Bug 1495303 - FeaturePolicy: payment, r=marcosc
☠☠ backed out by 9ead07a717df ☠ ☠
authorAndrea Marchesini <amarchesini@mozilla.com>
Mon, 01 Oct 2018 11:59:57 +0200
changeset 497410 6daf4f561843827556ce451941a75ab186255f00
parent 497409 f9a8321c1ed7a38a3e9e5eb06506b875ddad2dd4
child 497411 54252d2fdeee59b40f33fe3847f40bd973a8a315
push id1864
push userffxbld-merge
push dateMon, 03 Dec 2018 15:51:40 +0000
treeherdermozilla-release@f040763d99ad [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmarcosc
bugs1495303
milestone64.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1495303 - FeaturePolicy: payment, r=marcosc
dom/html/HTMLIFrameElement.cpp
dom/payments/PaymentRequest.cpp
dom/security/featurepolicy/FeaturePolicy.cpp
dom/security/featurepolicy/FeaturePolicy.h
dom/security/featurepolicy/FeaturePolicyUtils.cpp
testing/web-platform/meta/feature-policy/__dir__.ini
testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy-attribute-redirect-on-load.https.sub.html.ini
testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy-attribute.https.sub.html.ini
testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy.https.sub.html.ini
testing/web-platform/meta/feature-policy/payment-default-feature-policy.https.sub.html.ini
testing/web-platform/meta/feature-policy/payment-disabled-by-feature-policy.https.sub.html.ini
testing/web-platform/meta/payment-request/__dir__.ini
testing/web-platform/meta/payment-request/allowpaymentrequest/allowpaymentrequest-attribute-cross-origin-bc-containers.https.html.ini
--- a/dom/html/HTMLIFrameElement.cpp
+++ b/dom/html/HTMLIFrameElement.cpp
@@ -169,17 +169,18 @@ HTMLIFrameElement::AfterSetAttr(int32_t 
         // If we have an nsFrameLoader, apply the new sandbox flags.
         // Since this is called after the setter, the sandbox flags have
         // alreay been updated.
         mFrameLoader->ApplySandboxFlags(GetSandboxFlags());
       }
     }
     if ((aName == nsGkAtoms::allow ||
          aName == nsGkAtoms::src ||
-         aName == nsGkAtoms::sandbox) &&
+         aName == nsGkAtoms::sandbox ||
+         aName == nsGkAtoms::allowpaymentrequest) &&
         StaticPrefs::dom_security_featurePolicy_enabled()) {
       RefreshFeaturePolicy();
     }
   }
   return nsGenericHTMLFrameElement::AfterSetAttr(aNameSpaceID, aName,
                                                  aValue, aOldValue,
                                                  aMaybeScriptedPrincipal,
                                                  aNotify);
@@ -302,14 +303,18 @@ HTMLIFrameElement::RefreshFeaturePolicy(
 
     // Set or reset the FeaturePolicy directives.
     mFeaturePolicy->SetDeclaredPolicy(OwnerDoc(), allow, documentOrigin,
                                       origin, true /* 'src' enabled */);
   }
 
   mFeaturePolicy->InheritPolicy(OwnerDoc()->Policy());
 
+  if (AllowPaymentRequest()) {
+    mFeaturePolicy->MaybeSetAllowedPolicy(NS_LITERAL_STRING("payment"));
+  }
+
   // TODO: https://wicg.github.io/feature-policy/#process-feature-policy-attributes
-  // requires to check allowfullscreen, allowpaymentrequest and allowusermediarequest
+  // requires to check allowfullscreen, and allowusermediarequest
 }
 
 } // namespace dom
 } // namespace mozilla
--- a/dom/payments/PaymentRequest.cpp
+++ b/dom/payments/PaymentRequest.cpp
@@ -1,16 +1,17 @@
 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "BasicCardPayment.h"
 #include "mozilla/dom/Element.h"
+#include "mozilla/dom/FeaturePolicyUtils.h"
 #include "mozilla/dom/PaymentRequest.h"
 #include "mozilla/dom/PaymentRequestChild.h"
 #include "mozilla/dom/PaymentResponse.h"
 #include "mozilla/EventStateManager.h"
 #include "mozilla/StaticPrefs.h"
 #include "nsContentUtils.h"
 #include "nsIScriptError.h"
 #include "nsIURLParser.h"
@@ -555,16 +556,22 @@ PaymentRequest::Constructor(const Global
 
 
   nsCOMPtr<nsIDocument> doc = window->GetExtantDoc();
   if (!doc) {
     aRv.Throw(NS_ERROR_UNEXPECTED);
     return nullptr;
   }
 
