Add policy for Renderer App Container.
This policy will allow Renderer App Container to be disabled.
Setting this policy to Disabled will override platform and field-trial
configuration and force Renderer App Container to be disabled.
Leaving this policy unset, or Enabled, will defer the control of
whether or not Renderer App Container is enabled to platform, Chrome
version, or field trial configuration.
This CL queries the policy on the UI thread in the constructor
for RendererSandboxedProcessLauncherDelegateWin but the value
is not used until the renderer is launched on Launcher thread.
A test is added to verify this behavior. In addition, some
cleanup is done of enums in ContentBrowserClient.
BUG=1328867
Change-Id: I98986646e8b27cffcd6c4567b9baea5fe6994e85
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3680781
Reviewed-by: Julian Pastarmov <[email protected]>
Commit-Queue: Will Harris <[email protected]>
Reviewed-by: Nasko Oskov <[email protected]>
Reviewed-by: Scott Violet <[email protected]>
Cr-Commit-Position: refs/heads/main@{#1010283}
diff --git a/chrome/browser/prefs/browser_prefs.cc b/chrome/browser/prefs/browser_prefs.cc
index c59e71a9..3e399ea8 100644
--- a/chrome/browser/prefs/browser_prefs.cc
+++ b/chrome/browser/prefs/browser_prefs.cc
@@ -1205,6 +1205,7 @@
#if BUILDFLAG(IS_WIN)
OSCrypt::RegisterLocalPrefs(registry);
registry->RegisterBooleanPref(prefs::kRendererCodeIntegrityEnabled, true);
+ registry->RegisterBooleanPref(prefs::kRendererAppContainerEnabled, true);
registry->RegisterBooleanPref(prefs::kBlockBrowserLegacyExtensionPoints,
true);
registry->RegisterBooleanPref(
