| Index: third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp
|
| diff --git a/third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp b/third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp
|
| index 51cabe384318c6df08f81d54e45eccead7a43177..be49368cd5be4d2501ab5e3d92da66f9f82fb945 100644
|
| --- a/third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp
|
| +++ b/third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp
|
| @@ -27,69 +27,6 @@ const FeaturePolicy::Feature* featureForName(
|
| return nullptr;
|
| }
|
|
|
| -// Converts a list of JSON feature policy items into a mapping of features to
|
| -// whitelists. For future compatibility, unrecognized features are simply
|
| -// ignored, as are unparseable origins. If |messages| is not null, then any
|
| -// errors in the input will cause an error message to be appended to it.
|
| -HashMap<const FeaturePolicy::Feature*,
|
| - std::unique_ptr<FeaturePolicy::Whitelist>>
|
| -parseFeaturePolicyFromJson(std::unique_ptr<JSONArray> policyItems,
|
| - RefPtr<SecurityOrigin> origin,
|
| - FeaturePolicy::FeatureList& features,
|
| - Vector<String>* messages) {
|
| - HashMap<const FeaturePolicy::Feature*,
|
| - std::unique_ptr<FeaturePolicy::Whitelist>>
|
| - whitelists;
|
| -
|
| - for (size_t i = 0; i < policyItems->size(); ++i) {
|
| - JSONObject* item = JSONObject::cast(policyItems->at(i));
|
| - if (!item) {
|
| - if (messages)
|
| - messages->append("Policy is not an object");
|
| - continue; // Array element is not an object; skip
|
| - }
|
| -
|
| - for (size_t j = 0; j < item->size(); ++j) {
|
| - JSONObject::Entry entry = item->at(j);
|
| - String featureName = entry.first;
|
| - JSONArray* targets = JSONArray::cast(entry.second);
|
| - if (!targets) {
|
| - if (messages)
|
| - messages->append("Whitelist is not an array of strings.");
|
| - continue;
|
| - }
|
| -
|
| - const FeaturePolicy::Feature* feature =
|
| - featureForName(featureName, features);
|
| - if (!feature)
|
| - continue; // Feature is not recognized; skip
|
| -
|
| - std::unique_ptr<FeaturePolicy::Whitelist> whitelist(
|
| - new FeaturePolicy::Whitelist);
|
| - String targetString;
|
| - for (size_t j = 0; j < targets->size(); ++j) {
|
| - if (targets->at(j)->asString(&targetString)) {
|
| - if (equalIgnoringCase(targetString, "self")) {
|
| - whitelist->add(origin);
|
| - } else if (targetString == "*") {
|
| - whitelist->addAll();
|
| - } else {
|
| - KURL originUrl = KURL(KURL(), targetString);
|
| - if (originUrl.isValid()) {
|
| - whitelist->add(SecurityOrigin::create(originUrl));
|
| - }
|
| - }
|
| - } else {
|
| - if (messages)
|
| - messages->append("Whitelist is not an array of strings.");
|
| - }
|
| - }
|
| - whitelists.set(feature, std::move(whitelist));
|
| - }
|
| - }
|
| - return whitelists;
|
| -}
|
| -
|
| } // namespace
|
|
|
| // Definitions of all features controlled by Feature Policy should appear here.
