CefSharedProcessMessageBuilder supports creation of a CefProcessMessage
backed by a CefSharedMemoryRegion.
Performance tests comparing the existing ArgumentList approach and the new
SharedMemoryRegion approach have been added to cefclient at
http://tests/ipc_performance.
CefMessageRouter has been updated to use SharedMemoryRegion as transport
for larger message payloads. The threshold is configurable via
|CefMessageRouterConfig.message_size_threshold|.
To test:
run `ceftests --gtest_filter=SendSharedProcessMessageTest.*:SharedProcessMessageTest.*:MessageRouterTest.Threshold*`
Popup windows will be created on the display that best matches the requested
coordinates. The requested size will apply to the content area (as required by
JS documentation) and window size will be reduced if necessary to fit within the
target display. The requested origin will apply to the window (including frame)
and will be modified if necessary so that the window is fully visible on the
target display.
This change does not implement popup positioning for cefclient which uses an
application-created parent window.
This change grants access to the getScreenDetails JS API without user prompt.
- Windows: SDK version 10.0.20348.0 is now required.
- MacOS: SDK version 12.3 (Xcode 13.3) is now required.
- Legacy swiftshader binaries (`swiftshader/*` on Win/Linux and
`libswiftshader_*.dylib` on MacOS) have been removed (see issue #3176).
This was causing early access to ResourceBundle on the main thread (via
webui::GetFontFamily) which resulted in crashes on Linux when running
with multi-threaded-message-loop.
All file dialogs irrespective of source, platform and runtime will now be
routed through CefFileDialogManager and trigger CefDialogHandler callbacks
(see issue #3293).
Adds Chrome runtime support for CefBrowserHost::RunFileDialog and
CefDialogHandler callbacks.
Adds Alloy runtime support for internal GTK file and print dialogs on Linux
subject to the following limitations:
1. Internal GTK implementation:
- Cannot be used with multi-threaded-message-loop because Chromium's
internal GTK implementation is not thread-safe (does not use GDK threads).
- Dialogs will not be modal to application windows when used with off-screen
rendering due to lack of access to the client's top-level GtkWindow.
2. Cefclient CefDialogHandler implementation:
- Cannot be used with Views because it requires a top-level GtkWindow.
Due to the above limitations no dialog implementation is currently provided for
Views + multi-threaded-message-loop on Linux. In cases where both
implementations are supported the cefclient version is now behind an optional
`--use-client-dialogs` command-line flag.
Expressly forbids multiple simultaneous file dialogs with the internal platform
implementation which uses modal dialogs. CefDialogHandler will still be notified
and can optionally handle each request without a modal dialog (see issue #3154).
Removes some RunFileDialog parameters that are not supported by the Chrome file
dialog implementation (selected_accept_filter parameter, cef_file_dialog_mode_t
overwrite/read-only flags).
Switch to using aura::CursorLoader which knows how to load system, non-system
and pak cursor resources.
On Windows, cursors will be loaded via LoadCursor first if available with a
fallback to pak file if necessary (like with component builds).
On Linux, all non-system cursor resources will be loaded from pak file. Cursors
may be loaded asynchronously resulting in the default (pointer) cursor being
returned on the first request.
This change provides a generic solution for active (key) window tracking that
works with both Views-hosted and native windows on MacOS. With this new approach
we can now successfully route top menu actions to the currently active window.
Prior to this change CEF's Views API was using focus notifications as a proxy
for window activation notifications. That doesn't work on MacOS where NSWindow
activation (key status) is independent of NSView focus (first responder) status,
and changes in activation don't necessarily generate focus notifications (see
NativeWidgetMac::OnWindowKeyStatusChanged). To make this work reliably on all
platforms we now expose a CefWindowDelegate::OnWindowActivationChanged callback.
This change also fixes an uninitialized variable
(RootWindowMacImpl::with_extension_) that was causing flaky behavior in
RootWindowManager::OnRootWindowActivated.
To test:
1. Run `cefclient [--use-views]`
2. Select Popup Window from the Tests menu. Do not explicitly activate the popup
window (e.g. don't click on it).
3. Verify that further Tests menu actions go to the popup window.
4. Change activation to a first window by clicking on it. Verify that Test
menu actions go to that window.
5. Close the currently active window. Do not explicitly activate the remaining
window (e.g. don't click on it).
6. Verify that Test menu actions go to the only remaining window.
Popup windows will be created on the display that best matches the requested
coordinates. The requested size will apply to the content area (as required by
JS documentation) and window size will be reduced if necessary to fit within the
target display. The requested origin will apply to the window (including frame)
and will be modified if necessary so that the window is fully visible on the
target display.
When using a Views-hosted browser window the client receives Views-related
callbacks for popups and can thereby customize the Views-hosted popup behavior.
When using an external parent window no Views-related callbacks are delivered
and customization options are restricted to providing a new parent handle via
OnBeforePopup. Consequently, we should default to a normal browser window in
the external parent case instead of the very minimial Views-hosted default.
To test (A):
1. Run `cefclient --use-default-popup --enable-chrome-runtime --use-native`
2. Select Tests > Popup Window
3. Get a normal Chrome browser window
To test (B):
1. Run `cefclient --use-default-popup [--enable-chrome-runtime] [--use-views]`
2. Select Tests > Popup Window
3. Get a native or Views-hosted browser window with title bar only
This change adds a `--use-default-popup` command-line option to cefclient. When
specified, popup windows will be created with default styling (e.g. without an
application-provided native parent window).
This change also adds some reasonable default window bounds in cases where they
are not specified by the client.
This change adds Chrome runtime support on Windows and Linux for creating a
browser parented to a native window supplied by the client application.
Expected API usage and window behavior is similar to what already exists with
the Alloy runtime. The parent window handle should be specified by using
CefWindowInfo::SetAsChild in combination with the CefBrowserHost::CreateBrowser
and CefLifeSpanHandler::OnBeforePopup callbacks.
The previously existing behavior of creating a fully-featured Chrome browser
window when empty CefWindowInfo is used with CreateBrowser remains unchanged
and Views is still the preferred API for creating top-level Chrome windows
with custom styling (e.g. title bar only, frameless, etc).
The cefclient Popup Window test with a native parent window continues to crash
on Linux with both the Alloy and Chrome runtimes (see issue #3165).
Also adds Chrome runtime support for CefDisplayHandler::OnCursorChange.
To test:
- Run `cefclient --enable-chrome-runtime [--use-views]` for the default (and
previously existing) Views-based behavior.
- Run `cefclient --enable-chrome-runtime --use-native` for the new native
parent window behavior.
- Run `cefclient --enable-chrome-runtime --use-native --no-activate` and the
window will not be activated (take input focus) on launch (Windows only).
- Run `cefclient --enable-chrome-runtime [--use-views|--use-native]
--mouse-cursor-change-disabled` and the mouse cursor will not change on
mouseover of DOM elements.
With same-site BFCache enabled every navigation can now potentially be served
via the BFCache. To support this internally a new top-level RenderFrame object
may be created for each new navigation. As a result, OnBrowserCreated may now
be called multiple times with the same browser ID in a given renderer process
(a behavior previously only seen with cross-site navigations and different
renderer processes).
BFCache navigations do not trigger the same Chromium notifications as a normal
load. To avoid breaking CEF API usage expectations we now synthetically
generate the load-related callbacks that would otherwise be missing
(OnLoadingStateChange with isLoading=true, OnLoadStart, OnLoadEnd). The
|httpStatusCode| argument to OnLoadEnd will be 0 in this case.
To test:
- Run `FrameHandlerTest.*:MessageRouterTest.*:NavigationTest.*`
- Run `NavigationTest.LoadSameOriginLoadURL` for OnBrowserCreated behavior.
- Run `NavigationTest.History` for load-related callback behavior.
This change configures session restore behavior for the NEXT application
restart by setting the "session.restore_on_startup" preference based on the
[CefSettings|CefRequestContextSettings].persist_session_cookies value.
This change adds a CefDownloadHandler::CanDownload callback for optionally
blocking user-initiated downloads (e.g. alt + link click or link click that
returns a `Content-Disposition: attachment` response from the server).
To test:
- Run `ceftests --gtest_filter=DownloadTest.*`.
- Run `cefclient --hide-controls`. User-initiated downloads will be blocked.
This change adds a CefCommandHandler::OnChromeCommand callback for optionally
handling Chrome commands triggered via menus or keyboard shortcuts. Supported
command IDs are listed in a new cef_command_ids.h header file.
To test: Run `cefclient --enable-chrome-runtime --hide-controls`. Most commands
will blocked and removed from context menus.
This change adds `CefBrowserSettings.chrome_status_bubble` for controlling
whether the Chrome status bubble will be used.
Testable in cefclient by passing the `--hide-chrome-status-bubble`
command-line flag.
Create a CefFileSystemDelegate based on the ShellFileSystemDelegate placeholder
implementation. An actual implementation will still be required to properly
support this download functionality.
This functionality stopped being relevant after the removal of Flash support
in January 2021. The last remaining PPAPI plugin (PDF viewer) will switch to
a non-plugin implementation (PdfUnseasoned) in M100.
The mojo channel used for frame communication may disconnect for a variety of
reasons including frame navigation, frame destruction, or insertion into the
BackForwardCache (when the browser-side frame representation is destroyed and
closes the connection). When disconnect occurs we now evaluate the situation
and reconnect if appropriate.
Connections are now initiated solely from the renderer process and the
RenderFrame is passed as an argument to FrameAttached() instead of being
retrieved independently. Messages are queued while the frame is disconnected
and sent only after FrameAttachedAck() is received from the browser process.
The renderer process will be crashed intentionally with a "connection retry
failure" message if the reconnect fails 3 times in a row.
Fixes a shutdown crash due to `ExtensionsBrowserClient::Set(nullptr)` being
called too early. Some code that may occasionally be triggered via
`content::ContentMainShutdown()` is expecting the extensions objects to still
be valid.
This new ownership pattern matches the code in chrome/.
URLLoaderNetworkServiceObserver is used for routing certificate and
authentication callbacks from the NetworkService to the associated
StoragePartition instance. With request interception enabled this object was
previously only assigned for the initial request. This change adds assignment
for restarted/redirected requests as well.
With PdfUnseasoned the PDF file will be loaded in a dedicated renderer process.
We identify this process by adding the kPdfRenderer command-line flag (similar
to how kExtensionProcess is used to identify an extension renderer process). We
then avoid calling GetNewBrowserInfo for the PDF renderer process because we
know the request will otherwise time out.
We need to override ChromeMimeHandlerViewGuestDelegate to handle
OnGuestAttached/Detached callbacks in order to account for the guest renderer
process hosting the PDF extension.
Additional work will be required to account for the renderer process hosting the
PDF viewer when using `--enable-features=PdfUnseasoned` (see issue #2969).
Browser windows created via CefBrowserHost::CreateBrowser should be shown at
creation time. These windows receive default Chromium styling, unlike
CefBrowserView windows which may contain other client-specified Views and
where show state can be configured via CefWindowDelegate::GetInitialShowState
or by calling CefWindow::Show.
- Remove CefRequestContextHandler::OnBeforePluginLoad and
CefRequestContext::PurgePluginListCache (fixes issue #3047). These methods
stopped being relevant after the removal of Flash support in January 2021.
The last remaining PPAPI plugin (PDF viewer) will switch to a non-plugin
implementation in the near future (see https://crbug.com/702993#c58) and
functionality related to plugin filtering has already been removed in
https://crrev.com/343ae351c9.
Fixes the following error:
Check failed: !pending_frame_callback_. Got overlapping IssueExternalBeginFrame
To test:
Run `cefclient --off-screen-rendering-enabled --external-begin-frame-enabled`
on Windows without crashing.
The `--disable-request-handling-for-testing` command-line flag would previously
disable handling of all schemes, including custom schemes and internal schemes
such as devtools.
This removes CefSettings.ignore_certificate_errors and
CefBrowserSettings.ignore_certificate_errors. Due to NetworkService
requirements these values must now be configured globally via the
"ignore-certificate-errors" command-line flag.
This removes CefBrowserSettings.universal_access_from_file_urls and
CefBrowserSettings.file_access_from_file_urls. Due to NetworkService
requirements these values must now be configured globally via command-line
flags ("allow-universal-access-from-files" and "allow-file-access-from-files"
respectively).
Also remove the kAllowFileAccessFromFileUrls switch in CEF which duplicates
the existing kAllowFileAccessFromFiles switch in Chromium (see issue #1785).
AppCache is deprecated in favor of Service Workers and support will be
fully removed soon (~M95). See https://web.dev/appcache-removal/.
Also add missing "allow-file-access-from-files" command-line switch for
CefBrowserSettings.file_access_from_file_urls.
This causes a race related to |notification_state_lock_| assignment when
GetMainFrame is called from multiple threads. GetMainFrame doesn't
trigger any notifications so it shouldn't need that lock. Instead, only
use NotificationStateLock on the UI thread.
When BackForwardCache is enabled and the user navigates the main frame
back/forward a new RFH may be created for an existing main frame GlobalId value
and CefFrameHostImpl (e.g. an object that was previously Detach()ed after main
frame navigation called SetMainFrame, but for which RenderFrameDeleted was not
subsequently called due to insertion in the BackForwardCache). In this case we
can re-attach the new RFH to the existing main frame CefFrameHostImpl in
RenderFrameHostStateChanged and resume processing of messages.
