[FeaturePolicy] Initial implementation of Feature Policy

third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp

+// Copyright 2016 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "platform/feature_policy/FeaturePolicy.h"
+
+#include "platform/json/JSONValues.h"
+#include "platform/network/HTTPParsers.h"
+#include "platform/weborigin/KURL.h"
+#include "platform/weborigin/SecurityOrigin.h"
+#include "wtf/text/StringBuilder.h"
+
+namespace blink {
+
+namespace {
+
+// Given a string name, return the matching feature struct, or nullptr if it is
+// not the name of a policy-controlled feature.
+const FeaturePolicy::Feature* featureForName(
+    const String& featureName,
+    FeaturePolicy::FeatureList& features) {
+  for (const FeaturePolicy::Feature* feature : features) {
+    if (featureName == feature->featureName)
+      return feature;
+  }
+  return nullptr;
+}
+
+// Converts a list of JSON feature policy items into a mapping of features to
+// whitelists. For future compatibility, unrecognized features are simply
+// ignored, as are unparseable origins. Any errors in the input will cause an
+// error message appended to |messages|.
+HashMap<const FeaturePolicy::Feature*,
+        std::unique_ptr<FeaturePolicy::Whitelist>>
+parseFeaturePolicyString(std::unique_ptr<JSONArray> policyItems,
+                         RefPtr<SecurityOrigin> origin,
+                         FeaturePolicy::FeatureList& features,
+                         Vector<String>& messages) {
+  HashMap<const FeaturePolicy::Feature*,
+          std::unique_ptr<FeaturePolicy::Whitelist>>
+      whitelists;
+
+  for (size_t i = 0; i < policyItems->size(); ++i) {
+    JSONObject* item = JSONObject::cast(policyItems->at(i));
+    if (!item) {
+      messages.append("Policy is not an object");
+      continue;  // Array element is not an object; skip
+    }
+
+    for (size_t j = 0; j < item->size(); ++j) {
+      JSONObject::Entry entry = item->at(j);
+      String featureName = entry.first;
+      JSONArray* targets = JSONArray::cast(entry.second);
+      if (!targets) {
+        messages.append("Whitelist is not an array of strings.");
+        continue;
+      }
+
+      const FeaturePolicy::Feature* feature =
+          featureForName(featureName, features);
+      if (!feature)
+        continue;  // Feature is not recognized; skip
+
+      std::unique_ptr<FeaturePolicy::Whitelist> whitelist(
+          new FeaturePolicy::Whitelist);
+      String targetString;
+      for (size_t j = 0; j < targets->size(); ++j) {
+        if (targets->at(j)->asString(&targetString)) {
+          if (equalIgnoringCase(targetString, "self")) {
+            whitelist->add(origin);
+          } else if (targetString == "*") {
+            whitelist->addAll();
+          } else {
+            KURL originUrl = KURL(KURL(), targetString);
+            if (originUrl.isValid()) {
+              whitelist->add(SecurityOrigin::create(originUrl));
+            }
+          }
+        } else {
+          messages.append("Whitelist is not an array of strings.");
+        }
+      }
+      whitelists.set(feature, std::move(whitelist));
+    }
+  }
+  return whitelists;
+}
+
+}  // namespace
+
+// Definitions of all features controlled by Feature Policy should appear here.
+const FeaturePolicy::Feature kDocumentCookie{
+    "cookie", FeaturePolicy::FeatureDefault::EnableForAll};
+const FeaturePolicy::Feature kDocumentDomain{
+    "domain", FeaturePolicy::FeatureDefault::EnableForAll};
+const FeaturePolicy::Feature kDocumentWrite{
+    "docwrite", FeaturePolicy::FeatureDefault::EnableForAll};
+const FeaturePolicy::Feature kGeolocationFeature{
+    "geolocation", FeaturePolicy::FeatureDefault::EnableForSelf};
+const FeaturePolicy::Feature kMidiFeature{
+    "midi", FeaturePolicy::FeatureDefault::EnableForAll};
+const FeaturePolicy::Feature kNotificationsFeature{
+    "notifications", FeaturePolicy::FeatureDefault::EnableForAll};
+const FeaturePolicy::Feature kPaymentFeature{
+    "payment", FeaturePolicy::FeatureDefault::EnableForSelf};
+const FeaturePolicy::Feature kPushFeature{
+    "push", FeaturePolicy::FeatureDefault::EnableForAll};
+const FeaturePolicy::Feature kSyncScript{
+    "sync-script", FeaturePolicy::FeatureDefault::EnableForAll};
+const FeaturePolicy::Feature kSyncXHR{
+    "sync-xhr", FeaturePolicy::FeatureDefault::EnableForAll};
+const FeaturePolicy::Feature kUsermedia{
+    "usermedia", FeaturePolicy::FeatureDefault::EnableForAll};
+const FeaturePolicy::Feature kVibrateFeature{
+    "vibrate", FeaturePolicy::FeatureDefault::EnableForSelf};
