-
Notifications
You must be signed in to change notification settings - Fork 473
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
alloy: Include built-in Chrome isolated origins #3672
Comments
I don't think there's anything that we need to add here for Alloy. The chrome.google.com and chromewebstore.google.com URLs are for the extensions webstore (code here), which is not supported by Alloy. The accounts.google.com URL is for Gaia (code here), which is not supported by Alloy. Any additional internal isolated origins (code here) would only be included in Google Chrome branded builds in any case. |
From my understanding they are isolated by default in site-per-process mode anyway. Chrome may force isolation policy for specific origins when browser runs in less restricted mode, but it is what is not recommended, and by so there is no need add any origins explicitly. |
The underlying issue appears to be resolved by switching to the |
Thanks for the update. |
Describe the bug
The alloy runtime doesn't set the default
built-in
isolated origins likeChrome
(and theChrome Runtime
).Loading
chrome://process-internals/#site-isolation
inChrome
vscefclient
and you'll see there's no default isolations specifiedif you run with
cefclient.exe --enable-chrome-runtime
then the same isolations thatChrome
uses are set as default.To Reproduce
Steps to reproduce the behaviour:
cefclient.exe
chrome://process-internals/#site-isolation
Steps to compare difference in Chrome Runtime:
cefclient.exe --enable-chrome-runtime
chrome://process-internals/#site-isolation
built-in
Expected behavior
It would be nice if the alloy runtime had the same behaviour as the
Chrome
runtime.Screenshots
Loading
chrome://process-internals/#site-isolation
inChrome
I seeIn the
CEF Sample Application (cefclient)
it looks likeVersions (please complete the following information):
Additional context
https://source.chromium.org/chromium/chromium/src/+/main:docs/process_model_and_site_isolation.md;l=205?q=built-in%20isolate-origins&ss=chromium%2Fchromium%2Fsrc
The
Chrome
doco suggests that implementingContentBrowserClient::GetOriginsRequiringDedicatedProcess
to provide a list of isolated origins.You can use the
--isolate-origins
command line arg to workaround the difference.The text was updated successfully, but these errors were encountered: