Index: third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp |
diff --git a/third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp b/third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp |
index 44d6c96359a7499994c6a3ded2c65001bcdcc404..70cd58fc15fa8309bb1825ae2122cf97093129f9 100644 |
--- a/third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp |
+++ b/third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp |
@@ -13,146 +13,11 @@ |
namespace blink { |
-namespace { |
- |
-// Given a string name, return the matching feature struct, or nullptr if it is |
-// not the name of a policy-controlled feature. |
-const FeaturePolicy::Feature* featureForName( |
- const String& featureName, |
- FeaturePolicy::FeatureList& features) { |
- for (const FeaturePolicy::Feature* feature : features) { |
- if (featureName == feature->featureName) |
- return feature; |
- } |
- return nullptr; |
-} |
- |
-} // namespace |
- |
-// Definitions of all features controlled by Feature Policy should appear here. |
-const FeaturePolicy::Feature kDocumentCookie{ |
- "cookie", FeaturePolicy::FeatureDefault::EnableForAll}; |
-const FeaturePolicy::Feature kDocumentDomain{ |
- "domain", FeaturePolicy::FeatureDefault::EnableForAll}; |
-const FeaturePolicy::Feature kDocumentWrite{ |
- "docwrite", FeaturePolicy::FeatureDefault::EnableForAll}; |
-const FeaturePolicy::Feature kFullscreenFeature{ |
- "fullscreen", FeaturePolicy::FeatureDefault::EnableForSelf}; |
-const FeaturePolicy::Feature kGeolocationFeature{ |
- "geolocation", FeaturePolicy::FeatureDefault::EnableForSelf}; |
-const FeaturePolicy::Feature kMidiFeature{ |
- "midi", FeaturePolicy::FeatureDefault::EnableForAll}; |
-const FeaturePolicy::Feature kNotificationsFeature{ |
- "notifications", FeaturePolicy::FeatureDefault::EnableForAll}; |
-const FeaturePolicy::Feature kPaymentFeature{ |
- "payment", FeaturePolicy::FeatureDefault::EnableForSelf}; |
-const FeaturePolicy::Feature kPushFeature{ |
- "push", FeaturePolicy::FeatureDefault::EnableForAll}; |
-const FeaturePolicy::Feature kSyncScript{ |
- "sync-script", FeaturePolicy::FeatureDefault::EnableForAll}; |
-const FeaturePolicy::Feature kSyncXHR{ |
- "sync-xhr", FeaturePolicy::FeatureDefault::EnableForAll}; |
-const FeaturePolicy::Feature kUsermedia{ |
- "usermedia", FeaturePolicy::FeatureDefault::EnableForAll}; |
-const FeaturePolicy::Feature kVibrateFeature{ |
- "vibrate", FeaturePolicy::FeatureDefault::EnableForSelf}; |
-const FeaturePolicy::Feature kWebRTC{ |
- "webrtc", FeaturePolicy::FeatureDefault::EnableForAll}; |
- |
// static |
-std::unique_ptr<FeaturePolicy::Whitelist> FeaturePolicy::Whitelist::from( |
- const WebFeaturePolicy::ParsedWhitelist& parsedWhitelist) { |
- std::unique_ptr<Whitelist> whitelist(new FeaturePolicy::Whitelist); |
- if (parsedWhitelist.matchesAllOrigins) { |
- whitelist->addAll(); |
- } else { |
- for (const WebSecurityOrigin& origin : parsedWhitelist.origins) |
- whitelist->add(static_cast<WTF::PassRefPtr<SecurityOrigin>>(origin)); |
- } |
- return whitelist; |
-} |
- |
-FeaturePolicy::Whitelist::Whitelist() : m_matchesAllOrigins(false) {} |
- |
-void FeaturePolicy::Whitelist::addAll() { |
- m_matchesAllOrigins = true; |
