Add an 'allow-top-navigation-with-user-interaction' sandbox flag.

third_party/WebKit/Source/core/dom/SandboxFlags.cpp

 /*
  * Copyright (C) 2013 Google Inc. All Rights Reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  *
  * THIS SOFTWARE IS PROVIDED BY GOOGLE, INC. ``AS IS'' AND ANY
  * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE COMPUTER, INC. OR
  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
  * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
  * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
  * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  *
  */
 
 #include "core/dom/SandboxFlags.h"
 
 #include "core/html/parser/HTMLParserIdioms.h"
+#include "platform/RuntimeEnabledFeatures.h"
 #include "wtf/text/StringBuilder.h"
 
 namespace blink {
 
 SandboxFlags parseSandboxPolicy(const SpaceSplitString& policy,
                                 String& invalidTokensErrorMessage) {
   // http://www.w3.org/TR/html5/the-iframe-element.html#attr-iframe-sandbox
   // Parse the unordered set of unique space-separated tokens.
   SandboxFlags flags = SandboxAll;
   unsigned length = policy.size();
@@ skipping 18 matching lines @@
       flags &= ~SandboxPointerLock;
     } else if (equalIgnoringCase(sandboxToken, "allow-orientation-lock")) {
       flags &= ~SandboxOrientationLock;
     } else if (equalIgnoringCase(sandboxToken,
                                  "allow-popups-to-escape-sandbox")) {
       flags &= ~SandboxPropagatesToAuxiliaryBrowsingContexts;
     } else if (equalIgnoringCase(sandboxToken, "allow-modals")) {
       flags &= ~SandboxModals;
     } else if (equalIgnoringCase(sandboxToken, "allow-presentation")) {
       flags &= ~SandboxPresentation;
+    } else if (equalIgnoringCase(sandboxToken,
+                                 "allow-top-navigation-with-user-activation") &&
+               RuntimeEnabledFeatures::
+                   topNavWithUserActivationInSandboxEnabled()) {
+      flags &= ~SandboxTopNavigationWithUserActivation;
     } else {
       if (numberOfTokenErrors)
         tokenErrors.append(", '");
       else
         tokenErrors.append('\'');
       tokenErrors.append(sandboxToken);
       tokenErrors.append('\'');
       numberOfTokenErrors++;
     }
   }
 
   if (numberOfTokenErrors) {
     if (numberOfTokenErrors > 1)
       tokenErrors.append(" are invalid sandbox flags.");
     else
       tokenErrors.append(" is an invalid sandbox flag.");
     invalidTokensErrorMessage = tokenErrors.toString();
   }
 
   return flags;
 }
 
 }  // namespace blink