Add an iframe permissions= attribute for implementing permission delegation

third_party/WebKit/Source/core/html/HTMLIFrameElement.cpp

Index: third_party/WebKit/Source/core/html/HTMLIFrameElement.cpp
diff --git a/third_party/WebKit/Source/core/html/HTMLIFrameElement.cpp b/third_party/WebKit/Source/core/html/HTMLIFrameElement.cpp
index 61b06a393572f1e03d12b0c31684176cb9adc66a..541f155321bcf450f1eeebc2b2377755ba22c72c 100644
--- a/third_party/WebKit/Source/core/html/HTMLIFrameElement.cpp
+++ b/third_party/WebKit/Source/core/html/HTMLIFrameElement.cpp
@@ -33,12 +33,59 @@
 
 namespace blink {
 
+namespace {
+
+class SandboxObserver : public GarbageCollected<SandboxObserver>, public DOMTokenListObserver {

[tkent, 2016/06/23 04:57:27]

nit: You may merge this class into HTMLIFrameSandbox.

[raymes, 2016/06/27 07:25:57]

I tried this (it makes the code nicer) but I can't get it to compile. When
HTMLIFrameElementPermissions inherits from both DOMTokenList and
DOMTokenListObserver I get compile errors:
../../third_party/WebKit/Source/platform/heap/GarbageCollected.h:71:18: note:
unimplemented pure virtual method 'adjustAndMark' in
'HTMLIFrameElementPermissions'
    virtual void adjustAndMark(Visitor*) const = 0;

I tried adding USING_GARBAGE_COLLECTED_MIXIN but then I get:

../../third_party/WebKit/Source/platform/heap/TraceTraits.h:190:5: error:
static_assert failed "T should not be traced"
    static_assert(WTF::IsTraceable<T>::value, "T should not be traced");
    ^             ~~~~~~~~~~~~~~~~~~~~~~~~~~
../../third_party/WebKit/Source/core/html/HTMLIFrameElementPermissions.h:18:5:
note: in instantiation of member function
'blink::TraceTrait<blink::HTMLIFrameElementPermissions>::trace' requested here
    USING_GARBAGE_COLLECTED_MIXIN(HTMLIFrameElementPermissions);
    ^
../../third_party/WebKit/Source/platform/heap/GarbageCollected.h:159:5: note:
expanded from macro 'USING_GARBAGE_COLLECTED_MIXIN'
    DEFINE_GARBAGE_COLLECTED_MIXIN_METHODS(blink::Visitor*, TYPE)       \
    ^
../../third_party/WebKit/Source/platform/heap/GarbageCollected.h:87:35: note:
expanded from macro 'DEFINE_GARBAGE_COLLECTED_MIXIN_METHODS'
                TraceTrait<TYPE>::trace(visitor, const_cast<TYPE*>(this)); \
                                  ^
...
../../third_party/WebKit/Source/platform/heap/TraceTraits.h:193:32: error:
member 'trace' found in multiple base classes of different types
       
static_cast<T*>(self)->trace(InlinedGlobalMarkingVisitor(visitor->state()));
                               ^
../../third_party/WebKit/Source/core/dom/DOMTokenList.h:83:5: note: member found
by ambiguous name lookup
    DEFINE_INLINE_VIRTUAL_TRACE() {
    ^
../../third_party/WebKit/Source/platform/heap/Visitor.h:112:39: note: expanded
from macro 'DEFINE_INLINE_VIRTUAL_TRACE'
#define DEFINE_INLINE_VIRTUAL_TRACE() DEFINE_INLINE_TRACE_IMPL(virtual)


Any ideas?

[sof, 2016/06/27 07:41:09]

Not having a delegating trace method override on HTMLIFrameElementPermissions
perhaps, but it'd be a lot easier to diagnose if we could see the actual code
you're trying to compile - could you upload it ?

[tkent, 2016/06/27 07:42:03]

Please post the current HTMLIFrameElementPermissions declaration with
USING_GARBAGE_COLLECTED_MIXIN.
Did you add *_VIRTUAL_TRACE() to it?