-} |
- |
-void FeaturePolicy::Whitelist::add(RefPtr<SecurityOrigin> origin) { |
- m_origins.push_back(std::move(origin)); |
-} |
- |
-bool FeaturePolicy::Whitelist::contains(const SecurityOrigin& origin) const { |
- if (m_matchesAllOrigins) |
- return true; |
- for (const auto& targetOrigin : m_origins) { |
- if (targetOrigin->isSameSchemeHostPortAndSuborigin(&origin)) |
- return true; |
- } |
- return false; |
-} |
- |
-String FeaturePolicy::Whitelist::toString() { |
- StringBuilder sb; |
- sb.append("["); |
- if (m_matchesAllOrigins) { |
- sb.append("*"); |
- } else { |
- for (size_t i = 0; i < m_origins.size(); ++i) { |
- if (i > 0) { |
- sb.append(", "); |
- } |
- sb.append(m_origins[i]->toString()); |
- } |
- } |
- sb.append("]"); |
- return sb.toString(); |
-} |
- |
-// static |
-const FeaturePolicy::FeatureList& FeaturePolicy::getDefaultFeatureList() { |
- DEFINE_STATIC_LOCAL( |
- Vector<const FeaturePolicy::Feature*>, defaultFeatureList, |
- ({&kDocumentCookie, &kDocumentDomain, &kDocumentWrite, |
- &kGeolocationFeature, &kFullscreenFeature, &kMidiFeature, |
- &kNotificationsFeature, &kPaymentFeature, &kPushFeature, &kSyncScript, |
- &kSyncXHR, &kUsermedia, &kVibrateFeature, &kWebRTC})); |
- return defaultFeatureList; |
-} |
- |
-// static |
-std::unique_ptr<FeaturePolicy> FeaturePolicy::createFromParentPolicy( |
- const FeaturePolicy* parent, |
- RefPtr<SecurityOrigin> currentOrigin, |
- FeaturePolicy::FeatureList& features) { |
- DCHECK(currentOrigin); |
- std::unique_ptr<FeaturePolicy> newPolicy = |
- WTF::wrapUnique(new FeaturePolicy(currentOrigin, features)); |
- for (const FeaturePolicy::Feature* feature : features) { |
- if (!parent || |
- parent->isFeatureEnabledForOrigin(*feature, *currentOrigin)) { |
- newPolicy->m_inheritedFeatures.set(feature, true); |
- } else { |
- newPolicy->m_inheritedFeatures.set(feature, false); |
- } |
- } |
- return newPolicy; |
-} |
- |
-// static |
-std::unique_ptr<FeaturePolicy> FeaturePolicy::createFromParentPolicy( |
- const FeaturePolicy* parent, |
- RefPtr<SecurityOrigin> currentOrigin) { |
- return createFromParentPolicy(parent, std::move(currentOrigin), |
- getDefaultFeatureList()); |
-} |
- |
-// static |
-WebParsedFeaturePolicy FeaturePolicy::parseFeaturePolicy( |
- const String& policy, |
- RefPtr<SecurityOrigin> origin, |
- Vector<String>* messages) { |
- Vector<WebFeaturePolicy::ParsedWhitelist> whitelists; |
+WebParsedFeaturePolicyHeader parseFeaturePolicy(const String& policy, |
+ RefPtr<SecurityOrigin> origin, |
+ Vector<String>* messages) { |
+ Vector<WebParsedFeaturePolicyDeclaration> webPolicyHeader; |
// Use a reasonable parse depth limit; the actual maximum depth is only going |
// to be 4 for a valid policy, but we'll give the featurePolicyParser a chance |
@@ -161,7 +26,7 @@ WebParsedFeaturePolicy FeaturePolicy::parseFeaturePolicy( |
if (!policyItems) { |
if (messages) |
messages->push_back("Unable to parse header"); |
- return whitelists; |
+ return webPolicyHeader; |
} |
for (size_t i = 0; i < policyItems->size(); ++i) { |
@@ -182,8 +47,8 @@ WebParsedFeaturePolicy FeaturePolicy::parseFeaturePolicy( |
continue; |
} |
- WebFeaturePolicy::ParsedWhitelist whitelist; |
