1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
content / public / browser / render_frame_host.h [blame]
// Copyright 2013 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CONTENT_PUBLIC_BROWSER_RENDER_FRAME_HOST_H_
#define CONTENT_PUBLIC_BROWSER_RENDER_FRAME_HOST_H_
#include <optional>
#include <string>
#include <utility>
#include <vector>
#include "base/containers/flat_set.h"
#include "base/functional/callback_forward.h"
#include "base/functional/function_ref.h"
#include "base/memory/safety_checks.h"
#include "base/values.h"
#include "build/build_config.h"
#include "build/buildflag.h"
#include "content/common/content_export.h"
#include "content/public/browser/back_forward_cache.h"
#include "content/public/browser/frame_tree_node_id.h"
#include "content/public/browser/web_exposed_isolation_level.h"
#include "content/public/common/bindings_policy.h"
#include "content/public/common/extra_mojo_js_features.mojom.h"
#include "content/public/common/isolated_world_ids.h"
#include "ipc/ipc_listener.h"
#include "ipc/ipc_sender.h"
#include "net/cookies/cookie_setting_override.h"
#include "services/metrics/public/cpp/ukm_source_id.h"
#include "services/network/public/mojom/web_sandbox_flags.mojom-forward.h"
#include "third_party/blink/public/common/frame/frame_owner_element_type.h"
#include "third_party/blink/public/common/permissions_policy/permissions_policy_declaration.h"
#include "third_party/blink/public/common/tokens/tokens.h"
#include "third_party/blink/public/mojom/devtools/console_message.mojom-forward.h"
#include "third_party/blink/public/mojom/devtools/inspector_issue.mojom-forward.h"
#include "third_party/blink/public/mojom/favicon/favicon_url.mojom-forward.h"
#include "third_party/blink/public/mojom/frame/frame.mojom-forward.h"
#include "third_party/blink/public/mojom/frame/sudden_termination_disabler_type.mojom-forward.h"
#include "third_party/blink/public/mojom/frame/user_activation_notification_type.mojom-forward.h"
#include "third_party/blink/public/mojom/opengraph/metadata.mojom-forward.h"
#include "third_party/blink/public/mojom/page/page_visibility_state.mojom-forward.h"
#include "third_party/blink/public/mojom/permissions_policy/permissions_policy_feature.mojom-forward.h"
#include "third_party/perfetto/include/perfetto/tracing/traced_value_forward.h"
#include "ui/accessibility/ax_node_id_forward.h"
#include "ui/gfx/geometry/rect.h"
#include "ui/gfx/image/image_skia.h"
#include "ui/gfx/native_widget_types.h"
#if BUILDFLAG(IS_ANDROID)
#include "third_party/jni_zero/jni_zero.h"
#endif
class GURL;
namespace base {
class UnguessableToken;
} // namespace base
namespace blink {
class AssociatedInterfaceProvider;
class PermissionsPolicy;
class StorageKey;
namespace mojom {
enum class AuthenticatorStatus;
enum class PermissionsPolicyFeature;
class MediaPlayerAction;
} // namespace mojom
} // namespace blink
namespace gfx {
class Point;
class Size;
} // namespace gfx
namespace mojo {
template <typename T>
class PendingReceiver;
} // namespace mojo
namespace net {
class IsolationInfo;
class NetworkIsolationKey;
} // namespace net
namespace network {
namespace mojom {
class URLLoaderFactory;
class URLResponseHead;
}
} // namespace network
namespace perfetto::protos::pbzero {
class RenderFrameHost;
} // namespace perfetto::protos::pbzero
namespace service_manager {
class InterfaceProvider;
}
namespace ui {
struct AXActionData;
struct AXTreeUpdate;
class AXTreeID;
} // namespace ui
namespace url {
class Origin;
}
namespace content {
class BrowserContext;
class DocumentRef;
struct GlobalRenderFrameHostId;
struct GlobalRenderFrameHostToken;
class NavigationHandle;
class RenderProcessHost;
class RenderViewHost;
class RenderWidgetHost;
class RenderWidgetHostView;
class SiteInstance;
class StoragePartition;
class WeakDocumentPtr;
class WebUI;
class Page;
// The interface provides a communication conduit with a frame in the renderer.
// The preferred way to keep a reference to a RenderFrameHost is storing a
// GlobalRenderFrameHostId and using RenderFrameHost::FromID() when you need to
// access it.
//
// Any code that uses RenderFrameHost must be aware of back-forward cache, see
// LifecycleState. The main side-effect is that any IPCs that are processed on a
// freezable task queue can stall indefinitely. See
// MainThreadTaskQueue::QueueTraits::can_be_frozen. Code that uses
// RenderFrameHost should refrain from passing this negative externality on to
// higher-level dependencies. In short: code that uses RenderFrameHost must be
// back-forward cache aware, and code that does not use RenderFrameHost should
// not have to be back-forward cache aware.
class CONTENT_EXPORT RenderFrameHost : public IPC::Listener,
public IPC::Sender {
// Do not remove this macro!
// The macro is maintained by the memory safety team.
ADVANCED_MEMORY_SAFETY_CHECKS();
public:
// Returns the RenderFrameHost given its ID and the ID of its render process.
// Returns nullptr if the IDs do not correspond to a live RenderFrameHost.
static RenderFrameHost* FromID(const GlobalRenderFrameHostId& id);
static RenderFrameHost* FromID(int render_process_id, int render_frame_id);
// Returns the RenderFrameHost given its global frame token. Returns nullptr
// if the frame token does not correspond to a live RenderFrameHost.
static RenderFrameHost* FromFrameToken(
const GlobalRenderFrameHostToken& frame_token);
// Globally allows for injecting JavaScript into the main world. This feature
// is present only to support Android WebView, WebLayer, Fuchsia web.Contexts,
// and CastOS content shell. It must not be used in other configurations.
static void AllowInjectingJavaScript();
// Returns a RenderFrameHost given its accessibility tree ID.
static RenderFrameHost* FromAXTreeID(const ui::AXTreeID& ax_tree_id);
// Returns the FrameTreeNode ID corresponding to the specified |process_id|
// and |routing_id|. This routing ID pair may represent a placeholder for
// frame that is currently rendered in a different process than |process_id|.
