Index: third_party/WebKit/Source/core/html/HTMLFrameElementBase.cpp |
diff --git a/third_party/WebKit/Source/core/html/HTMLFrameElementBase.cpp b/third_party/WebKit/Source/core/html/HTMLFrameElementBase.cpp |
index 9ca4b77574b15103d87b460053cd0dc5f82fa09c..7a0309b635cf18eedef194ea4e50ae3871d2caf6 100644 |
--- a/third_party/WebKit/Source/core/html/HTMLFrameElementBase.cpp |
+++ b/third_party/WebKit/Source/core/html/HTMLFrameElementBase.cpp |
@@ -164,6 +164,22 @@ void HTMLFrameElementBase::ParseAttribute( |
} |
} |
+RefPtr<SecurityOrigin> HTMLFrameElementBase::GetOriginForFeaturePolicy() const { |
+ // Sandboxed frames have a unique origin. |
+ if (GetSandboxFlags() & kSandboxOrigin) |
+ return SecurityOrigin::CreateUnique(); |
+ |
+ // If the frame will inherit its origin from the owner, then use the owner's |
+ // origin when constructing the container policy. |
+ KURL url = GetDocument().CompleteURL(url_); |
+ if (Document::ShouldInheritSecurityOriginFromOwner(url)) |
+ return GetDocument().GetSecurityOrigin(); |
+ |
+ // Other frames should use the origin defined by the absolute URL (this will |
+ // be a unique origin for data: URLs) |
+ return SecurityOrigin::Create(url); |
+} |
+ |
void HTMLFrameElementBase::SetNameAndOpenURL() { |
frame_name_ = GetNameAttribute(); |
OpenURL(); |