Initial Implementation of Iframe Attribute for Feature Policy (Part 4)

third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp

 // Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "platform/feature_policy/FeaturePolicy.h"
 
 #include "platform/RuntimeEnabledFeatures.h"
 #include "platform/json/JSONValues.h"
 #include "platform/network/HTTPParsers.h"
 #include "platform/weborigin/SecurityOrigin.h"
 #include "platform/wtf/PtrUtil.h"
 
 namespace blink {
 
+namespace {
+
+void AddAllowFeatureToList(
+    WebFeaturePolicyFeature feature,
+    Vector<WebParsedFeaturePolicyDeclaration>& whitelists) {
+  WebParsedFeaturePolicyDeclaration whitelist;
+  whitelist.feature = feature;
+  whitelist.matches_all_origins = true;
+  whitelists.push_back(whitelist);
+}
+
+}  // namespace
+
 WebParsedFeaturePolicy ParseFeaturePolicy(const String& policy,
                                           RefPtr<SecurityOrigin> origin,
                                           Vector<String>* messages) {
   return ParseFeaturePolicy(policy, origin, messages,
                             GetDefaultFeatureNameMap());
 }
 
 WebParsedFeaturePolicy ParseFeaturePolicy(const String& policy,
                                           RefPtr<SecurityOrigin> origin,
                                           Vector<String>* messages,
@@ skipping 29 matching lines @@
           messages->push_back("Whitelist is not an array of strings.");
         continue;
       }
 
       WebParsedFeaturePolicyDeclaration whitelist;
       whitelist.feature = feature;
       Vector<WebSecurityOrigin> origins;
       String target_string;
       for (size_t j = 0; j < targets->size(); ++j) {
         if (targets->at(j)->AsString(&target_string)) {
-          if (DeprecatedEqualIgnoringCase(target_string, "self")) {
+          if (EqualIgnoringASCIICase(target_string, "self")) {
             if (!origin->IsUnique())
               origins.push_back(origin);
           } else if (target_string == "*") {
             whitelist.matches_all_origins = true;
           } else {
             WebSecurityOrigin target_origin =
                 WebSecurityOrigin::CreateFromString(target_string);
             if (!target_origin.IsNull() && !target_origin.IsUnique())
               origins.push_back(target_origin);
           }
         } else {
           if (messages)
             messages->push_back("Whitelist is not an array of strings.");
         }
       }
       whitelist.origins = origins;
       whitelists.push_back(whitelist);
     }
   }
   return whitelists;
 }
 
-// TODO(lunalu): also take information of allowfullscreen and
-// allowpaymentrequest into account when constructing the whitelist.
 WebParsedFeaturePolicy GetContainerPolicyFromAllowedFeatures(
     const WebVector<WebFeaturePolicyFeature>& features,
+    bool allowfullscreen,
+    bool allowpayment,

[haraken, 2017/04/26 02:34:34]

This looks a bit too ad-hoc to me. Is there any way to avoid hand-writing these
features here?

(In general I'm a bit concerned that FeaturePolicy & OriginTrials are
introducing a bunch of hand-written code.)

[iclelland, 2017/04/26 02:59:47]

I see how this could seem like we're requiring ad-hoc code for every feature;
however, these are the only two such defined attributes, and they are present
for compatibility, since allowfullscreen and allowpaymentrequest have
pre-existing behavior that we need to continue to support. (In the spec, this is
called out in https://wicg.github.io/feature-policy/#legacy-attributes)

The intention is that no other features in the future will require this
treatment. All of the other features are supported purely by the "allow" iframe
attribute, which is passed here as the |features| vector.

     RefPtr<SecurityOrigin> origin) {
   Vector<WebParsedFeaturePolicyDeclaration> whitelists;
+  bool override_payment = false;
+  bool override_fullscreen = false;
   for (const WebFeaturePolicyFeature feature : features) {
+    // Container policy should override "allowfullscreen" and
+    // "allowpaymentrequest" policies.
+    if (feature == WebFeaturePolicyFeature::kPayment)
+      override_payment = true;
+    if (feature == WebFeaturePolicyFeature::kFullscreen)
+      override_fullscreen = true;
+
     WebParsedFeaturePolicyDeclaration whitelist;
     whitelist.feature = feature;
     whitelist.origins = Vector<WebSecurityOrigin>(1UL, {origin});
     whitelists.push_back(whitelist);
   }
+  // If allowfullscreen attribute is present and no fullscreen policy is set,
+  // enable the feature for all origins; similarly for allowpaymentrequest.
+  if (allowpayment && !override_payment)
+    AddAllowFeatureToList(WebFeaturePolicyFeature::kPayment, whitelists);
+  if (allowfullscreen && !override_fullscreen)
+    AddAllowFeatureToList(WebFeaturePolicyFeature::kFullscreen, whitelists);
+
   return whitelists;
 }
 
 const FeatureNameMap& GetDefaultFeatureNameMap() {
   DEFINE_STATIC_LOCAL(FeatureNameMap, default_feature_name_map, ());
   if (default_feature_name_map.IsEmpty()) {
     default_feature_name_map.Set("fullscreen",
                                  WebFeaturePolicyFeature::kFullscreen);
     default_feature_name_map.Set("payment", WebFeaturePolicyFeature::kPayment);
     if (RuntimeEnabledFeatures::featurePolicyExperimentalFeaturesEnabled()) {
       default_feature_name_map.Set("vibrate",
                                    WebFeaturePolicyFeature::kVibrate);
       default_feature_name_map.Set("camera", WebFeaturePolicyFeature::kCamera);
-      default_feature_name_map.Set("eme", WebFeaturePolicyFeature::kEme);
+      default_feature_name_map.Set("encrypted-media",
+                                   WebFeaturePolicyFeature::kEme);
       default_feature_name_map.Set("microphone",
                                    WebFeaturePolicyFeature::kMicrophone);
       default_feature_name_map.Set("speaker",
                                    WebFeaturePolicyFeature::kSpeaker);
       default_feature_name_map.Set("cookie",
                                    WebFeaturePolicyFeature::kDocumentCookie);
       default_feature_name_map.Set("domain",
                                    WebFeaturePolicyFeature::kDocumentDomain);
-      default_feature_name_map.Set("docwrit",
+      default_feature_name_map.Set("docwrite",
                                    WebFeaturePolicyFeature::kDocumentWrite);
       default_feature_name_map.Set("geolocation",
                                    WebFeaturePolicyFeature::kGeolocation);
       default_feature_name_map.Set("midi",
                                    WebFeaturePolicyFeature::kMidiFeature);
       default_feature_name_map.Set("notifications",
                                    WebFeaturePolicyFeature::kNotifications);
       default_feature_name_map.Set("push", WebFeaturePolicyFeature::kPush);
       default_feature_name_map.Set("sync-script",
                                    WebFeaturePolicyFeature::kSyncScript);
       default_feature_name_map.Set("sync-xhr",
                                    WebFeaturePolicyFeature::kSyncXHR);
       default_feature_name_map.Set("webrtc", WebFeaturePolicyFeature::kWebRTC);
     }
   }
   return default_feature_name_map;
 }
 
 }  // namespace blink