Chromium Code Reviews Chromium Code Reviews
Issue 2767983003:
Initial Implementation of Iframe Attribute for Feature Policy (Part 4) (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "platform/feature_policy/FeaturePolicy.h" | 5 #include "platform/feature_policy/FeaturePolicy.h" |
| 6 | 6 |
| 7 #include "platform/RuntimeEnabledFeatures.h" | 7 #include "platform/RuntimeEnabledFeatures.h" |
| 8 #include "platform/json/JSONValues.h" | 8 #include "platform/json/JSONValues.h" |
| 9 #include "platform/network/HTTPParsers.h" | 9 #include "platform/network/HTTPParsers.h" |
| 10 #include "platform/weborigin/SecurityOrigin.h" | 10 #include "platform/weborigin/SecurityOrigin.h" |
| 11 #include "wtf/PtrUtil.h" | 11 #include "wtf/PtrUtil.h" |
| 12 | 12 |
| 13 namespace blink { | 13 namespace blink { |
| 14 | 14 |
| 15 namespace { | |
| 16 | |
| 17 void addAllowFeatureToList(bool isFeatureAllowed, | |
| 18 WebFeaturePolicyFeature feature, | |
| 19 Vector<WebParsedFeaturePolicyDeclaration>& list) { | |
| 20 if (isFeatureAllowed) { | |
| 21 WebParsedFeaturePolicyDeclaration whitelist; | |
| 22 whitelist.feature = feature; | |
| 23 whitelist.matchesAllOrigins = true; | |
| 24 list.push_back(whitelist); | |
| 25 } | |
| 26 } | |
| 27 | |
| 28 void overridePolicy(int index, | |
| 29 Vector<WebParsedFeaturePolicyDeclaration>& whitelists, | |
| 30 RefPtr<SecurityOrigin> origin) { | |
| 31 whitelists[index].matchesAllOrigins = false; | |
| 32 whitelists[index].origins = Vector<WebSecurityOrigin>(1UL, {origin}); | |
| 33 } | |
| 34 | |
| 35 } // namespace | |
| 36 | |
| 15 WebFeaturePolicyFeature getWebFeaturePolicyFeature(const String& feature) { | 37 WebFeaturePolicyFeature getWebFeaturePolicyFeature(const String& feature) { |
| 16 if (feature == "fullscreen") | 38 if (feature == "fullscreen") |
| 17 return WebFeaturePolicyFeature::Fullscreen; | 39 return WebFeaturePolicyFeature::Fullscreen; |
| 18 if (feature == "payment") | 40 if (feature == "payment") |
| 19 return WebFeaturePolicyFeature::Payment; | 41 return WebFeaturePolicyFeature::Payment; |
| 20 if (feature == "vibrate") | 42 if (feature == "vibrate") |
| 21 return WebFeaturePolicyFeature::Vibrate; | 43 return WebFeaturePolicyFeature::Vibrate; |
| 22 if (feature == "usermedia") | 44 if (feature == "usermedia") |
| 23 return WebFeaturePolicyFeature::Usermedia; | 45 return WebFeaturePolicyFeature::Usermedia; |
| 24 if (RuntimeEnabledFeatures::featurePolicyExperimentalFeaturesEnabled()) { | 46 if (RuntimeEnabledFeatures::featurePolicyExperimentalFeaturesEnabled()) { |
| (...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 107 whitelists.push_back(whitelist); | 129 whitelists.push_back(whitelist); |
| 108 } | 130 } |
| 109 } | 131 } |
| 110 return whitelists; | 132 return whitelists; |
| 111 } | 133 } |
| 112 | 134 |
| 113 // TODO(lunalu): also take information of allowfullscreen and | 135 // TODO(lunalu): also take information of allowfullscreen and |
| 114 // allowpaymentrequest into account when constructing the whitelist. | 136 // allowpaymentrequest into account when constructing the whitelist. |
| 115 WebParsedFeaturePolicy getContainerPolicyFromAllowedFeatures( | 137 WebParsedFeaturePolicy getContainerPolicyFromAllowedFeatures( |
| 116 const WebVector<WebFeaturePolicyFeature>& features, | 138 const WebVector<WebFeaturePolicyFeature>& features, |
| 139 bool allowfullscreen, | |
| 140 bool allowpayment, | |
| 117 RefPtr<SecurityOrigin> origin) { | 141 RefPtr<SecurityOrigin> origin) { |
| 142 DLOG(WARNING) << origin->toString(); | |
|
iclelland
2017/04/11 19:04:21
Nit: Remove the warning
| |
| 118 Vector<WebParsedFeaturePolicyDeclaration> whitelists; | 143 Vector<WebParsedFeaturePolicyDeclaration> whitelists; |
| 144 // If allowfullscreen attribute or allowpayment attribute is(are) present, | |
|
iclelland
2017/04/11 19:04:21
I think you can get away with just using "are" her
| |
| 145 // define the policy as enabled for all. | |
| 146 addAllowFeatureToList(allowfullscreen, WebFeaturePolicyFeature::Fullscreen, | |
| 147 whitelists); | |
|
iclelland
2017/04/11 19:04:21
Could you move the if(isFeatureAllowed) out of |ad
| |
| 148 addAllowFeatureToList(allowpayment, WebFeaturePolicyFeature::Payment, | |
| 149 whitelists); | |
| 119 for (const WebFeaturePolicyFeature feature : features) { | 150 for (const WebFeaturePolicyFeature feature : features) { |
| 151 // allow policy will override the allow* attribute policy. | |
|
iclelland
2017/04/11 19:04:21
This logic is really hard to follow; it took me a
| |
| 152 bool shouldOverrideFirstPolicy = | |
| 153 (feature == WebFeaturePolicyFeature::Fullscreen && allowfullscreen) || | |
| 154 (feature == WebFeaturePolicyFeature::Payment && allowpayment && | |
| 155 !allowfullscreen); | |
| 156 bool shouldOverrideSecondPolicy = | |
| 157 feature == WebFeaturePolicyFeature::Payment && allowpayment && | |
| 158 allowfullscreen; | |
| 159 if (shouldOverrideFirstPolicy || shouldOverrideSecondPolicy) { | |
| 160 overridePolicy(shouldOverrideFirstPolicy ? 0 : 1, whitelists, origin); | |
| 161 continue; | |
| 162 } | |
| 120 WebParsedFeaturePolicyDeclaration whitelist; | 163 WebParsedFeaturePolicyDeclaration whitelist; |
| 121 whitelist.feature = feature; | 164 whitelist.feature = feature; |
| 122 whitelist.origins = Vector<WebSecurityOrigin>(1UL, {origin}); | 165 whitelist.origins = Vector<WebSecurityOrigin>(1UL, {origin}); |
| 123 whitelists.push_back(whitelist); | 166 whitelists.push_back(whitelist); |
| 124 } | 167 } |
| 125 return whitelists; | 168 return whitelists; |
| 126 } | 169 } |
| 127 | 170 |
| 128 } // namespace blink | 171 } // namespace blink |
| OLD | NEW |
