Cherry-pick 267815.624@safari-7617-branch (0ad98b6). https://bugs.web…

…kit.org/show_bug.cgi?id=265812

Cross-origin <embed> elements can request media permission, and prompts show main-frame URL
https://bugs.webkit.org/show_bug.cgi?id=265812
rdar://119149318

Reviewed by Chris Dumez.

We should apply feature policy for all elements, including embed and frame elements.
Since there are no allow attributes, we should use the default feature policy rules for those elements.
Update isFeaturePolicyAllowedByDocumentAndAllOwners accordingly.

Rebase tests according updated console log message.

* LayoutTests/fullscreen/full-screen-enabled-expected.txt:
* LayoutTests/fullscreen/full-screen-enabled-prefixed-expected.txt:
* LayoutTests/fullscreen/full-screen-iframe-not-allowed-expected.txt:
* LayoutTests/fullscreen/full-screen-iframe-without-allow-attribute-allowed-from-parent-expected.txt:
* LayoutTests/fullscreen/full-screen-restrictions-expected.txt:
* LayoutTests/http/tests/fullscreen/fullscreen-feature-policy-expected.txt:
* LayoutTests/http/tests/media/media-stream/enumerate-devices-iframe-allow-attribute-expected.txt:
* LayoutTests/http/tests/media/media-stream/get-user-media-in-embed-element-expected.txt: Added.
* LayoutTests/http/tests/media/media-stream/get-user-media-in-embed-element.html: Added.
* LayoutTests/http/tests/media/media-stream/resources/get-user-media-embed.html: Added.
* LayoutTests/http/tests/paymentrequest/payment-allow-attribute.https-expected.txt:
* LayoutTests/http/tests/security/sandboxed-iframe-geolocation-getCurrentPosition-expected.txt:
* LayoutTests/http/tests/security/sandboxed-iframe-geolocation-watchPosition-expected.txt:
* LayoutTests/http/tests/ssl/media-stream/get-user-media-different-host-expected.txt:
* LayoutTests/http/tests/ssl/media-stream/get-user-media-nested-expected.txt:
* LayoutTests/http/tests/webrtc/enumerateDevicesInFrames-expected.txt:
* LayoutTests/http/tests/webshare/webshare-allow-attribute-canShare.https-expected.txt:
* LayoutTests/http/tests/webshare/webshare-allow-attribute-share.https-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe-allow-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe-allowfullscreen-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/mediacapture-streams/MediaStream-feature-policy-none.https-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/permissions-policy/payment-allowed-by-permissions-policy-attribute-redirect-on-load.https.sub-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/screen-wake-lock/wakelock-enabled-by-feature-policy-attribute-redirect-on-load.https.sub-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/web-share/disabled-by-permissions-policy-cross-origin.https.sub-expected.txt:
* Source/WebCore/html/FeaturePolicy.cpp:
(WebCore::isFeaturePolicyAllowedByDocumentAndAllOwners):
(WebCore::FeaturePolicy::parse):
* Source/WebCore/html/FeaturePolicy.h:
(WebCore::FeaturePolicy::defaultPolicy):
(WebCore::FeaturePolicy::parse):

Canonical link: https://commits.webkit.org/267815.624@safari-7617-branch

LayoutTests/fullscreen/full-screen-enabled-expected.txt

@@ -1,4 +1,4 @@
-CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for iframe with origin '' and allow attribute 'fullscreen 'none''.
+CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for element with origin '' and allow attribute 'fullscreen 'none''.
 This tests the fullscreenEnabled property laid out in section 4 of the W3C Full Screen API
 EXPECTED (iframe.contentDocument.webkitFullscreenEnabled == 'true') OK
 EXPECTED (iframe2.contentDocument.webkitFullscreenEnabled == 'false') OK

LayoutTests/fullscreen/full-screen-enabled-prefixed-expected.txt

@@ -1,4 +1,4 @@
-CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for iframe with origin '' and allow attribute 'fullscreen 'none''.
+CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for element with origin '' and allow attribute 'fullscreen 'none''.
 This tests the fullscreenEnabled property laid out in section 4 of the W3C Full Screen API
 EXPECTED (iframe.contentDocument.webkitFullscreenEnabled == 'true') OK
 EXPECTED (iframe2.contentDocument.webkitFullscreenEnabled == 'false') OK

