Initial Implementation of Iframe Attribute for Feature Policy (Part 4)

third_party/WebKit/Source/modules/payments/PaymentRequest.cpp

 // Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "modules/payments/PaymentRequest.h"
 
 #include <stddef.h>
 #include <utility>
 #include "bindings/core/v8/ExceptionState.h"
 #include "bindings/core/v8/ScriptPromiseResolver.h"
@@ skipping 572 matching lines @@
     // is an iframe element with an |allowpaymentrequest| attribute specified,
     // and whose node document is allowed to use the feature indicated by
     // |allowpaymentrequest|, then return true.
     if (frame->owner() && frame->owner()->allowPaymentRequest())
       return allowedToUsePaymentRequest(frame->tree().parent());
 
     // 4. Return false.
     return false;
   }
 
-  // If Feature Policy is enabled. then we need this hack to support it, until
-  // we have proper support for <iframe allowfullscreen> in FP:
-  // TODO(lunalu): clean up the code once FP iframe is supported
-  // crbug.com/682280
-
-  // 1. If FP, by itself, enables paymentrequest in this document, then
-  // paymentrequest is allowed.
-  if (frame->isFeatureEnabled(WebFeaturePolicyFeature::Payment)) {
-    return true;
-  }
-
-  // 2. Otherwise, if the embedding frame's document is allowed to use
-  // paymentrequest (either through FP or otherwise), and either:
-  //   a) this is a same-origin embedded document, or
-  //   b) this document's iframe has the allowpayment attribute set,
-  // then paymentrequest is allowed.
-  if (!frame->isMainFrame()) {
-    if (allowedToUsePaymentRequest(frame->tree().parent())) {
-      return (frame->owner() && frame->owner()->allowPaymentRequest()) ||
-             frame->tree()
-                 .parent()
-                 ->securityContext()
-                 ->getSecurityOrigin()
-                 ->isSameSchemeHostPortAndSuborigin(
-                     frame->securityContext()->getSecurityOrigin());
-    }
-  }
-
-  // Otherwise, paymentrequest is not allowed. (If we reach here and this is
-  // the main frame, then paymentrequest must have been disabled by FP.)
-  return false;
+  // 2. If Feature Policy is enabled, return the policy for "payment" feature.
+  return frame->isFeatureEnabled(WebFeaturePolicyFeature::Payment);
 }
 
 }  // namespace
 
 PaymentRequest* PaymentRequest::create(
     ExecutionContext* executionContext,
     const HeapVector<PaymentMethodData>& methodData,
     const PaymentDetails& details,
     ExceptionState& exceptionState) {
   return new PaymentRequest(executionContext, methodData, details,
@@ skipping 411 matching lines @@
   m_completeResolver.clear();
   m_showResolver.clear();
   m_abortResolver.clear();
   m_canMakePaymentResolver.clear();
   if (m_clientBinding.is_bound())
     m_clientBinding.Close();
   m_paymentProvider.reset();
 }
 
 }  // namespace blink