This avoids a situation where misbehaving clients may cause the
application to continue running indefinitely by posting new UI
thread tasks after calling CefQuitMessageLoop.
A modal dialog is a child CefWindow that implements some special behaviors
relative to a parent CefWindow. Like any CefWindow it can be framed with
titlebar or frameless, and optionally contain draggable regions (subject to
platform limitations described below). Modal dialogs are shown centered on
the parent window (inside a single display) and always stay on top of the
parent window in z-order. Sizing behavior and available window buttons are
controlled via the usual CefWindowDelegate callbacks. For example, the dialog
can have a preferred size with resize, minimize and maximize disabled (via
GetPreferredSize, CanResize, CanMinimize and CanMaximize respectively).
This change adds support for two modality modes. With window modality all
controls in the parent window are disabled. With browser modality only the
browser view in the parent window is disabled.
Both modality modes require that a valid parent window be returned via
GetParentWindow. For window modality return true from IsWindowModalDialog
and call CefWindow::Show. For browser modality return false from
IsWindowModalDialog (the default value) and call
CefWindow::ShowAsBrowserModalDialog with a reference to the parent window's
browser view.
Window modal dialog behavior depends on the platform. On Windows and
Linux these dialogs have a titlebar and can be moved independent of the
parent window. On macOS these dialogs do not have a titlebar, move with
the parent window, and do not support draggable regions (because they are
implemented using sheets). On Linux disabling the parent window controls
requires a window manager the supports _NET_WM_STATE_MODAL.
Browser modal dialog behavior is similar on all platforms. The dialog will
be automatically sized and positioned relative to the parent window's
browser view. Closing the parent window or navigating the parent browser
view will dismiss the dialog. The dialog can also be moved independent of
the parent window though it will be recentered when the parent window
itself is resized or redisplayed. On MacOS the dialog will move along with
the parent window while on Windows and Linux the parent window can be moved
independently.
To test: Use the Tests > Dialog Window menu option in cefclient with Views
enabled (`--use-views` or `--enable-chrome-runtime` command-line flag).
Browser modal dialog is the default behavior. For window modal dialog add
the `--use-window-modal-dialog` command-line flag.
This change replaces existing CefSettings.user_data_path usage with
CefSettings.root_cache_path for better alignment with the Chrome runtime.
All files should now be written inside the root_cache_path directory.
This adds support for the three-finger-swipe navigation gesture with
Alloy/Views. The default implementation matches the Chrome runtime
and navigates the browser back/forward. We also add an Alloy/Views-
specific client callback in CefBrowserViewDelegate for optional
custom handling of the gesture event.
Use pointers to incomplete struct types. If an argument of a not suitable
type is passed to a function of any string collection,
C compiler will warn:
warning: passing argument 1 of <func> from incompatible pointer type
C++ compiler will raise an error, for example:
error: cannot convert 'cef_string_list_t' ... to 'cef_string_multimap_t'
With the previously used `void*` pointer types, such errors in a code were not
diagnosed.
Initialize the Chrome color mixer so that ColorProvider returns the expected
semi-transparent color for overlay background in video_overlay_window_views.cc
instead of the default opaque red color (kPlaceholderColor).
This is intended for usage with frameless windows that show the standard window
buttons, where resizing the title bar height changes the button offset. Returning a
different value from CefWindowDelegate::GetTitlebarHeight and forcing a resize of
the NSWindow's theme frame (see ViewsWindow::NudgeWindow) will update the
title bar height.
To test:
1. Run `cefclient --use-views --hide-frame --show-window-buttons --url=http://tests/window`
2. Enter a new value for title bar height and click the "Set Titlebar Height" button
This change adds new CefCommandHandler callbacks for optionally hiding
specific Chrome toolbar icons, buttons and app menu items.
To test: Run `cefclient --enable-chrome-runtime --filter-chrome-commands`.
Most icons, buttons and app/context menu items will be hidden.