static FrameTreeNodeId GetFrameTreeNodeIdForRoutingId(int process_id,
int routing_id);
// Returns the FrameTreeNode ID corresponding to the specified |process_id|
// and |frame_token|. This routing ID pair may represent a placeholder for
// frame that is currently rendered in a different process than |process_id|.
static FrameTreeNodeId GetFrameTreeNodeIdForFrameToken(
int process_id,
const ::blink::FrameToken& frame_token);
// Returns the RenderFrameHost corresponding to the
// |placeholder_frame_token| in the given |render_process_id|. The returned
// RenderFrameHost will always be in a different process. It may be null if
// the placeholder is not found in the given process, which may happen if the
// frame was recently deleted or swapped to |render_process_id| itself.
static RenderFrameHost* FromPlaceholderToken(
int render_process_id,
const blink::RemoteFrameToken& placeholder_frame_token);
#if BUILDFLAG(IS_ANDROID)
// Returns the RenderFrameHost object associated with a Java native pointer.
static RenderFrameHost* FromJavaRenderFrameHost(
const base::android::JavaRef<jobject>& jrender_frame_host_android);
#endif
// Logs UMA metrics related to isolatable sandboxed iframes.
static void LogSandboxedIframesIsolationMetrics();
~RenderFrameHost() override = default;
// Returns the storage key for the last committed document in this
// RenderFrameHost. It is used for partitioning storage by the various
// storage APIs.
virtual const blink::StorageKey& GetStorageKey() const = 0;
// Returns the route id for this frame.
virtual int GetRoutingID() const = 0;
// Returns the frame token for this frame.
virtual const blink::LocalFrameToken& GetFrameToken() const = 0;
// Returns the reporting source token for the document in this frame. This is
// used by the Reporting API to associate queued reports generated by this
// document with the reporting endpoint configuration delivered with the
// Reporting-Endpoints response header.
virtual const base::UnguessableToken& GetReportingSource() = 0;
// Returns the accessibility tree ID for this RenderFrameHost.
virtual ui::AXTreeID GetAXTreeID() = 0;
using AXTreeSnapshotCallback = base::OnceCallback<void(ui::AXTreeUpdate&)>;
// Returns the SiteInstance grouping all RenderFrameHosts that have script
// access to this RenderFrameHost, and must therefore live in the same
// process.
// Associated SiteInstance never changes.
virtual SiteInstance* GetSiteInstance() const = 0;
// Returns the process for this frame.
// Associated RenderProcessHost never changes.
virtual RenderProcessHost* GetProcess() const = 0;
// Returns the GlobalRenderFrameHostId for this frame. Embedders should store
// this instead of a raw RenderFrameHost pointer. This API is based on routing
// IDs from legacy IPC. The renderer may not have routing IDs for frames so it
// is preferred to use `GetGlobalFrameToken` over this API.
virtual GlobalRenderFrameHostId GetGlobalId() const = 0;
// Returns the GlobalRenderFrameHostToken for this frame. Embedders should
// store this instead of a raw RenderFrameHost pointer.
virtual GlobalRenderFrameHostToken GetGlobalFrameToken() const = 0;
// Returns a StoragePartition associated with this RenderFrameHost.
// Associated StoragePartition never changes.
virtual StoragePartition* GetStoragePartition() = 0;
// Returns the user browser context associated with this RenderFrameHost.
// Associated BrowserContext never changes.
virtual BrowserContext* GetBrowserContext() = 0;
// Returns the current document's response head. Note that this value will
// change when a cross-document navigation reuses RenderFrameHost and commits
// a new document in existing RenderFrameHost. Must not be called in
// LifecycleState::kPendingCommit before committing a document.
//
// This is null if there was no response: the initial empty document,
// about:blank, about:srcdoc, and MHTML iframes.
virtual const network::mojom::URLResponseHead* GetLastResponseHead() = 0;
// Returns the RenderWidgetHostView for this frame or the nearest ancestor
// frame, which can be used to control input, focus, rendering and visibility
// for this frame.
// This returns null when there is no connection to a renderer process, which
// can be checked with IsRenderFrameLive().
// NOTE: Due to historical relationships between RenderViewHost and
// RenderWidgetHost, the main frame RenderWidgetHostView may initially exist
// before IsRenderFrameLive() is true, but they would afterward change
// values together. It is better to not rely on this behaviour as it is
// intended to change. See https://crbug.com/419087.
virtual RenderWidgetHostView* GetView() = 0;
// Returns the RenderWidgetHost attached to this frame or the nearest ancestor
// frame, which could potentially be the root. This allows access to the
// RenderWidgetHost without having to go through GetView() which can be null,
// so should be preferred to GetView()->GetRenderWidgetHost().
//
// This method is not valid to be called when the RenderFrameHost is detached
// from the frame tree, though this would only happen during destruction of
// the RenderFrameHost.
virtual RenderWidgetHost* GetRenderWidgetHost() = 0;
// Returns the parent of this RenderFrameHost, or nullptr if this
// RenderFrameHost is the main one and there is no parent.
// The result may be in a different process than the
// current RenderFrameHost.
virtual RenderFrameHost* GetParent() const = 0;
// Returns the document owning the frame this RenderFrameHost is located
// in, which will either be a parent (for <iframe>s) or outer document (for
// <fencedframe>). This will return the outer document in cases
// of fenced frames but will not cross a browsing session boundary
// (ie. it will not escape a GuestView). See
// `RenderFrameHost::GetParentOrOuterDocumentOrEmbedder` for the
// version of this API that will cross a browsing session boundary.
// This method typically will be used for permissions and policy decisions
// based on checking origins.
// Example:
// A
// B (iframe)
// C (fenced frame - placeholder frame)
// C* (main frame in fenced frame).
//
// C* GetParent returns null.
// C* GetParentOrOuterDocument returns A.
// C GetParent & GetParentOrOuterDocument returns A.
// B GetParent & GetParentOrOuterDocument returns A.
// A GetParent & GetParentOrOuterDocument returns nullptr.
virtual RenderFrameHost* GetParentOrOuterDocument() const = 0;
// Returns the document owning the frame this RenderFrameHost is located
// in, which will either be a parent (for <iframe>s) or outer document (for
// <fencedframe>, or an embedder (e.g. GuestViews)). See
// `RenderFrameHost::GetParentOrOuterDocument` for the version of this API
// that does not cross a browsing session boundary (ie. Not escaping a
// GuestView). This method typically will be used for input, compositing, and
// focus related functionality where the physical arrangement of frames, as
// opposed to their semantics is required. Example:
// A (GuestView embedder)
// B (<webview> - placeholder frame)
// B* (embedded document main frame)
// C (iframe)
//
// C GetParent & GetParentOrOuterDocumentOrEmbedder returns B*.