+const FeaturePolicy::Feature kWebRTC{
+    "webrtc", FeaturePolicy::FeatureDefault::EnableForAll};
+
+FeaturePolicy::Whitelist::Whitelist() : m_matchesAllOrigins(false) {}
+
+void FeaturePolicy::Whitelist::addAll() {
+  m_matchesAllOrigins = true;
+}
+
+void FeaturePolicy::Whitelist::add(RefPtr<SecurityOrigin> origin) {
+  m_origins.append(std::move(origin));
+}
+
+bool FeaturePolicy::Whitelist::contains(const SecurityOrigin& origin) const {
+  if (m_matchesAllOrigins)
+    return true;
+  for (const auto& targetOrigin : m_origins) {
+    if (targetOrigin->isSameSchemeHostPortAndSuborigin(&origin))
+      return true;
+  }
+  return false;
+}
+
+String FeaturePolicy::Whitelist::toString() {
+  StringBuilder sb;
+  sb.append("[");
+  if (m_matchesAllOrigins) {
+    sb.append("*");
+  } else {
+    for (size_t i = 0; i < m_origins.size(); ++i) {
+      if (i > 0) {
+        sb.append(", ");
+      }
+      sb.append(m_origins[i]->toString());
+    }
+  }
+  sb.append("]");
+  return sb.toString();
+}
+
+// static
+const FeaturePolicy::FeatureList& FeaturePolicy::getDefaultFeatureList() {
+  DEFINE_STATIC_LOCAL(
+      Vector<const FeaturePolicy::Feature*>, defaultFeatureList,
+      ({&kDocumentCookie, &kDocumentDomain, &kDocumentWrite,
+        &kGeolocationFeature, &kMidiFeature, &kNotificationsFeature,
+        &kPaymentFeature, &kPushFeature, &kSyncScript, &kSyncXHR, &kUsermedia,
+        &kVibrateFeature, &kWebRTC}));
+  return defaultFeatureList;
+}
+
+// static
+FeaturePolicy* FeaturePolicy::createFromParentPolicy(
+    const FeaturePolicy* parent,
+    RefPtr<SecurityOrigin> currentOrigin,
+    FeaturePolicy::FeatureList& features) {
+  DCHECK(currentOrigin);
+  FeaturePolicy* newPolicy = new FeaturePolicy(currentOrigin, features);
+  for (const FeaturePolicy::Feature* feature : features) {
+    if (!parent || parent->isFeatureEnabledForOrigin(feature, *currentOrigin)) {
+      newPolicy->m_inheritedFeatures.set(feature, true);
+    } else {
+      newPolicy->m_inheritedFeatures.set(feature, false);
+    }
+  }
+  return newPolicy;
+}
+
+// static
+FeaturePolicy* FeaturePolicy::createFromParentPolicy(
+    const FeaturePolicy* parent,
+    RefPtr<SecurityOrigin> currentOrigin) {
+  return createFromParentPolicy(parent, currentOrigin, getDefaultFeatureList());
+}
+
+void FeaturePolicy::setHeaderPolicy(const String& policy,
+                                    Vector<String>& messages) {
+  DCHECK(m_headerWhitelists.isEmpty());
+  std::unique_ptr<JSONArray> policyJSON = parseJSONHeader(policy);
+  if (!policyJSON) {
+    messages.append("Unable to parse header");
+    return;
+  }
+  m_headerWhitelists = parseFeaturePolicyString(std::move(policyJSON), m_origin,
+                                                m_features, messages);
+}
+
+bool FeaturePolicy::isFeatureEnabledForOrigin(
+    const FeaturePolicy::Feature* feature,
+    const SecurityOrigin& origin) const {
+  DCHECK(m_inheritedFeatures.contains(feature));
+  if (!m_inheritedFeatures.get(feature)) {
+    return false;
+  }
+  if (m_headerWhitelists.contains(feature)) {
+    return m_headerWhitelists.get(feature)->contains(origin);
+  }
+  if (feature->defaultPolicy == FeaturePolicy::FeatureDefault::EnableForAll) {
+    return true;
+  }
+  if (feature->defaultPolicy == FeaturePolicy::FeatureDefault::EnableForSelf) {
+    return m_origin->isSameSchemeHostPortAndSuborigin(&origin);
+  }
+  return false;
+}
+
+bool FeaturePolicy::isFeatureEnabled(
+    const FeaturePolicy::Feature* feature) const {
+  DCHECK(m_origin);
+  return isFeatureEnabledForOrigin(feature, *m_origin);
+}
+
+FeaturePolicy::FeaturePolicy(RefPtr<SecurityOrigin> currentOrigin,
+                             FeaturePolicy::FeatureList& features)
+    : m_origin(std::move(currentOrigin)), m_features(features) {}
+
+String FeaturePolicy::toString() {
+  StringBuilder sb;
+  sb.append("Feature Policy for frame in origin: ");
+  sb.append(m_origin->toString());
+  sb.append("\n");
+  sb.append("Inherited features:\n");
+  for (const auto& inheritedFeature : m_inheritedFeatures) {
+    sb.append("  ");
+    sb.append(inheritedFeature.key->featureName);
+    sb.append(": ");
+    sb.append(inheritedFeature.value ? "true" : "false");
+    sb.append("\n");
+  }
+  sb.append("Header whitelists:\n");
+  for (const auto& whitelist : m_headerWhitelists) {
+    sb.append("  ");
+    sb.append(whitelist.key->featureName);
+    sb.append(": ");
+    sb.append(whitelist.value->toString());
+    sb.append("\n");
+  }
+  return sb.toString();
+}
+
+}  // namespace blink