The CefFrame::CreateURLRequest method is no longer supported in the renderer
process. Usage of this method was already limited to same-origin requests due
to renderer process CORS restrictions, and the underlying Blink API has now
been removed in https://crbug.com/1413912 (M112+).
Existing alternatives include CefURLRequest usage in the browser process, or
JavaScript XMLHttpRequest/fetch API usage in the renderer process.
Frameless windows now display as expected. Default traffic light buttons can
optionally be shown at configurable vertical position. Layout respects text
direction.
Chrome is always loading the primary user profile by default, so with this
change the CEF behavior more accurately reflects reality. Incognito contexts
can still be created explicitly via CefRequestContext::CreateContext.
Prior to this change, the default for the global context was an Incognito
profile based on the primary user profile. That caused request interception
to be bypassed in WillCreateURLLoaderFactory for profiles associated with
the "New window" and "New incognito window" commands. Those profiles, while
also being (or based on) the primary user profile, did not match the specific
Incognito profile assigned to the default global context.
After this change, the "New window" and "New incognito window" commands will
match the default global context when executed on a browser that was created
using the primary user profile.
Note: In current master (based on M111), document PiP partially works when
run with the `--enable-features=DocumentPictureInPictureAPI` command-line
flag. However, the document PiP implementation at this Chromium version is
missing fixes that have already been cherry-picked to the 5563 release
branch. Those fixes will only be available in master after the next Chromium
update (to M112).
The CefSettings cookie scheme configuration will now only impact the global
request context. Custom behavior for other request contexts must now be
configured via CefRequestContextSettings.
- mac: Xcode 14.0 with macOS SDK 13.0 is now required.
- Remove CefRequestHandler::OnQuotaRequest because persistent quota is no
longer supported (see https://crbug.com/1208141)
The cefclient sample app on macOS will persist window state across application
restart if run with cache_path and persist_user_references enabled.
To test:
1. Run `cefclient --cache-path=/path/to/cache --persist-user-preferences`
2. Move or resize the window, maximize, minimize, etc.
3. Exit cefclient.
4. Run cefclient again with the same arguments. The previous window state will
be restored.
The cefclient sample app on Windows will persist window state across application
restart if run with cache_path and persist_user_references enabled.
To test:
1. Run `cefclient --cache-path=/path/to/cache --persist-user-preferences`
2. Move or resize the window, maximize, minimize, etc.
3. Exit cefclient.
4. Run cefclient again with the same arguments. The previous window state will
be restored.
The cefclient sample app will persist window state across application restart
if run with views, cache_path and persist_user_references enabled.
To test:
1. Run `cefclient --use-views --cache-path=/path/to/cache --persist-user-preferences`
2. Move or resize the window, maximize, minimize, etc.
3. Exit cefclient.
4. Run cefclient again with the same arguments. The previous window state will
be restored.
Custom global and request context preferences can now be registered via
CefBrowserProcessHandler::OnRegisterCustomPreferences. CefRequestContext
now extends CefPreferenceManager and global preferences can be accessed
via CefPreferenceManager::GetGlobalPreferenceManager.
Use ScreenWin functions to correctly compute DIP/pixel conversions for
CEF-created top-level windows.
Fix incorrect DIPToScreenRect usage in DesktopWindowTreeHostWin when
|has_external_parent_| is true.
Change the default stack size to 8 MiB for 64-bit and 0.5 MiB for 32-bit.
CEF's main thread needs at least a 1.5 MiB stack size in order to avoid
stack overflow crashes. However, if this is set in the PE file then other
threads get this size as well, leading to address-space exhaustion in 32-bit
CEF. A new CefRunWinMainWithPreferredStackSize function uses fibers to switch
the main thread to a 4 MiB stack (roughly the same effective size as the
64-bit build's 8 MiB stack) before running any other code.
This change additionally moves the existing Windows-only functions
CefSetOSModalLoop and CefEnableHighDPISupport from cef_app.h to cef_win.h.