// B* GetParent & GetParentOrOuterDocument returns null.
// B* GetParentOrOuterDocumentOrEmbedder returns A.
// B GetParent & GetParentOrOuterDocumentOrEmbedder returns A.
// A GetParent & GetParentOrOuterDocumentOrEmbedder returns nullptr.
virtual RenderFrameHost* GetParentOrOuterDocumentOrEmbedder() const = 0;
// Returns the eldest parent of this RenderFrameHost.
// Always non-null, but might be equal to |this|.
// The result may be in a different process that the current RenderFrameHost.
//
// NOTE: The result might be different from
// WebContents::FromRenderFrameHost(this)->GetMainFrame().
// This function (RenderFrameHost::GetMainFrame) is the preferred API in
// almost all of the cases. See RenderFrameHost::IsActive for the details.
virtual RenderFrameHost* GetMainFrame() = 0;
// Returns true if `this` is the main document of the primary `Page` of the
// associated WebContents. See the description of
// `WebContents::GetPrimaryPage` for details. It is therefore also current in
// the primary main frame.
virtual bool IsInPrimaryMainFrame() = 0;
// Returns the topmost ancestor RenderFrameHost of this RenderFrameHost. This
// includes any parents (in the case of subframes) and any outer documents
// (e.g. fenced frame owners), but does not traverse out of GuestViews.
// This can be used instead of GetMainFrame in cases where we want to escape
// inner pages. See also GetParentOrOuterDocument for more details on the
// distinction of "parents" and "outer documents."
// Note that this may be different from getting the WebContents' primary main
// frame. For example, if `this` is in a bfcached or prerendered page, this
// will return the cached/prerendered page's main RenderFrameHost.
// See docs/frame_trees.md for more details.
virtual RenderFrameHost* GetOutermostMainFrame() = 0;
// Returns the topmost ancestor RenderFrameHost. This includes any parents (in
// the case of subframes), any outer documents (e.g. fenced frame owners), and
// any GuestViews. See also GetOutermostMainFrame which does not escape
// GuestViews and GetParentOrOuterDocumentOrEmbedder for more details.
// Note that this may be different from getting the WebContents' primary main
// frame. For example, if `this` is in a bfcached or prerendered page, this
// will return the cached/prerendered page's main RenderFrameHost.
// See docs/frame_trees.md for more details.
virtual RenderFrameHost* GetOutermostMainFrameOrEmbedder() = 0;
// Fenced frames (meta-bug https://crbug.com/1111084):
// Returns true if this document is the root of a fenced frame tree. This
// supports both Shadow DOM and MPArch implementations.
//
// In particular, this always returns false for frames loaded inside a
// <fencedframe> element, if the frame is not the top-level <fencedframe>
// itself. That is, this will return false for all <iframes> nested under a
// <fencedframe>.
virtual bool IsFencedFrameRoot() const = 0;
// Fenced frames (meta-bug https://crbug.com/1111084):
// Returns true if `this` was loaded in a <fencedframe> element directly or if
// one of `this` ancestors was loaded in a <fencedframe> element. This
// supports both Shadow DOM and MPArch implementations.
virtual bool IsNestedWithinFencedFrame() const = 0;
// Check if the frame has untrusted network access disabled.
//
// A Fenced frame can disable untrusted network access for itself and the
// descendant iframes in the fenced frame tree by calling the fenced frame API
// `window.fence.disableUntrustedNetwork()`. After this API is invoked, no
// untrusted network requests are allowed in the fenced frame tree, i.e. in
// the root fenced frame and all of its descendant iframes. This includes:
// * Subresources requests.
// * Navigation requests.
// * Event level reporting.
// * Any other network channels, for example, WebSocket, web workers, etc.
//
// Fenced frames will get access to cross-site information, for example,
// shared storage API after the untrusted network access is disabled.
//
// Note: An example of a trusted network request is the aggregation report
// sent by Private Aggregation API. Because the report is privacy preserving,
// it is allowed from the fenced frame after the untrusted network access is
// disabled. Additional trusted network communications, such as to a secure
// trusted execution environment, may be added in the future.
//
// See
// https://github.com/WICG/fenced-frame/blob/master/explainer/fenced_frames_with_local_unpartitioned_data_access.md.
virtual bool IsUntrustedNetworkDisabled() const = 0;
// |ForEachRenderFrameHost| traverses this RenderFrameHost and all of its
// descendants, including frames in any inner frame trees (such as guest
// views), in breadth-first order.
//
// Note: The RenderFrameHost parameter is not guaranteed to have a
// live RenderFrame counterpart in the renderer process. Callbacks should
// check IsRenderFrameLive(), as sending IPC messages to it in this case will
// fail silently.
//
// The callback returns a FrameIterationAction which determines if/how
// iteration on subsequent frames continues. The FrameIterationAction may be
// omitted, in which case kContinue will be assumed.
enum class FrameIterationAction {
// Includes the children of the visited frame for subsequent traversal and
// continues traversal to the next frame.
kContinue,
// Continues traversal to the next frame but does not include the children
// of the visited frame for subsequent traversal.
kSkipChildren,
// Does not continue traversal.
kStop
};
virtual void ForEachRenderFrameHostWithAction(
base::FunctionRef<FrameIterationAction(RenderFrameHost*)> on_frame) = 0;
virtual void ForEachRenderFrameHost(
base::FunctionRef<void(RenderFrameHost*)> on_frame) = 0;
// Returns the FrameTreeNode ID associated with this RenderFrameHost.
//
// If a stable identifier is needed, GetGlobalId() always refers to this
// RenderFrameHost, while this RenderFrameHost might host multiple documents
// over its lifetime, and this RenderFrameHost might have a shorter lifetime
// than the frame hosting content, as explained above. For associating data
// with a single document, DocumentUserData can be used.
virtual FrameTreeNodeId GetFrameTreeNodeId() const = 0;
// Used for devtools instrumentation and trace-ability. The token is
// propagated to Blink's LocalFrame and both Blink and content/
// can tag calls and requests with this token in order to attribute them
// to the context frame. The token is only defined by the browser process and
// is never sent back from the renderer in the control calls. It should be
// never used to look up the FrameTreeNode instance.
virtual const base::UnguessableToken& GetDevToolsFrameToken() = 0;
// This token is present on all frames. For frames with parents, it allows
// identification of embedding relationships between parent and child. For
// main frames, it also allows generalization of the embedding relationship
// when the WebContents itself is embedded in another context such as the rest
// of the browser UI. This will be nullopt prior to the RenderFrameHost
// committing a navigation. After the first navigation commits this
// will return the token for the last committed document.