Swapping back/forward to an existing (already loaded) renderer does not trigger
new notifications for draggable regions (e.g. RenderFrameObserver::
DraggableRegionsChanged is not called by default). We therefore explicitly
request an update of draggable regions by sending the DidStopLoading message to
the renderer.
A new |reattached| parameter is added to CefFrameHandler::OnFrameAttached to
support identification of BackForwardCache usage by the client.
To test with unit tests:
Run `ceftests --gtest_filter=DraggableRegionsTest.DraggableRegionsCrossOrigin
--enable-features=BackForwardCache`
To test manually:
1. Run `cefclient --enable-features=BackForwardCache --use-views
--url=http://tests/draggable`, note that draggable regions work.
2. Load https://www.google.com via the address bar, note that draggable regions
are removed.
3. Go back to http://tests/draggable, note that draggable regions work.
4. Go forward to https://www.google.com, note that draggable regions are
removed.
BackForwardCache is currently being tested via field trials (see
https://crbug.com/1171298) and can be explicitly disabled using the
`--disable-back-forward-cache` or `--disable-features=BackForwardCache`
command-line flags. The default behavior now matches the Chrome runtime.
To test:
Run `cefclient.exe --use-views --hide-frame --hide-controls`
Add `--enable-chrome-runtime` for the same behavior using the Chrome location
bar instead of a text field.
With the introduction of prerendering in Chromium it is now possible for
RenderFrameHosts (RFH) to move between FrameTrees. As a consequence we can no
longer rely on FrameTreeNode IDs to uniquely identify a RFH over its lifespan.
We must now switch to using GlobalRenderFrameHostId (child_id, frame_routing_id)
instead for that purpose. Additionally, we simplify existing code by using the
GlobalRenderFrameHostId struct in all places that previously used a
(render_process_id, render_frame_id) pair, since these concepts are equivalent.
See https://crbug.com/1179502#c8 for additional background.
Widevine CDM binaries will be downloaded on supported platforms shortly after
application startup. Widevine support will then become available within a few
seconds after successful installation on Windows or after the next application
restart on other platforms. The CDM files will be downloaded to a "WidevineCdm"
directory inside the `CefSettings.user_data_path` directory.
Pass the `--disable-component-update` command-line flag to disable Widevine
download and installation. Pass the `--component-updater=fast-update` command-
line flag to force Widevine download immediately after application startup.
See the related issue for additional usage details.
When BackForwardCache is enabled the old RFH tree may be cached instead of being
immediately deleted as a result of main frame navigation. If a RFH is cached
then delivery of the CefFrameHandler::OnFrameDetached callback will be delayed
until the the RFH is ejected from the cache (possibly not occurring until the
browser is destroyed). This change in OnFrameDetached timing was causing
FrameHandlerTest.OrderSubCrossOrigin* to fail, and the inclusion of cached
frames in CefBrowserInfo::GetAllFrames was causing
FrameTest.NestedIframesDiffOrigin to fail.
BackForwardCache is currently being tested via field trials (see
https://crbug.com/1171298) and can be explicitly disabled using the
`--disable-back-forward-cache` or `--disable-features=BackForwardCache`
command-line flags.
- Convert scoped_ptr to std::unique_ptr from <memory>
- Convert arraysize to base::size from include/base/cef_cxx17_backports.h
- Convert NULL to nullptr
- Include include/base/cef_callback.h instead of include/base/cef_bind.h
- Implicit conversion of CefRefPtr<T> or scoped_refptr<T> to T* is gone;
use .get() instead
See the issue for additional details.
This change adds a minimal implementation of the |tabs.update| extension API and
modifies StreamsPrivateAPI::SendExecuteMimeTypeHandlerEvent to return a valid
|streamInfo.tabId| value as required by the navigateInCurrentTab implementation
in chrome/browser/resources/pdf/browser_api.js.
See the new cef_frame_handler.h for complete usage documentation.
This change includes the following related enhancements:
- The newly added CefBrowser::IsValid method will return false (in the browser
process) after CefLifeSpanHandler::OnBeforeClose is called.
- CefBrowser::GetMainFrame will return a valid object (in the browser process)
until after CefLifeSpanHandler::OnBeforeClose is called.
- The main frame object will change during cross-origin navigation or
re-navigation after renderer process termination. During that time,
GetMainFrame will return the new/pending frame (in the browser process) and
any messages that arrive for the new/pending frame will be correctly
attributed in OnProcessMessageReceived.
- Commands to be executed in the renderer process that may fail during early
frame initialization (ExecuteJavaScript, LoadRequest, etc.) will now be
queued until after the JavaScript context for the frame has been created.
- Logging has been added for any commands that are dropped because they arrived
after frame detachment.