On Windows these new CefDisplay methods convert between screen pixel coordinates
and screen DIP coordinates. On macOS and Linux these methods just return a copy
of the input coordinates.
This service is required by the "PermissionOnDeviceNotificationPredictions"
feature which is enabled by default in https://crbug.com/1350956. It uses a
Google backend service as described at https://go.dev/solutions/google/chrome.
This change removes the usage of PredictionBasedPermissionUiSelector, which
triggered this dependency, along with related startup complexity that was added
to support the optimization/prediction service in the M106 update.
Send a FrameDetached message from CefFrameHostImpl::Detach before closing
the RenderFrame connection to avoid an immediate reconnect attempt by the
renderer.
When BFCache is disabled the intentionally detached frame will never be
reconnected. When BFCache is enabled the intentionally detached frame will
be reconnected via CefFrameImpl::OnWasShown if/when it exits the cache.
Run with "--vmodule=frame_*=1 --enable-logging=stderr --no-sandbox" on the
command-line to see these log messages from both the browser and renderer
processes.
Disable BackForwardCache globally for the Alloy runtime so that
blink::RuntimeEnabledFeatures::BackForwardCacheEnables reports the
correct value in the renderer process.
DesktopWindowTreeHostWin ("Chrome_WidgetWin_0") focus needs to be set before
the associated call to WebContents::Focus. In the case of mouse click events,
this means ::SetFocus needs to be called explicitly. See updated comments in
CefBrowserPlatformDelegateNativeWin::SetFocus.
DesktopWindowTreeHostWin ("Chrome_WidgetWin_0") focus needs to be set
synchronously in response to the parent window WM_SETFOCUS message and
before the associated call to WebContents::Focus. See updated comments in
CefBrowserPlatformDelegateNativeWin::SetFocus.
Using a source_set here keeps the linker on Windows from discarding exported
compilation units that are not directly called from inside libcef_static.
This may also fix linker errors on Linux due to CEF's use of an intermediate
static library (see https://crbug.com/1319006#c2).
CefSharedProcessMessageBuilder supports creation of a CefProcessMessage
backed by a CefSharedMemoryRegion.
Performance tests comparing the existing ArgumentList approach and the new
SharedMemoryRegion approach have been added to cefclient at
http://tests/ipc_performance.
CefMessageRouter has been updated to use SharedMemoryRegion as transport
for larger message payloads. The threshold is configurable via
|CefMessageRouterConfig.message_size_threshold|.
To test:
run `ceftests --gtest_filter=SendSharedProcessMessageTest.*:SharedProcessMessageTest.*:MessageRouterTest.Threshold*`
Popup windows will be created on the display that best matches the requested
coordinates. The requested size will apply to the content area (as required by
JS documentation) and window size will be reduced if necessary to fit within the
target display. The requested origin will apply to the window (including frame)
and will be modified if necessary so that the window is fully visible on the
target display.
This change does not implement popup positioning for cefclient which uses an
application-created parent window.
This change grants access to the getScreenDetails JS API without user prompt.
When bfcache is disabled use the RenderFrameObserver::DidFinishLoad notification
instead of the DidStopLoading notification that originates from the browser
process. During fast navigation the DidStopLoading notification may arrive in
the renderer after a new navigation has commenced and cause the wrong regions to
be reported.
- Windows: SDK version 10.0.20348.0 is now required.
- MacOS: SDK version 12.3 (Xcode 13.3) is now required.
- Legacy swiftshader binaries (`swiftshader/*` on Win/Linux and
`libswiftshader_*.dylib` on MacOS) have been removed (see issue #3176).
This was causing early access to ResourceBundle on the main thread (via
webui::GetFontFamily) which resulted in crashes on Linux when running
with multi-threaded-message-loop.
All file dialogs irrespective of source, platform and runtime will now be
routed through CefFileDialogManager and trigger CefDialogHandler callbacks
(see issue #3293).
