-
Notifications
You must be signed in to change notification settings - Fork 6.6k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
This CL introduces the "inherited opener feature policies". This includes the logic to propagate feature policy states from a browsing context to the auxiliary browsing contexts. As the first step (and hidden behind flag) all the feature policies will be inherited by the auxiliary browsing context. The only exception is when the original context is sandboxed but allows popups to escape sandbox. The inheritance model will be fine tuned in further work. Firstly, not all features might follow this "sandbox-like" inheritance model. Also possibly through introducing a new Feature Policy (that replicates 'allow-popups-to-escape-sandbox') and special casing "rel='noopener'" there will be exit doors for the open contexts to *not* inherit the policies. These issues are currently publicly being tracked here: w3c/webappsec-permissions-policy#264 w3c/webappsec-permissions-policy#252 w3c/webappsec-permissions-policy#259 Bug: 774620 Change-Id: Ic0b5ab8155c2e5d786bc51d3f9c3a601f7e4d8e9 Reviewed-on: https://chromium-review.googlesource.com/c/1384992 Reviewed-by: Ehsan Karamad <ekaramad@chromium.org> Reviewed-by: Mike West <mkwst@chromium.org> Reviewed-by: Ian Clelland <iclelland@chromium.org> Reviewed-by: Nasko Oskov <nasko@chromium.org> Commit-Queue: Ehsan Karamad <ekaramad@chromium.org> Cr-Commit-Position: refs/heads/master@{#633452}
- Loading branch information
1 parent
b0a2bde
commit 3940708
Showing
49 changed files
with
385 additions
and
47 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
<title>Page that can opens a window to a given | ||
origin provided through postMessage.</title> | ||
<script> | ||
window.addEventListener( | ||
"message", (e) => window.open( | ||
e.data.window_url, "foo", e.data.window_feature)); | ||
</script> |
35 changes: 35 additions & 0 deletions
35
content/test/data/feature_policy_window_open_embedder.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
<!doctype html> | ||
<!-- Sandbox-ed <iframe> which does not allow escaping --> | ||
<iframe id="frame1" allow="sync-xhr 'none'" | ||
sandbox="allow-scripts allow-popups"> | ||
</iframe> | ||
<!-- Sandbox-ed <iframe> which allows escaping --> | ||
<iframe id="frame2" allow="sync-xhr 'none'" | ||
sandbox="allow-scripts allow-popups allow-popups-to-escape-sandbox"> | ||
</iframe> | ||
<!-- Not sandbox-ed <iframe> --> | ||
<iframe id="frame3" allow="sync-xhr 'none'"></iframe> | ||
<script> | ||
var frame1 = document.getElementById("frame1"), | ||
frame2 = document.getElementById("frame2"), | ||
frame3 = document.getElementById("frame3"); | ||
|
||
var frame_map = { | ||
"sandboxed": frame1, | ||
"sandboxed-escaping": frame2, | ||
"notsandboxed": frame3, | ||
}; | ||
|
||
function test(iframe_type, iframe_src, window_url, window_feature) { | ||
var iframe = frame_map[iframe_type]; | ||
iframe.src = iframe_src; | ||
// Then message will trigger |window.open| to the url |window_url|. | ||
iframe.addEventListener( | ||
"load", () => iframe.contentWindow.postMessage( | ||
{ | ||
window_url: window_url, | ||
window_feature: window_feature | ||
}, | ||
"*")); | ||
} | ||
</script> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.