Bug 1495303 - FeaturePolicy: payment, r=marcosc

2018-10-01 11:59:57 +02:00 · 2018-10-01 11:59:57 +02:00 · f48b6e8ca4
--- a/dom/html/HTMLIFrameElement.cpp
+++ b/dom/html/HTMLIFrameElement.cpp
@ -174,7 +174,8 @@ HTMLIFrameElement::AfterSetAttr(int32_t aNameSpaceID, nsAtom* aName,
    }
    if ((aName == nsGkAtoms::allow ||
         aName == nsGkAtoms::src ||
-         aName == nsGkAtoms::sandbox) &&
+         aName == nsGkAtoms::sandbox ||
+         aName == nsGkAtoms::allowpaymentrequest) &&
        StaticPrefs::dom_security_featurePolicy_enabled()) {
      RefreshFeaturePolicy();
    }
@ -307,8 +308,12 @@ HTMLIFrameElement::RefreshFeaturePolicy()

  mFeaturePolicy->InheritPolicy(OwnerDoc()->Policy());

+  if (AllowPaymentRequest()) {
+    mFeaturePolicy->MaybeSetAllowedPolicy(NS_LITERAL_STRING("payment"));
+  }
+
  // TODO: https://wicg.github.io/feature-policy/#process-feature-policy-attributes
-  // requires to check allowfullscreen, allowpaymentrequest and allowusermediarequest
+  // requires to check allowfullscreen, and allowusermediarequest
 }

 } // namespace dom
--- a/dom/payments/PaymentRequest.cpp
+++ b/dom/payments/PaymentRequest.cpp
@ -6,6 +6,7 @@

 #include "BasicCardPayment.h"
 #include "mozilla/dom/Element.h"
+#include "mozilla/dom/FeaturePolicyUtils.h"
 #include "mozilla/dom/PaymentRequest.h"
 #include "mozilla/dom/PaymentRequestChild.h"
 #include "mozilla/dom/PaymentResponse.h"
@ -560,6 +561,12 @@ PaymentRequest::Constructor(const GlobalObject& aGlobal,
    return nullptr;
  }

+  if (!FeaturePolicyUtils::IsFeatureAllowed(doc,
+                                            NS_LITERAL_STRING("payment"))) {
+    aRv.Throw(NS_ERROR_DOM_SECURITY_ERR);
+    return nullptr;
+  }
+
  // Check if AllowPaymentRequest on the owner document
  if (!doc->AllowPaymentRequest()) {
    aRv.Throw(NS_ERROR_DOM_SECURITY_ERR);
--- a/dom/security/featurepolicy/FeaturePolicy.cpp
+++ b/dom/security/featurepolicy/FeaturePolicy.cpp
@ -182,3 +182,18 @@ FeaturePolicy::GetAllowlistForFeature(const nsAString& aFeatureName,
    aList.AppendElement(defaultAllowList);
  }
 }
+
+void
+FeaturePolicy::MaybeSetAllowedPolicy(const nsAString& aFeatureName)
+{
+  MOZ_ASSERT(FeaturePolicyUtils::IsSupportedFeature(aFeatureName));
+
+  if (HasDeclaredFeature(aFeatureName)) {
+    return;
+  }
+
+  Feature feature(aFeatureName);
+  feature.SetAllowsAll();
+
+  mFeatures.AppendElement(feature);
+}
--- a/dom/security/featurepolicy/FeaturePolicy.h
+++ b/dom/security/featurepolicy/FeaturePolicy.h
@ -101,6 +101,12 @@ public:
                    const nsAString& aSrcOrigin,
                    bool aSrcEnabled);

