Index: third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp |
diff --git a/third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp b/third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp |
new file mode 100644 |
index 0000000000000000000000000000000000000000..15fd63f4076b580191a65a85d1b77886bd713fdb |
--- /dev/null |
+++ b/third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp |
@@ -0,0 +1,234 @@ |
+// Copyright 2016 The Chromium Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#include "platform/feature_policy/FeaturePolicy.h" |
+ |
+#include "platform/json/JSONParser.h" |
+#include "platform/json/JSONValues.h" |
+#include "platform/weborigin/KURL.h" |
+#include "platform/weborigin/SecurityOrigin.h" |
+#include "wtf/text/StringBuilder.h" |
+ |
+namespace blink { |
+ |
+namespace { |
+ |
+// Given a string name, return the matching feature struct, or nullptr if it is |
+// not the name of a policy-controlled feature. |
+const FeaturePolicyFeature* featureForName(const String& featureName) { |
+ for (const FeaturePolicyFeature* feature : |
+ FeaturePolicy::getFeatureRegistry()) { |
+ if (featureName == feature->featureName) |
+ return feature; |
+ } |
+ return nullptr; |
+} |
+ |
+} // namespace |
+ |
+// Definitions of all features controlled by Feature Policy should appear here. |
+const FeaturePolicyFeature kDocumentCookie{"cookie", |
+ kEnableFeatureForAllOrigins}; |
+const FeaturePolicyFeature kDocumentDomain{"domain", |
+ kEnableFeatureForAllOrigins}; |
+const FeaturePolicyFeature kDocumentWrite{"docwrite", |
+ kEnableFeatureForAllOrigins}; |
+const FeaturePolicyFeature kGeolocationFeature{"geolocation", |
+ kEnableFeatureForSelf}; |
+const FeaturePolicyFeature kMidiFeature{"midi", kEnableFeatureForAllOrigins}; |
+const FeaturePolicyFeature kNotificationsFeature{"notifications", |
+ kEnableFeatureForAllOrigins}; |
+const FeaturePolicyFeature kPaymentFeature{"payment", kEnableFeatureForSelf}; |
+const FeaturePolicyFeature kPushFeature{"push", kEnableFeatureForAllOrigins}; |
+const FeaturePolicyFeature kSyncScript{"sync-script", |
+ kEnableFeatureForAllOrigins}; |
+const FeaturePolicyFeature kSyncXHR{"sync-xhr", kEnableFeatureForAllOrigins}; |
+const FeaturePolicyFeature kUsermedia{"usermedia", kEnableFeatureForAllOrigins}; |
+const FeaturePolicyFeature kVibrateFeature{"vibrate", kEnableFeatureForSelf}; |
+const FeaturePolicyFeature kWebRTC{"webrtc", kEnableFeatureForAllOrigins}; |
+ |
+FeaturePolicy::Whitelist::Whitelist() : m_matchesAllOrigins(false) {} |
+ |
+void FeaturePolicy::Whitelist::addAll() { |
+ m_matchesAllOrigins = true; |
+} |
+ |
+void FeaturePolicy::Whitelist::add(RefPtr<SecurityOrigin> origin) { |
+ m_origins.append(origin); |
dcheng
2016/10/14 20:33:17
Nit: std::move()
iclelland
2016/10/19 12:51:55
Done.
|
+} |
+ |
+bool FeaturePolicy::Whitelist::contains(const SecurityOrigin* origin) const { |
dcheng
2016/10/14 20:33:17
Nit: const ref if we never expect this to be null.
iclelland
2016/10/19 12:51:55
Done.