LayoutTests/fullscreen/full-screen-iframe-not-allowed-expected.txt

@@ -1,4 +1,4 @@
-CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for iframe with origin '' and allow attribute 'fullscreen 'none''.
+CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for element with origin '' and allow attribute 'fullscreen 'none''.
 Test for bug 56264: Handle entering full screen security restrictions
 
 To test manually, click the "Go full screen" button - the page should not enter full screen mode.

LayoutTests/fullscreen/full-screen-iframe-without-allow-attribute-allowed-from-parent-expected.txt

@@ -1,4 +1,4 @@
-CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for iframe with origin 'null' and allow attribute ''.
+CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for element with origin 'null' and allow attribute ''.
 Test entering full screen security restrictions. An iframe without an allow attribute is still permitted to fullscreen if the request comes from the containing document.
 
 To test manually, press any key - the page should enter full screen mode.

LayoutTests/fullscreen/full-screen-restrictions-expected.txt

@@ -1,4 +1,4 @@
-CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for iframe with origin '' and allow attribute 'fullscreen 'none''.
+CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for element with origin '' and allow attribute 'fullscreen 'none''.
 This tests the restrictions to entering full screen mode laid out in section 4.1 of the W3C Full Screen API
 "The context object is not in a document."
 EVENT(webkitfullscreenerror)

LayoutTests/http/tests/fullscreen/fullscreen-feature-policy-expected.txt

@@ -1,14 +1,14 @@
-CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for iframe with origin 'http://localhost:8000' and allow attribute ''.
-CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for iframe with origin 'http://localhost:8000' and allow attribute 'fullscreen 'none''.
-CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for iframe with origin 'http://127.0.0.1:8000' and allow attribute 'fullscreen 'none''.
-CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for iframe with origin 'http://localhost:8000' and allow attribute 'fullscreen 'self''.
-CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for iframe with origin 'http://127.0.0.1:8000' and allow attribute 'fullscreen http://localhost:8000'.
-CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for iframe with origin 'http://localhost:8000' and allow attribute 'fullscreen 'none''.
-CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for iframe with origin 'http://127.0.0.1:8000' and allow attribute 'fullscreen 'none''.
-CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for iframe with origin 'http://localhost:8000' and allow attribute 'fullscreen 'self''.
-CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for iframe with origin 'http://localhost:8000' and allow attribute 'fullscreen 'none''.
-CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for iframe with origin 'http://127.0.0.1:8000' and allow attribute 'fullscreen 'none''.
-CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for iframe with origin 'http://localhost:8000' and allow attribute 'fullscreen 'self''.
+CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for element with origin 'http://localhost:8000' and allow attribute ''.
+CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for element with origin 'http://localhost:8000' and allow attribute 'fullscreen 'none''.
+CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for element with origin 'http://127.0.0.1:8000' and allow attribute 'fullscreen 'none''.
+CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for element with origin 'http://localhost:8000' and allow attribute 'fullscreen 'self''.
+CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for element with origin 'http://127.0.0.1:8000' and allow attribute 'fullscreen http://localhost:8000'.
+CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for element with origin 'http://localhost:8000' and allow attribute 'fullscreen 'none''.
+CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for element with origin 'http://127.0.0.1:8000' and allow attribute 'fullscreen 'none''.
+CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for element with origin 'http://localhost:8000' and allow attribute 'fullscreen 'self''.
+CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for element with origin 'http://localhost:8000' and allow attribute 'fullscreen 'none''.
+CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for element with origin 'http://127.0.0.1:8000' and allow attribute 'fullscreen 'none''.
+CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for element with origin 'http://localhost:8000' and allow attribute 'fullscreen 'self''.
 PASS iframe with src="http://loc..." should have document.webkitFullscreenEnabled === false.
 PASS iframe with src="../resourc..." should have document.webkitFullscreenEnabled === true.
 PASS iframe with allow="fullscreen", src="http://loc..." should have document.webkitFullscreenEnabled === true.

