third_party/WebKit/Source/core/dom/Fullscreen.cpp - Issue 2662443004: Use FeaturePolicy to implement iframe[allowfullscreen]

Side by Side Diff: third_party/WebKit/Source/core/dom/Fullscreen.cpp

Issue 2662443004: Use FeaturePolicy to implement iframe[allowfullscreen] (Closed)

Patch Set: Created 3 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

« no previous file with comments | « third_party/WebKit/LayoutTests/virtual/feature-policy/http/tests/feature-policy/fullscreen-enabledforall-expected.txt ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 /*	1 /*

2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org)	2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org)

3 * (C) 1999 Antti Koivisto (koivisto@kde.org)	3 * (C) 1999 Antti Koivisto (koivisto@kde.org)

4 * (C) 2001 Dirk Mueller (mueller@kde.org)	4 * (C) 2001 Dirk Mueller (mueller@kde.org)

5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org)	5 * (C) 2006 Alexey Proskuryakov (ap@webkit.org)

6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2012 Apple Inc. All	6 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2012 Apple Inc. All

7 * rights reserved.	7 * rights reserved.

8 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved.	8 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved.

9 * (http://www.torchmobile.com/)	9 * (http://www.torchmobile.com/)

10 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies)	10 * Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies)

(...skipping 45 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
56	56

57 // https://html.spec.whatwg.org/multipage/embedded-content.html#allowed-to-use	57 // https://html.spec.whatwg.org/multipage/embedded-content.html#allowed-to-use

58 bool allowedToUseFullscreen(const Frame* frame) {	58 bool allowedToUseFullscreen(const Frame* frame) {

59 // To determine whether a Document object \|document\| is allowed to use the	59 // To determine whether a Document object \|document\| is allowed to use the

60 // feature indicated by attribute name \|allowattribute\|, run these steps:	60 // feature indicated by attribute name \|allowattribute\|, run these steps:

61	61

62 // 1. If \|document\| has no browsing context, then return false.	62 // 1. If \|document\| has no browsing context, then return false.

63 if (!frame)	63 if (!frame)

64 return false;	64 return false;

65	65

66 // 2. If \|document\|'s browsing context is a top-level browsing context, then	66 if (!RuntimeEnabledFeatures::featurePolicyEnabled()) {

67 // return true.	67 // 2. If \|document\|'s browsing context is a top-level browsing context, then

68 if (frame->isMainFrame())	68 // return true.

	69 if (frame->isMainFrame())

	70 return true;

	71

	72 // 3. If \|document\|'s browsing context has a browsing context container that

	73 // is an iframe element with an \|allowattribute\| attribute specified, and

	74 // whose node document is allowed to use the feature indicated by

	75 // \|allowattribute\|, then return true.

	76 if (frame->owner() && frame->owner()->allowFullscreen())

	77 return allowedToUseFullscreen(frame->tree().parent());

	78

	79 // 4. Return false.

	80 return false;

	81 }

	82

	83 // If Feature Policy is enabled, then we need this hack to support it, until

	84 // we have proper support for <iframe allowfullscreen> in FP:

	85

	86 // 1. If FP, by itself, enables fullscreen in this document, then fullscreen

	87 // is allowed.

	88 if (frame->securityContext()->getFeaturePolicy()->isFeatureEnabled(

	89 kFullscreenFeature)) {

69 return true;	90 return true;

	91 }

70	92

71 // 3. If \|document\|'s browsing context has a browsing context container that	93 // 2. Otherwise, if the embedding frame's document is allowed to use

72 // is an iframe element with an \|allowattribute\| attribute specified, and	94 // fullscreen (either through FP or otherwise), and either:

73 // whose node document is allowed to use the feature indicated by	95 // a) this is a same-origin embedded document, or

74 // \|allowattribute\|, then return true.	96 // b) this document's iframe has the allowfullscreen attribute set,

75 if (frame->owner() && frame->owner()->allowFullscreen())	97 // then fullscreen is allowed.

76 return allowedToUseFullscreen(frame->tree().parent());	98 if (!frame->isMainFrame()) {

	99 if (allowedToUseFullscreen(frame->tree().parent())) {

	100 return (frame->owner() && frame->owner()->allowFullscreen()) \|\|

	101 frame->tree()

	102 .parent()

	103 ->securityContext()

	104 ->getSecurityOrigin()

	105 ->isSameSchemeHostPortAndSuborigin(

	106 frame->securityContext()->getSecurityOrigin());

	107 }

	108 }

77	109

78 // 4. Return false.	110 // Otherwise, fullscreen is not allowed. (If we reach here and this is the

	111 // main frame, then fullscreen must have been disabled by FP.)

79 return false;	112 return false;

80 }	113 }

81	114

82 bool allowedToRequestFullscreen(Document& document) {	115 bool allowedToRequestFullscreen(Document& document) {

83 // An algorithm is allowed to request fullscreen if one of the following is	116 // An algorithm is allowed to request fullscreen if one of the following is

84 // true:	117 // true:

85	118

86 // The algorithm is triggered by a user activation.	119 // The algorithm is triggered by a user activation.

87 if (UserGestureIndicator::utilizeUserGesture())	120 if (UserGestureIndicator::utilizeUserGesture())

88 return true;	121 return true;

89	122

90 // The algorithm is triggered by a user generated orientation change.	123 // The algorithm is triggered by a user generated orientation change.

91 if (ScopedOrientationChangeIndicator::processingOrientationChange()) {	124 if (ScopedOrientationChangeIndicator::processingOrientationChange()) {

92 UseCounter::count(document,	125 UseCounter::count(document,

93 UseCounter::FullscreenAllowedByOrientationChange);	126 UseCounter::FullscreenAllowedByOrientationChange);

94 return true;	127 return true;

95 }	128 }

96	129

97 String message = ExceptionMessages::failedToExecute(	130 String message = ExceptionMessages::failedToExecute(

98 "requestFullscreen", "Element",	131 "requestFullscreen", "Element",

99 "API can only be initiated by a user gesture.");	132 "API can only be initiated by a user gesture.");

100 document.addConsoleMessage(	133 document.addConsoleMessage(

101 ConsoleMessage::create(JSMessageSource, WarningMessageLevel, message));	134 ConsoleMessage::create(JSMessageSource, WarningMessageLevel, message));

102	135

103 return false;	136 return false;

104 }	137 }

105	138

106 // https://fullscreen.spec.whatwg.org/#fullscreen-is-supported	139 // https://fullscreen.spec.whatwg.org/#fullscreen-is-supported

107 // TODO(lunalu): update the placement of the feature policy code once it is in	140 bool fullscreenIsSupported(const Document& document) {

108 // https://fullscreen.spec.whatwg.org/.

109 bool fullscreenIsSupported(Document& document) {

110 LocalFrame* frame = document.frame();	141 LocalFrame* frame = document.frame();

111 if (!frame)	142 if (!frame)

112 return false;	143 return false;

113	144

114 // Fullscreen is supported if there is no previously-established user	145 // Fullscreen is supported if there is no previously-established user

115 // preference, security risk, or platform limitation.	146 // preference, security risk, or platform limitation.

116 bool fullscreenSupported =	147 return !document.settings() \|\| document.settings()->getFullscreenSupported();

117 !document.settings() \|\| document.settings()->getFullscreenSupported();

118

119 if (!RuntimeEnabledFeatures::featurePolicyEnabled()) {

120 return fullscreenSupported;

121 }

122

123 // TODO(lunalu): clean all of this up once iframe attributes are supported

124 // for feature policy.

125 if (Frame* parent = frame->tree().parent()) {

126 // If FeaturePolicy is enabled, check the fullscreen is not disabled by

127 // policy in the parent frame.

128 if (fullscreenSupported &&

129 parent->securityContext()->getFeaturePolicy()->isFeatureEnabled(

130 kFullscreenFeature)) {

131 return true;

132 }

133 }

134 // Even if the iframe allowfullscreen attribute is not present, allow

135 // fullscreen to be enabled by feature policy.

136 else if (isFeatureEnabledInFrame(kFullscreenFeature, frame)) {

137 return true;

138 }

139

140 document.addConsoleMessage(ConsoleMessage::create(

141 JSMessageSource, WarningMessageLevel,

142 "Fullscreen API is disabled by feature policy for this frame"));

143 return false;

144 }	148 }

145	149

146 // https://fullscreen.spec.whatwg.org/#fullscreen-element-ready-check	150 // https://fullscreen.spec.whatwg.org/#fullscreen-element-ready-check

147 bool fullscreenElementReady(const Element& element) {	151 bool fullscreenElementReady(const Element& element) {

148 // A fullscreen element ready check for an element \|element\| returns true if	152 // A fullscreen element ready check for an element \|element\| returns true if

149 // all of the following are true, and false otherwise:	153 // all of the following are true, and false otherwise:

150	154

151 // \|element\| is in a document.	155 // \|element\| is in a document.

152 if (!element.isConnected())	156 if (!element.isConnected())

153 return false;	157 return false;

(...skipping 758 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
912 }	916 }

913	917

914 DEFINE_TRACE(Fullscreen) {	918 DEFINE_TRACE(Fullscreen) {

915 visitor->trace(m_pendingRequests);	919 visitor->trace(m_pendingRequests);

916 visitor->trace(m_fullscreenElementStack);	920 visitor->trace(m_fullscreenElementStack);

917 Supplement<Document>::trace(visitor);	921 Supplement<Document>::trace(visitor);

918 ContextLifecycleObserver::trace(visitor);	922 ContextLifecycleObserver::trace(visitor);

919 }	923 }

920	924

921 } // namespace blink	925 } // namespace blink

OLD	NEW