Make content::FeaturePolicy implement WebFeaturePolicy, and use it in blink code

third_party/WebKit/Source/core/dom/SecurityContext.cpp

Index: third_party/WebKit/Source/core/dom/SecurityContext.cpp
diff --git a/third_party/WebKit/Source/core/dom/SecurityContext.cpp b/third_party/WebKit/Source/core/dom/SecurityContext.cpp
index efbb7d00dbe4b6d9fdba4d3098a1dc0c7c18d85d..19cdd87bc49c1248fdce2ca1001675fe92811451 100644
--- a/third_party/WebKit/Source/core/dom/SecurityContext.cpp
+++ b/third_party/WebKit/Source/core/dom/SecurityContext.cpp
@@ -29,6 +29,7 @@
 #include "core/frame/csp/ContentSecurityPolicy.h"
 #include "platform/RuntimeEnabledFeatures.h"
 #include "platform/weborigin/SecurityOrigin.h"
+#include "public/platform/Platform.h"
 
 namespace blink {
 
@@ -46,6 +47,7 @@ DEFINE_TRACE(SecurityContext) {
 void SecurityContext::setSecurityOrigin(
     PassRefPtr<SecurityOrigin> securityOrigin) {
   m_securityOrigin = securityOrigin;
+  updateFeaturePolicyOrigin();
 }
 
 void SecurityContext::setContentSecurityPolicy(
@@ -99,15 +101,23 @@ void SecurityContext::enforceSuborigin(const Suborigin& suborigin) {
   didUpdateSecurityOrigin();
 }
 
-void SecurityContext::setFeaturePolicyFromHeader(
+void SecurityContext::initializeFeaturePolicy(
     const WebParsedFeaturePolicyHeader& parsedHeader,
-    FeaturePolicy* parentFeaturePolicy) {
+    const WebFeaturePolicy* parentFeaturePolicy) {
   DCHECK(!m_featurePolicy);
   // TODO(iclelland): Use the frame owner properties here to pass the frame
   // policy, if it exists.
-  m_featurePolicy = FeaturePolicy::createFromParentPolicy(
-      parentFeaturePolicy, nullptr, m_securityOrigin);
-  m_featurePolicy->setHeaderPolicy(parsedHeader);
+  WebParsedFeaturePolicyHeader containerPolicy;
+  WebSecurityOrigin origin = WebSecurityOrigin(m_securityOrigin);
+  m_featurePolicy.reset(Platform::current()->createFeaturePolicy(
+      parentFeaturePolicy, containerPolicy, parsedHeader, origin));
+}
+
+void SecurityContext::updateFeaturePolicyOrigin() {
+  if (!m_featurePolicy)
+    return;
+  m_featurePolicy.reset(Platform::current()->duplicateFeaturePolicyWithOrigin(
+      *m_featurePolicy, WebSecurityOrigin(m_securityOrigin)));

[haraken, 2017/03/04 07:36:01]

Oh, if your intention is just to *update* (not duplicate) the feature policy,
I'm also fine with an API like updateFeaturePolicyWithOrigin(m_featurePolicy),
which automatically updates m_featurePolicy.

[iclelland, 2017/03/06 04:17:40]

That is really the only modification being considered here, but after writing
it, I'm slightly more comfortable with the idea that the policy objects are
effectively immutable after they've been constructed, and the FP headers have
been read. The origin is used for interpreting the policy, and we might end up
breaking some assumptions inadvertently if we allow it to change after the
policy has been set.

 }
 
 }  // namespace blink