diff --git a/dom/html/HTMLIFrameElement.cpp b/dom/html/HTMLIFrameElement.cpp
index 1d4268ed0a11..7792cc965eaa 100644
--- a/dom/html/HTMLIFrameElement.cpp
+++ b/dom/html/HTMLIFrameElement.cpp
@@ -174,7 +174,8 @@ HTMLIFrameElement::AfterSetAttr(int32_t aNameSpaceID, nsAtom* aName,
}
if ((aName == nsGkAtoms::allow ||
aName == nsGkAtoms::src ||
- aName == nsGkAtoms::sandbox) &&
+ aName == nsGkAtoms::sandbox ||
+ aName == nsGkAtoms::allowpaymentrequest) &&
StaticPrefs::dom_security_featurePolicy_enabled()) {
RefreshFeaturePolicy();
}
@@ -307,8 +308,12 @@ HTMLIFrameElement::RefreshFeaturePolicy()
mFeaturePolicy->InheritPolicy(OwnerDoc()->Policy());
+ if (AllowPaymentRequest()) {
+ mFeaturePolicy->MaybeSetAllowedPolicy(NS_LITERAL_STRING("payment"));
+ }
+
// TODO: https://wicg.github.io/feature-policy/#process-feature-policy-attributes
- // requires to check allowfullscreen, allowpaymentrequest and allowusermediarequest
+ // requires to check allowfullscreen, and allowusermediarequest
}
} // namespace dom
diff --git a/dom/payments/PaymentRequest.cpp b/dom/payments/PaymentRequest.cpp
index 2d4073ac179b..309c50fdd8e3 100644
--- a/dom/payments/PaymentRequest.cpp
+++ b/dom/payments/PaymentRequest.cpp
@@ -6,6 +6,7 @@
#include "BasicCardPayment.h"
#include "mozilla/dom/Element.h"
+#include "mozilla/dom/FeaturePolicyUtils.h"
#include "mozilla/dom/PaymentRequest.h"
#include "mozilla/dom/PaymentRequestChild.h"
#include "mozilla/dom/PaymentResponse.h"
@@ -560,6 +561,12 @@ PaymentRequest::Constructor(const GlobalObject& aGlobal,
return nullptr;
}
+ if (!FeaturePolicyUtils::IsFeatureAllowed(doc,
+ NS_LITERAL_STRING("payment"))) {
+ aRv.Throw(NS_ERROR_DOM_SECURITY_ERR);
+ return nullptr;
+ }
+
// Check if AllowPaymentRequest on the owner document
if (!doc->AllowPaymentRequest()) {
aRv.Throw(NS_ERROR_DOM_SECURITY_ERR);
diff --git a/dom/security/featurepolicy/FeaturePolicy.cpp b/dom/security/featurepolicy/FeaturePolicy.cpp
index dc444703c765..4c3b726c8f6f 100644
--- a/dom/security/featurepolicy/FeaturePolicy.cpp
+++ b/dom/security/featurepolicy/FeaturePolicy.cpp
@@ -182,3 +182,18 @@ FeaturePolicy::GetAllowlistForFeature(const nsAString& aFeatureName,
aList.AppendElement(defaultAllowList);
}
}
+
+void
+FeaturePolicy::MaybeSetAllowedPolicy(const nsAString& aFeatureName)
+{
+ MOZ_ASSERT(FeaturePolicyUtils::IsSupportedFeature(aFeatureName));
+
+ if (HasDeclaredFeature(aFeatureName)) {
+ return;
+ }
+
+ Feature feature(aFeatureName);
+ feature.SetAllowsAll();
+
+ mFeatures.AppendElement(feature);
+}
diff --git a/dom/security/featurepolicy/FeaturePolicy.h b/dom/security/featurepolicy/FeaturePolicy.h
index 52439a626423..c3a17b593be0 100644
--- a/dom/security/featurepolicy/FeaturePolicy.h
+++ b/dom/security/featurepolicy/FeaturePolicy.h
@@ -101,6 +101,12 @@ public:
const nsAString& aSrcOrigin,
bool aSrcEnabled);
+ // This method creates a policy for aFeatureName allowing it to '*' if it
+ // doesn't exist yet. It's used by HTMLIFrameElement to enable features by
+ // attributes.