//
// TODO(crbug.com/40136951): Remove the nullopt scenario by creating the token
// in CreateChildFrame() or similar.
virtual std::optional<base::UnguessableToken> GetEmbeddingToken() = 0;
// Returns the assigned name of the frame, the name of the iframe tag
// declaring it. For example, <iframe name="framename">[...]</iframe>. It is
// quite possible for a frame to have no name, in which case GetFrameName will
// return an empty string.
virtual const std::string& GetFrameName() = 0;
// Returns true if the frame is display: none.
virtual bool IsFrameDisplayNone() = 0;
// Returns the size of the frame in the viewport. The frame may not be aware
// of its size.
virtual const std::optional<gfx::Size>& GetFrameSize() = 0;
// Returns the distance from this frame to its main frame.
virtual size_t GetFrameDepth() = 0;
// Returns true if the frame is out of process relative to its parent.
virtual bool IsCrossProcessSubframe() = 0;
// Returns the cross-origin isolation capability of this frame.
//
// Note that this is a property of the document and can change as the frame
// navigates.
//
// Unlike RenderProcessHost::GetWebExposedIsolationLevel(), this takes the
// currently document's Permissions Policy into account and may return a
// lower isolation level than RenderProcessHost if the
// "cross-origin-isolated" feature is not delegated to this frame. Because
// of this, this function should generally be used instead of
// RenderProcessHost::GetWebExposedIsolationLevel() when making decisions
// based on the isolation level, such as API availability.
//
// Note that the embedder can force-enable APIs in processes even if they
// lack the necessary privilege. This function doesn't account for that; use
// content::HasIsolatedContextCapability(RenderFrameHost*) to handle this
// case.
//
// TODO(https://936696): Once RenderDocument ships this should be exposed as
// an invariant of the document host.
virtual WebExposedIsolationLevel GetWebExposedIsolationLevel() = 0;
// Returns the last committed URL of this RenderFrameHost. This will be empty
// until the first commit in this RenderFrameHost.
//
// Note that this does not reflect navigations in other RenderFrameHosts,
// frames, or pages within the same WebContents, so it may differ from
// NavigationController::GetLastCommittedEntry().
virtual const GURL& GetLastCommittedURL() const = 0;
// Returns the last committed origin of this RenderFrameHost.
virtual const url::Origin& GetLastCommittedOrigin() const = 0;
// Returns the network isolation key used for subresources from the currently
// committed navigation. It's set on commit and does not change until the next
// navigation is committed.
//
// TODO(mmenke): Remove this in favor of GetIsolationInfoForSubresoruces().
virtual const net::NetworkIsolationKey& GetNetworkIsolationKey() = 0;
// Returns the IsolationInfo used for subresources from the currently
// committed navigation. It's set on commit and does not change until the next
// navigation is committed.
virtual const net::IsolationInfo& GetIsolationInfoForSubresources() = 0;
// Returns the IsolationInfo used for subresources for the pending commit, if
// there is one. Otherwise, returns the IsolationInfo used for subresources of
// the last committed page load.
//
// TODO(https://936696): Remove this once RenderDocument ships, at which point
// it will no longer be needed.
virtual net::IsolationInfo GetPendingIsolationInfoForSubresources() = 0;
// Returns the associated widget's native view.
virtual gfx::NativeView GetNativeView() = 0;
// Adds |message| to the DevTools console.
virtual void AddMessageToConsole(blink::mojom::ConsoleMessageLevel level,
const std::string& message) = 0;
// Functions to run JavaScript in this frame's context. Pass in a callback to
// receive a result when it is available. If there is no need to receive the
// result, pass in a default-constructed callback. If provided, the callback
// will be invoked on the UI thread.
using JavaScriptResultCallback = base::OnceCallback<void(base::Value)>;
// This API allows to execute JavaScript methods in this frame, without
// having to serialize the arguments into a single string, and is a lot
// cheaper than ExecuteJavaScript below since it avoids the need to compile
// and evaluate new scripts all the time.
//
// Calling
//
// ExecuteJavaScriptMethod("obj", "foo", [1, true], callback)
//
// is semantically equivalent to
//
// ExecuteJavaScript("obj.foo(1, true)", callback)
virtual void ExecuteJavaScriptMethod(const std::u16string& object_name,
const std::u16string& method_name,
base::Value::List arguments,
JavaScriptResultCallback callback) = 0;
// This is the default API to run JavaScript in this frame. This API can only
// be called on chrome:// or devtools:// URLs.
virtual void ExecuteJavaScript(const std::u16string& javascript,
JavaScriptResultCallback callback) = 0;
// This runs the JavaScript in an isolated world of the top of this frame's
// context. It is invalid to specify a `world_id` of
// `ISOLATED_WORLD_ID_GLOBAL`.
virtual void ExecuteJavaScriptInIsolatedWorld(
const std::u16string& javascript,
JavaScriptResultCallback callback,
int32_t world_id) = 0;
// This runs the JavaScript, but without restrictions. Specify a `world_id` of
// `ISOLATED_WORLD_ID_GLOBAL` to run the code in the global world. THIS IS
// ONLY FOR TESTS.
virtual void ExecuteJavaScriptForTests(const std::u16string& javascript,
JavaScriptResultCallback callback,
int32_t world_id) = 0;
// This runs the JavaScript, but without restrictions. Unlike the method
// above, this one triggers a fake user activation notification to test
// functionalities that are gated by user activation. Specify a `world_id` of
// `ISOLATED_WORLD_ID_GLOBAL` to run the code in the global world. THIS IS
// ONLY FOR TESTS.
virtual void ExecuteJavaScriptWithUserGestureForTests(
const std::u16string& javascript,
JavaScriptResultCallback callback,
int32_t world_id) = 0;
// Tells the renderer to perform a given action on the plugin located at a
// given location in its local view coordinate space.