- whitelist.featureName = featureName; |
+ WebParsedFeaturePolicyDeclaration webPolicyDeclaration; |
+ webPolicyDeclaration.featureName = featureName; |
Vector<WebSecurityOrigin> origins; |
String targetString; |
for (size_t j = 0; j < targets->size(); ++j) { |
@@ -192,7 +57,7 @@ WebParsedFeaturePolicy FeaturePolicy::parseFeaturePolicy( |
if (!origin->isUnique()) |
origins.push_back(origin); |
} else if (targetString == "*") { |
- whitelist.matchesAllOrigins = true; |
+ webPolicyDeclaration.whitelist.matchesAllOrigins = true; |
} else { |
WebSecurityOrigin targetOrigin = |
WebSecurityOrigin::createFromString(targetString); |
@@ -204,75 +69,12 @@ WebParsedFeaturePolicy FeaturePolicy::parseFeaturePolicy( |
messages->push_back("Whitelist is not an array of strings."); |
} |
} |
- whitelist.origins = origins; |
- whitelists.push_back(whitelist); |
+ webPolicyDeclaration.whitelist.origins = origins; |
+ webPolicyHeader.push_back(webPolicyDeclaration); |
} |
} |
- return whitelists; |
-} |
- |
-void FeaturePolicy::setHeaderPolicy(const WebParsedFeaturePolicy& policy) { |
- DCHECK(m_headerWhitelists.isEmpty()); |
- for (const WebFeaturePolicy::ParsedWhitelist& parsedWhitelist : policy) { |
- const FeaturePolicy::Feature* feature = |
- featureForName(parsedWhitelist.featureName, m_features); |
- if (!feature) |
- continue; |
- m_headerWhitelists.set(feature, Whitelist::from(parsedWhitelist)); |
- } |
+ return webPolicyHeader; |
} |
-bool FeaturePolicy::isFeatureEnabledForOrigin( |
- const FeaturePolicy::Feature& feature, |
- const SecurityOrigin& origin) const { |
- DCHECK(m_inheritedFeatures.contains(&feature)); |
- if (!m_inheritedFeatures.get(&feature)) { |
- return false; |
- } |
- if (m_headerWhitelists.contains(&feature)) { |
- return m_headerWhitelists.get(&feature)->contains(origin); |
- } |
- if (feature.defaultPolicy == FeaturePolicy::FeatureDefault::EnableForAll) { |
- return true; |
- } |
- if (feature.defaultPolicy == FeaturePolicy::FeatureDefault::EnableForSelf) { |
- return m_origin->isSameSchemeHostPortAndSuborigin(&origin); |
- } |
- return false; |
-} |
- |
-bool FeaturePolicy::isFeatureEnabled( |
- const FeaturePolicy::Feature& feature) const { |
- DCHECK(m_origin); |
- return isFeatureEnabledForOrigin(feature, *m_origin); |
-} |
- |
-FeaturePolicy::FeaturePolicy(RefPtr<SecurityOrigin> currentOrigin, |
- FeaturePolicy::FeatureList& features) |
- : m_origin(std::move(currentOrigin)), m_features(features) {} |
- |
-String FeaturePolicy::toString() { |
- StringBuilder sb; |
- sb.append("Feature Policy for frame in origin: "); |
- sb.append(m_origin->toString()); |
- sb.append("\n"); |
- sb.append("Inherited features:\n"); |
- for (const auto& inheritedFeature : m_inheritedFeatures) { |
- sb.append(" "); |
- sb.append(inheritedFeature.key->featureName); |
- sb.append(": "); |
- sb.append(inheritedFeature.value ? "true" : "false"); |
- sb.append("\n"); |
- } |
- sb.append("Header whitelists:\n"); |
- for (const auto& whitelist : m_headerWhitelists) { |
- sb.append(" "); |
- sb.append(whitelist.key->featureName); |
- sb.append(": "); |
- sb.append(whitelist.value->toString()); |
- sb.append("\n"); |
- } |
- return sb.toString(); |
-} |
} // namespace blink |