LayoutTests/http/tests/media/media-stream/enumerate-devices-iframe-allow-attribute-expected.txt

@@ -1,21 +1,21 @@
-CONSOLE MESSAGE: Feature policy 'Camera' check failed for iframe with origin 'http://localhost:8000' and allow attribute ''.
-CONSOLE MESSAGE: Feature policy 'Microphone' check failed for iframe with origin 'http://localhost:8000' and allow attribute ''.
+CONSOLE MESSAGE: Feature policy 'Camera' check failed for element with origin 'http://localhost:8000' and allow attribute ''.
+CONSOLE MESSAGE: Feature policy 'Microphone' check failed for element with origin 'http://localhost:8000' and allow attribute ''.
 CONSOLE MESSAGE: Not allowed to call enumerateDevices.
-CONSOLE MESSAGE: Feature policy 'Camera' check failed for iframe with origin 'http://localhost:8000' and allow attribute ''.
-CONSOLE MESSAGE: Feature policy 'Microphone' check failed for iframe with origin 'http://localhost:8000' and allow attribute ''.
+CONSOLE MESSAGE: Feature policy 'Camera' check failed for element with origin 'http://localhost:8000' and allow attribute ''.
+CONSOLE MESSAGE: Feature policy 'Microphone' check failed for element with origin 'http://localhost:8000' and allow attribute ''.
 CONSOLE MESSAGE: Not allowed to call enumerateDevices.
-CONSOLE MESSAGE: Feature policy 'Microphone' check failed for iframe with origin 'http://localhost:8000' and allow attribute ''.
+CONSOLE MESSAGE: Feature policy 'Microphone' check failed for element with origin 'http://localhost:8000' and allow attribute ''.
 CONSOLE MESSAGE: Not allowed to call getUserMedia.
-CONSOLE MESSAGE: Feature policy 'Camera' check failed for iframe with origin 'http://localhost:8000' and allow attribute ''.
+CONSOLE MESSAGE: Feature policy 'Camera' check failed for element with origin 'http://localhost:8000' and allow attribute ''.
 CONSOLE MESSAGE: Not allowed to call getUserMedia.
-CONSOLE MESSAGE: Feature policy 'Camera' check failed for iframe with origin 'http://localhost:8000' and allow attribute ''.
-CONSOLE MESSAGE: Feature policy 'Microphone' check failed for iframe with origin 'http://localhost:8000' and allow attribute ''.
+CONSOLE MESSAGE: Feature policy 'Camera' check failed for element with origin 'http://localhost:8000' and allow attribute ''.
+CONSOLE MESSAGE: Feature policy 'Microphone' check failed for element with origin 'http://localhost:8000' and allow attribute ''.
 CONSOLE MESSAGE: Not allowed to call enumerateDevices.
-CONSOLE MESSAGE: Feature policy 'Camera' check failed for iframe with origin 'http://localhost:8000' and allow attribute 'microphone'.
+CONSOLE MESSAGE: Feature policy 'Camera' check failed for element with origin 'http://localhost:8000' and allow attribute 'microphone'.
 CONSOLE MESSAGE: Not allowed to call getUserMedia.
-CONSOLE MESSAGE: Feature policy 'Microphone' check failed for iframe with origin 'http://localhost:8000' and allow attribute 'camera'.
+CONSOLE MESSAGE: Feature policy 'Microphone' check failed for element with origin 'http://localhost:8000' and allow attribute 'camera'.
 CONSOLE MESSAGE: Not allowed to call getUserMedia.
-CONSOLE MESSAGE: Feature policy 'Camera' check failed for iframe with origin 'http://localhost:8000' and allow attribute 'microphone;speaker-selection'.
+CONSOLE MESSAGE: Feature policy 'Camera' check failed for element with origin 'http://localhost:8000' and allow attribute 'microphone;speaker-selection'.
 CONSOLE MESSAGE: Not allowed to call getUserMedia.
 
