_context, dest_url);
}
// Normally the "site" on the SiteInstance is set lazily when the load
// actually commits. This is to support better process sharing in case
// the site redirects to some other site: we want to use the destination
// site in the site instance.
//
// In the case of session restore, as it loads all the pages immediately
// we need to set the site first, otherwise after a restore none of the
// pages would share renderers in process-per-site.
//
// The embedder can request some urls never to be assigned to SiteInstance
// through the ShouldAssignSiteForURL() content client method, so that
// renderers created for particular chrome urls (e.g. the chrome-native://
// scheme) can be reused for subsequent navigations in the same WebContents.
// See http://crbug.com/386542.
if (entry.restore_type() != NavigationEntryImpl::RESTORE_NONE &&
GetContentClient()->browser()->ShouldAssignSiteForURL(dest_url)) {
current_site_instance->SetSite(dest_url);
}
return current_site_instance;
}
// Otherwise, only create a new SiteInstance for a cross-site navigation.
// TODO(creis): Once we intercept links and script-based navigations, we
// will be able to enforce that all entries in a SiteInstance actually have
// the same site, and it will be safe to compare the URL against the
// SiteInstance's site, as follows:
// const GURL& current_url = current_instance->site();
// For now, though, we're in a hybrid model where you only switch
// SiteInstances if you type in a cross-site URL. This means we have to
// compare the entry's URL to the last committed entry's URL.
NavigationEntry* current_entry = controller.GetLastCommittedEntry();
if (interstitial_page_) {
// The interstitial is currently the last committed entry, but we want to
// compare against the last non-interstitial entry.
current_entry = controller.GetEntryAtOffset(-1);
}
// If there is no last non-interstitial entry (and current_instance already
// has a site), then we must have been opened from another tab. We want
// to compare against the URL of the page that opened us, but we can't
// get to it directly. The best we can do is check against the site of
// the SiteInstance. This will be correct when we intercept links and
// script-based navigations, but for now, it could place some pages in a
// new process unnecessarily. We should only hit this case if a page tries
// to open a new tab to an interstitial-inducing URL, and then navigates
// the page to a different same-site URL. (This seems very unlikely in
// practice.)
const GURL& current_url = (current_entry) ? current_entry->GetURL() :
current_instance->GetSiteURL();
// View-source URLs must use a new SiteInstance and BrowsingInstance.
// We don't need a swap when going from view-source to a debug URL like
// chrome://crash, however.
// TODO(creis): Refactor this method so this duplicated code isn't needed.
// See http://crbug.com/123007.
if (current_entry &&
current_entry->IsViewSourceMode() != entry.IsViewSourceMode() &&
!IsRendererDebugURL(dest_url)) {
return SiteInstance::CreateForURL(browser_context, dest_url);
}
// Use the current SiteInstance for same site navigations, as long as the
// process type is correct. (The URL may have been installed as an app since
// the last time we visited it.)
if (SiteInstance::IsSameWebSite(browser_context, current_url, dest_url) &&
!current_site_instance->HasWrongProcessForURL(dest_url)) {
return current_instance;
}
// Start the new renderer in a new SiteInstance, but in the current
// BrowsingInstance. It is important to immediately give this new
// SiteInstance to a RenderViewHost (if it is different than our current
// SiteInstance), so that it is ref counted. This will happen in
// CreateRenderView.
return current_instance->GetRelatedSiteInstance(dest_url);
}
scoped_ptr<RenderFrameHostImpl> RenderFrameHostManager::CreateRenderFrameHost(
SiteInstance* site_instance,
int view_routing_id,
int frame_routing_id,
bool swapped_out,
bool hidden) {
if (frame_routing_id == MSG_ROUTING_NONE)
frame_routing_id = site_instance->GetProcess()->GetNextRoutingID();
// Create a RVH for main frames, or find the existing one for subframes.
FrameTree* frame_tree = frame_tree_node_->frame_tree();
RenderViewHostImpl* render_view_host = NULL;
if (frame_tree_node_->IsMainFrame()) {
render_view_host = frame_tree->CreateRenderViewHostForMainFrame(
site_instance, view_routing_id, frame_routing_id, swapped_out, hidden);
} else {
render_view_host = frame_tree->GetRenderViewHostForSubFrame(site_instance);
// If we haven't found a RVH for a subframe RFH, it's because we currently
// do not create top-level RFHs for pending subframe navigations. Create
// the RVH here for now.
// TODO(creis): Mirror the frame tree so this check isn't necessary.
if (!render_view_host) {
render_view_host = frame_tree->CreateRenderViewHostForMainFrame(
site_instance, view_routing_id, frame_routing_id, swapped_out,
hidden);
}
}
// TODO(creis): Pass hidden to RFH.
scoped_ptr<RenderFrameHostImpl> render_frame_host =
make_scoped_ptr(RenderFrameHostFactory::Create(render_view_host,
render_frame_delegate_,
frame_tree,
frame_tree_node_,
frame_routing_id,
swapped_out).release());
return render_frame_host.Pass();
}
int RenderFrameHostManager::CreateRenderFrame(
SiteInstance* instance,
int opener_route_id,
bool swapped_out,
bool hidden) {
CHECK(instance);
DCHECK(!swapped_out || hidden); // Swapped out views should always be hidden.
scoped_ptr<RenderFrameHostImpl> new_render_frame_host;
RenderFrameHostImpl* frame_to_announce = NULL;
int routing_id = MSG_ROUTING_NONE;
// We are creating a pending or swapped out RFH here. We should never create
// it in the same SiteInstance as our current RFH.
CHECK_NE(render_frame_host_->GetSiteInstance(), instance);
// Check if we've already created an RFH for this SiteInstance. If so, try
// to re-use the existing one, which has already been initialized. We'll
// remove it from the list of swapped out hosts if it commits.
RenderFrameProxyHost* proxy = GetRenderFrameProxyHost(instance);
if (proxy) {
routing_id = proxy->GetRenderViewHost()->GetRoutingID();
// Delete the existing RenderFrameProxyHost, but reuse the RenderFrameHost.
// Prevent the process from exiting while we're trying to use it.
if (!swapped_out) {
new_render_frame_host = proxy->PassFrameHostOwnership();
new_render_frame_host->GetProcess()->AddPendingView();
proxy_hosts_.erase(instance->GetId());
delete proxy;
// When a new render view is created by the renderer, the new WebContents
// gets a RenderViewHost in the SiteInstance of its opener WebContents.
// If not used in the first navigation, this RVH is swapped out and is not
// granted bindings, so we may need to grant them when swapping it in.
if (pending_web_ui() &&
!new_render_frame_host->GetProcess()->IsIsolatedGuest()) {
int required_bindings = pending_web_ui()->GetBindings();
RenderViewHost* rvh = new_render_frame_host->render_view_host();
if ((rvh->GetEnabledBindings() & required_bindings) !=
required_bindings) {
rvh->AllowBindings(required_bindings);
}
}
}
} else {
// Create a new RenderFrameHost if we don't find an existing one.
new_render_frame_host = CreateRenderFrameHost(
instance, MSG_ROUTING_NONE, MSG_ROUTING_NONE, swapped_out, hidden);
RenderViewHostImpl* render_view_host =
new_render_frame_host->render_view_host();
int proxy_routing_id = MSG_ROUTING_NONE;
// Prevent the process from exiting while we're trying to navigate in it.
// Otherwise, if the new RFH is swapped out already, store it.
if (!swapped_out) {
new_render_frame_host->GetProcess()->AddPendingView();
} else {
proxy = new RenderFrameProxyHost(
new_render_frame_host->GetSiteInstance(), frame_tree_node_);
proxy_hosts_[instance->GetId()] = proxy;
proxy->TakeFrameHostOwnership(new_render_frame_host.Pass());
proxy_routing_id = proxy->GetRoutingID();
}
bool success = InitRenderView(
render_view_host, opener_route_id, proxy_routing_id,
frame_tree_node_->IsMainFrame());
if (success && frame_tree_node_->IsMainFrame()) {
// Don't show the main frame's view until we get a DidNavigate from it.