virtual void ExecutePluginActionAtLocalLocation(
const gfx::Point& local_location,
blink::mojom::PluginActionType plugin_action) = 0;
// Send a message to the RenderFrame to trigger an action on an
// accessibility object.
virtual void AccessibilityPerformAction(const ui::AXActionData& data) = 0;
// This is called when the user has committed to the given find in page
// request (e.g. by pressing enter or by clicking on the next / previous
// result buttons). It triggers sending a native accessibility event on
// the result object on the page, navigating assistive technology to that
// result.
virtual void ActivateFindInPageResultForAccessibility(int request_id) = 0;
// See RenderWidgetHost::InsertVisualStateCallback().
using VisualStateCallback = base::OnceCallback<void(bool)>;
virtual void InsertVisualStateCallback(VisualStateCallback callback) = 0;
// Copies the image at the location in viewport coordinates (not frame
// coordinates) to the clipboard. If there is no image at that location, does
// nothing.
virtual void CopyImageAt(int x, int y) = 0;
// Requests to save the image at the location in viewport coordinates (not
// frame coordinates). If there is a data-URL-based image at the location, the
// renderer will post back the appropriate download message to trigger the
// save UI. Nothing gets done if there is no image at that location (or if
// the image has a non-data URL).
virtual void SaveImageAt(int x, int y) = 0;
// RenderViewHost for this frame.
virtual RenderViewHost* GetRenderViewHost() const = 0;
// Returns the InterfaceProvider that this process can use to bind
// interfaces exposed to it by the application running in this frame.
virtual service_manager::InterfaceProvider* GetRemoteInterfaces() = 0;
// Returns the AssociatedInterfaceProvider that this process can use to access
// remote frame-specific Channel-associated interfaces for this frame.
virtual blink::AssociatedInterfaceProvider*
GetRemoteAssociatedInterfaces() = 0;
// Returns the visibility state of the frame. The different visibility states
// of a frame are defined in Blink.
virtual blink::mojom::PageVisibilityState GetVisibilityState() = 0;
// Returns whether the IP address of the last commit was publicly routable.
virtual bool IsLastCommitIPAddressPubliclyRoutable() const = 0;
// Returns whether the RenderFrame in the renderer process has been created
// and still has a connection. This is valid for all frames.
// RenderFrameDeleted notification will later be dispatched for this frame.
virtual bool IsRenderFrameLive() = 0;
// Defines different states the RenderFrameHost can be in during its lifetime,
// i.e., from the point of creation to deletion. Please see comments in
// RenderFrameHostImpl::LifecycleStateImpl for more details.
//
// Compared to the internal LifecycleStateImpl, this public LifecycleState has
// two main differences. First, it collapses kRunningUnloadHandlers and
// kReadyToBeDeleted into a single kPendingDeletion state, since embedders
// need not care about the difference between having started and having
// finished running unload handlers. Second, it intentionally does not expose
// speculative RenderFrameHosts (corresponding to the kSpeculative internal
// state): this is a content-internal implementation detail that is planned to
// be eventually removed, and //content embedders shouldn't rely on their
// existence.
// A Java counterpart will be generated for this enum.
// GENERATED_JAVA_ENUM_PACKAGE: (
// org.chromium.content_public.browser)
enum class LifecycleState {
// RenderFrameHost is waiting for an acknowledgment from the renderer to
// to commit a cross-RenderFrameHost navigation and swap in this
// RenderFrameHost. Documents are in this state from
// WebContentsObserver::ReadyToCommitNavigation to
// WebContentsObserver::DidFinishNavigation.
kPendingCommit,
// RenderFrameHost committed in a primary page.
// Documents in this state are visible to the user. kActive is the most
// common case and the documents that have reached DidFinishNavigation will
// be in this state (except for prerendered documents). A RenderFrameHost
// can also be created in this state for an initial empty document when
// creating new root frames or new child frames on a primary page.
//
// With MPArch (crbug.com/1164280), a WebContents may have multiple
// coexisting pages (trees of documents), including a primary page
// (currently shown to the user), prerendered pages, and/or pages in
// BackForwardCache, where the two latter kinds of pages may become primary.
kActive,
// Prerender2:
// RenderFrameHost committed in a prerendered page.
// A RenderFrameHost can reach this state after a navigation in a
// prerendered page, or be created in this state for an initial empty
// document when creating new root frames or new child frames on a
// prerendered page.
//
// Documents in this state are invisible to the user and aren't allowed to
// show any UI changes, but the page is allowed to load and run in the
// background. Documents in kPrerendering state can be evicted
// (canceling prerendering) at any time (e.g. by calling
// IsInactiveAndDisallowActivation).
kPrerendering,
// RenderFrameHost is stored in BackForwardCache.
// A document may be stored in BackForwardCache after the user has navigated
// away so that the RenderFrameHost can be re-used after history navigation.
kInBackForwardCache,
// RenderFrameHost is waiting to be unloaded and deleted, and is no longer
// visible to the user.
// After a cross-document navigation, the old documents are going to run
// unload handlers in the background and will be deleted thereafter e.g.
// after a DidFinishNavigation in the same frame for a different
// RenderFrameHost, up until RenderFrameDeleted. Use
// RenderFrameHostWrapper::WaitUntilRenderFrameDelete() to wait until
// RenderFrameHost is deleted in tests.
kPendingDeletion,
};
// Returns the LifecycleState associated with this RenderFrameHost.
// Features that display UI to the user (or cross document/tab boundary in
// general, e.g. when using WebContents::FromRenderFrameHost) should first
// check whether the RenderFrameHost is in the appropriate lifecycle state.
//
// TODO(crbug.com/40171294): Currently, //content embedders that
// observe WebContentsObserver::RenderFrameCreated() may also learn about
// speculative RenderFrameHosts, which is the state before a RenderFrameHost
// becomes kPendingCommit and is picked as the final RenderFrameHost for a
// navigation. The speculative state is a content-internal implementation
// detail that may go away and should not be relied on, and hence
// GetLifecycleState() will crash if it is called on a RenderFrameHost in such
// a state. Eventually, we should make sure that embedders only learn about
// new RenderFrameHosts when they reach the kPendingCommit state.