|
+ if (m_matchesAllOrigins) |
+ return true; |
+ for (const auto& targetOrigin : m_origins) { |
+ if (targetOrigin->isSameSchemeHostPortAndSuborigin(origin)) |
+ return true; |
+ } |
+ return false; |
+} |
+ |
+String FeaturePolicy::Whitelist::toString() { |
+ StringBuilder sb; |
+ sb.append("["); |
+ if (m_matchesAllOrigins) { |
+ sb.append("*"); |
+ } else { |
+ for (size_t i = 0; i < m_origins.size(); ++i) { |
+ if (i > 0) { |
+ sb.append(", "); |
+ } |
+ sb.append(m_origins[i]->toString()); |
+ } |
+ } |
+ sb.append("]"); |
+ return sb.toString(); |
+} |
+ |
+// static |
+Vector<const FeaturePolicyFeature*>& FeaturePolicy::getFeatureRegistry() { |
+ DEFINE_STATIC_LOCAL( |
dcheng
2016/10/14 20:33:17
No need to use a Vector here; range-based for loop
iclelland
2016/10/15 01:55:34
It's mostly a vector so that it can be appended to
|
+ Vector<const FeaturePolicyFeature*>, featureRegistry, |
+ ({&kDocumentCookie, &kDocumentDomain, &kDocumentWrite, |
+ &kGeolocationFeature, &kMidiFeature, &kNotificationsFeature, |
+ &kPaymentFeature, &kPushFeature, &kSyncScript, &kSyncXHR, &kUsermedia, |
+ &kVibrateFeature, &kWebRTC})); |
+ return featureRegistry; |
+} |
+ |
+// static |
+FeaturePolicy* FeaturePolicy::createFromParentPolicy( |
+ const FeaturePolicy* parent, |
+ RefPtr<SecurityOrigin> currentOrigin) { |
+ FeaturePolicy* newPolicy = new FeaturePolicy(currentOrigin); |
+ if (parent) { |
+ for (const FeaturePolicyFeature* feature : getFeatureRegistry()) { |
+ if (parent->isFeatureEnabledForOrigin(feature, currentOrigin.get())) { |
+ newPolicy->m_inheritedFeatures.set(feature, true); |
+ } else { |
+ newPolicy->m_inheritedFeatures.set(feature, false); |
+ } |
+ } |
+ } |
+ return newPolicy; |
+} |
+ |
+void FeaturePolicy::addPolicyFromString(const String& policy) { |
raymes
2016/10/18 02:42:31
I don't like the "addPolicyFromString" name/approa
iclelland
2016/10/19 12:51:55
Done. Changed to setHeaderPolicy.
|
+ if (policy.isEmpty()) |
+ return; |
raymes
2016/10/18 02:42:31
Can we have a check:
DCHECK(m_declaredWhitelists.e
iclelland
2016/10/19 12:51:55
Done.
|
+ for (const auto& whitelist : parse(policy)) { |
+ if (isFeatureEnabled(whitelist.key)) { |
raymes
2016/10/18 02:42:31
I think this check is complex and hard to verify c
|
+ m_declaredWhitelists.set(whitelist.key, whitelist.value); |
raymes
2016/10/18 02:42:30
nit: Could we just call this m_headerWhitelists fo
iclelland
2016/10/19 12:51:55
Done.
|
+ } |
+ } |
+} |
+ |
+bool FeaturePolicy::isFeatureEnabledForOrigin( |
+ const FeaturePolicyFeature* feature, |
+ const SecurityOrigin* origin) const { |
raymes
2016/10/18 02:42:31
It would be nice to link to an algorithm here but
iclelland
2016/10/19 12:51:55
Acknowledged.
|
+ if (m_inheritedFeatures.contains(feature)) { |
raymes
2016/10/18 02:42:31
I think the behavior if a feature isn't in the map
iclelland
2016/10/19 12:51:55
Done. That matches the current text in the explain
|
+ if (!m_inheritedFeatures.get(feature)) { |
+ return false; |
+ } |
+ } |
+ if (m_declaredWhitelists.contains(feature)) { |
+ return m_declaredWhitelists.get(feature)->contains(origin); |
+ } |
+ if (feature->defaultPolicy == kEnableFeatureForAllOrigins) { |
+ return true; |
+ } |
+ if (feature->defaultPolicy == kEnableFeatureForSelf) { |
+ return m_origin->isSameSchemeHostPortAndSuborigin(origin); |
+ } |
+ return false; |
+} |
+ |
+bool FeaturePolicy::isFeatureEnabled( |
+ const FeaturePolicyFeature* feature) const { |
+ return isFeatureEnabledForOrigin(feature, m_origin.get()); |
+} |
+ |
+FeaturePolicy::FeaturePolicy(PassRefPtr<SecurityOrigin> currentOrigin) |
dcheng
2016/10/14 20:33:17
Nit: PassRefPtr is on the way out. Just use RefPtr
iclelland
2016/10/19 12:51:55
Done.
