third_party/WebKit/Source/modules/payments/PaymentRequest.cpp - Issue 2618383002: Initial implementation for feature policy - PaymentRequest

Side by Side Diff: third_party/WebKit/Source/modules/payments/PaymentRequest.cpp

Issue 2618383002: Initial implementation for feature policy - PaymentRequest (Closed)

Patch Set: Added layout test expects Created 3 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

« no previous file with comments | « third_party/WebKit/LayoutTests/virtual/feature-policy/http/tests/feature-policy/payment-enabledforself-expected.txt ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright 2016 The Chromium Authors. All rights reserved.	1 // Copyright 2016 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "modules/payments/PaymentRequest.h"	5 #include "modules/payments/PaymentRequest.h"

6	6

	7 #include "bindings/core/v8/ConditionalFeatures.h"

7 #include "bindings/core/v8/ExceptionState.h"	8 #include "bindings/core/v8/ExceptionState.h"

8 #include "bindings/core/v8/ScriptPromiseResolver.h"	9 #include "bindings/core/v8/ScriptPromiseResolver.h"

9 #include "bindings/core/v8/ScriptState.h"	10 #include "bindings/core/v8/ScriptState.h"

10 #include "bindings/core/v8/V8StringResource.h"	11 #include "bindings/core/v8/V8StringResource.h"

11 #include "bindings/modules/v8/V8AndroidPayMethodData.h"	12 #include "bindings/modules/v8/V8AndroidPayMethodData.h"

12 #include "bindings/modules/v8/V8BasicCardRequest.h"	13 #include "bindings/modules/v8/V8BasicCardRequest.h"

13 #include "bindings/modules/v8/V8PaymentDetails.h"	14 #include "bindings/modules/v8/V8PaymentDetails.h"

14 #include "core/EventTypeNames.h"	15 #include "core/EventTypeNames.h"

15 #include "core/dom/DOMException.h"	16 #include "core/dom/DOMException.h"

16 #include "core/dom/ExceptionCode.h"	17 #include "core/dom/ExceptionCode.h"

(...skipping 535 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
552 }	553 }

553	554

554 bool allowedToUsePaymentRequest(const Frame* frame) {	555 bool allowedToUsePaymentRequest(const Frame* frame) {

555 // To determine whether a Document object \|document\| is allowed to use the	556 // To determine whether a Document object \|document\| is allowed to use the

556 // feature indicated by attribute name \|allowpaymentrequest\|, run these steps:	557 // feature indicated by attribute name \|allowpaymentrequest\|, run these steps:

557	558

558 // 1. If \|document\| has no browsing context, then return false.	559 // 1. If \|document\| has no browsing context, then return false.

559 if (!frame)	560 if (!frame)

560 return false;	561 return false;

561	562

562 // 2. If \|document\|'s browsing context is a top-level browsing context, then	563 if (!RuntimeEnabledFeatures::featurePolicyEnabled()) {

563 // return true.	564 // 2. If \|document\|'s browsing context is a top-level browsing context, then

564 if (frame->isMainFrame())	565 // return true.

	566 if (frame->isMainFrame())

	567 return true;

	568

	569 // 3. If \|document\|'s browsing context has a browsing context container that

	570 // is an iframe element with an \|allowpaymentrequest\| attribute specified,

	571 // and
	please use gerrit instead 2017/01/18 15:00:19 nit: reflow the comment please. nit: reflow the comment please. lunalu1 2017/01/18 17:12:12 Done. Show quoted text On 2017/01/18 15:00:19, rouslan wrote: > nit: reflow the comment please. Done.
	572 // whose node document is allowed to use the feature indicated by

	573 // \|allowpaymentrequest\|, then return true.

	574 if (frame->owner() && frame->owner()->allowPaymentRequest())

	575 return allowedToUsePaymentRequest(frame->tree().parent());

	576

	577 // 4. Return false.

	578 return false;

	579 }

	580

	581 // If Feature Policy is enabled. then we need this hack to support it, until

	582 // we have proper support for <iframe allowfullscreen> in FP:

	583 // TODO(lunalu): clean up the code once FP iframe is supported
	please use gerrit instead 2017/01/18 15:00:19 nit: link to the bug that tracks this task. nit: link to the bug that tracks this task. iclelland 2017/01/18 16:17:31 Thanks, rouslan -- loonybear, I've created crbug.c Show quoted text On 2017/01/18 15:00:19, rouslan wrote: > nit: link to the bug that tracks this task. Thanks, rouslan -- loonybear, I've created crbug.com/682280 for this, if you want to link it. lunalu1 2017/01/18 17:12:12 Done. Show quoted text On 2017/01/18 16:17:31, iclelland wrote: > On 2017/01/18 15:00:19, rouslan wrote: > > nit: link to the bug that tracks this task. > > Thanks, rouslan -- loonybear, I've created crbug.com/682280 for this, if you > want to link it. Done.
	584

	585 // 1. If FP, by itself, enables paymentrequest in this document, then

	586 // paymentrequest is allowed.

	587 if (frame->securityContext()->getFeaturePolicy()->isFeatureEnabled(

	588 kPaymentFeature)) {

565 return true;	589 return true;

	590 }

566	591

567 // 3. If \|document\|'s browsing context has a browsing context container that	592 // 2. Otherwise, if the embedding frame's document is allowed to use

568 // is an iframe element with an \|allowpaymentrequest\| attribute specified, and	593 // paymentrequest (either through FP or otherwise), and either:

569 // whose node document is allowed to use the feature indicated by	594 // a) this is a same-origin embedded document, or

570 // \|allowpaymentrequest\|, then return true.	595 // b) this document's iframe has the allowpayment attribute set,

571 if (frame->owner() && frame->owner()->allowPaymentRequest())	596 // then paymentrequest is allowed.

572 return allowedToUsePaymentRequest(frame->tree().parent());	597 if (!frame->isMainFrame()) {

	598 if (allowedToUsePaymentRequest(frame->tree().parent())) {

	599 return (frame->owner() && frame->owner()->allowPaymentRequest()) \|\|

	600 frame->tree()

	601 .parent()

	602 ->securityContext()

	603 ->getSecurityOrigin()

	604 ->isSameSchemeHostPortAndSuborigin(

	605 frame->securityContext()->getSecurityOrigin());

	606 }

	607 }

573	608

574 // 4. Return false.	609 // Otherwise, paymentrequest is not allowed. (If we reach here and this is

	610 // the main frame, then paymentrequest must have been disabled by FP.)

575 return false;	611 return false;

576 }	612 }

577	613

578 } // namespace	614 } // namespace

579	615

580 PaymentRequest* PaymentRequest::create(	616 PaymentRequest* PaymentRequest::create(

581 Document& document,	617 Document& document,

582 const HeapVector<PaymentMethodData>& methodData,	618 const HeapVector<PaymentMethodData>& methodData,

583 const PaymentDetails& details,	619 const PaymentDetails& details,

584 ExceptionState& exceptionState) {	620 ExceptionState& exceptionState) {

(...skipping 412 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
997 m_completeResolver.clear();	1033 m_completeResolver.clear();

998 m_showResolver.clear();	1034 m_showResolver.clear();

999 m_abortResolver.clear();	1035 m_abortResolver.clear();

1000 m_canMakePaymentResolver.clear();	1036 m_canMakePaymentResolver.clear();

1001 if (m_clientBinding.is_bound())	1037 if (m_clientBinding.is_bound())

1002 m_clientBinding.Close();	1038 m_clientBinding.Close();

1003 m_paymentProvider.reset();	1039 m_paymentProvider.reset();

1004 }	1040 }

1005	1041

1006 } // namespace blink	1042 } // namespace blink

OLD	NEW