// If you want to use GetLifecycleState to check the state for speculative
// RenderFrameHosts, use RenderFrameHost::IsInLifecycleState to avoid crashing
// for speculative RenderFrameHosts.
virtual LifecycleState GetLifecycleState() = 0;
// Returns true if and only if the `lifecycle_state` matches
// `GetLifecycleState`. This is helpful for determining if a RenderFrameHost
// is in a specific state since GetLifecycleState can crash on speculative
// frames. TODO(crbug.com/40171294): Remove this method once
// GetLifecycleState() can be used for speculative.
virtual bool IsInLifecycleState(LifecycleState lifecycle_state) = 0;
// Returns true if the document hosted in this RenderFrameHost is committed
// and lives inside a page presented to the user for the WebContents it is in
// (e.g., not a prerendered or back-forward cached page). Only active RFHs
// should show UI elements (e.g., prompts, color picker, etc) to the user, so
// this method should be checked before showing some UI on behalf of a given
// RenderFrameHost (in particular, inside handlers for IPCs from a renderer
// process) or when crossing document/tab boundary in general, e.g., when
// using WebContents::FromRenderFrameHost.
//
// IsActive() is generally the same as GetLifecycleState() == kActive, except
// during a small window in RenderFrameHostManager::CommitPending which
// happens before updating the next LifecycleState of old RenderFrameHost. Due
// to this, IsActive() is preferred instead of using LifecycleState::kActive.
// TODO(crbug.com/40168690): Make IsActive and GetLifecycleState() == kActive
// always match.
virtual bool IsActive() const = 0;
// Checks that the RenderFrameHost is inactive (with some exceptions) and
// ensures that it will be never activated if it is inactive when calling this
// function.
//
// Side effect: In the case of the RenderFrameHost is inactive, this ensures
// it will be never activated through the following:
//
// - For BackForwardCache: it evicts the document from the cache and
// triggers deletion.
// - For Prerendering: it cancels prerendering and triggers deletion.
//
// This should be used when we are unsure if inactive RenderFrameHosts can
// properly handle events and events processing shouldn't or can't be deferred
// until the RenderFrameHost becomes active again. This allows the callers to
// safely ignore the event as the RenderFrameHost will never be shown to the
// user again.
//
// This should not be used just to check whether a RenderFrameHost is active
// or not. For that, use |IsActive()| instead.
//
// This should not be used for speculative and pending commit
// RenderFrameHosts as disallowing activation is not supported. In that case
// |IsInactiveAndDisallowActivation()| returns false along with terminating
// the renderer process.
//
// Return value: The opposite of |IsActive()|, except in some uncommon cases:
//
// - The "small window" referred to in the |IsActive()| documentation.
// - For speculative and pending commit RenderFrameHosts, as mentioned above.
//
// |reason| will be logged via UMA and UKM. It is recommended to provide
// a unique value for each caller.
//
// Embedders should use a value equal to or greater than
// DisallowActivationReasonId.kMinEmbedderDisallowActivationReason.
virtual bool IsInactiveAndDisallowActivation(uint64_t reason) = 0;
// Get the number of proxies to this frame, in all processes. Exposed for
// use by resource metrics.
virtual size_t GetProxyCount() = 0;
// Returns the Page associated with this RenderFrameHost. Both GetPage() and
// GetMainFrame()->GetPage() will always return the same value.
//
// NOTE: For now, the associated Page object might change (when a navigation
// is reusing RenderFrameHost and a new document is created in this
// RenderFrameHost). The removal of this case is tracked in crbug.com/936696.
virtual Page& GetPage() = 0;
// Returns true if the frame has a selection.
virtual bool HasSelection() = 0;
// Text surrounding selection.
virtual void RequestTextSurroundingSelection(
base::OnceCallback<void(const std::u16string&, uint32_t, uint32_t)>
callback,
int max_length) = 0;
// Generates an intervention report in this frame.
virtual void SendInterventionReport(const std::string& id,
const std::string& message) = 0;
// Returns the WebUI object associated wit this RenderFrameHost or nullptr
// otherwise.
virtual WebUI* GetWebUI() = 0;
// Tell the render frame to enable a set of javascript bindings.
virtual void AllowBindings(BindingsPolicySet bindings) = 0;
// Returns the set of bindings types that have been enabled for this
// RenderFrame.
virtual BindingsPolicySet GetEnabledBindings() = 0;
// Sets a property with the given name and value on the WebUI object
// associated with this RenderFrameHost, if one exists.
virtual void SetWebUIProperty(const std::string& name,
const std::string& value) = 0;
#if BUILDFLAG(IS_ANDROID)
// Returns the Java object of this instance.
virtual jni_zero::ScopedJavaLocalRef<jobject> GetJavaRenderFrameHost() = 0;
// Returns an InterfaceProvider for Java-implemented interfaces that are
// scoped to this RenderFrameHost. This provides access to interfaces
// implemented in Java in the browser process to C++ code in the browser
// process.
virtual service_manager::InterfaceProvider* GetJavaInterfaces() = 0;
#endif // BUILDFLAG(IS_ANDROID)
// Stops and disables the hang monitor for beforeunload. This avoids flakiness
// in tests that need to observe beforeunload dialogs, which could fail if the
// timeout skips the dialog.
virtual void DisableBeforeUnloadHangMonitorForTesting() = 0;
virtual bool IsBeforeUnloadHangMonitorDisabledForTesting() = 0;
// Check whether the specific Blink feature is currently preventing fast
// shutdown of the frame.
virtual bool GetSuddenTerminationDisablerState(
blink::mojom::SuddenTerminationDisablerType disabler_type) = 0;
// Returns the permission policy for this frame.
virtual const blink::PermissionsPolicy* GetPermissionsPolicy() = 0;
// Returns the parsed permissions policy header for this frame.
virtual const blink::ParsedPermissionsPolicy&
GetPermissionsPolicyHeader() = 0;
// Returns true if the queried PermissionsPolicyFeature is allowed by
// permissions policy.
virtual bool IsFeatureEnabled(
blink::mojom::PermissionsPolicyFeature feature) = 0;
// Opens view-source tab for the document last committed in this
// RenderFrameHost.
virtual void ViewSource() = 0;
// Run the given action on the media player location at the given point.
virtual void ExecuteMediaPlayerActionAtLocation(
const gfx::Point& location,
const blink::mojom::MediaPlayerAction& action) = 0;
// Requests the current video frame and bounds of the media player at
// `location`. The returned image is scaled if needed to be bounded by
// `max_size` with aspect ratio preserved, unless the original area is already
// less than `max_area`, where `max_size` and `max_area` are both in
// device-independent pixels. This is to avoid scaling images with very
// large/small aspect ratio to avoid losing information. If any of the
// dimensions is non-positive, no scaling will be performed. The bounds
// originate from the DOM layer, are in DIP and are relative to the local
// root's widget (see Element::BoundsInWidget()). No guarantee is made about
// their correlation with the bounds of the video frame as displayed in the
// presentation layer. The returned bounds are also not guaranteed to
// correspond to the result of returned video frame.
virtual void RequestVideoFrameAtWithBoundsHint(
const gfx::Point& location,
const gfx::Size& max_size,
int max_area,
base::OnceCallback<void(const SkBitmap&, const gfx::Rect&)> callback) = 0;
// Creates a Network Service-backed factory from appropriate |NetworkContext|.
