1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CONTENT_PUBLIC_BROWSER_CONTENT_BROWSER_CLIENT_H_
6 #define CONTENT_PUBLIC_BROWSER_CONTENT_BROWSER_CLIENT_H_
13 #include "base/callback_forward.h"
14 #include "base/memory/linked_ptr.h"
15 #include "base/memory/scoped_ptr.h"
16 #include "base/memory/scoped_vector.h"
17 #include "base/values.h"
18 #include "content/public/browser/certificate_request_result_type.h"
19 #include "content/public/common/content_client.h"
20 #include "content/public/common/socket_permission_request.h"
21 #include "content/public/common/window_container_type.h"
22 #include "net/base/mime_util.h"
23 #include "net/cookies/canonical_cookie.h"
24 #include "net/url_request/url_request_job_factory.h"
25 #include "third_party/WebKit/public/web/WebNotificationPresenter.h"
26 #include "ui/base/window_open_disposition.h"
27 #include "webkit/browser/fileapi/file_system_context.h"
28 #include "webkit/common/resource_type.h"
30 #if defined(OS_POSIX) && !defined(OS_MACOSX)
31 #include "base/posix/global_descriptors.h"
35 #include "content/public/browser/file_descriptor_info.h"
39 struct WebPreferences;
43 class DictionaryValue;
48 struct WebWindowFeatures;
58 class HttpNetworkSession;
60 class SSLCertRequestInfo;
63 class URLRequestContext;
64 class URLRequestContextGetter;
65 class X509Certificate;
73 class SelectFilePolicy;
77 class ExternalMountPoints;
78 class FileSystemBackend;
83 class AccessTokenStore;
84 class BrowserChildProcessHost;
86 class BrowserMainParts;
87 class BrowserPluginGuestDelegate;
88 class BrowserPpapiHost;
89 class BrowserURLHandler;
90 class DesktopNotificationDelegate;
91 class ExternalVideoSurfaceContainer;
92 class LocationProvider;
94 class QuotaPermissionContext;
95 class RenderFrameHost;
96 class RenderProcessHost;
98 class ResourceContext;
100 class SpeechRecognitionManagerDelegate;
101 class VibrationProvider;
103 class WebContentsViewDelegate;
104 struct MainFunctionParams;
106 struct ShowDesktopNotificationHostMsgParams;
108 // A mapping from the scheme name to the protocol handler that services its
111 std::string, linked_ptr<net::URLRequestJobFactory::ProtocolHandler> >
114 // A scoped vector of protocol handlers.
115 typedef ScopedVector<net::URLRequestJobFactory::ProtocolHandler>
116 ProtocolHandlerScopedVector;
118 // Embedder API (or SPI) for participating in browser logic, to be implemented
119 // by the client of the content browser. See ChromeContentBrowserClient for the
120 // principal implementation. The methods are assumed to be called on the UI
121 // thread unless otherwise specified. Use this "escape hatch" sparingly, to
122 // avoid the embedder interface ballooning and becoming very specific to Chrome.
123 // (Often, the call out to the client can happen in a different part of the code
124 // that either already has a hook out to the embedder, or calls out to one of
125 // the observer interfaces.)
126 class CONTENT_EXPORT ContentBrowserClient {
128 virtual ~ContentBrowserClient() {}
130 // Allows the embedder to set any number of custom BrowserMainParts
131 // implementations for the browser startup code. See comments in
132 // browser_main_parts.h.
133 virtual BrowserMainParts* CreateBrowserMainParts(
134 const MainFunctionParams& parameters);
136 // If content creates the WebContentsView implementation, it will ask the
137 // embedder to return an (optional) delegate to customize it. The view will
139 virtual WebContentsViewDelegate* GetWebContentsViewDelegate(
140 WebContents* web_contents);
142 // Notifies that a guest WebContents has been created. A guest WebContents
143 // represents a renderer that's hosted within a BrowserPlugin. Creation can
144 // occur an arbitrary length of time before attachment. If the new guest has
145 // an |opener_web_contents|, then it's a new window created by that opener.
146 // If the guest was created via navigation, then |extra_params| will be
147 // non-NULL. |extra_params| are parameters passed to the BrowserPlugin object
148 // element by the content embedder. These parameters may include the API to
149 // enable for the given guest. |guest_delegate| is a return parameter of
150 // the delegate in the content embedder that will service the guest in the
151 // content layer. The content layer takes ownership of the |guest_delegate|.
152 virtual void GuestWebContentsCreated(
153 SiteInstance* guest_site_instance,
154 WebContents* guest_web_contents,
155 WebContents* opener_web_contents,
156 BrowserPluginGuestDelegate** guest_delegate,
157 scoped_ptr<base::DictionaryValue> extra_params) {}
159 // Notifies that a guest WebContents has been attached to a BrowserPlugin.
160 // A guest is attached to a BrowserPlugin when the guest has acquired an
161 // embedder WebContents. This happens on initial navigation or when a new
162 // window is attached to a BrowserPlugin. |extra_params| are params sent
164 virtual void GuestWebContentsAttached(
165 WebContents* guest_web_contents,
166 WebContents* embedder_web_contents,
167 const base::DictionaryValue& extra_params) {}
169 // Notifies that a render process will be created. This is called before
170 // the content layer adds its own BrowserMessageFilters, so that the
171 // embedder's IPC filters have priority.
172 virtual void RenderProcessWillLaunch(RenderProcessHost* host) {}
174 // Notifies that a BrowserChildProcessHost has been created.
175 virtual void BrowserChildProcessHostCreated(BrowserChildProcessHost* host) {}
177 // Get the effective URL for the given actual URL, to allow an embedder to
178 // group different url schemes in the same SiteInstance.
179 virtual GURL GetEffectiveURL(BrowserContext* browser_context,
182 // Returns whether all instances of the specified effective URL should be
183 // rendered by the same process, rather than using process-per-site-instance.
184 virtual bool ShouldUseProcessPerSite(BrowserContext* browser_context,
185 const GURL& effective_url);
187 // Returns a list additional WebUI schemes, if any. These additional schemes
188 // act as aliases to the chrome: scheme. The additional schemes may or may
189 // not serve specific WebUI pages depending on the particular URLDataSource
190 // and its override of URLDataSource::ShouldServiceRequest. For all schemes
191 // returned here, view-source is allowed.
192 virtual void GetAdditionalWebUISchemes(
193 std::vector<std::string>* additional_schemes) {}
195 // Returns a list of webUI hosts to ignore the storage partition check in
196 // URLRequestChromeJob::CheckStoragePartitionMatches.
197 virtual void GetAdditionalWebUIHostsToIgnoreParititionCheck(
198 std::vector<std::string>* hosts) {}
200 // Creates the main net::URLRequestContextGetter. Should only be called once
201 // per ContentBrowserClient object.
202 // TODO(ajwong): Remove once http://crbug.com/159193 is resolved.
203 virtual net::URLRequestContextGetter* CreateRequestContext(
204 BrowserContext* browser_context,
205 ProtocolHandlerMap* protocol_handlers,
206 ProtocolHandlerScopedVector protocol_interceptors);
208 // Creates the net::URLRequestContextGetter for a StoragePartition. Should
209 // only be called once per partition_path per ContentBrowserClient object.
210 // TODO(ajwong): Remove once http://crbug.com/159193 is resolved.
211 virtual net::URLRequestContextGetter* CreateRequestContextForStoragePartition(
212 BrowserContext* browser_context,
213 const base::FilePath& partition_path,
215 ProtocolHandlerMap* protocol_handlers,
216 ProtocolHandlerScopedVector protocol_interceptors);
218 // Returns whether a specified URL is handled by the embedder's internal
219 // protocol handlers.
220 virtual bool IsHandledURL(const GURL& url);
222 // Returns whether the given process is allowed to commit |url|. This is a
223 // more conservative check than IsSuitableHost, since it is used after a
224 // navigation has committed to ensure that the process did not exceed its
226 virtual bool CanCommitURL(RenderProcessHost* process_host, const GURL& url);
228 // Returns whether a URL should be allowed to open from a specific context.
