Move container policy logic to frame owner classes.

third_party/WebKit/Source/core/html/HTMLFrameElement.cpp

Index: third_party/WebKit/Source/core/html/HTMLFrameElement.cpp
diff --git a/third_party/WebKit/Source/core/html/HTMLFrameElement.cpp b/third_party/WebKit/Source/core/html/HTMLFrameElement.cpp
index 641ba2ae5ae1af3641cc9c59731b8099e18baf20..b81126dc1deee26be6935ac10b8ab6b06ca19e62 100644
--- a/third_party/WebKit/Source/core/html/HTMLFrameElement.cpp
+++ b/third_party/WebKit/Source/core/html/HTMLFrameElement.cpp
@@ -76,4 +76,28 @@ void HTMLFrameElement::ParseAttribute(
   }
 }
 
+Vector<WebParsedFeaturePolicyDeclaration>
+HTMLFrameElement::ConstructContainerPolicy() const {
+  WebParsedFeaturePolicy base_container_policy =
+      HTMLFrameOwnerElement::ConstructContainerPolicy();
+  // Frame elements are not allowed to enable the fullscreen feature. Remove any
+  // fullscreen policy which was added by the generic ConstructContainerPolicy
+  // algorithm.
+  Vector<WebParsedFeaturePolicyDeclaration> filtered_container_policy;
+  for (size_t i = 0; i < base_container_policy.size(); ++i) {
+    if (base_container_policy[i].feature !=
+        WebFeaturePolicyFeature::kFullscreen) {
+      filtered_container_policy.push_back(base_container_policy[i]);
+    }
+  }
+  // Add an empty whitelist for the fullscreen feature so that the framed
+  // content is unable to use the API, regardless of origin.
+  WebParsedFeaturePolicyDeclaration whitelist;
+  whitelist.feature = WebFeaturePolicyFeature::kFullscreen;
+  whitelist.matches_all_origins = false;
+  whitelist.origins = Vector<WebSecurityOrigin>(0UL);
+  filtered_container_policy.push_back(whitelist);
+  return filtered_container_policy;
+}
+
 }  // namespace blink