//
// If this returns true, any redirect safety checks should be bypassed in
// downstream loaders. (This indicates that a layer above //content has
// wrapped `default_factory_receiver` and may inject arbitrary redirects - for
// example see WebRequestAPI::MaybeProxyURLLoaderFactory.)
//
// The parameters of the new URLLoaderFactory will be based on the current
// state of `this` RenderFrameHost. For example, the
// `request_initiator_origin_lock` parameter will be based on the last
// committed origin (or on the origin of the initial empty document if one is
// currently hosted in the frame).
virtual bool CreateNetworkServiceDefaultFactory(
mojo::PendingReceiver<network::mojom::URLLoaderFactory>
default_factory_receiver) = 0;
// Requests that future URLLoaderFactoryBundle(s) sent to the renderer should
// use a separate URLLoaderFactory for requests initiated by isolated worlds
// listed in |isolated_world_origins|. The URLLoaderFactory(s) for each
// origin will be created via
// ContentBrowserClient::CreateURLLoaderFactoryForNetworkRequests method.
virtual void MarkIsolatedWorldsAsRequiringSeparateURLLoaderFactory(
const base::flat_set<url::Origin>& isolated_world_origins,
bool push_to_renderer_now) = 0;
// Returns true if the given sandbox flag |flags| is in effect on this frame.
// The effective flags include those which have been set by a
// Content-Security-Policy header, in addition to those which are set by the
// embedding frame.
virtual bool IsSandboxed(network::mojom::WebSandboxFlags flags) = 0;
// Calls |FlushForTesting()| on Network Service and FrameNavigationControl
// related interfaces to make sure all in-flight mojo messages have been
// received by the other end. For test use only.
//
// It is usually an error to call this method when the frame doesn't have any
// NetworkService connection. OTOH, tests that can't easily tell when this
// may happen can set `do_nothing_if_no_network_service_connection` to true
// (this should be needed relatively rarely).
virtual void FlushNetworkAndNavigationInterfacesForTesting(
bool do_nothing_if_no_network_service_connection) = 0;
using PrepareForInnerWebContentsAttachCallback =
base::OnceCallback<void(RenderFrameHost*)>;
// This API is used to provide the caller with a RenderFrameHost which is safe
// for usage in WebContents::AttachToOuterWebContentsFrame API. The final
// frame returned with |callback| will share the same FrameTreeNodeId with
// this RenderFrameHost but might not necessarily be the same RenderFrameHost.
// IMPORTANT: This method can only be called on a child frame. It does not
// make sense to attach an inner WebContents to the outer WebContents main
// frame.
// Essentially, this method will:
// 1- Dispatch beforeunload event on this frame and all of the frame's
// subframes, and wait for all beforeunload events to complete.
// 2- Will create and return a new RenderFrameHost (destroying this one) if
// this RenderFrameHost is a cross-process subframe. (Note: This might not
// be needed anymore now that MimeHandlerView's embedded case uses the
// same code path as the full page case. See https://crbug.com/1398111).
// After steps 1-2 are completed, the callback is invoked asynchronously with
// the RenderFrameHost which can be safely used for attaching. This
// RenderFrameHost could be different than |this| which is the case if this
// RenderFrameHost is for a cross-process frame. The callback could also be
// invoked with nullptr. This happens if:
// 1- This frame has beforeunload handlers under it and the user decides to
// remain on the page in response to beforeunload prompt.
// 2- Preparations happened successfully but the frame was somehow removed (
// e.g. parent frame detached).
virtual void PrepareForInnerWebContentsAttach(
PrepareForInnerWebContentsAttachCallback callback) = 0;
// Returns the type of frame owner element for the FrameTreeNode associated
// with this RenderFrameHost (e.g., <iframe>, <object>, etc). Note that it
// returns blink::FrameOwnerElementType::kNone if the RenderFrameHost
// is a main frame.
virtual blink::FrameOwnerElementType GetFrameOwnerElementType() = 0;
// Returns the transient bit of the User Activation v2 state of the
// FrameTreeNode associated with this RenderFrameHost.
virtual bool HasTransientUserActivation() = 0;
// Notifies the renderer of a user activation event for the associated frame.
// The |notification_type| parameter is used for histograms only.
virtual void NotifyUserActivation(
blink::mojom::UserActivationNotificationType notification_type) = 0;
// Reloads the frame. It initiates a reload but doesn't wait for it to finish.
// In some rare cases, there is no history related to the frame, nothing
// happens and this returns false.
virtual bool Reload() = 0;
// Returns true if this frame has fired DOMContentLoaded.
virtual bool IsDOMContentLoaded() = 0;
// Update whether the frame is considered an ad frame by Ad Tagging.
//
// Note: This ad status is currently maintained and updated *outside* content.
// This is used to ensure the render frame proxies are in sync (since they
// aren't exposed in the public API). Eventually, we might be able to simplify
// this somewhat (maybe //content would be responsible for maintaining the
// state, with some content client method used to update it).
virtual void UpdateIsAdFrame(bool is_ad_frame) = 0;
// Tells the host that this is part of setting up a WebXR DOM Overlay. This
// starts a short timer that permits entering fullscreen mode, similar to a
// recent orientation change.
virtual void SetIsXrOverlaySetup() = 0;
// Returns the UKM source id for the page load (last committed cross-document
// non-bfcache navigation in the outermost main frame).
// This id typically has an associated PageLoad UKM event.
// Note: this can be called on any frame, but this id for all subframes or
// fenced frames is the same as the id for the outermost main frame.
