[Document Policy] Add feature author guide
This CL adds feature author guide section for document policy to README.md. Change-Id: Ib75b203192545fbbb8de48ceef25f1156398c4a3 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2380609 Reviewed-by: Ian Clelland <iclelland@chromium.org> Commit-Queue: Charlie Hu <chenleihu@google.com> Cr-Commit-Position: refs/heads/master@{#805959}
This commit is contained in:
Charlie Hu
third_party/blink
@ -68,7 +68,43 @@ To test the new feature with feature policy, refer to
|
||||
`third_party/blink/web_tests/external/wpt/feature-policy/README.md` for
|
||||
instructions on how to use the feature policy test framework.
|
||||
|
||||
## Document Policy Guide
|
||||
### How to add a new feature to document policy
|
||||
|
||||
Document Policy (see [spec](https://w3c.github.io/webappsec-permissions-policy/document-policy.html)) is a similar mechanism to Feature Policy. It is intended
|
||||
to cover those kinds of features which don't involve delegation of permission to trusted origins; features which are more about configuring a document, or removing features (sandboxing) from a document or a frame. Document Policy can only be set through HTTP header, and will not inherit to subframes.
|
||||
|
||||
Example HTTP header: `Document-Policy: force-load-at-top=?0, lossy-images-max-bpp=1.0`
|
||||
|
||||
- `force-load-at-top` is set to boolean value false (`?0` in [structured header syntax](https://httpwg.org/http-extensions/draft-ietf-httpbis-header-structure.html)), i.e. the
|
||||
feature is disallowed in current document;
|
||||
- `lossy-images-max-bpp` is set to 1.0, i.e. lossy image format (e.g. jpeg) images with
|
||||
byte per pixel rate higher than 1.0 will be blocked.
|
||||
|
||||
|
||||
#### Adding a new feature to document policy
|
||||
|
||||
##### Shipping features behind a flag
|
||||
If the additional feature is unshipped, or if the correct behaviour with document
|
||||
policy is undetermined, consider shipping the feature behind a runtime-enabled feature.
|
||||
|
||||
##### Define new feature
|
||||
1. Document policy features are defined in
|
||||
`third_party/blink/renderer/core/feature_policy/document_policy_features.json5`. Add the new feature,
|
||||
placing any runtime-enabled feature or origin trial dependencies in its "depends_on" field as
|
||||
described in the file's comments.
|
||||
|
||||
2. Append the new feature enum with a brief description as well in
|
||||
`third_party/blink/public/mojom/feature_policy/document_policy_feature.mojom`
|
||||
|
||||
##### Integrate the feature behaviour with document policy
|
||||
The most common way to check if features are enabled is `ExecutionContext::IsFeatureEnabled`.
|
||||
|
||||
##### Write web-platform-tests
|
||||
Please add new tests to `third_party/blink/web_tests/external/wpt/document-policy/`.
|
||||
|
||||
#### Contacts
|
||||
For more questions, please feel free to reach out to:
|
||||
iclelland@chromium.org
|
||||
chenleihu@google.com
|
||||
(Emerita: loonybear@)
|
||||
|
||||
@ -27,7 +27,7 @@ namespace blink {
|
||||
// which embeds the document.
|
||||
//
|
||||
// See
|
||||
// https://github.com/w3c/webappsec-feature-policy/blob/master/document-policy-explainer.md
|
||||
// https://github.com/w3c/webappsec-permissions-policy/blob/master/document-policy-explainer.md
|
||||
//
|
||||
// Key concepts:
|
||||
//
|
||||
|
||||
Reference in New Issue
Block a user