mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-24 18:55:30 +00:00

History

Ian Clelland b11c313f43 Bug 1446406 [wpt PR 10076] - Allow feature policy to be used in opaque origins., a=testonly Automatic update from web-platform-testsAllow feature policy to be used in opaque origins. Currently, policy-controlled features do not work as expected in frames with opaque origins, such as isolated sandboxes and data: URLs, because the eventual opaque origin of the frame is not known when the HTMLFrameOwnerElement builds the container policy, and so has no way to tell the browser that a particular origin should be allowed. This CL adds a new member to the ParsedFeaturePolicyDeclaration, which indicates that the iframe policy is expected to apply to the origin of the frame, and is used when that frame has an opaque origin. This can be triggered with an iframe of the form <iframe sandbox allow="feature"> or <iframe sandbox allow="feature src"> This flag is checked when building the feature policy in the new frame, and ensures that the new feature policy will allow the feature in that origin. This is the first part of the eventual solution -- currently this has the effect of allowing the feature even if a sandboxed frame navigates to a new page (causing a new opaque origin to be created for it). Subsequent CLs will add a unique identified to each such origin, and ensure that the generated policies are properly tied to the specific origin of the frame. Bug: 690520 Change-Id: Ie18b9bc3c36be6550baf5a03e355871b9589fd40 Reviewed-on: https://chromium-review.googlesource.com/963382 Reviewed-by: Daniel Cheng <dcheng@chromium.org> Reviewed-by: Jeremy Roman <jbroman@chromium.org> Reviewed-by: Alex Moshchuk <alexmos@chromium.org> Commit-Queue: Ian Clelland <iclelland@chromium.org> Cr-Commit-Position: refs/heads/master@{#550463} -- wpt-commits: 4c8580c189ce4501997af80b599bea070b1a7299 wpt-pr: 10076		2018-04-24 12:22:37 +00:00
..
experimental-features	Bug 1435337 - Update web-platform-tests to revision 7174d3e89f3057aae399483194dc4b608ee8c933, a=testonly	2018-02-02 19:09:23 +00:00
resources	Bug 1446406 [wpt PR 10076] - Allow feature policy to be used in opaque origins., a=testonly	2018-04-24 12:22:37 +00:00
autoplay-allowed-by-feature-policy-attribute-redirect-on-load.https.sub.html	Bug 1429043 - Update web-platform-tests to revision 4de5305adf3d33badc23952672bcf28168fea37e, a=testonly	2018-01-09 14:45:43 +00:00
autoplay-allowed-by-feature-policy-attribute.https.sub.html	Bug 1429043 - Update web-platform-tests to revision 4de5305adf3d33badc23952672bcf28168fea37e, a=testonly	2018-01-09 14:45:43 +00:00
autoplay-allowed-by-feature-policy.https.sub.html	Bug 1429043 - Update web-platform-tests to revision 4de5305adf3d33badc23952672bcf28168fea37e, a=testonly	2018-01-09 14:45:43 +00:00
autoplay-allowed-by-feature-policy.https.sub.html.headers	Bug 1429043 - Update web-platform-tests to revision 4de5305adf3d33badc23952672bcf28168fea37e, a=testonly	2018-01-09 14:45:43 +00:00
autoplay-default-feature-policy.https.sub.html	Bug 1429043 - Update web-platform-tests to revision 4de5305adf3d33badc23952672bcf28168fea37e, a=testonly	2018-01-09 14:45:43 +00:00
autoplay-disabled-by-feature-policy.https.sub.html	Bug 1429043 - Update web-platform-tests to revision 4de5305adf3d33badc23952672bcf28168fea37e, a=testonly	2018-01-09 14:45:43 +00:00
autoplay-disabled-by-feature-policy.https.sub.html.headers	Bug 1429043 - Update web-platform-tests to revision 4de5305adf3d33badc23952672bcf28168fea37e, a=testonly	2018-01-09 14:45:43 +00:00
feature-policy-frame-policy-allowed-for-all.https.sub.html	Bug 1440707 [wpt PR 8922] - Add WPT tests for feature policy frame policy, a=testonly	2018-04-15 08:31:32 +01:00
feature-policy-frame-policy-allowed-for-all.https.sub.html.sub.headers	Bug 1440707 [wpt PR 8922] - Add WPT tests for feature policy frame policy, a=testonly	2018-04-15 08:31:32 +01:00
feature-policy-frame-policy-allowed-for-self.https.sub.html	Bug 1446406 [wpt PR 10076] - Allow feature policy to be used in opaque origins., a=testonly	2018-04-24 12:22:37 +00:00
feature-policy-frame-policy-allowed-for-self.https.sub.html.sub.headers	Bug 1440707 [wpt PR 8922] - Add WPT tests for feature policy frame policy, a=testonly	2018-04-15 08:31:32 +01:00
feature-policy-frame-policy-allowed-for-some.https.sub.html	Bug 1440707 [wpt PR 8922] - Add WPT tests for feature policy frame policy, a=testonly	2018-04-15 08:31:32 +01:00
feature-policy-frame-policy-allowed-for-some.https.sub.html.sub.headers	Bug 1440707 [wpt PR 8922] - Add WPT tests for feature policy frame policy, a=testonly	2018-04-15 08:31:32 +01:00
feature-policy-frame-policy-disallowed-for-all.https.sub.html	Bug 1440707 [wpt PR 8922] - Add WPT tests for feature policy frame policy, a=testonly	2018-04-15 08:31:32 +01:00
feature-policy-frame-policy-disallowed-for-all.https.sub.html.sub.headers	Bug 1440707 [wpt PR 8922] - Add WPT tests for feature policy frame policy, a=testonly	2018-04-15 08:31:32 +01:00
feature-policy-header-policy-allowed-for-all.https.sub.html	Bug 1440476 [wpt PR 9238] - Reland "Add WPT tests for feature policy", a=testonly	2018-03-31 22:26:33 +01:00
feature-policy-header-policy-allowed-for-all.https.sub.html.sub.headers	Bug 1440476 [wpt PR 9238] - Reland "Add WPT tests for feature policy", a=testonly	2018-03-31 22:26:33 +01:00
feature-policy-header-policy-allowed-for-self.https.sub.html	Bug 1440476 [wpt PR 9238] - Reland "Add WPT tests for feature policy", a=testonly	2018-03-31 22:26:33 +01:00
feature-policy-header-policy-allowed-for-self.https.sub.html.sub.headers	Bug 1440476 [wpt PR 9238] - Reland "Add WPT tests for feature policy", a=testonly	2018-03-31 22:26:33 +01:00
feature-policy-header-policy-allowed-for-some.https.sub.html	Bug 1440476 [wpt PR 9238] - Reland "Add WPT tests for feature policy", a=testonly	2018-03-31 22:26:33 +01:00
feature-policy-header-policy-allowed-for-some.https.sub.html.sub.headers	Bug 1440476 [wpt PR 9238] - Reland "Add WPT tests for feature policy", a=testonly	2018-03-31 22:26:33 +01:00
feature-policy-header-policy-disallowed-for-all.https.sub.html	Bug 1440476 [wpt PR 9238] - Reland "Add WPT tests for feature policy", a=testonly	2018-03-31 22:26:33 +01:00
feature-policy-header-policy-disallowed-for-all.https.sub.html.sub.headers	Bug 1440476 [wpt PR 9238] - Reland "Add WPT tests for feature policy", a=testonly	2018-03-31 22:26:33 +01:00
feature-policy-nested-header-policy-allowed-for-all.https.sub.html	Bug 1440476 [wpt PR 9238] - Reland "Add WPT tests for feature policy", a=testonly	2018-03-31 22:26:33 +01:00
feature-policy-nested-header-policy-allowed-for-all.https.sub.html.sub.headers	Bug 1440476 [wpt PR 9238] - Reland "Add WPT tests for feature policy", a=testonly	2018-03-31 22:26:33 +01:00
feature-policy-nested-header-policy-allowed-for-self.https.sub.html	Bug 1440476 [wpt PR 9238] - Reland "Add WPT tests for feature policy", a=testonly	2018-03-31 22:26:33 +01:00
feature-policy-nested-header-policy-allowed-for-self.https.sub.html.sub.headers	Bug 1440476 [wpt PR 9238] - Reland "Add WPT tests for feature policy", a=testonly	2018-03-31 22:26:33 +01:00
feature-policy-nested-header-policy-disallowed-for-all.https.sub.html	Bug 1440476 [wpt PR 9238] - Reland "Add WPT tests for feature policy", a=testonly	2018-03-31 22:26:33 +01:00
feature-policy-nested-header-policy-disallowed-for-all.https.sub.html.sub.headers	Bug 1440476 [wpt PR 9238] - Reland "Add WPT tests for feature policy", a=testonly	2018-03-31 22:26:33 +01:00
interfaces.any.js	Bug 1452643 [wpt PR 9783] - Update the feature-policy IDL file, a=testonly	2018-04-15 08:32:13 +01:00
OWNERS
payment-allowed-by-feature-policy-attribute-redirect-on-load.https.sub.html	Bug 1429043 - Update web-platform-tests to revision 4de5305adf3d33badc23952672bcf28168fea37e, a=testonly	2018-01-09 14:45:43 +00:00
payment-allowed-by-feature-policy-attribute.https.sub.html
payment-allowed-by-feature-policy.https.sub.html
payment-allowed-by-feature-policy.https.sub.html.headers
payment-default-feature-policy.https.sub.html
payment-disabled-by-feature-policy.https.sub.html
payment-disabled-by-feature-policy.https.sub.html.headers
picture-in-picture-allowed-by-feature-policy-attribute-redirect-on-load.https.sub.html	Bug 1435868 - Update web-platform-tests to revision 1e5122139897bc70789527960120354b8c640ef0, a=testonly	2018-02-05 22:20:58 +00:00
picture-in-picture-allowed-by-feature-policy-attribute.https.sub.html	Bug 1435868 - Update web-platform-tests to revision 1e5122139897bc70789527960120354b8c640ef0, a=testonly	2018-02-05 22:20:58 +00:00
picture-in-picture-allowed-by-feature-policy.https.sub.html	Bug 1435868 - Update web-platform-tests to revision 1e5122139897bc70789527960120354b8c640ef0, a=testonly	2018-02-05 22:20:58 +00:00
picture-in-picture-allowed-by-feature-policy.https.sub.html.headers	Bug 1435868 - Update web-platform-tests to revision 1e5122139897bc70789527960120354b8c640ef0, a=testonly	2018-02-05 22:20:58 +00:00
picture-in-picture-default-feature-policy.https.sub.html	Bug 1439504 [wpt PR 9584] - [Picture-in-Picture] Update feature policy default allowlist to *., a=testonly	2018-03-31 22:24:34 +01:00
picture-in-picture-disabled-by-feature-policy.https.sub.html	Bug 1435868 - Update web-platform-tests to revision 1e5122139897bc70789527960120354b8c640ef0, a=testonly	2018-02-05 22:20:58 +00:00
picture-in-picture-disabled-by-feature-policy.https.sub.html.headers	Bug 1435868 - Update web-platform-tests to revision 1e5122139897bc70789527960120354b8c640ef0, a=testonly	2018-02-05 22:20:58 +00:00
README.md	Bug 1429043 - Update web-platform-tests to revision 4de5305adf3d33badc23952672bcf28168fea37e, a=testonly	2018-01-09 14:45:43 +00:00

README.md

Feature Policy Guide

How to Test a New Feature with Feature Policy

This directory contains a framework to test features with feature policy.

When adding a new feature to feature policy, the following cases should be tested:

feature enabled by header policy [HTTP tests]
- test when feature is enabled by feature policy HTTP headerr;
feature disabled by header policy [HTTP tests]
- test when feature is disabled by feature policy HTTP header;
feature enabled on self origin by header policy [HTTP tests]
- test when feature is enabled only on self origin by feature policy HTTP header.
feature allowed by container policy (iframe "allow" attribute);
- test when feature is enabled by iframe "allow" attribute on self and cross origins.
feature allowed by container policy, redirect on load.
- test when feature is enabled by iframe "allow" attribute when the iframe is being redirected to a new origin upon loading

How to Use the Test Framework

Use test_feature_availability() defined in /feature-policy/resources/featurepolicy.js. Please refer to the comments in /feature-policy/resources/featurepolicy.js for how this function works.

How to Write Header Policy Tests

HTTP tests are used to test features with header policy.

Define the header policy in <feature-name>-<enabled | disabled | enabled-on-self-origin>-by-feature-policy.https.sub.html.headers. Example:

Feature-Policy: feature-name *
In <feature-name>-<enabled | disabled | enabled-on-self-origin>-by-feature-policy.https.sub.html:
test if feature is enabled / disabled in the main frame;
test if feature is enabled / disabled in a same-origin iframe;
test if feature is enabled / disabled in a cross-origin iframe.

Examples: /feature-policy/payment-disabled-by-feature-policy.https.sub.html /feature-policy/payment-disabled-by-feature-policy.https.sub.html.headers

How to Write Container Policy Tests

Simply use test_feature_availability() with the optional argument feature_name specified to test if:

feature is enabled / disabled in a same-origin iframe;
feature is enabled / disabled in a cross-origin iframe.

Example: /feature-policy/payment-allowed-by-feature-policy-attribute.https.sub.html

How to Write Container Policy Tests with Redirect

Similar to the section above, append /feature-policy/resources/redirect-on-load.html# to the argument src passed to test_feature_availability().

Example: /feature-policy/payment-allowed-by-feature-policy-attribute-redirect-on-load.https.sub.html