 

LayoutTests/http/tests/media/media-stream/get-user-media-in-embed-element-expected.txt

@@ -0,0 +1,7 @@
+CONSOLE MESSAGE: Feature policy 'Camera' check failed for element with origin 'http://localhost:8000' and allow attribute ''.
+CONSOLE MESSAGE: Not allowed to call getUserMedia.
+
+
+PASS Same origin embed should get access to camera
+PASS Cross origin embed should not get access to camera
+

LayoutTests/http/tests/media/media-stream/get-user-media-in-embed-element.html

@@ -0,0 +1,22 @@
+<!doctype html>
+<html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<body>
+    <div id="testDiv"></div>
+
+    <script>
+promise_test(async t => {
+    testDiv.innerHTML = '<embed id="embedElement" src="resources/get-user-media-embed.html"></embed>';
+    const result = await new Promise(resolve => window.onmessage = e => resolve(e.data));
+    assert_equals(result, "OK");
+}, "Same origin embed should get access to camera");
+
+promise_test(async t => {
+    testDiv.innerHTML = '<embed id="embedElement" src="http://localhost:8000/media/media-stream/resources/get-user-media-embed.html"></embed>';
+    const result = await new Promise(resolve => window.onmessage = e => resolve(e.data));
+    assert_equals(result, "KO");
+}, "Cross origin embed should not get access to camera");
+    </script>
+</body>
+</html>

LayoutTests/http/tests/media/media-stream/resources/get-user-media-embed.html

@@ -0,0 +1,9 @@
+<script>
+onload = () => {
+    navigator.mediaDevices.getUserMedia({ video: true }).then(() => {
+        parent.postMessage("OK", "*");
+    }, () => {
+        parent.postMessage("KO", "*");
+    });
+}
+</script>

LayoutTests/http/tests/paymentrequest/payment-allow-attribute.https-expected.txt

@@ -1,8 +1,8 @@
-CONSOLE MESSAGE: Feature policy 'Payment' check failed for iframe with origin 'https://localhost:8443' and allow attribute ''.
-CONSOLE MESSAGE: Feature policy 'Payment' check failed for iframe with origin 'https://localhost:8443' and allow attribute 'payment 'none''.
-CONSOLE MESSAGE: Feature policy 'Payment' check failed for iframe with origin 'https://127.0.0.1:8443' and allow attribute 'payment 'none''.
-CONSOLE MESSAGE: Feature policy 'Payment' check failed for iframe with origin 'https://localhost:8443' and allow attribute 'payment 'self''.
-CONSOLE MESSAGE: Feature policy 'Payment' check failed for iframe with origin 'https://127.0.0.1:8443' and allow attribute 'payment https://localhost:8443'.
+CONSOLE MESSAGE: Feature policy 'Payment' check failed for element with origin 'https://localhost:8443' and allow attribute ''.
+CONSOLE MESSAGE: Feature policy 'Payment' check failed for element with origin 'https://localhost:8443' and allow attribute 'payment 'none''.
+CONSOLE MESSAGE: Feature policy 'Payment' check failed for element with origin 'https://127.0.0.1:8443' and allow attribute 'payment 'none''.
+CONSOLE MESSAGE: Feature policy 'Payment' check failed for element with origin 'https://localhost:8443' and allow attribute 'payment 'self''.
+CONSOLE MESSAGE: Feature policy 'Payment' check failed for element with origin 'https://127.0.0.1:8443' and allow attribute 'payment https://localhost:8443'.
 PASS iframe src: "https://localhost:8443/paymentrequest/resources/payment-postmessage.html" with allow="" MUST NOT create a PaymentRequest. SecurityError Third-party iframes are not allowed to request payments unless explicitly allowed via Feature-Policy (payment)
 PASS iframe src: "https://127.0.0.1:8443/paymentrequest/resources/payment-postmessage.html" with allow="" is allowed to create a PaymentRequest.
 PASS iframe src: "https://localhost:8443/paymentrequest/resources/payment-postmessage.html" with allow="payment" is allowed to create a PaymentRequest.

