Bug 1495303 - FeaturePolicy: payment, r=marcosc
authorAndrea Marchesini <amarchesini@mozilla.com>
Mon, 01 Oct 2018 11:59:57 +0200
changeset 494730 a7dc4f0c4710d4a3f671f1d6bd9ef464f51f33ba
parent 494729 88ebd0e4c45e3759dbc7aac01b6e1848be254f10
child 494731 7f966968076c5df967d490552cce2fd0860dca9d
push id9984
push userffxbld-merge
push dateMon, 15 Oct 2018 21:07:35 +0000
treeherdermozilla-beta@183d27ea8570 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmarcosc
bugs1495303
milestone64.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1495303 - FeaturePolicy: payment, r=marcosc
dom/html/HTMLIFrameElement.cpp
dom/payments/PaymentRequest.cpp
dom/security/featurepolicy/FeaturePolicy.cpp
dom/security/featurepolicy/FeaturePolicy.h
dom/security/featurepolicy/FeaturePolicyUtils.cpp
testing/web-platform/meta/feature-policy/__dir__.ini
testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy-attribute-redirect-on-load.https.sub.html.ini
testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy-attribute.https.sub.html.ini
testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy.https.sub.html.ini
testing/web-platform/meta/feature-policy/payment-default-feature-policy.https.sub.html.ini
testing/web-platform/meta/feature-policy/payment-disabled-by-feature-policy.https.sub.html.ini
--- a/dom/html/HTMLIFrameElement.cpp
+++ b/dom/html/HTMLIFrameElement.cpp
@@ -169,17 +169,18 @@ HTMLIFrameElement::AfterSetAttr(int32_t 
         // If we have an nsFrameLoader, apply the new sandbox flags.
         // Since this is called after the setter, the sandbox flags have
         // alreay been updated.
         mFrameLoader->ApplySandboxFlags(GetSandboxFlags());
       }
     }
     if ((aName == nsGkAtoms::allow ||
          aName == nsGkAtoms::src ||
-         aName == nsGkAtoms::sandbox) &&
+         aName == nsGkAtoms::sandbox ||
+         aName == nsGkAtoms::allowpaymentrequest) &&
         StaticPrefs::dom_security_featurePolicy_enabled()) {
       RefreshFeaturePolicy();
     }
   }
   return nsGenericHTMLFrameElement::AfterSetAttr(aNameSpaceID, aName,
                                                  aValue, aOldValue,
                                                  aMaybeScriptedPrincipal,
                                                  aNotify);
@@ -302,14 +303,18 @@ HTMLIFrameElement::RefreshFeaturePolicy(
 
     // Set or reset the FeaturePolicy directives.
     mFeaturePolicy->SetDeclaredPolicy(OwnerDoc(), allow, documentOrigin,
                                       origin, true /* 'src' enabled */);
   }
 
   mFeaturePolicy->InheritPolicy(OwnerDoc()->Policy());
 
+  if (AllowPaymentRequest()) {
+    mFeaturePolicy->MaybeSetAllowedPolicy(NS_LITERAL_STRING("payment"));
+  }
+
   // TODO: https://wicg.github.io/feature-policy/#process-feature-policy-attributes
-  // requires to check allowfullscreen, allowpaymentrequest and allowusermediarequest
+  // requires to check allowfullscreen, and allowusermediarequest
 }
 
 } // namespace dom
 } // namespace mozilla
--- a/dom/payments/PaymentRequest.cpp
+++ b/dom/payments/PaymentRequest.cpp
@@ -1,16 +1,17 @@
 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "BasicCardPayment.h"
 #include "mozilla/dom/Element.h"
+#include "mozilla/dom/FeaturePolicyUtils.h"
 #include "mozilla/dom/PaymentRequest.h"
 #include "mozilla/dom/PaymentRequestChild.h"
 #include "mozilla/dom/PaymentResponse.h"
 #include "mozilla/EventStateManager.h"
 #include "mozilla/StaticPrefs.h"
 #include "nsContentUtils.h"
 #include "nsIScriptError.h"
 #include "nsIURLParser.h"
@@ -555,16 +556,22 @@ PaymentRequest::Constructor(const Global
 
 
   nsCOMPtr<nsIDocument> doc = window->GetExtantDoc();
   if (!doc) {
     aRv.Throw(NS_ERROR_UNEXPECTED);
     return nullptr;
   }
 