render_view_host->GetView()->Hide();
} else if (!swapped_out && pending_render_frame_host_) {
CancelPending();
}
routing_id = render_view_host->GetRoutingID();
frame_to_announce = new_render_frame_host.get();
}
// Use this as our new pending RFH if it isn't swapped out.
if (!swapped_out)
pending_render_frame_host_ = new_render_frame_host.Pass();
// If a brand new RFH was created, announce it to observers.
if (frame_to_announce)
render_frame_delegate_->RenderFrameCreated(frame_to_announce);
return routing_id;
}
bool RenderFrameHostManager::InitRenderView(RenderViewHost* render_view_host,
int opener_route_id,
int proxy_routing_id,
bool for_main_frame) {
// We may have initialized this RenderViewHost for another RenderFrameHost.
if (render_view_host->IsRenderViewLive())
return true;
// If the pending navigation is to a WebUI and the RenderView is not in a
// guest process, tell the RenderViewHost about any bindings it will need
// enabled.
if (pending_web_ui() && !render_view_host->GetProcess()->IsIsolatedGuest()) {
render_view_host->AllowBindings(pending_web_ui()->GetBindings());
} else {
// Ensure that we don't create an unprivileged RenderView in a WebUI-enabled
// process unless it's swapped out.
RenderViewHostImpl* rvh_impl =
static_cast<RenderViewHostImpl*>(render_view_host);
if (!rvh_impl->IsSwappedOut()) {
CHECK(!ChildProcessSecurityPolicyImpl::GetInstance()->HasWebUIBindings(
render_view_host->GetProcess()->GetID()));
}
}
return delegate_->CreateRenderViewForRenderManager(
render_view_host, opener_route_id, proxy_routing_id, for_main_frame);
}
void RenderFrameHostManager::CommitPending() {
// First check whether we're going to want to focus the location bar after
// this commit. We do this now because the navigation hasn't formally
// committed yet, so if we've already cleared |pending_web_ui_| the call chain
// this triggers won't be able to figure out what's going on.
bool will_focus_location_bar = delegate_->FocusLocationBarByDefault();
// We expect SwapOutOldPage to have canceled any modal dialogs and told the
// renderer to suppress any further dialogs until it is swapped out. However,
// crash reports indicate that it's still possible for modal dialogs to exist
// at this point, which poses a risk if we delete their RenderViewHost below.
// Cancel them again to be safe. http://crbug.com/324320.
delegate_->CancelModalDialogsForRenderManager();
// Next commit the Web UI, if any. Either replace |web_ui_| with
// |pending_web_ui_|, or clear |web_ui_| if there is no pending WebUI, or
// leave |web_ui_| as is if reusing it.
DCHECK(!(pending_web_ui_.get() && pending_and_current_web_ui_.get()));
if (pending_web_ui_) {
web_ui_.reset(pending_web_ui_.release());
} else if (!pending_and_current_web_ui_.get()) {
web_ui_.reset();
} else {
DCHECK_EQ(pending_and_current_web_ui_.get(), web_ui_.get());
pending_and_current_web_ui_.reset();
}
// It's possible for the pending_render_frame_host_ to be NULL when we aren't
// crossing process boundaries. If so, we just needed to handle the Web UI
// committing above and we're done.
if (!pending_render_frame_host_) {
if (will_focus_location_bar)
delegate_->SetFocusToLocationBar(false);
return;
}
// Remember if the page was focused so we can focus the new renderer in
// that case.
bool focus_render_view = !will_focus_location_bar &&
render_frame_host_->render_view_host()->GetView() &&
render_frame_host_->render_view_host()->GetView()->HasFocus();
// TODO(creis): As long as show/hide are on RVH, we don't want to do them for
// subframe navigations or they'll interfere with the top-level page.
bool is_main_frame = frame_tree_node_->IsMainFrame();
// Swap in the pending frame and make it active. Also ensure the FrameTree
// stays in sync.
scoped_ptr<RenderFrameHostImpl> old_render_frame_host =
SetRenderFrameHost(pending_render_frame_host_.Pass());
if (is_main_frame)
render_frame_host_->render_view_host()->AttachToFrameTree();
// The process will no longer try to exit, so we can decrement the count.
render_frame_host_->GetProcess()->RemovePendingView();
// If the view is gone, then this RenderViewHost died while it was hidden.
// We ignored the RenderProcessGone call at the time, so we should send it now
// to make sure the sad tab shows up, etc.
if (!render_frame_host_->render_view_host()->GetView()) {
delegate_->RenderProcessGoneFromRenderManager(
render_frame_host_->render_view_host());
} else if (!delegate_->IsHidden()) {
render_frame_host_->render_view_host()->GetView()->Show();
}
// If the old view is live and top-level, hide it now that the new one is
// visible.
int32 old_site_instance_id =
old_render_frame_host->GetSiteInstance()->GetId();
if (old_render_frame_host->render_view_host()->GetView()) {
if (is_main_frame) {
old_render_frame_host->render_view_host()->GetView()->Hide();
old_render_frame_host->render_view_host()->WasSwappedOut(base::Bind(
&RenderFrameHostManager::ClearPendingShutdownRFHForSiteInstance,
weak_factory_.GetWeakPtr(),
old_site_instance_id,
old_render_frame_host.get()));
} else {
// TODO(creis): We'll need to set this back to false if we navigate back.
old_render_frame_host->set_swapped_out(true);
}
}
// Make sure the size is up to date. (Fix for bug 1079768.)
delegate_->UpdateRenderViewSizeForRenderManager();
if (will_focus_location_bar) {
delegate_->SetFocusToLocationBar(false);
} else if (focus_render_view &&
render_frame_host_->render_view_host()->GetView()) {
render_frame_host_->render_view_host()->GetView()->Focus();
}
// Notify that we've swapped RenderFrameHosts. We do this before shutting down
// the RFH so that we can clean up RendererResources related to the RFH first.
delegate_->NotifySwappedFromRenderManager(
old_render_frame_host.get(), render_frame_host_.get(), is_main_frame);
// If the old RFH is not live, just return as there is no work to do.
if (!old_render_frame_host->render_view_host()->IsRenderViewLive()) {
return;
}
// If the old RFH is live, we are swapping it out and should keep track of
// it in case we navigate back to it, or it is waiting for the unload event
// to execute in the background.
// TODO(creis): Swap out the subframe in --site-per-process.
if (!CommandLine::ForCurrentProcess()->HasSwitch(switches::kSitePerProcess))
DCHECK(old_render_frame_host->is_swapped_out() ||
!RenderViewHostImpl::IsRVHStateActive(
old_render_frame_host->render_view_host()->rvh_state()));
// If the RenderViewHost backing the RenderFrameHost is pending shutdown,
// the RenderFrameHost should be put in the map of RenderFrameHosts pending
// shutdown. Otherwise, it is stored in the map of proxy hosts.
if (old_render_frame_host->render_view_host()->rvh_state() ==
RenderViewHostImpl::STATE_PENDING_SHUTDOWN) {
// The proxy for this RenderFrameHost is created when sending the
// SwapOut message, so check if it already exists and delete it.
RenderFrameProxyHostMap::iterator iter =
proxy_hosts_.find(old_site_instance_id);
if (iter != proxy_hosts_.end()) {
delete iter->second;
proxy_hosts_.erase(iter);
}
RFHPendingDeleteMap::iterator pending_delete_iter =
pending_delete_hosts_.find(old_site_instance_id);
if (pending_delete_iter == pending_delete_hosts_.end() ||
pending_delete_iter->second.get() != old_render_frame_host) {
pending_delete_hosts_[old_site_instance_id] =
linked_ptr<RenderFrameHostImpl>(old_render_frame_host.release());
}
} else {
// Capture the active view count on the old RFH SiteInstance, since the
// ownership will be passed into the proxy and the pointer will be invalid.
int active_view_count =
static_cast<SiteInstanceImpl*>(old_render_frame_host->GetSiteInstance())
->active_view_count();
RenderFrameProxyHostMap::iterator iter =
proxy_hosts_.find(old_site_instance_id);
CHECK(iter != proxy_hosts_.end());
iter->second->TakeFrameHostOwnership(old_render_frame_host.Pass());
// If there are no active views in this SiteInstance, it means that
// this RFH was the last active one in the SiteInstance. Now that we
// know that all RFHs are swapped out, we can delete all the RFHs and RVHs
// in this SiteInstance.
if (!active_view_count) {
ShutdownRenderFrameHostsInSiteInstance(old_site_instance_id);
} else {
// If this is a subframe, it should have a CrossProcessFrameConnector
// created already and we just need to link it to the proper view in the
// new process.
if (!is_main_frame) {
RenderFrameProxyHost* proxy = GetProxyToParent();
if (proxy) {
proxy->SetChildRWHView(
render_frame_host_->render_view_host()->GetView());
}
}
}
}
}
void RenderFrameHostManager::ShutdownRenderFrameHostsInSiteInstance(
int32 site_instance_id) {
// First remove any swapped out RFH for this SiteInstance from our own list.
ClearProxiesInSiteInstance(site_instance_id, frame_tree_node_);
// Use the safe RenderWidgetHost iterator for now to find all RenderViewHosts
// in the SiteInstance, then tell their respective FrameTrees to remove all
// RenderFrameProxyHosts corresponding to them.
// TODO(creis): Replace this with a RenderFrameHostIterator that protects
// against use-after-frees if a later element is deleted before getting to it.
scoped_ptr<RenderWidgetHostIterator> widgets(
RenderWidgetHostImpl::GetAllRenderWidgetHosts());
while (RenderWidgetHost* widget = widgets->GetNextHost()) {
if (!widget->IsRenderView())
continue;
RenderViewHostImpl* rvh =
static_cast<RenderViewHostImpl*>(RenderViewHost::From(widget));
if (site_instance_id == rvh->GetSiteInstance()->GetId()) {
// This deletes all RenderFrameHosts using the |rvh|, which then causes
// |rvh| to Shutdown.
FrameTree* tree = rvh->GetDelegate()->GetFrameTree();
tree->ForEach(base::Bind(
&RenderFrameHostManager::ClearProxiesInSiteInstance,
site_instance_id));
}
}
}
RenderFrameHostImpl* RenderFrameHostManager::UpdateStateForNavigate(
const NavigationEntryImpl& entry) {
// If we are currently navigating cross-process, we want to get back to normal
// and then navigate as usual.
if (cross_navigation_pending_) {
if (pending_render_frame_host_)
CancelPending();
cross_navigation_pending_ = false;
}
// render_frame_host_'s SiteInstance and new_instance will not be deleted
// before the end of this method, so we don't have to worry about their ref
// counts dropping to zero.
SiteInstance* current_instance = render_frame_host_->GetSiteInstance();
SiteInstance* new_instance = current_instance;
// We do not currently swap processes for navigations in webview tag guests.
bool is_guest_scheme = current_instance->GetSiteURL().SchemeIs(kGuestScheme);
// Determine if we need a new BrowsingInstance for this entry. If true, this
// implies that it will get a new SiteInstance (and likely process), and that
// other tabs in the current BrowsingInstance will be unable to script it.
// This is used for cases that require a process swap even in the
// process-per-tab model, such as WebUI pages.
const NavigationEntry* current_entry =
delegate_->GetLastCommittedNavigationEntryForRenderManager();
bool force_swap = !is_guest_scheme &&
ShouldSwapBrowsingInstancesForNavigation(current_entry, &entry);
if (!is_guest_scheme && (ShouldTransitionCrossSite() || force_swap))
new_instance = GetSiteInstanceForEntry(entry, current_instance, force_swap);
// If force_swap is true, we must use a different SiteInstance. If we didn't,
// we would have two RenderFrameHosts in the same SiteInstance and the same
// frame, resulting in page_id conflicts for their NavigationEntries.
if (force_swap)
CHECK_NE(new_instance, current_instance);
if (new_instance != current_instance) {
// New SiteInstance: create a pending RFH to navigate.
DCHECK(!cross_navigation_pending_);
// This will possibly create (set to NULL) a Web UI object for the pending
// page. We'll use this later to give the page special access. This must
// happen before the new renderer is created below so it will get bindings.
