Add a configurable parse-depth limit when parsing JFV headers, and use it for Feature-Policy Header

third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp

Index: third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp
diff --git a/third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp b/third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp
index a0932795b5399f60296a216a2124ecbecee861e9..51cabe384318c6df08f81d54e45eccead7a43177 100644
--- a/third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp
+++ b/third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp
@@ -198,7 +198,10 @@ std::unique_ptr<FeaturePolicy> FeaturePolicy::createFromParentPolicy(
 void FeaturePolicy::setHeaderPolicy(const String& policy,
                                     Vector<String>* messages) {
   DCHECK(m_headerWhitelists.isEmpty());
-  std::unique_ptr<JSONArray> policyJSON = parseJSONHeader(policy);
+  // Use a reasonable parse depth limit; the actual maximum depth is only going
+  // to be 4 for a valid policy, but we'll give the featurePolicyParser a chance
+  // to report more specific errors, unless the string is really invalid.
+  std::unique_ptr<JSONArray> policyJSON = parseJSONHeader(policy, 50);
   if (!policyJSON) {
     if (messages)
       messages->append("Unable to parse header");