LayoutTests/http/tests/security/sandboxed-iframe-geolocation-getCurrentPosition-expected.txt

@@ -1,4 +1,4 @@
-CONSOLE MESSAGE: Feature policy 'Geolocation' check failed for iframe with origin 'null' and allow attribute ''.
+CONSOLE MESSAGE: Feature policy 'Geolocation' check failed for element with origin 'null' and allow attribute ''.
 Tests that navigator.geolocation.getCurrentPosition() returns error PERMISSION_DENIED when called from a document in a sandboxed iframe.
 
 

LayoutTests/http/tests/security/sandboxed-iframe-geolocation-watchPosition-expected.txt

@@ -1,4 +1,4 @@
-CONSOLE MESSAGE: Feature policy 'Geolocation' check failed for iframe with origin 'null' and allow attribute ''.
+CONSOLE MESSAGE: Feature policy 'Geolocation' check failed for element with origin 'null' and allow attribute ''.
 Tests that navigator.geolocation.watchPosition() returns error PERMISSION_DENIED when called from a document in a sandboxed iframe.
 
 

LayoutTests/http/tests/ssl/media-stream/get-user-media-different-host-expected.txt

@@ -1,4 +1,4 @@
-CONSOLE MESSAGE: Feature policy 'Microphone' check failed for iframe with origin 'https://localhost:8443' and allow attribute ''.
+CONSOLE MESSAGE: Feature policy 'Microphone' check failed for element with origin 'https://localhost:8443' and allow attribute ''.
 CONSOLE MESSAGE: Not allowed to call getUserMedia.
 Tests that getUserMedia fails when the top level document and iframe do not have the same domain.
 

LayoutTests/http/tests/ssl/media-stream/get-user-media-nested-expected.txt

@@ -1,4 +1,4 @@
-CONSOLE MESSAGE: Feature policy 'Microphone' check failed for iframe with origin 'https://localhost:8443' and allow attribute ''.
+CONSOLE MESSAGE: Feature policy 'Microphone' check failed for element with origin 'https://localhost:8443' and allow attribute ''.
 CONSOLE MESSAGE: Not allowed to call getUserMedia.
 Tests that getUserMedia fails when the top level document and iframe do not have the same domain.
 

LayoutTests/http/tests/webrtc/enumerateDevicesInFrames-expected.txt

@@ -1,5 +1,5 @@
-CONSOLE MESSAGE: Feature policy 'Camera' check failed for iframe with origin 'http://127.0.0.1:8000' and allow attribute 'microphone:'none'; camera:'none''.
-CONSOLE MESSAGE: Feature policy 'Microphone' check failed for iframe with origin 'http://127.0.0.1:8000' and allow attribute 'microphone:'none'; camera:'none''.
+CONSOLE MESSAGE: Feature policy 'Camera' check failed for element with origin 'http://127.0.0.1:8000' and allow attribute 'microphone:'none'; camera:'none''.
+CONSOLE MESSAGE: Feature policy 'Microphone' check failed for element with origin 'http://127.0.0.1:8000' and allow attribute 'microphone:'none'; camera:'none''.
 CONSOLE MESSAGE: Not allowed to call enumerateDevices.
 
 

LayoutTests/http/tests/webshare/webshare-allow-attribute-canShare.https-expected.txt

