Replicate feature policy container policies.

content/browser/frame_host/frame_tree_node.h

Index: content/browser/frame_host/frame_tree_node.h
diff --git a/content/browser/frame_host/frame_tree_node.h b/content/browser/frame_host/frame_tree_node.h
index db332daed3c24c2608206e8a470473eba65a6f03..6e59afbdb710ba25a4686985c1e0041a796cac6b 100644
--- a/content/browser/frame_host/frame_tree_node.h
+++ b/content/browser/frame_host/frame_tree_node.h
@@ -206,9 +206,37 @@ class CONTENT_EXPORT FrameTreeNode {
   // sandboxed, the parent's sandbox flags are combined with |sandbox_flags|.
   void SetPendingSandboxFlags(blink::WebSandboxFlags sandbox_flags);
 
-  // Set any pending sandbox flags as active, and return true if the sandbox
-  // flags were changed.
-  bool CommitPendingSandboxFlags();
+  // Returns the currently active container policy for this frame, which is set
+  // by the iframe allowfullscreen, allowpaymentrequest, and allow attributes,
+  // along with the origin of the iframe's src attribute (which may be different

[lunalu1, 2017/04/05 22:30:03]

This is just a comment: we need layout tests for updating container policy by
updating allow="..." and test if the policy gets updated (which it should not). 

+  // from the URL of the document currently loaded into the frame). This does
+  // not include policy changes that have been made by updating the containing
+  // iframe element attributes since the frame was last navigated.
+  const ParsedFeaturePolicyHeader& effective_container_policy() const {
+    return replication_state_.container_policy;
+  }
+
+  // Returns the latest computed container policy for this frame, which is set
+  // by the iframe allowfullscreen, allowpaymentrequest, and allow attributes,
+  // along with the origin of the iframe's src attribute (which may be different
+  // from the URL of the document currently loaded into the frame). The returned
+  // policy may not have taken effect, since the policy is snapshotted on
+  // navigation.
+  const ParsedFeaturePolicyHeader& pending_container_policy() const {
+    return pending_container_policy_;
+  }
+
+  // Update this frame's container policy. This is used when a parent frame
+  // updates feature-policy attributes in the <iframe> element for this frame.
+  // These attributes include allow, allowfullscreen, allowpaymentrequest, and
+  // src. Updates to the container policy will not take effect until next
+  // navigation.
+  void SetPendingContainerPolicy(
+      const ParsedFeaturePolicyHeader& container_policy);
+
+  // Set any pending sandbox flags and container policy as active, and return
+  // true if either was changed.
+  bool CommitPendingFramePolicy();
 
   const FrameOwnerProperties& frame_owner_properties() {
     return frame_owner_properties_;
@@ -379,6 +407,12 @@ class CONTENT_EXPORT FrameTreeNode {
   // navigation.
   blink::WebSandboxFlags pending_sandbox_flags_;
 
+  // Tracks the computed container policy for this frame. When the iframe
+  // allowfullscreen, allowpaymentrequest, allow or src attributes are changed,

[alexmos, 2017/04/06 00:44:22]

I thought allowfullscreen took effect immediately, or at least it used to. 
Would this be changing as part of combining it with feature policy?

[iclelland, 2017/04/09 03:25:54]

Yes, it would -- there was an intent to make this change sent a while ago, and
making it part of feature policy will actually make the change.

[alexmos, 2017/04/11 01:17:49]

Acknowledged.

+  // the updated policy for the frame is stored here, and transferred into
+  // replication_state_.container_policy on the next frame navigation.
+  ParsedFeaturePolicyHeader pending_container_policy_;
+
   // Tracks the scrolling and margin properties for this frame.  These
   // properties affect the child renderer but are stored on its parent's
   // frame element.  When this frame's parent dynamically updates these