+  if (!FeaturePolicyUtils::IsFeatureAllowed(doc,
+                                            NS_LITERAL_STRING("payment"))) {
+    aRv.Throw(NS_ERROR_DOM_SECURITY_ERR);
+    return nullptr;
+  }
+
   // Check if AllowPaymentRequest on the owner document
   if (!doc->AllowPaymentRequest()) {
     aRv.Throw(NS_ERROR_DOM_SECURITY_ERR);
     return nullptr;
   }
 
   // Get the top level principal
   nsCOMPtr<nsIDocument> topLevelDoc = doc->GetTopLevelContentDocument();
--- a/dom/security/featurepolicy/FeaturePolicy.cpp
+++ b/dom/security/featurepolicy/FeaturePolicy.cpp
@@ -177,8 +177,23 @@ FeaturePolicy::GetAllowlistForFeature(co
 
   nsString defaultAllowList;
   FeaturePolicyUtils::DefaultAllowListFeature(aFeatureName, mDefaultOrigin,
                                               defaultAllowList);
    if (!defaultAllowList.IsEmpty()) {
     aList.AppendElement(defaultAllowList);
   }
 }
+
+void
+FeaturePolicy::MaybeSetAllowedPolicy(const nsAString& aFeatureName)
+{
+  MOZ_ASSERT(FeaturePolicyUtils::IsSupportedFeature(aFeatureName));
+
+  if (HasDeclaredFeature(aFeatureName)) {
+    return;
+  }
+
+  Feature feature(aFeatureName);
+  feature.SetAllowsAll();
+
+  mFeatures.AppendElement(feature);
+}
--- a/dom/security/featurepolicy/FeaturePolicy.h
+++ b/dom/security/featurepolicy/FeaturePolicy.h
@@ -96,16 +96,22 @@ public:
   // or for the 'allow' HTML attribute.
   void
   SetDeclaredPolicy(nsIDocument* aDocument,
                     const nsAString& aPolicyString,
                     const nsAString& aSelfOrigin,
                     const nsAString& aSrcOrigin,
                     bool aSrcEnabled);
 
+  // This method creates a policy for aFeatureName allowing it to '*' if it
+  // doesn't exist yet. It's used by HTMLIFrameElement to enable features by
+  // attributes.
+  void
+  MaybeSetAllowedPolicy(const nsAString& aFeatureName);
+
   // Clears all the declarative policy directives. This is needed when the
   // 'allow' attribute or the 'src' attribute change for HTMLIFrameElement's
   // policy.
   void
   ResetDeclaredPolicy();
 
   // WebIDL internal methods.
 
--- a/dom/security/featurepolicy/FeaturePolicyUtils.cpp
+++ b/dom/security/featurepolicy/FeaturePolicyUtils.cpp
@@ -42,17 +42,16 @@ static FeatureMap sSupportedFeatures[] =
   // TODO: not supported yet!!!
   { "gyroscope", FeatureMap::eSelf  },
   // TODO: not supported yet!!!
   { "magnetometer", FeatureMap::eSelf  },
   // TODO: not supported yet!!!
   { "microphone", FeatureMap::eSelf  },
   // TODO: not supported yet!!!
   { "midi", FeatureMap::eSelf  },
-  // TODO: not supported yet!!!
   { "payment", FeatureMap::eSelf  },
   // TODO: not supported yet!!!
   { "picture-in-picture", FeatureMap::eAll  },
   // TODO: not supported yet!!!
   { "speaker", FeatureMap::eSelf  },
   // TODO: not supported yet!!!
   { "usb", FeatureMap::eSelf  },
   // TODO: not supported yet!!!
--- a/testing/web-platform/meta/feature-policy/__dir__.ini
+++ b/testing/web-platform/meta/feature-policy/__dir__.ini
@@ -1,2 +1,2 @@
-prefs: [dom.security.featurePolicy.enabled:true]
+prefs: [dom.security.featurePolicy.enabled:true, dom.payments.request.enabled:true]
 lsan-allowed: []
deleted file mode 100644
--- a/testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy-attribute-redirect-on-load.https.sub.html.ini
+++ /dev/null
@@ -1,19 +0,0 @@
-[payment-allowed-by-feature-policy-attribute-redirect-on-load.https.sub.html]
-  [Feature-Policy allow="payment" allows same-origin relocation.]
-    expected: FAIL
-
-  [Feature-Policy allow="payment" disallows cross-origin relocation.]
-    expected: FAIL
-
-  [Feature-Policy allow="payment" allowpaymentrequest=true allows same-origin relocation.]
-    expected: FAIL
-
-  [Feature-Policy allow="payment" allowpaymentrequest=true disallows cross-origin relocation.]
-    expected: FAIL
-
-  [Feature-Policy allow="payment" allows same-origin navigation in an iframe.]
-    expected: FAIL
-
-  [Feature-Policy allow="payment" allowpaymentrequest=true allows same-origin navigation in an iframe.]
-    expected: FAIL
-
--- a/testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy-attribute.https.sub.html.ini
+++ b/testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy-attribute.https.sub.html.ini
@@ -1,7 +1,4 @@
 [payment-allowed-by-feature-policy-attribute.https.sub.html]
-  [Feature policy "payment" can be enabled in same-origin iframe using allow="payment" attribute]
-    expected: FAIL
-
   [Feature policy "payment" can be enabled in cross-origin iframe using allow="payment" attribute]
     expected: FAIL
 
