Bug 1446406 [wpt PR 10076] - Allow feature policy to be used in opaque origins., a=testonly
authorIan Clelland <iclelland@chromium.org>
Sun, 22 Apr 2018 15:02:01 +0000
changeset 468871 a5e3429241aa802c67decfa3b6b1f54db2f7a11b
parent 468870 705bd1cb7b3fab5b8f53a92f400c4e488aff9193
child 468872 846bc7887b927295a8c7d2f51f5e486394171970
push id9165
push userasasaki@mozilla.com
push dateThu, 26 Apr 2018 21:04:54 +0000
treeherdermozilla-beta@064c3804de2e [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerstestonly
bugs1446406, 10076, 690520, 963382, 550463
milestone61.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1446406 [wpt PR 10076] - Allow feature policy to be used in opaque origins., a=testonly Automatic update from web-platform-testsAllow feature policy to be used in opaque origins. Currently, policy-controlled features do not work as expected in frames with opaque origins, such as isolated sandboxes and data: URLs, because the eventual opaque origin of the frame is not known when the HTMLFrameOwnerElement builds the container policy, and so has no way to tell the browser that a particular origin should be allowed. This CL adds a new member to the ParsedFeaturePolicyDeclaration, which indicates that the iframe policy is expected to apply to the origin of the frame, and is used when that frame has an opaque origin. This can be triggered with an iframe of the form <iframe sandbox allow="feature"> or <iframe sandbox allow="feature src"> This flag is checked when building the feature policy in the new frame, and ensures that the new feature policy will allow the feature in that origin. This is the first part of the eventual solution -- currently this has the effect of allowing the feature even if a sandboxed frame navigates to a new page (causing a new opaque origin to be created for it). Subsequent CLs will add a unique identified to each such origin, and ensure that the generated policies are properly tied to the specific origin of the frame. Bug: 690520 Change-Id: Ie18b9bc3c36be6550baf5a03e355871b9589fd40 Reviewed-on: https://chromium-review.googlesource.com/963382 Reviewed-by: Daniel Cheng <dcheng@chromium.org> Reviewed-by: Jeremy Roman <jbroman@chromium.org> Reviewed-by: Alex Moshchuk <alexmos@chromium.org> Commit-Queue: Ian Clelland <iclelland@chromium.org> Cr-Commit-Position: refs/heads/master@{#550463} -- wpt-commits: 4c8580c189ce4501997af80b599bea070b1a7299 wpt-pr: 10076
testing/web-platform/meta/MANIFEST.json
testing/web-platform/tests/feature-policy/feature-policy-frame-policy-allowed-for-self.https.sub.html
testing/web-platform/tests/feature-policy/resources/featurepolicy.js
--- a/testing/web-platform/meta/MANIFEST.json
+++ b/testing/web-platform/meta/MANIFEST.json
@@ -554944,17 +554944,17 @@
    "a48c092204750e00c9aa167a9ef9d2d239445d22",
    "testharness"
   ],
   "feature-policy/feature-policy-frame-policy-allowed-for-all.https.sub.html.sub.headers": [
    "bfcf350d87faae8e6cf4b2beb9fee84957cac449",
    "support"
   ],
   "feature-policy/feature-policy-frame-policy-allowed-for-self.https.sub.html": [
-   "7a68af16b8cb8292185997cefdfeb3be295813a7",
+   "fdc37b6a3d16b35095a05b2857faeaf3d28c1feb",
    "testharness"
   ],
   "feature-policy/feature-policy-frame-policy-allowed-for-self.https.sub.html.sub.headers": [
    "ea3519ed0612b18268c0df22a1c9472e404c2573",
    "support"
   ],
   "feature-policy/feature-policy-frame-policy-allowed-for-some.https.sub.html": [
    "a1304e1954b23cde1d017a242bad05e2d3039a6e",
@@ -555124,17 +555124,17 @@
    "cb370c3a26271da43e46f348f23eb20a912609a3",
    "support"
   ],
   "feature-policy/resources/feature-policy-webvr.html": [
    "57a94b461d4be6a179a53d199dfdd9a2b096d0fb",
    "support"
   ],
   "feature-policy/resources/featurepolicy.js": [
-   "87607362a81716400d9fee10958893e7a785f74e",
+   "a95ee6fc23217f5fc271763f5363a09b0ff04537",
    "support"
   ],
   "feature-policy/resources/picture-in-picture.js": [
    "20355b27be4404af59fc2742b43c6600147eccd3",
    "support"
   ],
   "feature-policy/resources/redirect-on-load.html": [
    "5d9d75fc156f6d5a934a1aca7aa2b4a8e238dd4f",
--- a/testing/web-platform/tests/feature-policy/feature-policy-frame-policy-allowed-for-self.https.sub.html
+++ b/testing/web-platform/tests/feature-policy/feature-policy-frame-policy-allowed-for-self.https.sub.html
@@ -23,16 +23,34 @@
   // attribute is not specified.
