Replicate feature policy headers to remote frames

third_party/WebKit/Source/core/loader/FrameLoader.cpp

Index: third_party/WebKit/Source/core/loader/FrameLoader.cpp
diff --git a/third_party/WebKit/Source/core/loader/FrameLoader.cpp b/third_party/WebKit/Source/core/loader/FrameLoader.cpp
index fde5f299ac1e539ba4f62f6f845d6b91866f77a7..53e0d94e769a85411bb3d38ba5f7605240fbfa6d 100644
--- a/third_party/WebKit/Source/core/loader/FrameLoader.cpp
+++ b/third_party/WebKit/Source/core/loader/FrameLoader.cpp
@@ -577,25 +577,23 @@ void FrameLoader::didBeginDocument() {
         m_frame->document(),
         m_documentLoader->response().httpHeaderField(HTTPNames::Origin_Trial));
     if (RuntimeEnabledFeatures::featurePolicyEnabled()) {
-      std::unique_ptr<FeaturePolicy> featurePolicy(
-          FeaturePolicy::createFromParentPolicy(
-              (isLoadingMainFrame() ? nullptr
-                                    : m_frame->client()
-                                          ->parent()
-                                          ->securityContext()
-                                          ->getFeaturePolicy()),
-              m_frame->securityContext()->getSecurityOrigin()));
-      Vector<String> messages;
-      featurePolicy->setHeaderPolicy(
+      SecurityContext* parentSecurityContext =
+          (isLoadingMainFrame()
+               ? nullptr
+               : m_frame->client()->parent()->securityContext());
+      const String& featurePolicyHeader =
           m_documentLoader->response().httpHeaderField(
-              HTTPNames::Feature_Policy),
-          messages);
+              HTTPNames::Feature_Policy);
+      Vector<String> messages;
+      m_frame->securityContext()->setFeaturePolicyFromHeader(

[raymes, 2016/11/21 02:17:34]

nit: since only the parent's feature policy is really needed, should we just
pass that in instead of the whole parentSecurityContext?

[iclelland, 2016/11/21 05:05:33]

Makes sense; I was thinking that methods on SecurityContext should really be
working at that level of abstraction (i.e., other SecurityContexts), but since
SC knows about FP, and provides methods to manipulate it, I don't see anything
wrong with using it as a parameter.

+          featurePolicyHeader, parentSecurityContext, &messages);
       for (auto& message : messages) {
         m_frame->document()->addConsoleMessage(ConsoleMessage::create(
             OtherMessageSource, ErrorMessageLevel,
             "Error with Feature-Policy header: " + message));
       }
-      m_frame->document()->setFeaturePolicy(std::move(featurePolicy));
+      if (client() && !featurePolicyHeader.isEmpty())

[dcheng, 2016/11/20 21:04:12]

Is this null check necessary? The frame should be attached here.

[iclelland, 2016/11/21 05:05:33]

I wasn't 100% certain that that had to be the case, so it was a sanity check for
me to ensure that it was nonnull before dereferencing it. I can easily replace
with a DCHECK, or eliminate if it's completely unnecessary.

+        client()->didSetFeaturePolicyHeader(featurePolicyHeader);
     }
   }