+  if (!FeaturePolicyUtils::IsFeatureAllowed(doc,
+                                            NS_LITERAL_STRING("payment"))) {
+    aRv.Throw(NS_ERROR_DOM_SECURITY_ERR);
+    return nullptr;
+  }
+
   // Check if AllowPaymentRequest on the owner document
   if (!doc->AllowPaymentRequest()) {
     aRv.Throw(NS_ERROR_DOM_SECURITY_ERR);
     return nullptr;
   }
 
   // Get the top level principal
   nsCOMPtr<nsIDocument> topLevelDoc = doc->GetTopLevelContentDocument();
--- a/dom/security/featurepolicy/FeaturePolicy.cpp
+++ b/dom/security/featurepolicy/FeaturePolicy.cpp
@@ -177,8 +177,23 @@ FeaturePolicy::GetAllowlistForFeature(co
 
   nsString defaultAllowList;
   FeaturePolicyUtils::DefaultAllowListFeature(aFeatureName, mDefaultOrigin,
                                               defaultAllowList);
    if (!defaultAllowList.IsEmpty()) {
     aList.AppendElement(defaultAllowList);
   }
 }
+
+void
+FeaturePolicy::MaybeSetAllowedPolicy(const nsAString& aFeatureName)
+{
+  MOZ_ASSERT(FeaturePolicyUtils::IsSupportedFeature(aFeatureName));
+
+  if (HasDeclaredFeature(aFeatureName)) {
+    return;
+  }
+
+  Feature feature(aFeatureName);
+  feature.SetAllowsAll();
+
+  mFeatures.AppendElement(feature);
+}
--- a/dom/security/featurepolicy/FeaturePolicy.h
+++ b/dom/security/featurepolicy/FeaturePolicy.h
@@ -96,16 +96,22 @@ public:
   // or for the 'allow' HTML attribute.
   void
   SetDeclaredPolicy(nsIDocument* aDocument,
                     const nsAString& aPolicyString,
                     const nsAString& aSelfOrigin,
                     const nsAString& aSrcOrigin,
                     bool aSrcEnabled);
 
+  // This method creates a policy for aFeatureName allowing it to '*' if it
+  // doesn't exist yet. It's used by HTMLIFrameElement to enable features by
+  // attributes.
+  void
+  MaybeSetAllowedPolicy(const nsAString& aFeatureName);
+
   // Clears all the declarative policy directives. This is needed when the
   // 'allow' attribute or the 'src' attribute change for HTMLIFrameElement's
   // policy.
   void
   ResetDeclaredPolicy();
 
   // WebIDL internal methods.
 
--- a/dom/security/featurepolicy/FeaturePolicyUtils.cpp
+++ b/dom/security/featurepolicy/FeaturePolicyUtils.cpp
@@ -42,17 +42,16 @@ static FeatureMap sSupportedFeatures[] =
   // TODO: not supported yet!!!
   { "gyroscope", FeatureMap::eSelf  },
   // TODO: not supported yet!!!
   { "magnetometer", FeatureMap::eSelf  },
   // TODO: not supported yet!!!
   { "microphone", FeatureMap::eSelf  },
   // TODO: not supported yet!!!
   { "midi", FeatureMap::eSelf  },
-  // TODO: not supported yet!!!
   { "payment", FeatureMap::eSelf  },
   // TODO: not supported yet!!!
   { "picture-in-picture", FeatureMap::eAll  },
   // TODO: not supported yet!!!
   { "speaker", FeatureMap::eSelf  },
   // TODO: not supported yet!!!
   { "usb", FeatureMap::eSelf  },
   // TODO: not supported yet!!!
--- a/testing/web-platform/meta/feature-policy/__dir__.ini
+++ b/testing/web-platform/meta/feature-policy/__dir__.ini
@@ -1,2 +1,2 @@
-prefs: [dom.security.featurePolicy.enabled:true]
+prefs: [dom.security.featurePolicy.enabled:true, dom.payments.request.enabled:true]
 lsan-allowed: []
--- a/testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy-attribute-redirect-on-load.https.sub.html.ini
+++ b/testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy-attribute-redirect-on-load.https.sub.html.ini
@@ -1,19 +1,25 @@
 [payment-allowed-by-feature-policy-attribute-redirect-on-load.https.sub.html]
   [Feature-Policy allow="payment" allows same-origin relocation.]
-    expected: FAIL
+    expected:
+      if not e10s: FAIL
 