|
+ : m_origin(currentOrigin) {} |
+ |
+// Parses a feature policy string into a mapping of features to whitelists. The |
+// parse algorithm is deliberately very lenient, and will return as much as it |
+// can recognize. Unrecognized features are simply ignored, as are invalid |
+// policy items and invalid origins inside of whitelists. |
+HeapHashMap<const FeaturePolicyFeature*, Member<FeaturePolicy::Whitelist>> |
+FeaturePolicy::parse(const String& policy) { |
raymes
2016/10/18 02:42:31
I think parsing code tends to fit better not as a
iclelland
2016/10/19 12:51:55
Done. Renamed and moved to the anonymous namespace
|
+ HeapHashMap<const FeaturePolicyFeature*, Member<Whitelist>> whitelists; |
+ std::unique_ptr<JSONValue> policyJSON = parseJSON(policy); |
+ |
+ if (!policyJSON) |
+ return whitelists; // Policy string is not valid JSON |
+ |
+ std::unique_ptr<JSONArray> items = JSONArray::cast(std::move(policyJSON)); |
+ if (!items) |
+ return whitelists; // Policy string is not an array |
+ |
+ for (size_t i = 0; i < items->size(); ++i) { |
+ JSONObject* item = JSONObject::cast(items->at(i)); |
+ if (!item) |
+ continue; // Array element is not an object; skip |
raymes
2016/10/18 02:42:31
Hmm, should we just give up at each of these failu
iclelland
2016/10/19 12:51:55
We can't fail at "Feature not recognized", as that
raymes
2016/10/19 23:47:36
That all sounds good to me :) I'm happy if you wan
|
+ |
+ for (size_t j = 0; j < item->size(); ++j) { |
+ JSONObject::Entry entry = item->at(j); |
+ String featureName = entry.first; |
+ const FeaturePolicyFeature* feature = featureForName(featureName); |
+ if (!feature) |
+ continue; // Feature is not recognized; skip |
+ |
+ JSONArray* targets = JSONArray::cast(entry.second); |
+ if (!targets) |
+ continue; // Whitelist is not an array; skip |
+ |
+ Whitelist* whitelist = new Whitelist; |
+ String targetString; |
+ for (size_t j = 0; j < targets->size(); ++j) { |
+ if (targets->at(j)->asString(&targetString)) { |
+ if (equalIgnoringCase(targetString, "self")) { |
+ whitelist->add(m_origin); |
+ } else if (targetString == "*") { |
+ whitelist->addAll(); |
+ } else { |
+ KURL originUrl = KURL(KURL(), targetString); |
+ if (originUrl.isValid()) { |
+ whitelist->add(SecurityOrigin::create(originUrl)); |
+ } |
+ } |
+ } |
+ } |
+ whitelists.set(feature, whitelist); |
+ } |
+ } |
+ return whitelists; |
+} |
+ |
+String FeaturePolicy::toString() { |
+ StringBuilder sb; |
+ sb.append("Feature Policy for frame in origin: "); |
+ sb.append(m_origin->toString()); |
+ sb.append("\n"); |
+ sb.append("Inherited features:\n"); |
+ for (const auto& inheritedFeature : m_inheritedFeatures) { |
raymes
2016/10/18 02:42:30
nit, optional: should we indent the string here fo
iclelland
2016/10/19 12:51:55
Done. This code is currently just so I can log the
|
+ sb.append(inheritedFeature.key->featureName); |
+ sb.append(": "); |
+ sb.append(inheritedFeature.value ? "true" : "false"); |
+ sb.append("\n"); |
+ } |
+ sb.append("Declared whitelists:\n"); |
+ for (const auto& whitelist : m_declaredWhitelists) { |
raymes
2016/10/18 02:42:31
nit: same here
iclelland
2016/10/19 12:51:55
Done.
|
+ sb.append(whitelist.key->featureName); |
+ sb.append(": "); |
+ sb.append(whitelist.value->toString()); |
+ sb.append("\n"); |
+ } |
+ return sb.toString(); |
+} |
+ |
+DEFINE_TRACE(FeaturePolicy) { |
+ visitor->trace(m_declaredWhitelists); |
+} |
+ |
+} // namespace blink |