Replicate a parsed feature policy representation so it doesn't need to be parsed in the browser pro…

third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp

 // Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "platform/feature_policy/FeaturePolicy.h"
 
 #include "platform/json/JSONValues.h"
 #include "platform/network/HTTPParsers.h"
 #include "platform/weborigin/KURL.h"
 #include "platform/weborigin/SecurityOrigin.h"
 #include "wtf/PtrUtil.h"
 #include "wtf/text/StringBuilder.h"
 
 namespace blink {
 
 namespace {
 
 // Given a string name, return the matching feature struct, or nullptr if it is
 // not the name of a policy-controlled feature.
 const FeaturePolicy::Feature* featureForName(
     const String& featureName,
     FeaturePolicy::FeatureList& features) {
   for (const FeaturePolicy::Feature* feature : features) {
     if (featureName == feature->featureName)
       return feature;
   }
   return nullptr;
 }
 
-// Converts a list of JSON feature policy items into a mapping of features to
-// whitelists. For future compatibility, unrecognized features are simply
-// ignored, as are unparseable origins. If |messages| is not null, then any
-// errors in the input will cause an error message to be appended to it.
-HashMap<const FeaturePolicy::Feature*,
-        std::unique_ptr<FeaturePolicy::Whitelist>>
-parseFeaturePolicyFromJson(std::unique_ptr<JSONArray> policyItems,
-                           RefPtr<SecurityOrigin> origin,
-                           FeaturePolicy::FeatureList& features,
-                           Vector<String>* messages) {
-  HashMap<const FeaturePolicy::Feature*,
-          std::unique_ptr<FeaturePolicy::Whitelist>>
-      whitelists;
+WebVector<WebFeaturePolicy::ParsedWhitelist> parseFeaturePolicyFromJson(
+    const String& policy,
+    const SecurityOrigin* origin,
+    Vector<String>* messages) {
+  Vector<WebFeaturePolicy::ParsedWhitelist> whitelists;
+
+  if (origin->isUnique())
+    return whitelists;
+
+  std::unique_ptr<JSONArray> policyItems = parseJSONHeader(policy);
+  if (!policyItems) {
+    if (messages)
+      messages->append("Unable to parse header");
+    return whitelists;
+  }
 
   for (size_t i = 0; i < policyItems->size(); ++i) {
     JSONObject* item = JSONObject::cast(policyItems->at(i));
     if (!item) {
       if (messages)
         messages->append("Policy is not an object");
       continue;  // Array element is not an object; skip
     }
 
     for (size_t j = 0; j < item->size(); ++j) {
       JSONObject::Entry entry = item->at(j);
       String featureName = entry.first;
       JSONArray* targets = JSONArray::cast(entry.second);
       if (!targets) {
         if (messages)
           messages->append("Whitelist is not an array of strings.");
         continue;
       }
 
-      const FeaturePolicy::Feature* feature =
-          featureForName(featureName, features);
-      if (!feature)
-        continue;  // Feature is not recognized; skip
-
-      std::unique_ptr<FeaturePolicy::Whitelist> whitelist(
-          new FeaturePolicy::Whitelist);
+      WebFeaturePolicy::ParsedWhitelist whitelist;
+      whitelist.featureName = featureName;
+      Vector<WebString> origins;
       String targetString;
       for (size_t j = 0; j < targets->size(); ++j) {
         if (targets->at(j)->asString(&targetString)) {
           if (equalIgnoringCase(targetString, "self")) {
-            whitelist->add(origin);
+            origins.append(origin->toString());
           } else if (targetString == "*") {
-            whitelist->addAll();
+            whitelist.matchesAllOrigins = true;
           } else {
             KURL originUrl = KURL(KURL(), targetString);
-            if (originUrl.isValid()) {
-              whitelist->add(SecurityOrigin::create(originUrl));
-            }
+            if (originUrl.isValid())
+              origins.append(targetString);
           }
         } else {
           if (messages)
             messages->append("Whitelist is not an array of strings.");
         }
       }
-      whitelists.set(feature, std::move(whitelist));
+      whitelist.origins = origins;
+      whitelists.append(whitelist);
     }
   }
   return whitelists;
 }
 
 }  // namespace
 
 // Definitions of all features controlled by Feature Policy should appear here.
 const FeaturePolicy::Feature kDocumentCookie{
     "cookie", FeaturePolicy::FeatureDefault::EnableForAll};
@@ skipping 90 matching lines @@
 }
 
 // static
 std::unique_ptr<FeaturePolicy> FeaturePolicy::createFromParentPolicy(
     const FeaturePolicy* parent,
     RefPtr<SecurityOrigin> currentOrigin) {
   return createFromParentPolicy(parent, std::move(currentOrigin),
                                 getDefaultFeatureList());
 }
 
-void FeaturePolicy::setHeaderPolicy(const String& policy,
-                                    Vector<String>* messages) {
+// static
+WebVector<WebFeaturePolicy::ParsedWhitelist> FeaturePolicy::parseFeaturePolicy(
+    const String& policy,
+    const SecurityOrigin* origin,
+    Vector<String>* messages) {
+  return parseFeaturePolicyFromJson(policy, origin, messages);
+}
+
+void FeaturePolicy::setHeaderPolicy(
+    const WebVector<WebFeaturePolicy::ParsedWhitelist>& policy) {
   DCHECK(m_headerWhitelists.isEmpty());
-  std::unique_ptr<JSONArray> policyJSON = parseJSONHeader(policy);
-  if (!policyJSON) {
-    if (messages)
-      messages->append("Unable to parse header");
-    return;
+  for (const WebFeaturePolicy::ParsedWhitelist& parsedWhitelist : policy) {
+    const FeaturePolicy::Feature* feature =
+        featureForName(parsedWhitelist.featureName, m_features);
+    if (!feature)
+      continue;
+    std::unique_ptr<Whitelist> whitelist(new FeaturePolicy::Whitelist);
+    if (parsedWhitelist.matchesAllOrigins) {
+      whitelist->addAll();
+    } else {
+      for (const WebString& origin : parsedWhitelist.origins) {
+        KURL originUrl = KURL(KURL(), origin);
+        if (originUrl.isValid())
+          whitelist->add(SecurityOrigin::create(originUrl));
+      }
+    }
+    m_headerWhitelists.set(feature, std::move(whitelist));
   }
-  m_headerWhitelists = parseFeaturePolicyFromJson(
-      std::move(policyJSON), m_origin, m_features, messages);
 }
 
 bool FeaturePolicy::isFeatureEnabledForOrigin(
     const FeaturePolicy::Feature& feature,
     const SecurityOrigin& origin) const {
   DCHECK(m_inheritedFeatures.contains(&feature));
   if (!m_inheritedFeatures.get(&feature)) {
     return false;
   }
   if (m_headerWhitelists.contains(&feature)) {
@@ skipping 36 matching lines @@
     sb.append("  ");
     sb.append(whitelist.key->featureName);
     sb.append(": ");
     sb.append(whitelist.value->toString());
     sb.append("\n");
   }
   return sb.toString();
 }
 
 }  // namespace blink