   [Feature-Policy allow="payment" disallows cross-origin relocation.]
-    expected: FAIL
+    expected:
+      if not e10s: FAIL
 
   [Feature-Policy allow="payment" allowpaymentrequest=true allows same-origin relocation.]
-    expected: FAIL
+    expected:
+      if not e10s: FAIL
 
   [Feature-Policy allow="payment" allowpaymentrequest=true disallows cross-origin relocation.]
-    expected: FAIL
+    expected:
+      if not e10s: FAIL
 
   [Feature-Policy allow="payment" allows same-origin navigation in an iframe.]
-    expected: FAIL
+    expected:
+      if not e10s: FAIL
 
   [Feature-Policy allow="payment" allowpaymentrequest=true allows same-origin navigation in an iframe.]
-    expected: FAIL
+    expected:
+      if not e10s: FAIL
 
--- a/testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy-attribute.https.sub.html.ini
+++ b/testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy-attribute.https.sub.html.ini
@@ -1,7 +1,8 @@
 [payment-allowed-by-feature-policy-attribute.https.sub.html]
   [Feature policy "payment" can be enabled in same-origin iframe using allow="payment" attribute]
-    expected: FAIL
+    expected:
+      if not e10s: FAIL
 
   [Feature policy "payment" can be enabled in cross-origin iframe using allow="payment" attribute]
     expected: FAIL
 
--- a/testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy.https.sub.html.ini
+++ b/testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy.https.sub.html.ini
@@ -1,16 +1,20 @@
 [payment-allowed-by-feature-policy.https.sub.html]
   [Feature-Policy header {"payment" : ["*"\]} allows the top-level document.]
-    expected: FAIL
+    expected:
+      if not e10s: FAIL
 
   [Feature-Policy header {"payment" : ["*"\]} allows same-origin iframes.]
-    expected: FAIL
+    expected:
+      if not e10s: FAIL
 
   [Feature-Policy header {"payment" : ["*"\]} allows cross-origin iframes.]
     expected: FAIL
 
   [Feature-Policy header {"payment" : ["*"\]} allowpaymentrequest=true allows same-origin iframes.]
-    expected: FAIL
+    expected:
+      if not e10s: FAIL
 
   [Feature-Policy header {"payment" : ["*"\]} allowpaymentrequest=true allows cross-origin iframes.]
-    expected: FAIL
+    expected:
+      if not e10s: FAIL
 
--- a/testing/web-platform/meta/feature-policy/payment-default-feature-policy.https.sub.html.ini
+++ b/testing/web-platform/meta/feature-policy/payment-default-feature-policy.https.sub.html.ini
@@ -1,13 +1,16 @@
 [payment-default-feature-policy.https.sub.html]
   [Default "payment" feature policy ["self"\] allows the top-level document.]
-    expected: FAIL
+    expected:
+      if not e10s: FAIL
 
   [Default "payment" feature policy ["self"\] allows same-origin iframes.]
-    expected: FAIL
+    expected:
+      if not e10s: FAIL
 
   [Default "payment" feature policy ["self"\] allowpaymentrequest=true allows same-origin iframes.]
-    expected: FAIL
+    expected:
+      if not e10s: FAIL
 
   [Default "payment" feature policy ["self"\] allowpaymentrequest=true allows cross-origin iframes.]
     expected: FAIL
 
--- a/testing/web-platform/meta/feature-policy/payment-disabled-by-feature-policy.https.sub.html.ini
+++ b/testing/web-platform/meta/feature-policy/payment-disabled-by-feature-policy.https.sub.html.ini
@@ -1,4 +1,5 @@
 [payment-disabled-by-feature-policy.https.sub.html]
   [Feature-Policy header {"payment" : [\]} disallows the top-level document.]
-    expected: FAIL
+    expected:
+      if not e10s: FAIL