Feature policy: Add basic algorithm for supporting frame policies.

content/common/feature_policy/feature_policy.h

 // Copyright 2017 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CONTENT_COMMON_FEATURE_POLICY_FEATURE_POLICY_H_
 #define CONTENT_COMMON_FEATURE_POLICY_FEATURE_POLICY_H_
 
 #include <map>
 #include <memory>
 #include <string>
@@ skipping 141 matching lines @@
     FeatureDefault default_policy;
   };
 
   using FeatureList =
       std::map<blink::WebFeaturePolicyFeature, const FeaturePolicy::Feature*>;
 
   ~FeaturePolicy();
 
   static std::unique_ptr<FeaturePolicy> CreateFromParentPolicy(
       const FeaturePolicy* parent_policy,
+      const ParsedFeaturePolicyHeader* frame_policy,

[raymes, 2017/02/20 02:20:17]

nit: it's a bit weird that we pass a ParsedFeaturePolicyHeader here. We might
want to consider that at some point though it's a minor issue in the scheme of
things.

I wonder if it's better to name the variable frame_owner_policy or iframe_policy
to be a bit clearer for readers?

[iclelland, 2017/02/21 19:51:05]

I've started using the term 'container policy' in the spec, to avoid overloading
the term 'frame' even further. I'll change it to that here for consistency.

       const url::Origin& origin);
 
   // Returns whether or not the given feature is enabled by this policy.
   bool IsFeatureEnabledForOrigin(blink::WebFeaturePolicyFeature feature,
                                  const url::Origin& origin) const;
 
   // Returns whether or not the given feature is enabled for the origin of the
   // document that owns the policy.
   bool IsFeatureEnabled(blink::WebFeaturePolicyFeature feature) const;
 
   // Sets the declared policy from the parsed Feature-Policy HTTP header.
   // Unrecognized features will be ignored.
   void SetHeaderPolicy(const ParsedFeaturePolicyHeader& parsed_header);
 
  private:
   friend class FeaturePolicyTest;
 
   explicit FeaturePolicy(url::Origin origin);
   FeaturePolicy(url::Origin origin, const FeatureList& feature_list);
   static std::unique_ptr<FeaturePolicy> CreateFromParentPolicy(
       const FeaturePolicy* parent_policy,
+      const ParsedFeaturePolicyHeader* frame_policy,
       const url::Origin& origin,
       const FeatureList& features);
 
+  // Updates the inherited policy with the declarations from the iframe allow*
+  // attributes.
+  void AddFramePolicy(const FeaturePolicy* parent_policy,
+                      const ParsedFeaturePolicyHeader* frame_policy);
+
   // Returns the list of features which can be controlled by Feature Policy.
   static const FeatureList& GetDefaultFeatureList();
 
   url::Origin origin_;
 
   // Map of feature names to declared whitelists. Any feature which is missing
   // from this map should use the inherited policy.
   std::map<blink::WebFeaturePolicyFeature, std::unique_ptr<Whitelist>>
       whitelists_;
 
   // Records whether or not each feature was enabled for this frame by its
   // parent frame.
   // TODO(iclelland): Generate, instead of this map, a set of bool flags, one
   // for each feature, as all features are supposed to be represented here.
   std::map<blink::WebFeaturePolicyFeature, bool> inherited_policies_;
 
   const FeatureList& feature_list_;
 
   DISALLOW_COPY_AND_ASSIGN(FeaturePolicy);
 };
 
 }  // namespace content
 
 #endif  // CONTENT_COMMON_FEATURE_POLICY_FEATURE_POLICY_H_