@@ -1,8 +1,8 @@
-CONSOLE MESSAGE: Feature policy 'WebShare' check failed for iframe with origin 'https://localhost:8443' and allow attribute ''.
-CONSOLE MESSAGE: Feature policy 'WebShare' check failed for iframe with origin 'https://localhost:8443' and allow attribute 'web-share 'none''.
-CONSOLE MESSAGE: Feature policy 'WebShare' check failed for iframe with origin 'https://127.0.0.1:8443' and allow attribute 'web-share 'none''.
-CONSOLE MESSAGE: Feature policy 'WebShare' check failed for iframe with origin 'https://localhost:8443' and allow attribute 'web-share 'self''.
-CONSOLE MESSAGE: Feature policy 'WebShare' check failed for iframe with origin 'https://127.0.0.1:8443' and allow attribute 'web-share https://localhost:8443'.
+CONSOLE MESSAGE: Feature policy 'WebShare' check failed for element with origin 'https://localhost:8443' and allow attribute ''.
+CONSOLE MESSAGE: Feature policy 'WebShare' check failed for element with origin 'https://localhost:8443' and allow attribute 'web-share 'none''.
+CONSOLE MESSAGE: Feature policy 'WebShare' check failed for element with origin 'https://127.0.0.1:8443' and allow attribute 'web-share 'none''.
+CONSOLE MESSAGE: Feature policy 'WebShare' check failed for element with origin 'https://localhost:8443' and allow attribute 'web-share 'self''.
+CONSOLE MESSAGE: Feature policy 'WebShare' check failed for element with origin 'https://127.0.0.1:8443' and allow attribute 'web-share https://localhost:8443'.
 PASS iframe src: "https://localhost:8443/webshare/resources/webshare-postmessage.html" with allow="" MUST NOT be allowed to call canShare().
 PASS iframe src: "https://127.0.0.1:8443/webshare/resources/webshare-postmessage.html" with allow="" is allowed to call canShare().
 PASS iframe src: "https://localhost:8443/webshare/resources/webshare-postmessage.html" with allow="web-share" is allowed to call canShare().

LayoutTests/http/tests/webshare/webshare-allow-attribute-share.https-expected.txt

@@ -1,8 +1,8 @@
-CONSOLE MESSAGE: Feature policy 'WebShare' check failed for iframe with origin 'https://localhost:8443' and allow attribute ''.
-CONSOLE MESSAGE: Feature policy 'WebShare' check failed for iframe with origin 'https://localhost:8443' and allow attribute 'web-share 'none''.
-CONSOLE MESSAGE: Feature policy 'WebShare' check failed for iframe with origin 'https://127.0.0.1:8443' and allow attribute 'web-share 'none''.
-CONSOLE MESSAGE: Feature policy 'WebShare' check failed for iframe with origin 'https://localhost:8443' and allow attribute 'web-share 'self''.
-CONSOLE MESSAGE: Feature policy 'WebShare' check failed for iframe with origin 'https://127.0.0.1:8443' and allow attribute 'web-share https://localhost:8443'.
+CONSOLE MESSAGE: Feature policy 'WebShare' check failed for element with origin 'https://localhost:8443' and allow attribute ''.
+CONSOLE MESSAGE: Feature policy 'WebShare' check failed for element with origin 'https://localhost:8443' and allow attribute 'web-share 'none''.
+CONSOLE MESSAGE: Feature policy 'WebShare' check failed for element with origin 'https://127.0.0.1:8443' and allow attribute 'web-share 'none''.
+CONSOLE MESSAGE: Feature policy 'WebShare' check failed for element with origin 'https://localhost:8443' and allow attribute 'web-share 'self''.
+CONSOLE MESSAGE: Feature policy 'WebShare' check failed for element with origin 'https://127.0.0.1:8443' and allow attribute 'web-share https://localhost:8443'.
 PASS iframe src: "https://localhost:8443/webshare/resources/webshare-postmessage.html" with allow="" MUST NOT be allowed to call share(). NotAllowedError Third-party iframes are not allowed to call share() unless explicitly allowed via Feature-Policy (web-share)
 PASS iframe src: "https://127.0.0.1:8443/webshare/resources/webshare-postmessage.html" with allow="" is allowed to call share().
 PASS iframe src: "https://localhost:8443/webshare/resources/webshare-postmessage.html" with allow="web-share" is allowed to call share().

LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe-allow-expected.txt

@@ -1,4 +1,4 @@
-CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for iframe with origin 'null' and allow attribute ''.
+CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for element with origin 'null' and allow attribute ''.
 
 FAIL iframe-cross-origin-allow assert_false: Feature should be denied when correct allow attribute is added, before reload expected false got true
 

LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe-allowfullscreen-expected.txt

@@ -1,4 +1,4 @@
-CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for iframe with origin 'null' and allow attribute ''.
+CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for element with origin 'null' and allow attribute ''.
 
 PASS iframe-same-origin-allowfullscreen
 FAIL iframe-cross-origin-allowfullscreen assert_false: Fullscreen should be denied when allowfullscreen attribute is added, before reload expected false got true