|
| @@ -120,6 +57,19 @@ const FeaturePolicy::Feature kVibrateFeature{
|
| const FeaturePolicy::Feature kWebRTC{
|
| "webrtc", FeaturePolicy::FeatureDefault::EnableForAll};
|
|
|
| +// static
|
| +std::unique_ptr<FeaturePolicy::Whitelist> FeaturePolicy::Whitelist::from(
|
| + const WebFeaturePolicy::ParsedWhitelist& parsedWhitelist) {
|
| + std::unique_ptr<Whitelist> whitelist(new FeaturePolicy::Whitelist);
|
| + if (parsedWhitelist.matchesAllOrigins) {
|
| + whitelist->addAll();
|
| + } else {
|
| + for (const WebSecurityOrigin& origin : parsedWhitelist.origins)
|
| + whitelist->add(static_cast<WTF::PassRefPtr<SecurityOrigin>>(origin));
|
| + }
|
| + return whitelist;
|
| +}
|
| +
|
| FeaturePolicy::Whitelist::Whitelist() : m_matchesAllOrigins(false) {}
|
|
|
| void FeaturePolicy::Whitelist::addAll() {
|
| @@ -195,20 +145,79 @@ std::unique_ptr<FeaturePolicy> FeaturePolicy::createFromParentPolicy(
|
| getDefaultFeatureList());
|
| }
|
|
|
| -void FeaturePolicy::setHeaderPolicy(const String& policy,
|
| - Vector<String>* messages) {
|
| - DCHECK(m_headerWhitelists.isEmpty());
|
| +// static
|
| +WebParsedFeaturePolicy FeaturePolicy::parseFeaturePolicy(
|
| + const String& policy,
|
| + RefPtr<SecurityOrigin> origin,
|
| + Vector<String>* messages) {
|
| + Vector<WebFeaturePolicy::ParsedWhitelist> whitelists;
|
| +
|
| // Use a reasonable parse depth limit; the actual maximum depth is only going
|
| // to be 4 for a valid policy, but we'll give the featurePolicyParser a chance
|
| // to report more specific errors, unless the string is really invalid.
|
| - std::unique_ptr<JSONArray> policyJSON = parseJSONHeader(policy, 50);
|
| - if (!policyJSON) {
|
| + std::unique_ptr<JSONArray> policyItems = parseJSONHeader(policy, 50);
|
| + if (!policyItems) {
|
| if (messages)
|
| messages->append("Unable to parse header");
|
| - return;
|
| + return whitelists;
|
| + }
|
| +
|
| + for (size_t i = 0; i < policyItems->size(); ++i) {
|
| + JSONObject* item = JSONObject::cast(policyItems->at(i));
|
| + if (!item) {
|
| + if (messages)
|
| + messages->append("Policy is not an object");
|
| + continue; // Array element is not an object; skip
|
| + }
|
| +
|
| + for (size_t j = 0; j < item->size(); ++j) {
|
| + JSONObject::Entry entry = item->at(j);
|
| + String featureName = entry.first;
|
| + JSONArray* targets = JSONArray::cast(entry.second);
|
| + if (!targets) {
|
| + if (messages)
|
| + messages->append("Whitelist is not an array of strings.");
|
| + continue;
|
| + }
|
| +
|
| + WebFeaturePolicy::ParsedWhitelist whitelist;
|
| + whitelist.featureName = featureName;
|
| + Vector<WebSecurityOrigin> origins;
|
| + String targetString;
|
| + for (size_t j = 0; j < targets->size(); ++j) {
|
| + if (targets->at(j)->asString(&targetString)) {
|
| + if (equalIgnoringCase(targetString, "self")) {
|
| + if (!origin->isUnique())
|
| + origins.append(origin);
|
| + } else if (targetString == "*") {
|
| + whitelist.matchesAllOrigins = true;
|
| + } else {
|
| + WebSecurityOrigin targetOrigin =
|
| + WebSecurityOrigin::createFromString(targetString);
|
| + if (!targetOrigin.isNull() && !targetOrigin.isUnique())
|
| + origins.append(targetOrigin);
|
| + }
|
| + } else {
|
| + if (messages)
|
| + messages->append("Whitelist is not an array of strings.");
|
| + }
|
| + }
|
| + whitelist.origins = origins;
|
| + whitelists.append(whitelist);
|
| + }
|
| + }
|
| + return whitelists;
|
| +}
|
| +
|
| +void FeaturePolicy::setHeaderPolicy(const WebParsedFeaturePolicy& policy) {
|
| + DCHECK(m_headerWhitelists.isEmpty());
|
| + for (const WebFeaturePolicy::ParsedWhitelist& parsedWhitelist : policy) {
|
| + const FeaturePolicy::Feature* feature =
|
| + featureForName(parsedWhitelist.featureName, m_features);
|
| + if (!feature)
|
| + continue;
|
| + m_headerWhitelists.set(feature, Whitelist::from(parsedWhitelist));
|
| }
|
| - m_headerWhitelists = parseFeaturePolicyFromJson(
|
| - std::move(policyJSON), m_origin, m_features, messages);
|
| }
|
|
|
| bool FeaturePolicy::isFeatureEnabledForOrigin(
|
|
|
Chromium Code Reviews
Issue 2520223002:
Replicate a parsed feature policy representation so it doesn't need to be parsed in the browser pro… (Closed)
