Index: third_party/WebKit/Source/modules/vr/NavigatorVR.cpp |
diff --git a/third_party/WebKit/Source/modules/vr/NavigatorVR.cpp b/third_party/WebKit/Source/modules/vr/NavigatorVR.cpp |
index b3acb36935316dd79addae9993ee094dfba11e3a..4a4ef3789d5d1c98fda4a1b1f6918bc7b22535a7 100644 |
--- a/third_party/WebKit/Source/modules/vr/NavigatorVR.cpp |
+++ b/third_party/WebKit/Source/modules/vr/NavigatorVR.cpp |
@@ -8,6 +8,7 @@ |
#include "core/dom/DOMException.h" |
#include "core/dom/Document.h" |
#include "core/dom/ExceptionCode.h" |
+#include "core/frame/FrameOwner.h" |
#include "core/frame/LocalDOMWindow.h" |
#include "core/frame/LocalFrame.h" |
#include "core/frame/Navigator.h" |
@@ -20,6 +21,32 @@ |
namespace blink { |
+// https://html.spec.whatwg.org/multipage/embedded-content.html#allowed-to-use |
+bool NavigatorVR::allowedToUseVR(const Frame* frame) |
+{ |
+ // To determine whether a Document object |document| is allowed to use the |
+ // feature indicated by attribute name |allowattribute|, run these steps: |
+ |
+ // 1. If |document| has no browsing context, then return false. |
+ if (!frame) |
+ return false; |
+ |
+ // 2. If |document|'s browsing context has no browsing context container, then |
+ // return true. |
+ if (frame->isMainFrame()) |
+ return true; |
+ |
+ // 3. If |document|'s browsing context has a browsing context container that |
+ // is an iframe element with an |allowattribute| attribute specified, and |
+ // whose node document is allowed to use the feature indicated by |
+ // |allowattribute|, then return true. |
+ if (frame->owner() && frame->owner()->allowVR()) |
+ return allowedToUseVR(frame->tree().parent()); |
+ |
+ // 4. Return false. |
+ return false; |
+} |
+ |
NavigatorVR* NavigatorVR::from(Document& document) |
{ |
if (!document.frame() || !document.frame()->domWindow()) |
@@ -48,6 +75,12 @@ ScriptPromise NavigatorVR::getVRDisplays(ScriptState* scriptState) |
ScriptPromiseResolver* resolver = ScriptPromiseResolver::create(scriptState); |
ScriptPromise promise = resolver->promise(); |
+ if (!allowedToUseVR(m_frame)) { |
+ DOMException* exception = DOMException::create(NotAllowedError, "Access to VR devices is not allowed in this context."); |
+ resolver->reject(exception); |
+ return promise; |
+ } |
+ |
Document* document = m_frame ? m_frame->document() : 0; |
if (!document || !controller()) { |