// It must also happen after the above conditional call to CancelPending(),
// otherwise CancelPending may clear the pending_web_ui_ and the page will
// not have its bindings set appropriately.
SetPendingWebUI(entry);
// Ensure that we have created RFHs for the new RFH's opener chain if
// we are staying in the same BrowsingInstance. This allows the pending RFH
// to send cross-process script calls to its opener(s).
int opener_route_id = MSG_ROUTING_NONE;
if (new_instance->IsRelatedSiteInstance(current_instance)) {
opener_route_id =
delegate_->CreateOpenerRenderViewsForRenderManager(new_instance);
}
// Create a non-swapped-out pending RFH with the given opener and navigate
// it.
int route_id = CreateRenderFrame(new_instance, opener_route_id, false,
delegate_->IsHidden());
if (route_id == MSG_ROUTING_NONE)
return NULL;
// Check if our current RFH is live before we set up a transition.
if (!render_frame_host_->render_view_host()->IsRenderViewLive()) {
if (!cross_navigation_pending_) {
// The current RFH is not live. There's no reason to sit around with a
// sad tab or a newly created RFH while we wait for the pending RFH to
// navigate. Just switch to the pending RFH now and go back to non
// cross-navigating (Note that we don't care about on{before}unload
// handlers if the current RFH isn't live.)
CommitPending();
return render_frame_host_.get();
} else {
NOTREACHED();
return render_frame_host_.get();
}
}
// Otherwise, it's safe to treat this as a pending cross-site transition.
// We need to wait until the beforeunload handler has run, unless we are
// transferring an existing request (in which case it has already run).
// Suspend the new render view (i.e., don't let it send the cross-site
// Navigate message) until we hear back from the old renderer's
// beforeunload handler. If the handler returns false, we'll have to
// cancel the request.
DCHECK(!pending_render_frame_host_->render_view_host()->
are_navigations_suspended());
bool is_transfer =
entry.transferred_global_request_id() != GlobalRequestID();
if (is_transfer) {
// We don't need to stop the old renderer or run beforeunload/unload
// handlers, because those have already been done.
DCHECK(pending_nav_params_->global_request_id ==
entry.transferred_global_request_id());
} else {
// Also make sure the old render view stops, in case a load is in
// progress. (We don't want to do this for transfers, since it will
// interrupt the transfer with an unexpected DidStopLoading.)
render_frame_host_->render_view_host()->Send(new ViewMsg_Stop(
render_frame_host_->render_view_host()->GetRoutingID()));
pending_render_frame_host_->render_view_host()->SetNavigationsSuspended(
true, base::TimeTicks());
// Tell the CrossSiteRequestManager that this RVH has a pending cross-site
// request, so that ResourceDispatcherHost will know to tell us to run the
// old page's unload handler before it sends the response.
// TODO(creis): This needs to be on the RFH.
pending_render_frame_host_->render_view_host()->
SetHasPendingCrossSiteRequest(true);
}
// We now have a pending RFH.
DCHECK(!cross_navigation_pending_);
cross_navigation_pending_ = true;
// Unless we are transferring an existing request, we should now
// tell the old render view to run its beforeunload handler, since it
// doesn't otherwise know that the cross-site request is happening. This
// will trigger a call to OnBeforeUnloadACK with the reply.
if (!is_transfer)
render_frame_host_->DispatchBeforeUnload(true);
return pending_render_frame_host_.get();
}
// Otherwise the same SiteInstance can be used. Navigate render_frame_host_.
DCHECK(!cross_navigation_pending_);
if (ShouldReuseWebUI(current_entry, &entry)) {
pending_web_ui_.reset();
pending_and_current_web_ui_ = web_ui_->AsWeakPtr();
} else {
SetPendingWebUI(entry);
// Make sure the new RenderViewHost has the right bindings.
if (pending_web_ui() &&
!render_frame_host_->GetProcess()->IsIsolatedGuest()) {
render_frame_host_->render_view_host()->AllowBindings(
pending_web_ui()->GetBindings());
}
}
if (pending_web_ui() &&
render_frame_host_->render_view_host()->IsRenderViewLive()) {
pending_web_ui()->GetController()->RenderViewReused(
render_frame_host_->render_view_host());
}
// The renderer can exit view source mode when any error or cancellation
// happen. We must overwrite to recover the mode.
if (entry.IsViewSourceMode()) {
render_frame_host_->render_view_host()->Send(
new ViewMsg_EnableViewSourceMode(
render_frame_host_->render_view_host()->GetRoutingID()));
}
return render_frame_host_.get();
}
void RenderFrameHostManager::CancelPending() {
scoped_ptr<RenderFrameHostImpl> pending_render_frame_host =
pending_render_frame_host_.Pass();
RenderViewDevToolsAgentHost::OnCancelPendingNavigation(
pending_render_frame_host->render_view_host(),
render_frame_host_->render_view_host());
// We no longer need to prevent the process from exiting.
pending_render_frame_host->GetProcess()->RemovePendingView();
// If the SiteInstance for the pending RFH is being used by others, don't
// delete the RFH, just swap it out and it can be reused at a later point.
SiteInstanceImpl* site_instance = static_cast<SiteInstanceImpl*>(
pending_render_frame_host->GetSiteInstance());
if (site_instance->active_view_count() > 1) {
// Any currently suspended navigations are no longer needed.
pending_render_frame_host->render_view_host()->CancelSuspendedNavigations();
RenderFrameProxyHost* proxy =
new RenderFrameProxyHost(site_instance, frame_tree_node_);
proxy_hosts_[site_instance->GetId()] = proxy;
pending_render_frame_host->SwapOut(proxy);
proxy->TakeFrameHostOwnership(pending_render_frame_host.Pass());
} else {
// We won't be coming back, so delete this one.
pending_render_frame_host.reset();
}
pending_web_ui_.reset();
pending_and_current_web_ui_.reset();
}
scoped_ptr<RenderFrameHostImpl> RenderFrameHostManager::SetRenderFrameHost(
scoped_ptr<RenderFrameHostImpl> render_frame_host) {
// Swap the two.
scoped_ptr<RenderFrameHostImpl> old_render_frame_host =
render_frame_host_.Pass();
render_frame_host_ = render_frame_host.Pass();
if (frame_tree_node_->IsMainFrame()) {
// Update the count of top-level frames using this SiteInstance. All
// subframes are in the same BrowsingInstance as the main frame, so we only
// count top-level ones. This makes the value easier for consumers to
// interpret.
if (render_frame_host_) {
static_cast<SiteInstanceImpl*>(render_frame_host_->GetSiteInstance())->
IncrementRelatedActiveContentsCount();
}
if (old_render_frame_host) {
static_cast<SiteInstanceImpl*>(old_render_frame_host->GetSiteInstance())->
DecrementRelatedActiveContentsCount();
}
}
return old_render_frame_host.Pass();
}
bool RenderFrameHostManager::IsRVHOnSwappedOutList(
RenderViewHostImpl* rvh) const {
RenderFrameProxyHost* proxy = GetRenderFrameProxyHost(
rvh->GetSiteInstance());
if (!proxy)
return false;
return IsOnSwappedOutList(proxy->render_frame_host());
}
bool RenderFrameHostManager::IsOnSwappedOutList(
RenderFrameHostImpl* rfh) const {
if (!rfh->GetSiteInstance())
return false;
RenderFrameProxyHostMap::const_iterator iter = proxy_hosts_.find(
rfh->GetSiteInstance()->GetId());
if (iter == proxy_hosts_.end())
return false;
return iter->second->render_frame_host() == rfh;
}
RenderViewHostImpl* RenderFrameHostManager::GetSwappedOutRenderViewHost(
SiteInstance* instance) const {
RenderFrameProxyHost* proxy = GetRenderFrameProxyHost(instance);
if (proxy)
return proxy->GetRenderViewHost();
return NULL;
}
RenderFrameProxyHost* RenderFrameHostManager::GetRenderFrameProxyHost(
SiteInstance* instance) const {
RenderFrameProxyHostMap::const_iterator iter =
proxy_hosts_.find(instance->GetId());
if (iter != proxy_hosts_.end())
return iter->second;
return NULL;
}
} // namespace content