Index: third_party/WebKit/Source/web/WebRemoteFrameImpl.cpp |
diff --git a/third_party/WebKit/Source/web/WebRemoteFrameImpl.cpp b/third_party/WebKit/Source/web/WebRemoteFrameImpl.cpp |
index 9e1171988125dc51966ea8542e0e71df8278d26d..dbe7bbc54fd3132a11a9a3d0e70b4916f870dbeb 100644 |
--- a/third_party/WebKit/Source/web/WebRemoteFrameImpl.cpp |
+++ b/third_party/WebKit/Source/web/WebRemoteFrameImpl.cpp |
@@ -438,6 +438,25 @@ void WebRemoteFrameImpl::setReplicatedName(const WebString& name, |
frame()->tree().setPrecalculatedName(name, uniqueName); |
} |
+void WebRemoteFrameImpl::setReplicatedFeaturePolicyHeader( |
alexmos
2016/11/09 01:16:55
Just to double-check: will this work in the case w
iclelland
2016/11/09 18:07:59
Definitely, I'm planning on adding a number of oth
alexmos
2016/11/10 17:50:28
That sounds great, I missed that DidSetFeaturePoli
iclelland
2016/11/16 20:21:32
Thanks for catching that -- I've fixed it now, and
|
+ const WebString& headerValue) const { |
+ if (RuntimeEnabledFeatures::featurePolicyEnabled()) { |
+ SecurityContext* childSecurityContext = frame()->securityContext(); |
+ FeaturePolicy* parentFeaturePolicy = nullptr; |
+ if (parent()) { |
+ Frame* parentFrame = frame()->client()->parent(); |
+ SecurityContext* parentSecurityContext = parentFrame->securityContext(); |
+ parentFeaturePolicy = parentSecurityContext->getFeaturePolicy(); |
+ } |
+ std::unique_ptr<FeaturePolicy> childFeaturePolicy( |
+ FeaturePolicy::createFromParentPolicy( |
+ parentFeaturePolicy, childSecurityContext->getSecurityOrigin())); |
Mike West
2016/11/08 12:12:23
It surprised me that you did all this work both he
iclelland
2016/11/08 14:25:45
I could certainly factor this out into a method on
alexmos
2016/11/09 01:16:55
I'm slightly in favor of the current approach, act
|
+ Vector<String> messages; |
raymes
2016/11/07 23:10:25
I think we can ignore messages here because approp
iclelland
2016/11/08 03:13:41
Agreed; that's why we don't do anything with the m
Mike West
2016/11/08 12:12:23
1. ContentSecurityPolicy makes itself responsible
iclelland
2016/11/08 14:25:45
I like that approach, thanks!
iclelland
2016/11/09 18:07:59
I've switched it to taking an optional Vector<Stri
|
+ childFeaturePolicy->setHeaderPolicy(headerValue, messages); |
+ childSecurityContext->setFeaturePolicy(std::move(childFeaturePolicy)); |
+ } |
+} |
+ |
void WebRemoteFrameImpl::addReplicatedContentSecurityPolicyHeader( |
const WebString& headerValue, |
WebContentSecurityPolicyType type, |