Adds Chrome runtime support for CefBrowserHost::RunFileDialog and
CefDialogHandler callbacks.
Adds Alloy runtime support for internal GTK file and print dialogs on Linux
subject to the following limitations:
1. Internal GTK implementation:
- Cannot be used with multi-threaded-message-loop because Chromium's
internal GTK implementation is not thread-safe (does not use GDK threads).
- Dialogs will not be modal to application windows when used with off-screen
rendering due to lack of access to the client's top-level GtkWindow.
2. Cefclient CefDialogHandler implementation:
- Cannot be used with Views because it requires a top-level GtkWindow.
Due to the above limitations no dialog implementation is currently provided for
Views + multi-threaded-message-loop on Linux. In cases where both
implementations are supported the cefclient version is now behind an optional
`--use-client-dialogs` command-line flag.
Expressly forbids multiple simultaneous file dialogs with the internal platform
implementation which uses modal dialogs. CefDialogHandler will still be notified
and can optionally handle each request without a modal dialog (see issue #3154).
Removes some RunFileDialog parameters that are not supported by the Chrome file
dialog implementation (selected_accept_filter parameter, cef_file_dialog_mode_t
overwrite/read-only flags).
Switch to using aura::CursorLoader which knows how to load system, non-system
and pak cursor resources.
On Windows, cursors will be loaded via LoadCursor first if available with a
fallback to pak file if necessary (like with component builds).
On Linux, all non-system cursor resources will be loaded from pak file. Cursors
may be loaded asynchronously resulting in the default (pointer) cursor being
returned on the first request.
This change provides a generic solution for active (key) window tracking that
works with both Views-hosted and native windows on MacOS. With this new approach
we can now successfully route top menu actions to the currently active window.
Prior to this change CEF's Views API was using focus notifications as a proxy
for window activation notifications. That doesn't work on MacOS where NSWindow
activation (key status) is independent of NSView focus (first responder) status,
and changes in activation don't necessarily generate focus notifications (see
NativeWidgetMac::OnWindowKeyStatusChanged). To make this work reliably on all
platforms we now expose a CefWindowDelegate::OnWindowActivationChanged callback.
This change also fixes an uninitialized variable
(RootWindowMacImpl::with_extension_) that was causing flaky behavior in
RootWindowManager::OnRootWindowActivated.
To test:
1. Run `cefclient [--use-views]`
2. Select Popup Window from the Tests menu. Do not explicitly activate the popup
window (e.g. don't click on it).
3. Verify that further Tests menu actions go to the popup window.
4. Change activation to a first window by clicking on it. Verify that Test
menu actions go to that window.
5. Close the currently active window. Do not explicitly activate the remaining
window (e.g. don't click on it).
6. Verify that Test menu actions go to the only remaining window.
Popup windows will be created on the display that best matches the requested
coordinates. The requested size will apply to the content area (as required by
JS documentation) and window size will be reduced if necessary to fit within the
target display. The requested origin will apply to the window (including frame)
and will be modified if necessary so that the window is fully visible on the
target display.
When using a Views-hosted browser window the client receives Views-related
callbacks for popups and can thereby customize the Views-hosted popup behavior.
When using an external parent window no Views-related callbacks are delivered
and customization options are restricted to providing a new parent handle via
OnBeforePopup. Consequently, we should default to a normal browser window in
the external parent case instead of the very minimial Views-hosted default.
To test (A):
1. Run `cefclient --use-default-popup --enable-chrome-runtime --use-native`
2. Select Tests > Popup Window
3. Get a normal Chrome browser window
To test (B):
1. Run `cefclient --use-default-popup [--enable-chrome-runtime] [--use-views]`
2. Select Tests > Popup Window
3. Get a native or Views-hosted browser window with title bar only
This change adds a `--use-default-popup` command-line option to cefclient. When
specified, popup windows will be created with default styling (e.g. without an
application-provided native parent window).
This change also adds some reasonable default window bounds in cases where they
are not specified by the client.
This change adds Chrome runtime support on Windows and Linux for creating a
browser parented to a native window supplied by the client application.
Expected API usage and window behavior is similar to what already exists with
the Alloy runtime. The parent window handle should be specified by using
CefWindowInfo::SetAsChild in combination with the CefBrowserHost::CreateBrowser
and CefLifeSpanHandler::OnBeforePopup callbacks.
The previously existing behavior of creating a fully-featured Chrome browser
window when empty CefWindowInfo is used with CreateBrowser remains unchanged
and Views is still the preferred API for creating top-level Chrome windows
with custom styling (e.g. title bar only, frameless, etc).
The cefclient Popup Window test with a native parent window continues to crash
on Linux with both the Alloy and Chrome runtimes (see issue #3165).
Also adds Chrome runtime support for CefDisplayHandler::OnCursorChange.
To test:
- Run `cefclient --enable-chrome-runtime [--use-views]` for the default (and
previously existing) Views-based behavior.
- Run `cefclient --enable-chrome-runtime --use-native` for the new native
parent window behavior.
- Run `cefclient --enable-chrome-runtime --use-native --no-activate` and the
window will not be activated (take input focus) on launch (Windows only).
- Run `cefclient --enable-chrome-runtime [--use-views|--use-native]
--mouse-cursor-change-disabled` and the mouse cursor will not change on
mouseover of DOM elements.
With same-site BFCache enabled every navigation can now potentially be served
via the BFCache. To support this internally a new top-level RenderFrame object
may be created for each new navigation. As a result, OnBrowserCreated may now
be called multiple times with the same browser ID in a given renderer process
(a behavior previously only seen with cross-site navigations and different
renderer processes).
BFCache navigations do not trigger the same Chromium notifications as a normal
load. To avoid breaking CEF API usage expectations we now synthetically
generate the load-related callbacks that would otherwise be missing
(OnLoadingStateChange with isLoading=true, OnLoadStart, OnLoadEnd). The
|httpStatusCode| argument to OnLoadEnd will be 0 in this case.
To test:
- Run `FrameHandlerTest.*:MessageRouterTest.*:NavigationTest.*`
- Run `NavigationTest.LoadSameOriginLoadURL` for OnBrowserCreated behavior.
- Run `NavigationTest.History` for load-related callback behavior.
This change configures session restore behavior for the NEXT application
restart by setting the "session.restore_on_startup" preference based on the
[CefSettings|CefRequestContextSettings].persist_session_cookies value.
This change adds a CefDownloadHandler::CanDownload callback for optionally
blocking user-initiated downloads (e.g. alt + link click or link click that
returns a `Content-Disposition: attachment` response from the server).
To test:
- Run `ceftests --gtest_filter=DownloadTest.*`.
- Run `cefclient --hide-controls`. User-initiated downloads will be blocked.
This change adds a CefCommandHandler::OnChromeCommand callback for optionally
handling Chrome commands triggered via menus or keyboard shortcuts. Supported
command IDs are listed in a new cef_command_ids.h header file.
To test: Run `cefclient --enable-chrome-runtime --hide-controls`. Most commands
will blocked and removed from context menus.
This change adds `CefBrowserSettings.chrome_status_bubble` for controlling
whether the Chrome status bubble will be used.
Testable in cefclient by passing the `--hide-chrome-status-bubble`
command-line flag.
Create a CefFileSystemDelegate based on the ShellFileSystemDelegate placeholder
implementation. An actual implementation will still be required to properly
support this download functionality.
This functionality stopped being relevant after the removal of Flash support
in January 2021. The last remaining PPAPI plugin (PDF viewer) will switch to
a non-plugin implementation (PdfUnseasoned) in M100.
The mojo channel used for frame communication may disconnect for a variety of
reasons including frame navigation, frame destruction, or insertion into the
BackForwardCache (when the browser-side frame representation is destroyed and
closes the connection). When disconnect occurs we now evaluate the situation
and reconnect if appropriate.
Connections are now initiated solely from the renderer process and the
RenderFrame is passed as an argument to FrameAttached() instead of being
retrieved independently. Messages are queued while the frame is disconnected
and sent only after FrameAttachedAck() is received from the browser process.
The renderer process will be crashed intentionally with a "connection retry
failure" message if the reconnect fails 3 times in a row.
Add the generated includes/ directory to CEF's "config" so that source files
included in patched Chromium targets (for example, blink_glue.cc) can find
cef_config.h which will be included via `include/internal/cef_types_linux.h`
on Linux.
Fixes a shutdown crash due to `ExtensionsBrowserClient::Set(nullptr)` being
called too early. Some code that may occasionally be triggered via
`content::ContentMainShutdown()` is expecting the extensions objects to still
be valid.
This new ownership pattern matches the code in chrome/.
URLLoaderNetworkServiceObserver is used for routing certificate and
authentication callbacks from the NetworkService to the associated
StoragePartition instance. With request interception enabled this object was
previously only assigned for the initial request. This change adds assignment
for restarted/redirected requests as well.
With PdfUnseasoned the PDF file will be loaded in a dedicated renderer process.
We identify this process by adding the kPdfRenderer command-line flag (similar
to how kExtensionProcess is used to identify an extension renderer process). We
then avoid calling GetNewBrowserInfo for the PDF renderer process because we
know the request will otherwise time out.
We need to override ChromeMimeHandlerViewGuestDelegate to handle
OnGuestAttached/Detached callbacks in order to account for the guest renderer
process hosting the PDF extension.
Additional work will be required to account for the renderer process hosting the
PDF viewer when using `--enable-features=PdfUnseasoned` (see issue #2969).
Browser windows created via CefBrowserHost::CreateBrowser should be shown at
creation time. These windows receive default Chromium styling, unlike
CefBrowserView windows which may contain other client-specified Views and
where show state can be configured via CefWindowDelegate::GetInitialShowState
or by calling CefWindow::Show.
- Remove CefRequestContextHandler::OnBeforePluginLoad and
CefRequestContext::PurgePluginListCache (fixes issue #3047). These methods
stopped being relevant after the removal of Flash support in January 2021.
The last remaining PPAPI plugin (PDF viewer) will switch to a non-plugin
implementation in the near future (see https://crbug.com/702993#c58) and
functionality related to plugin filtering has already been removed in
https://crrev.com/343ae351c9.
Fixes the following error:
Check failed: !pending_frame_callback_. Got overlapping IssueExternalBeginFrame
To test:
Run `cefclient --off-screen-rendering-enabled --external-begin-frame-enabled`
on Windows without crashing.
The `--disable-request-handling-for-testing` command-line flag would previously
disable handling of all schemes, including custom schemes and internal schemes
such as devtools.
This removes CefSettings.ignore_certificate_errors and
CefBrowserSettings.ignore_certificate_errors. Due to NetworkService
requirements these values must now be configured globally via the
"ignore-certificate-errors" command-line flag.
This removes CefBrowserSettings.universal_access_from_file_urls and
CefBrowserSettings.file_access_from_file_urls. Due to NetworkService
requirements these values must now be configured globally via command-line
flags ("allow-universal-access-from-files" and "allow-file-access-from-files"
respectively).
Also remove the kAllowFileAccessFromFileUrls switch in CEF which duplicates
the existing kAllowFileAccessFromFiles switch in Chromium (see issue #1785).
AppCache is deprecated in favor of Service Workers and support will be
fully removed soon (~M95). See https://web.dev/appcache-removal/.
Also add missing "allow-file-access-from-files" command-line switch for
CefBrowserSettings.file_access_from_file_urls.