// Should not be called while prerendering as our data collection policy
// disallow recording UKMs until the page activation.
// See //content/browser/preloading/prerender/README.md#ukm-source-ids for
// more details to record UKMS for prerendering.
virtual ukm::SourceId GetPageUkmSourceId() = 0;
// Report an inspector issue to devtools. Note that the issue is stored on the
// browser-side, and may contain information that we don't want to share
// with the renderer.
// TODO(crbug.com/40134294): This reporting should be done directly in the
// chrome layer in the future.
virtual void ReportInspectorIssue(blink::mojom::InspectorIssueInfoPtr) = 0;
// Returns whether a document uses WebOTP. Returns true if a WebOTPService is
// created on the document.
virtual bool DocumentUsedWebOTP() = 0;
using TraceProto = perfetto::protos::pbzero::RenderFrameHost;
// Write a description of this RenderFrameHost into the provided |context|.
virtual void WriteIntoTrace(
perfetto::TracedProto<TraceProto> context) const = 0;
// Start/stop event log output from WebRTC on this RFH for the peer connection
// identified locally within the RFH using the ID `lid`.
virtual void EnableWebRtcEventLogOutput(int lid, int output_period_ms) = 0;
virtual void DisableWebRtcEventLogOutput(int lid) = 0;
// Return true if onload has been executed in the renderer in the main frame.
virtual bool IsDocumentOnLoadCompletedInMainFrame() = 0;
// Returns the raw list of favicon candidates as reported to observers via
// since the last navigation start. If called on a subframe, returns the
// value from the corresponding main frame.
virtual const std::vector<blink::mojom::FaviconURLPtr>& FaviconURLs() = 0;
// Fetch the link-rel canonical URL from the renderer process. This is used
// for sharing to external applications. Note that this URL is validated only
// to contain HTTP(s) URLs, but may be cross-origin. Should not be considered
// trustworthy.
virtual void GetCanonicalUrl(
base::OnceCallback<void(const std::optional<GURL>&)> callback) = 0;
// Fetch the OpenGraph metadata from the renderer process. The returned data
// has only been validated as follows:
// * Contained URLs are web schemes, not other schemes
// Any other properties you want, you'll need to check yourself.
virtual void GetOpenGraphMetadata(
base::OnceCallback<void(blink::mojom::OpenGraphMetadataPtr)>) = 0;
// Returns true if the last navigation in this RenderFrameHost has committed
// an error document that is a placeholder document installed when the
// navigation failed or was blocked, containing an error message like "This
// site can’t be reached".
// This can't be called for pending commit RFH because the value is set
// during call to RenderFrameHostImpl::DidNavigate which happens after commit.
virtual bool IsErrorDocument() const = 0;
// Return checked and weak references, respectively, to the current document
// in this RenderFrameHost, which will be no longer valid once the
// RenderFrameHost is deleted or navigates to another document.
virtual DocumentRef GetDocumentRef() = 0;
virtual WeakDocumentPtr GetWeakDocumentPtr() = 0;
// Enable Mojo JavaScript bindings in the renderer process. It will be
// effective on the first creation of script context after the call is made.
// If called at frame creation time (RenderFrameCreated) or just before a
// document is committed (ReadyToCommitNavigation), the resulting document
// will have the JS bindings enabled.
//
// If |features| is nullptr, only MojoJs will be enabled. Otherwise |features|
// enables a set of additional features that can be used with MojoJs. For
// example, helper methods for MojoJs to better work with Web API objects.
virtual void EnableMojoJsBindings(mojom::ExtraMojoJsFeaturesPtr features) = 0;
// Whether the current document is loaded inside iframe credentialless.
// Updated on every cross-document navigation.
virtual bool IsCredentialless() const = 0;
// Whether the last cross-document committed navigation was initiated from the
// browser (e.g. typing on the location bar) or from the renderer while having
// transient user activation
virtual bool IsLastCrossDocumentNavigationStartedByUser() const = 0;
// Returns NavigationHandles to pending-commit cross-document navigations.
// These navigations occur when the final RenderFrameHost for the navigation
// has been picked, the NavigationHandle ownership has been transferred
// to it, the CommitNavigation IPC has been sent to the renderer, and the
// navigation is waiting for the DidCommitNavigation acknowledgement. For
// more information on how these cross-document navigations are determined,
// refer to LifecycleState::kPendingCommit.
virtual std::vector<base::SafeRef<NavigationHandle>>
GetPendingCommitCrossDocumentNavigations() const = 0;
// Checks Blink runtime-enabled features (BREF) to create and return
// a CookieSettingOverrides pertaining to the last committed document in the
// frame. Can only be called on a frame with a committed navigation.
virtual net::CookieSettingOverrides GetCookieSettingOverrides() = 0;
// Whether a same-site navigation that happens when this RenderFrameHost is
// the current RenderFrameHost should initiate a RenderFrameHost change, due
// to RenderDocument. the result may differ depending on whether the
// RenderFrameHost is a main/local root/non-local-root frame, whether it has
// committed any navigations or not, and whether it's a crashed frame that
// must be replaced or not.
virtual bool ShouldChangeRenderFrameHostOnSameSiteNavigation() const = 0;
// The embedder calls this method when a prediction model believes that the
// user is likely to click on an anchor element and wants to report the
// likelihood of the click. The `score` is the probability that a user will
// click on the `url`, and it is a value between 0 and 1.
virtual void OnPreloadingHeuristicsModelDone(const GURL& url,
float score) = 0;
// Checks if `seqno` is known to have originated from this RFH. This will only
// return true if `seqno` represents the last clipboard write made by all
// RFHs.
virtual bool IsClipboardOwner(
ui::ClipboardSequenceNumberToken seqno) const = 0;
// Marks `seqno` as originating from this RFH.
virtual void MarkClipboardOwner(ui::ClipboardSequenceNumberToken seqno) = 0;
// Returns true if RenderFrameHostImpl has non-null PolicyContainerHost.
// TODO(crbug.com/346386726): Delete this method once we have solidified the
// lifetime expectations of the PolicyContainerHost object.
virtual bool HasPolicyContainerHost() const = 0;
private:
// This interface should only be implemented inside content.
friend class RenderFrameHostImpl;
RenderFrameHost() = default;
};
} // namespace content
#endif // CONTENT_PUBLIC_BROWSER_RENDER_FRAME_HOST_H_