+ void
+ MaybeSetAllowedPolicy(const nsAString& aFeatureName);
+
// Clears all the declarative policy directives. This is needed when the
// 'allow' attribute or the 'src' attribute change for HTMLIFrameElement's
// policy.
diff --git a/dom/security/featurepolicy/FeaturePolicyUtils.cpp b/dom/security/featurepolicy/FeaturePolicyUtils.cpp
index 69c74dc298d5..b6d2a5f0637c 100644
--- a/dom/security/featurepolicy/FeaturePolicyUtils.cpp
+++ b/dom/security/featurepolicy/FeaturePolicyUtils.cpp
@@ -47,7 +47,6 @@ static FeatureMap sSupportedFeatures[] = {
{ "microphone", FeatureMap::eSelf },
// TODO: not supported yet!!!
{ "midi", FeatureMap::eSelf },
- // TODO: not supported yet!!!
{ "payment", FeatureMap::eSelf },
// TODO: not supported yet!!!
{ "picture-in-picture", FeatureMap::eAll },
diff --git a/testing/web-platform/meta/feature-policy/__dir__.ini b/testing/web-platform/meta/feature-policy/__dir__.ini
index 78b37848eda7..d36dce5ed800 100644
--- a/testing/web-platform/meta/feature-policy/__dir__.ini
+++ b/testing/web-platform/meta/feature-policy/__dir__.ini
@@ -1,2 +1,2 @@
-prefs: [dom.security.featurePolicy.enabled:true]
+prefs: [dom.security.featurePolicy.enabled:true, dom.payments.request.enabled:true]
lsan-allowed: []
diff --git a/testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy-attribute-redirect-on-load.https.sub.html.ini b/testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy-attribute-redirect-on-load.https.sub.html.ini
deleted file mode 100644
index ca0921e47e59..000000000000
--- a/testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy-attribute-redirect-on-load.https.sub.html.ini
+++ /dev/null
@@ -1,19 +0,0 @@
-[payment-allowed-by-feature-policy-attribute-redirect-on-load.https.sub.html]
- [Feature-Policy allow="payment" allows same-origin relocation.]
- expected: FAIL
-
- [Feature-Policy allow="payment" disallows cross-origin relocation.]
- expected: FAIL
-
- [Feature-Policy allow="payment" allowpaymentrequest=true allows same-origin relocation.]
- expected: FAIL
-
- [Feature-Policy allow="payment" allowpaymentrequest=true disallows cross-origin relocation.]
- expected: FAIL
-
- [Feature-Policy allow="payment" allows same-origin navigation in an iframe.]
- expected: FAIL
-
- [Feature-Policy allow="payment" allowpaymentrequest=true allows same-origin navigation in an iframe.]
- expected: FAIL
-
diff --git a/testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy-attribute.https.sub.html.ini b/testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy-attribute.https.sub.html.ini
index 0043c1980bc8..808a9607bc40 100644
--- a/testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy-attribute.https.sub.html.ini
+++ b/testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy-attribute.https.sub.html.ini
@@ -1,7 +1,4 @@
[payment-allowed-by-feature-policy-attribute.https.sub.html]
- [Feature policy "payment" can be enabled in same-origin iframe using allow="payment" attribute]
- expected: FAIL
-
[Feature policy "payment" can be enabled in cross-origin iframe using allow="payment" attribute]
expected: FAIL
diff --git a/testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy.https.sub.html.ini b/testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy.https.sub.html.ini
index 5adf58e13c7e..e1701dc15848 100644
--- a/testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy.https.sub.html.ini
+++ b/testing/web-platform/meta/feature-policy/payment-allowed-by-feature-policy.https.sub.html.ini
@@ -1,16 +1,4 @@
[payment-allowed-by-feature-policy.https.sub.html]
- [Feature-Policy header {"payment" : ["*"\]} allows the top-level document.]
