Move Feature Policy checks from Frame to Document
This CL handles the features which are trivially migratable from calling (Deprecated)IsFeatureEnabled on Frame to calling the equivalent method on Document. Bug: 888668 Cq-Include-Trybots: luci.chromium.try:win_optional_gpu_tests_rel Change-Id: If7c548afd9974f83c86cbcb9876cb51654bb3267 Reviewed-on: https://chromium-review.googlesource.com/1243365 Commit-Queue: Ian Clelland <iclelland@chromium.org> Reviewed-by: Jeremy Roman <jbroman@chromium.org> Cr-Commit-Position: refs/heads/master@{#594103}
This commit is contained in:
third_party/blink/renderer
core
animation
frame
xmlhttprequest
modules
encryptedmedia
geolocation
mediastream
picture_in_picture
sensor
vr
webmidi
xr
@ -54,7 +54,7 @@ CSSInterpolationTypesMap::CSSInterpolationTypesMap(
|
|||||||
const PropertyRegistry* registry,
|
const PropertyRegistry* registry,
|
||||||
const Document& document)
|
const Document& document)
|
||||||
: registry_(registry) {
|
: registry_(registry) {
|
||||||
allow_all_animations_ = document.GetFrame()->DeprecatedIsFeatureEnabled(
|
allow_all_animations_ = document.IsFeatureEnabled(
|
||||||
blink::mojom::FeaturePolicyFeature::kAnimations);
|
blink::mojom::FeaturePolicyFeature::kAnimations);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -746,7 +746,7 @@ void Deprecation::CountDeprecationFeaturePolicy(
|
|||||||
return;
|
return;
|
||||||
|
|
||||||
// If the feature is allowed, don't log a warning.
|
// If the feature is allowed, don't log a warning.
|
||||||
if (frame->DeprecatedIsFeatureEnabled(feature))
|
if (document.IsFeatureEnabled(feature))
|
||||||
return;
|
return;
|
||||||
|
|
||||||
// If the feature is disabled, log a warning but only if the request is from a
|
// If the feature is disabled, log a warning but only if the request is from a
|
||||||
|
@ -93,12 +93,10 @@ bool DeviceSingleWindowEventController::IsSameSecurityOriginAsMainFrame()
|
|||||||
|
|
||||||
bool DeviceSingleWindowEventController::CheckPolicyFeatures(
|
bool DeviceSingleWindowEventController::CheckPolicyFeatures(
|
||||||
const Vector<mojom::FeaturePolicyFeature>& features) const {
|
const Vector<mojom::FeaturePolicyFeature>& features) const {
|
||||||
LocalFrame* frame = GetDocument().GetFrame();
|
const Document& document = GetDocument();
|
||||||
if (!frame)
|
|
||||||
return false;
|
|
||||||
return std::all_of(features.begin(), features.end(),
|
return std::all_of(features.begin(), features.end(),
|
||||||
[frame](mojom::FeaturePolicyFeature feature) {
|
[&document](mojom::FeaturePolicyFeature feature) {
|
||||||
return frame->DeprecatedIsFeatureEnabled(feature);
|
return document.IsFeatureEnabled(feature);
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -746,9 +746,8 @@ bool XMLHttpRequest::InitSend(ExceptionState& exception_state) {
|
|||||||
|
|
||||||
if (!async_) {
|
if (!async_) {
|
||||||
if (GetExecutionContext()->IsDocument() &&
|
if (GetExecutionContext()->IsDocument() &&
|
||||||
!GetDocument()->GetFrame()->DeprecatedIsFeatureEnabled(
|
!GetDocument()->IsFeatureEnabled(mojom::FeaturePolicyFeature::kSyncXHR,
|
||||||
mojom::FeaturePolicyFeature::kSyncXHR,
|
ReportOptions::kReportOnFailure)) {
|
||||||
ReportOptions::kReportOnFailure)) {
|
|
||||||
LogConsoleError(GetExecutionContext(),
|
LogConsoleError(GetExecutionContext(),
|
||||||
"Synchronous requests are disabled by Feature Policy.");
|
"Synchronous requests are disabled by Feature Policy.");
|
||||||
HandleNetworkError();
|
HandleNetworkError();
|
||||||
|
3
third_party/blink/renderer/modules/encryptedmedia/navigator_request_media_key_system_access.cc
vendored
3
third_party/blink/renderer/modules/encryptedmedia/navigator_request_media_key_system_access.cc
vendored
@ -302,8 +302,7 @@ ScriptPromise NavigatorRequestMediaKeySystemAccess::requestMediaKeySystemAccess(
|
|||||||
ExecutionContext* execution_context = ExecutionContext::From(script_state);
|
ExecutionContext* execution_context = ExecutionContext::From(script_state);
|
||||||
Document* document = ToDocument(execution_context);
|
Document* document = ToDocument(execution_context);
|
||||||
|
|
||||||
if (!document->GetFrame() ||
|
if (!document->IsFeatureEnabled(
|
||||||
!document->GetFrame()->DeprecatedIsFeatureEnabled(
|
|
||||||
mojom::FeaturePolicyFeature::kEncryptedMedia)) {
|
mojom::FeaturePolicyFeature::kEncryptedMedia)) {
|
||||||
UseCounter::Count(document,
|
UseCounter::Count(document,
|
||||||
WebFeature::kEncryptedMediaDisabledByFeaturePolicy);
|
WebFeature::kEncryptedMediaDisabledByFeaturePolicy);
|
||||||
|
@ -224,7 +224,7 @@ void Geolocation::StartRequest(GeoNotifier* notifier) {
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!GetFrame()->DeprecatedIsFeatureEnabled(
|
if (!GetDocument()->IsFeatureEnabled(
|
||||||
mojom::FeaturePolicyFeature::kGeolocation,
|
mojom::FeaturePolicyFeature::kGeolocation,
|
||||||
ReportOptions::kReportOnFailure)) {
|
ReportOptions::kReportOnFailure)) {
|
||||||
UseCounter::Count(GetDocument(),
|
UseCounter::Count(GetDocument(),
|
||||||
|
@ -492,17 +492,15 @@ bool UserMediaRequest::IsSecureContextUse(String& error_message) {
|
|||||||
|
|
||||||
// Feature policy deprecation messages.
|
// Feature policy deprecation messages.
|
||||||
if (Audio()) {
|
if (Audio()) {
|
||||||
if (!document->GetFrame()->DeprecatedIsFeatureEnabled(
|
if (!document->IsFeatureEnabled(mojom::FeaturePolicyFeature::kMicrophone,
|
||||||
mojom::FeaturePolicyFeature::kMicrophone,
|
ReportOptions::kReportOnFailure)) {
|
||||||
ReportOptions::kReportOnFailure)) {
|
|
||||||
UseCounter::Count(
|
UseCounter::Count(
|
||||||
document, WebFeature::kMicrophoneDisabledByFeaturePolicyEstimate);
|
document, WebFeature::kMicrophoneDisabledByFeaturePolicyEstimate);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (Video()) {
|
if (Video()) {
|
||||||
if (!document->GetFrame()->DeprecatedIsFeatureEnabled(
|
if (!document->IsFeatureEnabled(mojom::FeaturePolicyFeature::kCamera,
|
||||||
mojom::FeaturePolicyFeature::kCamera,
|
ReportOptions::kReportOnFailure)) {
|
||||||
ReportOptions::kReportOnFailure)) {
|
|
||||||
UseCounter::Count(document,
|
UseCounter::Count(document,
|
||||||
WebFeature::kCameraDisabledByFeaturePolicyEstimate);
|
WebFeature::kCameraDisabledByFeaturePolicyEstimate);
|
||||||
}
|
}
|
||||||
|
2
third_party/blink/renderer/modules/picture_in_picture/picture_in_picture_controller_impl.cc
vendored
2
third_party/blink/renderer/modules/picture_in_picture/picture_in_picture_controller_impl.cc
vendored
@ -54,7 +54,7 @@ PictureInPictureControllerImpl::IsDocumentAllowed() const {
|
|||||||
// If document is not allowed to use the policy-controlled feature named
|
// If document is not allowed to use the policy-controlled feature named
|
||||||
// "picture-in-picture", return kDisabledByFeaturePolicy status.
|
// "picture-in-picture", return kDisabledByFeaturePolicy status.
|
||||||
if (RuntimeEnabledFeatures::PictureInPictureAPIEnabled() &&
|
if (RuntimeEnabledFeatures::PictureInPictureAPIEnabled() &&
|
||||||
!frame->DeprecatedIsFeatureEnabled(
|
!GetSupplementable()->IsFeatureEnabled(
|
||||||
blink::mojom::FeaturePolicyFeature::kPictureInPicture)) {
|
blink::mojom::FeaturePolicyFeature::kPictureInPicture)) {
|
||||||
return Status::kDisabledByFeaturePolicy;
|
return Status::kDisabledByFeaturePolicy;
|
||||||
}
|
}
|
||||||
|
@ -22,11 +22,11 @@ namespace blink {
|
|||||||
namespace {
|
namespace {
|
||||||
const double kWaitingIntervalThreshold = 0.01;
|
const double kWaitingIntervalThreshold = 0.01;
|
||||||
|
|
||||||
bool AreFeaturesEnabled(LocalFrame* frame,
|
bool AreFeaturesEnabled(Document* document,
|
||||||
const Vector<mojom::FeaturePolicyFeature>& features) {
|
const Vector<mojom::FeaturePolicyFeature>& features) {
|
||||||
return std::all_of(features.begin(), features.end(),
|
return std::all_of(features.begin(), features.end(),
|
||||||
[frame](mojom::FeaturePolicyFeature feature) {
|
[document](mojom::FeaturePolicyFeature feature) {
|
||||||
return frame->DeprecatedIsFeatureEnabled(feature);
|
return document->IsFeatureEnabled(feature);
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -45,9 +45,9 @@ Sensor::Sensor(ExecutionContext* execution_context,
|
|||||||
// [SecureContext] in idl.
|
// [SecureContext] in idl.
|
||||||
DCHECK(execution_context->IsSecureContext());
|
DCHECK(execution_context->IsSecureContext());
|
||||||
DCHECK(!features.IsEmpty());
|
DCHECK(!features.IsEmpty());
|
||||||
LocalFrame* frame = ToDocument(execution_context)->GetFrame();
|
Document* document = ToDocument(execution_context);
|
||||||
|
|
||||||
if (!frame || !AreFeaturesEnabled(frame, features)) {
|
if (!AreFeaturesEnabled(document, features)) {
|
||||||
exception_state.ThrowSecurityError(
|
exception_state.ThrowSecurityError(
|
||||||
"Access to sensor features is disallowed by feature policy");
|
"Access to sensor features is disallowed by feature policy");
|
||||||
return;
|
return;
|
||||||
|
@ -144,8 +144,8 @@ ScriptPromise NavigatorVR::getVRDisplays(ScriptState* script_state) {
|
|||||||
script_state, DOMException::Create(DOMExceptionCode::kInvalidStateError,
|
script_state, DOMException::Create(DOMExceptionCode::kInvalidStateError,
|
||||||
kNotAssociatedWithDocumentMessage));
|
kNotAssociatedWithDocumentMessage));
|
||||||
}
|
}
|
||||||
if (!frame->DeprecatedIsFeatureEnabled(mojom::FeaturePolicyFeature::kWebVr,
|
if (!GetDocument()->IsFeatureEnabled(mojom::FeaturePolicyFeature::kWebVr,
|
||||||
ReportOptions::kReportOnFailure)) {
|
ReportOptions::kReportOnFailure)) {
|
||||||
return ScriptPromise::RejectWithDOMException(
|
return ScriptPromise::RejectWithDOMException(
|
||||||
script_state, DOMException::Create(DOMExceptionCode::kSecurityError,
|
script_state, DOMException::Create(DOMExceptionCode::kSecurityError,
|
||||||
kFeaturePolicyBlockedMessage));
|
kFeaturePolicyBlockedMessage));
|
||||||
|
@ -102,9 +102,8 @@ ScriptPromise NavigatorWebMIDI::requestMIDIAccess(ScriptState* script_state,
|
|||||||
UseCounter::CountCrossOriginIframe(
|
UseCounter::CountCrossOriginIframe(
|
||||||
document, WebFeature::kRequestMIDIAccessIframe_ObscuredByFootprinting);
|
document, WebFeature::kRequestMIDIAccessIframe_ObscuredByFootprinting);
|
||||||
|
|
||||||
if (!document.GetFrame()->DeprecatedIsFeatureEnabled(
|
if (!document.IsFeatureEnabled(mojom::FeaturePolicyFeature::kMidiFeature,
|
||||||
mojom::FeaturePolicyFeature::kMidiFeature,
|
ReportOptions::kReportOnFailure)) {
|
||||||
ReportOptions::kReportOnFailure)) {
|
|
||||||
UseCounter::Count(document, WebFeature::kMidiDisabledByFeaturePolicy);
|
UseCounter::Count(document, WebFeature::kMidiDisabledByFeaturePolicy);
|
||||||
document.AddConsoleMessage(ConsoleMessage::Create(
|
document.AddConsoleMessage(ConsoleMessage::Create(
|
||||||
kJSMessageSource, kWarningMessageLevel, kFeaturePolicyConsoleWarning));
|
kJSMessageSource, kWarningMessageLevel, kFeaturePolicyConsoleWarning));
|
||||||
|
7
third_party/blink/renderer/modules/xr/xr.cc
vendored
7
third_party/blink/renderer/modules/xr/xr.cc
vendored
@ -73,9 +73,10 @@ ScriptPromise XR::requestDevice(ScriptState* script_state) {
|
|||||||
did_log_requestDevice_ = true;
|
did_log_requestDevice_ = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!frame->DeprecatedIsFeatureEnabled(mojom::FeaturePolicyFeature::kWebVr,
|
if (!frame->GetDocument()->IsFeatureEnabled(
|
||||||
ReportOptions::kReportOnFailure)) {
|
mojom::FeaturePolicyFeature::kWebVr,
|
||||||
// Only allow the call to be made if the appropraite feature policy is in
|
ReportOptions::kReportOnFailure)) {
|
||||||
|
// Only allow the call to be made if the appropriate feature policy is in
|
||||||
// place.
|
// place.
|
||||||
return ScriptPromise::RejectWithDOMException(
|
return ScriptPromise::RejectWithDOMException(
|
||||||
script_state, DOMException::Create(DOMExceptionCode::kSecurityError,
|
script_state, DOMException::Create(DOMExceptionCode::kSecurityError,
|
||||||
|
Reference in New Issue
Block a user