+  // This method creates a policy for aFeatureName allowing it to '*' if it
+  // doesn't exist yet. It's used by HTMLIFrameElement to enable features by
+  // attributes.
+  void
+  MaybeSetAllowedPolicy(const nsAString& aFeatureName);
+
  // Clears all the declarative policy directives. This is needed when the
  // 'allow' attribute or the 'src' attribute change for HTMLIFrameElement's
  // policy.
--- a/dom/security/featurepolicy/FeaturePolicyUtils.cpp
+++ b/dom/security/featurepolicy/FeaturePolicyUtils.cpp
@ -47,7 +47,6 @@ static FeatureMap sSupportedFeatures[] = {
  { "microphone", FeatureMap::eSelf  },
  // TODO: not supported yet!!!
  { "midi", FeatureMap::eSelf  },
-  // TODO: not supported yet!!!
  { "payment", FeatureMap::eSelf  },
  // TODO: not supported yet!!!
  { "picture-in-picture", FeatureMap::eAll  },
--- a/testing/web-platform/meta/feature-policy/dir.ini
+++ b/testing/web-platform/meta/feature-policy/dir.ini
@ -1,2 +1,2 @@
-prefs: [dom.security.featurePolicy.enabled:true]
+prefs: [dom.security.featurePolicy.enabled:true, dom.payments.request.enabled:true]
 lsan-allowed: []
--- a/testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy-attribute-redirect-on-load.https.sub.html.ini
+++ b/testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy-attribute-redirect-on-load.https.sub.html.ini
@ -1,19 +0,0 @@
-[payment-allowed-by-feature-policy-attribute-redirect-on-load.https.sub.html]
-  [Feature-Policy allow="payment" allows same-origin relocation.]
-    expected: FAIL
-
-  [Feature-Policy allow="payment" disallows cross-origin relocation.]
-    expected: FAIL
-
-  [Feature-Policy allow="payment" allowpaymentrequest=true allows same-origin relocation.]
-    expected: FAIL
-
-  [Feature-Policy allow="payment" allowpaymentrequest=true disallows cross-origin relocation.]
-    expected: FAIL
-
-  [Feature-Policy allow="payment" allows same-origin navigation in an iframe.]
-    expected: FAIL
-
-  [Feature-Policy allow="payment" allowpaymentrequest=true allows same-origin navigation in an iframe.]
-    expected: FAIL
-
--- a/testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy-attribute.https.sub.html.ini
+++ b/testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy-attribute.https.sub.html.ini
@ -1,7 +1,4 @@
 [payment-allowed-by-feature-policy-attribute.https.sub.html]
-  [Feature policy "payment" can be enabled in same-origin iframe using allow="payment" attribute]
-    expected: FAIL
-
  [Feature policy "payment" can be enabled in cross-origin iframe using allow="payment" attribute]
    expected: FAIL

--- a/testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy.https.sub.html.ini
+++ b/testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy.https.sub.html.ini
@ -1,16 +1,4 @@
 [payment-allowed-by-feature-policy.https.sub.html]
-  [Feature-Policy header {"payment" : ["*"\]} allows the top-level document.]
-    expected: FAIL
-
-  [Feature-Policy header {"payment" : ["*"\]} allows same-origin iframes.]
-    expected: FAIL
-
  [Feature-Policy header {"payment" : ["*"\]} allows cross-origin iframes.]
    expected: FAIL

-  [Feature-Policy header {"payment" : ["*"\]} allowpaymentrequest=true allows same-origin iframes.]
-    expected: FAIL
-
-  [Feature-Policy header {"payment" : ["*"\]} allowpaymentrequest=true allows cross-origin iframes.]
-    expected: FAIL
-
--- a/testing/web-platform/meta/feature-policy/payment-default-feature-policy.https.sub.html.ini
+++ b/testing/web-platform/meta/feature-policy/payment-default-feature-policy.https.sub.html.ini
@ -1,13 +1,4 @@
 [payment-default-feature-policy.https.sub.html]
-  [Default "payment" feature policy ["self"\] allows the top-level document.]
-    expected: FAIL
-
-  [Default "payment" feature policy ["self"\] allows same-origin iframes.]
-    expected: FAIL
-
-  [Default "payment" feature policy ["self"\] allowpaymentrequest=true allows same-origin iframes.]
-    expected: FAIL
-
  [Default "payment" feature policy ["self"\] allowpaymentrequest=true allows cross-origin iframes.]
    expected: FAIL

--- a/testing/web-platform/meta/feature-policy/payment-disabled-by-feature-policy.https.sub.html.ini
+++ b/testing/web-platform/meta/feature-policy/payment-disabled-by-feature-policy.https.sub.html.ini
@ -1,4 +0,0 @@
-[payment-disabled-by-feature-policy.https.sub.html]
-  [Feature-Policy header {"payment" : [\]} disallows the top-level document.]
-    expected: FAIL
-
--- a/testing/web-platform/meta/payment-request/dir.ini
+++ b/testing/web-platform/meta/payment-request/dir.ini
@ -1 +1 @@
-prefs: [dom.payments.request.enabled:true]
+prefs: [dom.security.featurePolicy.enabled:true, dom.payments.request.enabled:true]
--- a/testing/web-platform/meta/payment-request/allowpaymentrequest/allowpaymentrequest-attribute-cross-origin-bc-containers.https.html.ini
+++ b/testing/web-platform/meta/payment-request/allowpaymentrequest/allowpaymentrequest-attribute-cross-origin-bc-containers.https.html.ini
@ -1,7 +1,6 @@
 [allowpaymentrequest-attribute-cross-origin-bc-containers.https.html]
  [iframe]
-    expected:
-      if not e10s: FAIL
+    expected: FAIL

  [frame]
    expected: