1 // Copyright (c) 2013 Marshall A. Greenblatt. All rights reserved.
3 // Redistribution and use in source and binary forms, with or without
4 // modification, are permitted provided that the following conditions are
7 // * Redistributions of source code must retain the above copyright
8 // notice, this list of conditions and the following disclaimer.
9 // * Redistributions in binary form must reproduce the above
10 // copyright notice, this list of conditions and the following disclaimer
11 // in the documentation and/or other materials provided with the
13 // * Neither the name of Google Inc. nor the name Chromium Embedded
14 // Framework nor the names of its contributors may be used to endorse
15 // or promote products derived from this software without specific prior
16 // written permission.
18 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19 // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20 // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21 // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
22 // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
24 // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26 // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
28 // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30 #ifndef CEF_INCLUDE_CEF_SANDBOX_WIN_H_
31 #define CEF_INCLUDE_CEF_SANDBOX_WIN_H_
34 #include "include/cef_base.h"
42 // The sandbox is used to restrict sub-processes (renderer, plugin, GPU, etc)
43 // from directly accessing system resources. This helps to protect the user
44 // from untrusted and potentially malicious Web content.
45 // See http://www.chromium.org/developers/design-documents/sandbox for
48 // To enable the sandbox on Windows the following requirements must be met:
49 // 1. Use the same executable for the browser process and all sub-processes.
50 // 2. Link the executable with the cef_sandbox static library.
51 // 3. Call the cef_sandbox_info_create() function from within the executable
52 // (not from a separate DLL) and pass the resulting pointer into both the
53 // CefExecutProcess() and CefInitialize() functions via the
54 // |windows_sandbox_info| parameter.
57 // Create the sandbox information object for this process. It is safe to create
58 // multiple of this object and to destroy the object immediately after passing
59 // into the CefExecutProcess() and/or CefInitialize() functions.
61 void* cef_sandbox_info_create();
64 // Destroy the specified sandbox information object.
66 void cef_sandbox_info_destroy(void* sandbox_info);
72 // Manages the life span of a sandbox information object.
74 class CefScopedSandboxInfo {
76 CefScopedSandboxInfo() {
77 sandbox_info_ = cef_sandbox_info_create();
79 ~CefScopedSandboxInfo() {
80 cef_sandbox_info_destroy(sandbox_info_);
83 void* sandbox_info() const { return sandbox_info_; }
90 #endif // defined(OS_WIN)
92 #endif // CEF_INCLUDE_CEF_SANDBOX_WIN_H_