229 // This also applies in cases where the new URL will open in another process.
230 virtual bool ShouldAllowOpenURL(SiteInstance* site_instance, const GURL& url);
232 // Returns whether a new view for a given |site_url| can be launched in a
233 // given |process_host|.
234 virtual bool IsSuitableHost(RenderProcessHost* process_host,
235 const GURL& site_url);
237 // Returns whether a new process should be created or an existing one should
238 // be reused based on the URL we want to load. This should return false,
239 // unless there is a good reason otherwise.
240 virtual bool ShouldTryToUseExistingProcessHost(
241 BrowserContext* browser_context, const GURL& url);
243 // Called when a site instance is first associated with a process.
244 virtual void SiteInstanceGotProcess(SiteInstance* site_instance) {}
246 // Called from a site instance's destructor.
247 virtual void SiteInstanceDeleting(SiteInstance* site_instance) {}
249 // Called when a worker process is created.
250 virtual void WorkerProcessCreated(SiteInstance* site_instance,
251 int worker_process_id) {}
253 // Called when a worker process is terminated.
254 virtual void WorkerProcessTerminated(SiteInstance* site_instance,
255 int worker_process_id) {}
257 // Returns true if for the navigation from |current_url| to |new_url|
258 // in |site_instance|, a new SiteInstance and BrowsingInstance should be
259 // created (even if we are in a process model that doesn't usually swap.)
260 // This forces a process swap and severs script connections with existing
262 virtual bool ShouldSwapBrowsingInstancesForNavigation(
263 SiteInstance* site_instance,
264 const GURL& current_url,
265 const GURL& new_url);
267 // Returns true if the given navigation redirect should cause a renderer
269 // This is called on the IO thread.
270 virtual bool ShouldSwapProcessesForRedirect(ResourceContext* resource_context,
271 const GURL& current_url,
272 const GURL& new_url);
274 // Returns true if the passed in URL should be assigned as the site of the
275 // current SiteInstance, if it does not yet have a site.
276 virtual bool ShouldAssignSiteForURL(const GURL& url);
278 // See CharacterEncoding's comment.
279 virtual std::string GetCanonicalEncodingNameByAliasName(
280 const std::string& alias_name);
282 // Allows the embedder to pass extra command line flags.
283 // switches::kProcessType will already be set at this point.
284 virtual void AppendExtraCommandLineSwitches(base::CommandLine* command_line,
285 int child_process_id) {}
287 // Returns the locale used by the application.
288 // This is called on the UI and IO threads.
289 virtual std::string GetApplicationLocale();
291 // Returns the languages used in the Accept-Languages HTTP header.
292 // (Not called GetAcceptLanguages so it doesn't clash with win32).
293 virtual std::string GetAcceptLangs(BrowserContext* context);
295 // Returns the default favicon. The callee doesn't own the given bitmap.
296 virtual gfx::ImageSkia* GetDefaultFavicon();
298 // Allow the embedder to control if an AppCache can be used for the given url.
299 // This is called on the IO thread.
300 virtual bool AllowAppCache(const GURL& manifest_url,
301 const GURL& first_party,
302 ResourceContext* context);
304 // Allow the embedder to control if the given cookie can be read.
305 // This is called on the IO thread.
306 virtual bool AllowGetCookie(const GURL& url,
307 const GURL& first_party,
308 const net::CookieList& cookie_list,
309 ResourceContext* context,
310 int render_process_id,
311 int render_frame_id);
313 // Allow the embedder to control if the given cookie can be set.
314 // This is called on the IO thread.
315 virtual bool AllowSetCookie(const GURL& url,
316 const GURL& first_party,
317 const std::string& cookie_line,
318 ResourceContext* context,
319 int render_process_id,
321 net::CookieOptions* options);
323 // This is called on the IO thread.
324 virtual bool AllowSaveLocalState(ResourceContext* context);
326 // Allow the embedder to control if access to web database by a shared worker
327 // is allowed. |render_frame| is a vector of pairs of
328 // RenderProcessID/RenderFrameID of RenderFrame that are using this worker.
329 // This is called on the IO thread.
330 virtual bool AllowWorkerDatabase(
332 const base::string16& name,
333 const base::string16& display_name,
334 unsigned long estimated_size,
335 ResourceContext* context,
336 const std::vector<std::pair<int, int> >& render_frames);
338 // Allow the embedder to control if access to file system by a shared worker
340 // This is called on the IO thread.
341 virtual bool AllowWorkerFileSystem(
343 ResourceContext* context,
344 const std::vector<std::pair<int, int> >& render_frames);
346 // Allow the embedder to control if access to IndexedDB by a shared worker
348 // This is called on the IO thread.
349 virtual bool AllowWorkerIndexedDB(
351 const base::string16& name,
352 ResourceContext* context,
353 const std::vector<std::pair<int, int> >& render_frames);
355 // Allow the embedder to override the request context based on the URL for
356 // certain operations, like cookie access. Returns NULL to indicate the
357 // regular request context should be used.
358 // This is called on the IO thread.
359 virtual net::URLRequestContext* OverrideRequestContextForURL(
360 const GURL& url, ResourceContext* context);
362 // Allow the embedder to specify a string version of the storage partition
363 // config with a site.
364 virtual std::string GetStoragePartitionIdForSite(
365 content::BrowserContext* browser_context,
368 // Allows the embedder to provide a validation check for |partition_id|s.
369 // This domain of valid entries should match the range of outputs for
370 // GetStoragePartitionIdForChildProcess().
371 virtual bool IsValidStoragePartitionId(BrowserContext* browser_context,
372 const std::string& partition_id);
374 // Allows the embedder to provide a storage parititon configuration for a
375 // site. A storage partition configuration includes a domain of the embedder's
376 // choice, an optional name within that domain, and whether the partition is
379 // If |can_be_default| is false, the caller is telling the embedder that the
380 // |site| is known to not be in the default partition. This is useful in
381 // some shutdown situations where the bookkeeping logic that maps sites to
382 // their partition configuration are no longer valid.
384 // The |partition_domain| is [a-z]* UTF-8 string, specifying the domain in
385 // which partitions live (similar to namespace). Within a domain, partitions
386 // can be uniquely identified by the combination of |partition_name| and
387 // |in_memory| values. When a partition is not to be persisted, the
388 // |in_memory| value must be set to true.
389 virtual void GetStoragePartitionConfigForSite(
390 content::BrowserContext* browser_context,
393 std::string* partition_domain,
394 std::string* partition_name,
397 // Create and return a new quota permission context.
398 virtual QuotaPermissionContext* CreateQuotaPermissionContext();
400 // Informs the embedder that a certificate error has occured. If
401 // |overridable| is true and if |strict_enforcement| is false, the user
402 // can ignore the error and continue. The embedder can call the callback
403 // asynchronously. If |result| is not set to
404 // CERTIFICATE_REQUEST_RESULT_TYPE_CONTINUE, the request will be cancelled
405 // or denied immediately, and the callback won't be run.
406 virtual void AllowCertificateError(
407 int render_process_id,
410 const net::SSLInfo& ssl_info,
411 const GURL& request_url,
412 ResourceType::Type resource_type,
414 bool strict_enforcement,
415 const base::Callback<void(bool)>& callback,
416 CertificateRequestResultType* result) {}
418 // Selects a SSL client certificate and returns it to the |callback|. If no
419 // certificate was selected NULL is returned to the |callback|.
420 virtual void SelectClientCertificate(
421 int render_process_id,
423 const net::HttpNetworkSession* network_session,
424 net::SSLCertRequestInfo* cert_request_info,
425 const base::Callback<void(net::X509Certificate*)>& callback) {}
427 // Adds a new installable certificate or private key.
428 // Typically used to install an X.509 user certificate.
429 // Note that it's up to the embedder to verify that the data is
430 // well-formed. |cert_data| will be NULL if file_size is 0.
431 virtual void AddCertificate(
432 net::URLRequest* request,
433 net::CertificateMimeType cert_type,
434 const void* cert_data,
436 int render_process_id,
437 int render_view_id) {}
439 // Returns a class to get notifications about media event. The embedder can
440 // return NULL if they're not interested.
441 virtual MediaObserver* GetMediaObserver();
443 // Asks permission to show desktop notifications. |callback| needs to be run
444 // when the user approves the request.
445 virtual void RequestDesktopNotificationPermission(
446 const GURL& source_origin,
447 RenderFrameHost* render_frame_host,
448 base::Closure& callback) {}
450 // Checks if the given page has permission to show desktop notifications.
451 // This is called on the IO thread.
452 virtual blink::WebNotificationPresenter::Permission
453 CheckDesktopNotificationPermission(
454 const GURL& source_url,
455 ResourceContext* context,
456 int render_process_id);
458 // Show a desktop notification. If |cancel_callback| is non-null, it's set to
459 // a callback which can be used to cancel the notification.
460 virtual void ShowDesktopNotification(
461 const ShowDesktopNotificationHostMsgParams& params,
462 RenderFrameHost* render_frame_host,
463 DesktopNotificationDelegate* delegate,
464 base::Closure* cancel_callback) {}
466 // Returns true if the given page is allowed to open a window of the given
467 // type. If true is returned, |no_javascript_access| will indicate whether
468 // the window that is created should be scriptable/in the same process.
469 // This is called on the IO thread.
470 virtual bool CanCreateWindow(const GURL& opener_url,
471 const GURL& opener_top_level_frame_url,
472 const GURL& source_origin,
473 WindowContainerType container_type,
474 const GURL& target_url,
475 const content::Referrer& referrer,
476 WindowOpenDisposition disposition,
477 const blink::WebWindowFeatures& features,
479 bool opener_suppressed,
480 content::ResourceContext* context,
481 int render_process_id,
484 bool* no_javascript_access);
486 // Returns a title string to use in the task manager for a process host with
487 // the given URL, or the empty string to fall back to the default logic.
488 // This is called on the IO thread.
489 virtual std::string GetWorkerProcessTitle(const GURL& url,
490 ResourceContext* context);
492 // Notifies the embedder that the ResourceDispatcherHost has been created.
493 // This is when it can optionally add a delegate.
494 virtual void ResourceDispatcherHostCreated() {}
496 // Allows the embedder to return a delegate for the SpeechRecognitionManager.
497 // The delegate will be owned by the manager. It's valid to return NULL.
498 virtual SpeechRecognitionManagerDelegate*
499 GetSpeechRecognitionManagerDelegate();
501 // Getters for common objects.
502 virtual net::NetLog* GetNetLog();
504 // Creates a new AccessTokenStore for gelocation.
505 virtual AccessTokenStore* CreateAccessTokenStore();
507 // Returns true if fast shutdown is possible.
508 virtual bool IsFastShutdownPossible();
510 // Called by WebContents to override the WebKit preferences that are used by
511 // the renderer. The content layer will add its own settings, and then it's up
512 // to the embedder to update it if it wants.
513 virtual void OverrideWebkitPrefs(RenderViewHost* render_view_host,
515 WebPreferences* prefs) {}
517 // Inspector setting was changed and should be persisted.
518 virtual void UpdateInspectorSetting(RenderViewHost* rvh,
519 const std::string& key,
520 const std::string& value) {}
522 // Notifies that BrowserURLHandler has been created, so that the embedder can
523 // optionally add their own handlers.
524 virtual void BrowserURLHandlerCreated(BrowserURLHandler* handler) {}
526 // Clears browser cache.
527 virtual void ClearCache(RenderViewHost* rvh) {}
529 // Clears browser cookies.
530 virtual void ClearCookies(RenderViewHost* rvh) {}
532 // Returns the default download directory.
533 // This can be called on any thread.
534 virtual base::FilePath GetDefaultDownloadDirectory();
536 // Returns the default filename used in downloads when we have no idea what
537 // else we should do with the file.
538 virtual std::string GetDefaultDownloadName();
540 // Notification that a pepper plugin has just been spawned. This allows the
541 // embedder to add filters onto the host to implement interfaces.
542 // This is called on the IO thread.
543 virtual void DidCreatePpapiPlugin(BrowserPpapiHost* browser_host) {}
545 // Gets the host for an external out-of-process plugin.
546 virtual content::BrowserPpapiHost* GetExternalBrowserPpapiHost(
547 int plugin_child_id);
549 // Returns true if the socket operation specified by |params| is allowed from
550 // the given |browser_context| and |url|. If |params| is NULL, this method
551 // checks the basic "socket" permission, which is for those operations that
552 // don't require a specific socket permission rule.
553 // |private_api| indicates whether this permission check is for the private
554 // Pepper socket API or the public one.
555 virtual bool AllowPepperSocketAPI(BrowserContext* browser_context,
558 const SocketPermissionRequest* params);
560 // Returns an implementation of a file selecition policy. Can return NULL.
561 virtual ui::SelectFilePolicy* CreateSelectFilePolicy(
562 WebContents* web_contents);
564 // Returns additional allowed scheme set which can access files in
566 virtual void GetAdditionalAllowedSchemesForFileSystem(
567 std::vector<std::string>* additional_schemes) {}
569 // Returns auto mount handlers for URL requests for FileSystem APIs.
570 virtual void GetURLRequestAutoMountHandlers(
571 std::vector<fileapi::URLRequestAutoMountHandler>* handlers) {}
573 // Returns additional file system backends for FileSystem API.
574 // |browser_context| is needed in the additional FileSystemBackends.
575 // It has mount points to create objects returned by additional
576 // FileSystemBackends, and SpecialStoragePolicy for permission granting.
577 virtual void GetAdditionalFileSystemBackends(
578 BrowserContext* browser_context,
579 const base::FilePath& storage_partition_path,
580 ScopedVector<fileapi::FileSystemBackend>* additional_backends) {}
582 // Allows an embedder to return its own LocationProvider implementation.
583 // Return NULL to use the default one for the platform to be created.
584 // FYI: Used by an external project; please don't remove.
585 // Contact Viatcheslav Ostapenko at sl.ostapenko@samsung.com for more
587 virtual LocationProvider* OverrideSystemLocationProvider();
589 // Allows an embedder to return its own VibrationProvider implementation.
590 // Return NULL to use the default one for the platform to be created.
591 // FYI: Used by an external project; please don't remove.
592 // Contact Viatcheslav Ostapenko at sl.ostapenko@samsung.com for more
594 virtual VibrationProvider* OverrideVibrationProvider();
596 #if defined(OS_POSIX) && !defined(OS_MACOSX)
597 // Populates |mappings| with all files that need to be mapped before launching
599 virtual void GetAdditionalMappedFilesForChildProcess(
600 const base::CommandLine& command_line,
601 int child_process_id,
602 std::vector<FileDescriptorInfo>* mappings) {}
606 // Returns the name of the dll that contains cursors and other resources.
607 virtual const wchar_t* GetResourceDllName();
609 // This is called on the PROCESS_LAUNCHER thread before the renderer process
610 // is launched. It gives the embedder a chance to add loosen the sandbox
612 virtual void PreSpawnRenderer(sandbox::TargetPolicy* policy,
616 // Returns true if plugin referred to by the url can use
617 // pp::FileIO::RequestOSFileHandle.
618 virtual bool IsPluginAllowedToCallRequestOSFileHandle(
619 content::BrowserContext* browser_context,
622 // Returns true if dev channel APIs are available for plugins.
623 virtual bool IsPluginAllowedToUseDevChannelAPIs();
625 // Returns a special cookie store to use for a given render process, or NULL
626 // if the default cookie store should be used
627 // This is called on the IO thread.
628 virtual net::CookieStore* OverrideCookieStoreForRenderProcess(
629 int render_process_id_);
631 #if defined(VIDEO_HOLE)
632 // Allows an embedder to provide its own ExternalVideoSurfaceContainer
633 // implementation. Return NULL to disable external surface video.
634 virtual ExternalVideoSurfaceContainer*
635 OverrideCreateExternalVideoSurfaceContainer(WebContents* web_contents);
639 } // namespace content
641 #endif // CONTENT_PUBLIC_BROWSER_CONTENT_BROWSER_CLIENT_H_