The sandbox is used to restrict sub-processes (renderer, GPU, etc) from directly accessing system resources. More...

#include "include/base/cef_build.h"
#include "include/internal/cef_export.h"

Classes
class	CefScopedSandboxContext
	Scoped helper for managing the life span of a sandbox context handle. More...

Functions
CEF_EXPORT void *	cef_sandbox_initialize (int argc, char **argv)
	Initialize the sandbox for this process. More...

CEF_EXPORT void	cef_sandbox_destroy (void *sandbox_context)
	Destroy the specified sandbox context handle. More...

Detailed Description

The sandbox is used to restrict sub-processes (renderer, GPU, etc) from directly accessing system resources.

This helps to protect the user from untrusted and potentially malicious Web content. See http://www.chromium.org/developers/design-documents/sandbox for complete details.

To enable the sandbox on macOS the following requirements must be met:

Link the helper process executable with the cef_sandbox static library.
Call the cef_sandbox_initialize() function at the beginning of the helper executable main() function and before loading the CEF framework library. See include/wrapper/cef_library_loader.h for example usage.

Function Documentation

◆ cef_sandbox_destroy()

CEF_EXPORT void cef_sandbox_destroy ( void * sandbox_context )

Destroy the specified sandbox context handle.

◆ cef_sandbox_initialize()

CEF_EXPORT void* cef_sandbox_initialize	(	int	argc,
		char **	argv
	)

Initialize the sandbox for this process.

Returns the sandbox context handle on success or NULL on failure. The returned handle should be passed to cef_sandbox_destroy() immediately before process termination.

Classes

Functions

Detailed Description

Function Documentation

◆ cef_sandbox_destroy()

◆ cef_sandbox_initialize()