--- a/testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy.https.sub.html.ini
+++ b/testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy.https.sub.html.ini
@@ -1,16 +1,4 @@
 [payment-allowed-by-feature-policy.https.sub.html]
-  [Feature-Policy header {"payment" : ["*"\]} allows the top-level document.]
-    expected: FAIL
-
-  [Feature-Policy header {"payment" : ["*"\]} allows same-origin iframes.]
-    expected: FAIL
-
   [Feature-Policy header {"payment" : ["*"\]} allows cross-origin iframes.]
     expected: FAIL
 
-  [Feature-Policy header {"payment" : ["*"\]} allowpaymentrequest=true allows same-origin iframes.]
-    expected: FAIL
-
-  [Feature-Policy header {"payment" : ["*"\]} allowpaymentrequest=true allows cross-origin iframes.]
-    expected: FAIL
-
--- a/testing/web-platform/meta/feature-policy/payment-default-feature-policy.https.sub.html.ini
+++ b/testing/web-platform/meta/feature-policy/payment-default-feature-policy.https.sub.html.ini
@@ -1,13 +1,4 @@
 [payment-default-feature-policy.https.sub.html]
-  [Default "payment" feature policy ["self"\] allows the top-level document.]
-    expected: FAIL
-
-  [Default "payment" feature policy ["self"\] allows same-origin iframes.]
-    expected: FAIL
-
-  [Default "payment" feature policy ["self"\] allowpaymentrequest=true allows same-origin iframes.]
-    expected: FAIL
-
   [Default "payment" feature policy ["self"\] allowpaymentrequest=true allows cross-origin iframes.]
     expected: FAIL
 
deleted file mode 100644
--- a/testing/web-platform/meta/feature-policy/payment-disabled-by-feature-policy.https.sub.html.ini
+++ /dev/null
@@ -1,4 +0,0 @@
-[payment-disabled-by-feature-policy.https.sub.html]
-  [Feature-Policy header {"payment" : [\]} disallows the top-level document.]
-    expected: FAIL
-
--- a/testing/web-platform/meta/payment-request/__dir__.ini
+++ b/testing/web-platform/meta/payment-request/__dir__.ini
@@ -1,1 +1,1 @@
-prefs: [dom.payments.request.enabled:true]
+prefs: [dom.security.featurePolicy.enabled:true, dom.payments.request.enabled:true]
--- a/testing/web-platform/meta/payment-request/allowpaymentrequest/allowpaymentrequest-attribute-cross-origin-bc-containers.https.html.ini
+++ b/testing/web-platform/meta/payment-request/allowpaymentrequest/allowpaymentrequest-attribute-cross-origin-bc-containers.https.html.ini
@@ -1,12 +1,11 @@
 [allowpaymentrequest-attribute-cross-origin-bc-containers.https.html]
   [iframe]
-    expected:
-      if not e10s: FAIL
+    expected: FAIL
 
   [frame]
     expected:
       if not e10s: FAIL
 
   [object]
     expected:
       if not e10s: FAIL