- expected: FAIL
-
- [Feature-Policy header {"payment" : ["*"\]} allows same-origin iframes.]
- expected: FAIL
-
[Feature-Policy header {"payment" : ["*"\]} allows cross-origin iframes.]
expected: FAIL
- [Feature-Policy header {"payment" : ["*"\]} allowpaymentrequest=true allows same-origin iframes.]
- expected: FAIL
-
- [Feature-Policy header {"payment" : ["*"\]} allowpaymentrequest=true allows cross-origin iframes.]
- expected: FAIL
-
diff --git a/testing/web-platform/meta/feature-policy/payment-default-feature-policy.https.sub.html.ini b/testing/web-platform/meta/feature-policy/payment-default-feature-policy.https.sub.html.ini
index 9c163b838d72..4061ed3d7f8a 100644
--- a/testing/web-platform/meta/feature-policy/payment-default-feature-policy.https.sub.html.ini
+++ b/testing/web-platform/meta/feature-policy/payment-default-feature-policy.https.sub.html.ini
@@ -1,13 +1,4 @@
[payment-default-feature-policy.https.sub.html]
- [Default "payment" feature policy ["self"\] allows the top-level document.]
- expected: FAIL
-
- [Default "payment" feature policy ["self"\] allows same-origin iframes.]
- expected: FAIL
-
- [Default "payment" feature policy ["self"\] allowpaymentrequest=true allows same-origin iframes.]
- expected: FAIL
-
[Default "payment" feature policy ["self"\] allowpaymentrequest=true allows cross-origin iframes.]
expected: FAIL
diff --git a/testing/web-platform/meta/feature-policy/payment-disabled-by-feature-policy.https.sub.html.ini b/testing/web-platform/meta/feature-policy/payment-disabled-by-feature-policy.https.sub.html.ini
deleted file mode 100644
index 2adad859178e..000000000000
--- a/testing/web-platform/meta/feature-policy/payment-disabled-by-feature-policy.https.sub.html.ini
+++ /dev/null
@@ -1,4 +0,0 @@
-[payment-disabled-by-feature-policy.https.sub.html]
- [Feature-Policy header {"payment" : [\]} disallows the top-level document.]
- expected: FAIL
-
diff --git a/testing/web-platform/meta/payment-request/__dir__.ini b/testing/web-platform/meta/payment-request/__dir__.ini
index ed4ebc1bae8d..d639bf7adadc 100644
--- a/testing/web-platform/meta/payment-request/__dir__.ini
+++ b/testing/web-platform/meta/payment-request/__dir__.ini
@@ -1 +1 @@
-prefs: [dom.payments.request.enabled:true]
+prefs: [dom.security.featurePolicy.enabled:true, dom.payments.request.enabled:true]
diff --git a/testing/web-platform/meta/payment-request/allowpaymentrequest/allowpaymentrequest-attribute-cross-origin-bc-containers.https.html.ini b/testing/web-platform/meta/payment-request/allowpaymentrequest/allowpaymentrequest-attribute-cross-origin-bc-containers.https.html.ini
index a5e7352245e6..8f193f143617 100644
--- a/testing/web-platform/meta/payment-request/allowpaymentrequest/allowpaymentrequest-attribute-cross-origin-bc-containers.https.html.ini
+++ b/testing/web-platform/meta/payment-request/allowpaymentrequest/allowpaymentrequest-attribute-cross-origin-bc-containers.https.html.ini
@@ -1,7 +1,6 @@
[allowpaymentrequest-attribute-cross-origin-bc-containers.https.html]
[iframe]
- expected:
- if not e10s: FAIL
+ expected: FAIL
[frame]
expected: