Allow apps with background pages to request process-per-app-instance.

chrome/browser/chrome_content_browser_client.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/chrome_content_browser_client.h"
 
 #include <set>
 #include <utility>
 #include <vector>
 
@@ skipping 432 matching lines @@
   Profile* profile = Profile::FromBrowserContext(browser_context);
   if (!profile || !profile->GetExtensionService())
     return false;
 
   const Extension* extension = profile->GetExtensionService()->extensions()->
       GetExtensionOrAppByURL(ExtensionURLInfo(effective_url));
   if (!extension)
     return false;
 
   // If the URL is part of a hosted app that does not have the background
-  // permission, we want to give each instance its own process to improve
+  // permission, or that does not allow JavaScript access to the background
+  // page, we want to give each instance its own process to improve
   // responsiveness.
-  if (extension->GetType() == Extension::TYPE_HOSTED_APP &&
-      !extension->HasAPIPermission(ExtensionAPIPermission::kBackground))
-    return false;
+  if (extension->GetType() == Extension::TYPE_HOSTED_APP) {
+    if (!extension->HasAPIPermission(ExtensionAPIPermission::kBackground) ||
+        !extension->allow_background_js_access()) {

[Charlie Reis, 2012/02/29 02:56:32]

Drew or Mihai, is there a way to enforce having no JS access to the background
page?  So far I'm just using it as a signal to the process model.

[Andrew T Wilson (Slow), 2012/02/29 03:20:15]

I think returning false from CanCreateWindow() will do it  - I think that will
prevent requests from the renderer to create a bg window, but will still allow
the browser process to create one. The currently missing piece is how to get
information about the extension "allow_background_js_access()" into the
ExtensionInfoMap so it can be accessed from the I/O thread.

[Charlie Reis, 2012/03/01 00:38:22]

Yep, seems to work.
Ugh.  This seems like it should be easy, but it's pretty awkward.  We really
need a better way to attribute a security principal (like an Extension) to any
given request.  Another argument for http://crbug.com/109792.

+      return false;
+    }
+  }
 
-  // Hosted apps that have the background permission must use process per site,
-  // since all instances can make synchronous calls to the background window.
-  // Other extensions should use process per site as well.
+  // Hosted apps that have script access to their background page must use
+  // process per site, since all instances can make synchronous calls to the
+  // background window.  Other extensions should use process per site as well.
   return true;
 }
 
 bool ChromeContentBrowserClient::IsHandledURL(const GURL& url) {
   return ProfileIOData::IsHandledURL(url);
 }
 
 bool ChromeContentBrowserClient::IsSuitableHost(
     content::RenderProcessHost* process_host,
     const GURL& site_url) {
@@ skipping 1000 matching lines @@
 #if defined(USE_NSS)
 crypto::CryptoModuleBlockingPasswordDelegate*
     ChromeContentBrowserClient::GetCryptoPasswordDelegate(
         const GURL& url) {
   return browser::NewCryptoModuleBlockingDialogDelegate(
       browser::kCryptoModulePasswordKeygen, url.host());
 }
 #endif
 
 }  // namespace chrome