Feature policy: Add basic algorithm for supporting frame policies.

third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp

 // Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "platform/feature_policy/FeaturePolicy.h"
 
 #include "platform/RuntimeEnabledFeatures.h"
 #include "platform/json/JSONValues.h"
 #include "platform/network/HTTPParsers.h"
 #include "platform/weborigin/KURL.h"
@@ skipping 141 matching lines @@
       ({&kDocumentCookie, &kDocumentDomain, &kDocumentWrite,
         &kGeolocationFeature, &kFullscreenFeature, &kMidiFeature,
         &kNotificationsFeature, &kPaymentFeature, &kPushFeature, &kSyncScript,
         &kSyncXHR, &kUsermedia, &kVibrateFeature, &kWebRTC}));
   return defaultFeatureList;
 }
 
 // static
 std::unique_ptr<FeaturePolicy> FeaturePolicy::createFromParentPolicy(
     const FeaturePolicy* parent,
+    const WebParsedFeaturePolicyHeader* framePolicy,
     RefPtr<SecurityOrigin> currentOrigin,
     FeaturePolicy::FeatureList& features) {
   DCHECK(currentOrigin);
   std::unique_ptr<FeaturePolicy> newPolicy =
       WTF::wrapUnique(new FeaturePolicy(currentOrigin, features));
   for (const FeaturePolicy::Feature* feature : features) {
     if (!parent ||
         parent->isFeatureEnabledForOrigin(*feature, *currentOrigin)) {
       newPolicy->m_inheritedFeatures.set(feature, true);
     } else {
       newPolicy->m_inheritedFeatures.set(feature, false);
     }
   }
+  if (framePolicy) {
+    newPolicy->addFramePolicy(parent, framePolicy);
+  }
   return newPolicy;
 }
 
 // static
 std::unique_ptr<FeaturePolicy> FeaturePolicy::createFromParentPolicy(
     const FeaturePolicy* parent,
+    const WebParsedFeaturePolicyHeader* framePolicy,
     RefPtr<SecurityOrigin> currentOrigin) {
-  return createFromParentPolicy(parent, std::move(currentOrigin),
+  return createFromParentPolicy(parent, framePolicy, std::move(currentOrigin),
                                 getDefaultFeatureList());
 }
 
+void FeaturePolicy::addFramePolicy(
+    const FeaturePolicy* parent,
+    const WebParsedFeaturePolicyHeader* framePolicy) {

[raymes, 2017/02/20 02:20:17]

nit: it's a bit strange that we pass in a WebParsedFeaturePolicyHeader here now
since this isn't really a header. It's only a minor naming issue, but we might
want to consider it.

[iclelland, 2017/02/21 19:51:05]

Agreed. Will follow up as soon as the other changes settle.

+  DCHECK(parent);
+  DCHECK(framePolicy);
+  for (const WebParsedFeaturePolicyDeclaration& parsedDeclaration :
+       *framePolicy) {
+    const FeaturePolicy::Feature* feature =
+        featureForName(parsedDeclaration.featureName, m_features);
+    if (!feature)
+      continue;
+    if (Whitelist::from(parsedDeclaration)->contains(*m_origin) &&
+        parent->isFeatureEnabled(*feature)) {
+      m_inheritedFeatures.set(feature, true);
+    } else {
+      m_inheritedFeatures.set(feature, false);
+    }
+  }
+}
+
 // static
 WebParsedFeaturePolicyHeader FeaturePolicy::parseFeaturePolicy(
     const String& policy,
     RefPtr<SecurityOrigin> origin,
     Vector<String>* messages) {
   Vector<WebParsedFeaturePolicyDeclaration> whitelists;
 
   // Use a reasonable parse depth limit; the actual maximum depth is only going
   // to be 4 for a valid policy, but we'll give the featurePolicyParser a chance
   // to report more specific errors, unless the string is really invalid.
@@ skipping 110 matching lines @@
     sb.append("  ");
     sb.append(whitelist.key->featureName);
     sb.append(": ");
     sb.append(whitelist.value->toString());
     sb.append("\n");
   }
   return sb.toString();
 }
 
 }  // namespace blink