Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

alloy: Include built-in Chrome isolated origins #3672

Closed
amaitland opened this issue Mar 24, 2024 · 4 comments
Closed

alloy: Include built-in Chrome isolated origins #3672

amaitland opened this issue Mar 24, 2024 · 4 comments
Labels
bug Bug report

Comments

@amaitland
Copy link
Contributor

Describe the bug

The alloy runtime doesn't set the default built-in isolated origins like Chrome (and the Chrome Runtime).

Loading chrome://process-internals/#site-isolation in Chrome vs cefclient and you'll see there's no default isolations specified

if you run with cefclient.exe --enable-chrome-runtime then the same isolations that Chrome uses are set as default.

To Reproduce
Steps to reproduce the behaviour:

  1. Open cefclient.exe
  2. Load chrome://process-internals/#site-isolation
  3. Observe there aren't any built in isolations

Steps to compare difference in Chrome Runtime:

  1. Open cefclient.exe --enable-chrome-runtime
  2. Load chrome://process-internals/#site-isolation
  3. Observe there are three urls listed as built-in

Expected behavior
It would be nice if the alloy runtime had the same behaviour as the Chrome runtime.

Screenshots

Loading chrome://process-internals/#site-isolation in Chrome I see

image

In the CEF Sample Application (cefclient) it looks like

image

Versions (please complete the following information):

  • OS: Windows
  • CEF M123

Additional context

https://source.chromium.org/chromium/chromium/src/+/main:docs/process_model_and_site_isolation.md;l=205?q=built-in%20isolate-origins&ss=chromium%2Fchromium%2Fsrc

The Chrome doco suggests that implementing ContentBrowserClient::GetOriginsRequiringDedicatedProcess to provide a list of isolated origins.

You can use the --isolate-origins command line arg to workaround the difference.
@amaitland amaitland added the bug Bug report label Mar 24, 2024
@amaitland amaitland mentioned this issue Mar 24, 2024
Open
1 task
@amaitland amaitland changed the title alloy: Include built-in Chrome Site isolation Urls alloy: Include built-in Chrome isolated origins Mar 24, 2024
@magreenblatt
Copy link
Collaborator

I don't think there's anything that we need to add here for Alloy.

The chrome.google.com and chromewebstore.google.com URLs are for the extensions webstore (code here), which is not supported by Alloy. The accounts.google.com URL is for Gaia (code here), which is not supported by Alloy. Any additional internal isolated origins (code here) would only be included in Google Chrome branded builds in any case.

@magreenblatt magreenblatt closed this as not planned Won't fix, can't repro, duplicate, stale Mar 26, 2024
@dmitry-azaraev
Copy link
Contributor

From my understanding they are isolated by default in site-per-process mode anyway. Chrome may force isolation policy for specific origins when browser runs in less restricted mode, but it is what is not recommended, and by so there is no need add any origins explicitly.

@amaitland
Copy link
Contributor Author

The underlying issue appears to be resolved by switching to the Chrome Bootstrap. As the alloy bootstrap is to be removed with the Chrome Bootstrap to replace it, this is now a non issue anyways.

@magreenblatt
Copy link
Collaborator

Thanks for the update.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Bug report
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@amaitland @magreenblatt @dmitry-azaraev