+    USING_GARBAGE_COLLECTED_MIXIN(SandboxObserver);
+public:
+    SandboxObserver(HTMLIFrameElement* element) : m_element(element) {}
+
+    void valueWasSet() override
+    {
+        m_element->sandboxValueWasSet();
+    }
+
+    DEFINE_INLINE_VIRTUAL_TRACE()
+    {
+        visitor->trace(m_element);
+        DOMTokenListObserver::trace(visitor);
+    }
+
+private:
+    Member<HTMLIFrameElement> m_element;
+};
+
+class PermissionsObserver : public GarbageCollected<PermissionsObserver>, public DOMTokenListObserver {

[tkent, 2016/06/23 04:57:27]

Ditto.  You may merge this into HTMLIFramePermission.

+    USING_GARBAGE_COLLECTED_MIXIN(PermissionsObserver);
+public:
+    PermissionsObserver(HTMLIFrameElement* element) : m_element(element)
+    {
+    }
+
+    void valueWasSet() override
+    {
+        m_element->permissionsValueWasSet();
+    }
+
+    DEFINE_INLINE_VIRTUAL_TRACE()
+    {
+        visitor->trace(m_element);
+        DOMTokenListObserver::trace(visitor);
+    }
+
+private:
+    Member<HTMLIFrameElement> m_element;
+};
+
+} // namespace
+
 using namespace HTMLNames;
 
 inline HTMLIFrameElement::HTMLIFrameElement(Document& document)
     : HTMLFrameElementBase(iframeTag, document)
     , m_didLoadNonEmptyDocument(false)
-    , m_sandbox(HTMLIFrameElementSandbox::create(this))
+    , m_sandbox(HTMLIFrameElementSandbox::create(new SandboxObserver(this)))
+    , m_permissions(HTMLIFrameElementPermissions::create(new PermissionsObserver(this)))
     , m_referrerPolicy(ReferrerPolicyDefault)
 {
 }
@@ -48,8 +95,8 @@ DEFINE_NODE_FACTORY(HTMLIFrameElement)
 DEFINE_TRACE(HTMLIFrameElement)
 {
     visitor->trace(m_sandbox);
+    visitor->trace(m_permissions);
     HTMLFrameElementBase::trace(visitor);
-    DOMTokenListObserver::trace(visitor);
 }
 
 HTMLIFrameElement::~HTMLIFrameElement()
@@ -61,6 +108,11 @@ DOMTokenList* HTMLIFrameElement::sandbox() const
     return m_sandbox.get();
 }
 
+DOMTokenList* HTMLIFrameElement::permissions() const
+{
+    return m_permissions.get();
+}
+
 bool HTMLIFrameElement::isPresentationAttribute(const QualifiedName& name) const
 {
     if (name == widthAttr || name == heightAttr || name == alignAttr || name == frameborderAttr)
@@ -109,6 +161,8 @@ void HTMLIFrameElement::parseAttribute(const QualifiedName& name, const AtomicSt
         m_allowFullscreen = !value.isNull();
         if (m_allowFullscreen != oldAllowFullscreen)
             frameOwnerPropertiesChanged();
+    } else if (name == permissionsAttr) {
+        m_permissions->setValue(value);
     } else {
         if (name == srcAttr)
             logUpdateAttributeIfIsolatedWorldAndInDocument("iframe", srcAttr, oldValue, value);
@@ -147,7 +201,20 @@ bool HTMLIFrameElement::isInteractiveContent() const
     return true;
 }
 
-void HTMLIFrameElement::valueWasSet()
+void HTMLIFrameElement::permissionsValueWasSet()
+{
+    if (!RuntimeEnabledFeatures::permissionDelegationEnabled())
+        return;
+
+    String invalidTokens;
+    m_delegatedPermissions = m_permissions->parseDelegatedPermissions(invalidTokens);
+    if (!invalidTokens.isNull())
+        document().addConsoleMessage(ConsoleMessage::create(OtherMessageSource, ErrorMessageLevel, "Error while parsing the 'permissions' attribute: " + invalidTokens));
+    setSynchronizedLazyAttribute(permissionsAttr, m_permissions->value());
+    frameOwnerPropertiesChanged();
+}
+
+void HTMLIFrameElement::sandboxValueWasSet()
 {
     String invalidTokens;
     setSandboxFlags(m_sandbox->value().isNull() ? SandboxNone : parseSandboxPolicy(m_sandbox->tokens(), invalidTokens));