   test(function() {
     test_frame_policy('fullscreen', same_origin_src, true);
   }, 'Test frame policy on same origin iframe inherit from header policy.');
   test(function() {
     test_frame_policy('fullscreen', cross_origin_src, false);
   }, 'Test frame policy on cross origin iframe inherit from header policy.');
 
+  // Test that frame policy can be used for sandboxed frames
+  test(function() {
+    test_frame_policy(
+      'fullscreen', same_origin_src, false, undefined, false, true);
+    }, 'Test frame policy on sandboxed iframe with no allow attribute.');
+  test(function() {
+    test_frame_policy(
+      'fullscreen', same_origin_src, true, 'fullscreen', false, true);
+    }, 'Test frame policy on sandboxed iframe with allow="fullscreen".');
+  test(function() {
+    test_frame_policy(
+      'fullscreen', same_origin_src, true, 'fullscreen \'src\'', false, true);
+    }, 'Test frame policy on sandboxed iframe with allow="fullscreen \'src\'".');
+  test(function() {
+    test_frame_policy(
+      'fullscreen', cross_origin_src, false, 'fullscreen ' + cross_origin, false, true);
+    }, 'Test frame policy on sandboxed iframe with allow="fullscreen ' + cross_origin + '".');
+
   // Test frame policy with allow attribute set to be one of the policies above.
   for (var i = 0; i < policies.length; i++) {
     test(function() {
       test_frame_policy(
         'fullscreen', same_origin_src, policies[i].sameOriginTestExpect,
         'fullscreen ' + policies[i].allow + ';');
     }, 'Test frame policy on same origin iframe with allow = "' + policies[i].allow + '".');
     test(function() {
--- a/testing/web-platform/tests/feature-policy/resources/featurepolicy.js
+++ b/testing/web-platform/tests/feature-policy/resources/featurepolicy.js
@@ -388,28 +388,33 @@ function test_subframe_header_policy(
 // feature is allowed in a frame either through inherited policy or specified
 // by iframe allow attribute.
 // Arguments:
 //     feature: feature name.
 //     src: the URL to load in the frame.
 //     test_expect: boolean value of whether the feature should be allowed.
 //     allow: optional, the allow attribute (container policy) of the iframe.
 //     allowfullscreen: optional, boolean value of allowfullscreen attribute.
+//     sandbox: optional boolean. If true, the frame will be sandboxed (with
+//         allow-scripts, so that tests can run in it.)
 function test_frame_policy(
-    feature, src, test_expect, allow, allowfullscreen) {
+    feature, src, test_expect, allow, allowfullscreen, sandbox) {
   let frame = document.createElement('iframe');
   document.body.appendChild(frame);
   // frame_policy should be dynamically updated as allow and allowfullscreen is
   // updated.
   var frame_policy = frame.policy;
   if (typeof allow !== 'undefined') {
     frame.setAttribute('allow', allow);
   }
   if (!!allowfullscreen) {
     frame.setAttribute('allowfullscreen', true);
   }
+  if (!!sandbox) {
+    frame.setAttribute('sandbox', 'allow-scripts');
+  }
   frame.src = src;
   if (test_expect) {
     assert_true(frame_policy.allowedFeatures().includes(feature));
   } else {
     assert_false(frame_policy.allowedFeatures().includes(feature));
   }
 }