A reference to a received CefProcessMessage object and/or associated argument
list can now be kept outside of the OnProcessMessageReceived callback. The
argument list is no longer explicitly owned by the CefProcessMessage object
and can be individually assigned to other CefValue types as needed (e.g. by
passing to SetList, etc). Depending on client usage this could reduce the
potential for unnecessary copies of the list contents.
Received messages can also be sent back using SendProcessMessage (after which
the CefProcessMessage would become invalid as discussed in issue #3123). This
is not new behavior but we have now added explicit unit test coverage for it.
This also no longer requires a copy of the argument list contents.
Note that a received argument list is initially read-only for logical
consistency. Assignment to another CefValue object could potentially remove
the read-only status because it is not an intrinsic property of the underlying
Chromium data type. This is fine because, at that point, ownership has been
transfered to the new CefValue object and the original logical context (as
part of the CefProcessMessage) no longer applies.
When navigating cross-origin a speculative RenderFrameHost (RFH) and
CefFrameHostImpl is created in the browser process for the new frame object
created in a new renderer process. The FrameAttached message then arrives for
the speculative RFH, and as a consequence interfaces are bound between the new
CefFrameHostImpl and the speculative RFH. If the pending navigation commits
then the existing RFH will be replaced with the previously speculative RFH.
Since interfaces are already bound we must keep the new CefFrameHostImpl. This
means that frame objects (including for the main frame) will now always change
after cross-origin navigation, and the old frame object will be invalidated.
This change introduces a few minor CEF API behavior changes:
- A CefProcessMessage object cannot be reused after being passed to
SendProcessMessage.
- The |extra_info| argument to CefRenderProcessHandler::OnBrowserCreated may
now be NULL.
Where appropriate, we now utilize the default UTF string encoding format and
shared memory to reduce copies and conversions for the cross-process
transfer of arbitrary-length strings. For example, CefFrame::GetSource/GetText
now involves zero UTF conversions and zero copies in the browser process for
the CefString delivered to CefStringVisitor::Visit().
Restore the async CreateBrowser behavior that existed prior to commit 691c9c2
because executing synchronously (for example, from inside OnContextInitialized)
causes issues on MacOS and possibly other platforms.
This change adds support for CEF settings configuration of accept_language_list.
If specified, this value will take precedence over the "intl.accept_languages"
preference which is controlled by chrome://settings/languages.
With the Chrome runtime, Profile initialization may be asynchronous. Code that
waited on CefBrowserContext creation now needs to wait on CefBrowserContext
initialization instead.
The policy->CanAccessDataForOrigin CHECK in NavigationRequest::
GetOriginForURLLoaderFactory was failing because unregistered schemes
(which are already considered non-standard schemes) didn't trigger the
registered non-standard scheme allowance that we previously added in
ChildProcessSecurityPolicyImpl::CanAccessDataForOrigin. This change
modifies GetOriginForURLLoaderFactory to always return an opaque/unique
origin for non-standard schemes resulting in unregistered and non-standard
schemes receiving the same treatment.
New test coverage has been added for this condition, and can be run with:
ceftests --gtest_filter=CorsTest.*CustomUnregistered*
The Chrome runtime requires that cookieable scheme information be available
at Profile initialization time because it also triggers NetworkContext creation
at the same time. To make this possible, and to avoid various race conditions
when setting state, the cookieable scheme configuration has been added as
|cookieable_schemes_list| and |cookieable_schemes_exclude_defaults| in
CefSettings and CefBrowserContextSettings. The CefCookieManager::
SetSupportedSchemes and CefBrowserProcessHandler::GetCookieableSchemes methods
are no longer required and have been removed.
This change also modifies chrome to delay OffTheRecordProfileImpl initialization
so that |ChromeBrowserContext::profile_| can be set before
ChromeContentBrowserClientCef::ConfigureNetworkContextParams calls
CefBrowserContext::FromBrowserContext to retrieve the ChromeBrowserContext
and associated cookieable scheme information. Otherwise, the
ChromeBrowserContext will not be matched and the NetworkContext will not be
configured correctly.
The CookieTest suite now passes with the Chrome runtime enabled.
The server thread was not guaranteed to be released in the correct scope on
CEF shutdown. This resulted in occasional thread_restrictions assertions on
ceftests shutdown after running the URLRequestTest suite with the Chrome
runtime enabled.
Marshall Greenblatt
Nik Pavlov
JohnKarel
Joshua Marler
Cristian Amarie
Nick Mueller
Nicolas Dusart
Andy Tzeng
Mathieu Lafon
Shezan Baig
Vladislav
Alex Maitland