Move container policy logic to frame owner classes.

third_party/WebKit/Source/core/html/HTMLFrameElement.cpp

Index: third_party/WebKit/Source/core/html/HTMLFrameElement.cpp
diff --git a/third_party/WebKit/Source/core/html/HTMLFrameElement.cpp b/third_party/WebKit/Source/core/html/HTMLFrameElement.cpp
index 641ba2ae5ae1af3641cc9c59731b8099e18baf20..21b0973bbead8f57f0a264db9af01f6b08737f1b 100644
--- a/third_party/WebKit/Source/core/html/HTMLFrameElement.cpp
+++ b/third_party/WebKit/Source/core/html/HTMLFrameElement.cpp
@@ -76,4 +76,18 @@ void HTMLFrameElement::ParseAttribute(
   }
 }
 
+Vector<WebParsedFeaturePolicyDeclaration>
+HTMLFrameElement::ConstructContainerPolicy() const {
+  // Frame elements are not allowed to enable the fullscreen feature. Add an

[raymes, 2017/06/12 22:54:26]

tiny nit: a link to spec or documentation here might be helpful for a reader but
not too important if there isn't one

[iclelland, 2017/06/13 14:38:33]

Done.

+  // empty whitelist for the fullscreen feature so that the framed content is
+  // unable to use the API, regardless of origin.
+  Vector<WebParsedFeaturePolicyDeclaration> container_policy;
+  WebParsedFeaturePolicyDeclaration whitelist;
+  whitelist.feature = WebFeaturePolicyFeature::kFullscreen;
+  whitelist.matches_all_origins = false;
+  whitelist.origins = Vector<WebSecurityOrigin>(0UL);
+  container_policy.push_back(whitelist);
+  return container_policy;
+}
+
 }  // namespace blink