[sms] Implement kill switch for SmsReceiver

SmsReceiver allows browsers to retrieve the contents of an incoming SMS to
perform SMS-based user verification without requiring the user to manually
type verification codes. Before launching this feature, we want to add a
kill switch that can be set from the server side that lets us turn off
the feature in case there is a security or privacy problem.

Explainer:
https://github.com/sso-google/sms-otp-retrieval

Intent to Implement:
https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/Drmmb_t4eE8

Design Doc:
https://docs.google.com/document/d/1TG7BzAPdt2DWNOmephxNf09kdzDKYq8l6Z126oSif8I/edit

Bug: 955747
Change-Id: Iaf43946ba66f658f6b80a68dab2464db311fb28e
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1589499
Reviewed-by: Reilly Grant <reillyg@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Commit-Queue: Ayu Ishii <ayui@chromium.org>
Cr-Commit-Position: refs/heads/master@{#656947}

content/child/runtime_features.cc

@@ -490,6 +490,9 @@ void SetIndividualRuntimeFeatures(
 
   WebRuntimeFeatures::EnableStaleWhileRevalidate(
       base::FeatureList::IsEnabled(features::kStaleWhileRevalidate));
+
+  if (!base::FeatureList::IsEnabled(features::kSmsReceiver))
+    WebRuntimeFeatures::EnableSmsReceiver(false);
 }
 
 }  // namespace

content/public/common/content_features.cc

@@ -179,7 +179,7 @@ const base::Feature kHistoryManipulationIntervention{
     "HistoryManipulationIntervention", base::FEATURE_ENABLED_BY_DEFAULT};
 
 // This is intended as a kill switch for the Idle Detection feature. To enable
-// this feature,the experimental web platform features flag should be set,
+// this feature, the experimental web platform features flag should be set,
 // or the site should obtain an Origin Trial token.
 const base::Feature kIdleDetection{"IdleDetection",
                                    base::FEATURE_ENABLED_BY_DEFAULT};
@@ -454,6 +454,12 @@ const base::Feature kSignedHTTPExchange{"SignedHTTPExchange",
 const base::Feature kSignedHTTPExchangePingValidity{
     "SignedHTTPExchangePingValidity", base::FEATURE_DISABLED_BY_DEFAULT};
 
+// This is intended as a kill switch for the SMS Receiver feature. To enable
+// this feature, the experimental web platform features flag should be set,
+// or the site should obtain an Origin Trial token.
+const base::Feature kSmsReceiver{"SmsReceiver",
+                                 base::FEATURE_ENABLED_BY_DEFAULT};
+
 // Controls whether SpareRenderProcessHostManager tries to always have a warm
 // spare renderer process around for the most recently requested BrowserContext.
 // This feature is only consulted in site-per-process mode.

content/public/common/content_features.h

@@ -107,6 +107,7 @@ CONTENT_EXPORT extern const base::Feature
 CONTENT_EXPORT extern const base::Feature kSignedExchangeSubresourcePrefetch;
 CONTENT_EXPORT extern const base::Feature kSignedHTTPExchange;
 CONTENT_EXPORT extern const base::Feature kSignedHTTPExchangePingValidity;
+CONTENT_EXPORT extern const base::Feature kSmsReceiver;
 CONTENT_EXPORT extern const base::Feature kSpareRendererForSitePerProcess;
 CONTENT_EXPORT extern const base::Feature kStaleWhileRevalidate;
 CONTENT_EXPORT extern const base::Feature kStrictOriginIsolation;

third_party/blink/public/platform/web_runtime_features.h

@@ -238,6 +238,7 @@ class WebRuntimeFeatures {
   BLINK_PLATFORM_EXPORT static void EnableIdleDetection(bool);
   BLINK_PLATFORM_EXPORT static void EnableSkipTouchEventFilter(bool);
   BLINK_PLATFORM_EXPORT static void EnableStaleWhileRevalidate(bool);
+  BLINK_PLATFORM_EXPORT static void EnableSmsReceiver(bool);
 
  private:
   WebRuntimeFeatures();

third_party/blink/renderer/platform/exported/web_runtime_features.cc

@@ -664,4 +664,8 @@ void WebRuntimeFeatures::EnableStaleWhileRevalidate(bool enable) {
   RuntimeEnabledFeatures::SetStaleWhileRevalidateEnabled(enable);
 }
 
+void WebRuntimeFeatures::EnableSmsReceiver(bool enable) {
+  RuntimeEnabledFeatures::SetSmsReceiverEnabled(enable);
+}
+
 }  // namespace blink