New issue
Advanced search Search tips

Issue 685195 link

Starred by 2 users
Status: Fixed
Owner:
iclell...@chromium.org
Closed: Mar 2017
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Android , Windows , Chrome , Mac
Pri: 1
Type: Feature

Blocked on:
issue 698481


Sign in to add a comment

Support Feature Policy in browser process

Project Member Reported by iclell...@chromium.org, Jan 25 2017 
Feature policy classes are currently implemented in the renderer, which has been acceptable so far. All of the features which we have implemented have decisions made in the renderer. New features, however, such as permission-based ones, require browser-side support. To facilitate this, we need to have an implementation of the policy objects available in the browser.

We can maintain a parallel policy object in the browser easily, as the browser is already aware of all of the relevant state, since it is being replicated for OOPIF. We should move the policy code into content/common, though, so that it can be shared between browser and renderer, rather than maintaining two separate implementations.

For ease of understanding, this will be done in stages. The current plan is:
1. Rename all of the classes to better reflect what data they contain. Current naming conflates effective policies with declared policies, and uses 'whitelist' to also refer to the mapping between whitelist and feature. This will make future work easier to understand.
2. Move all content side code into content/common/feature_policy and content/common/feature_policy
3. Construct a policy in the browser, and maintain it alongside the renderer policy.
4. Switch blink code to use the implementation in content/, with a small wrapper class.
5. Clean up unused code.
Project Member

Comment 1 by bugdroid1@chromium.org, Feb 2 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/4dbcfdcb2ce26ac7f1a3effa09631053fe5a224a

commit 4dbcfdcb2ce26ac7f1a3effa09631053fe5a224a
Author: iclelland <iclelland@chromium.org>
Date: Thu Feb 02 23:51:49 2017

Rename feature policy classes.

Previously, we were using the term 'whitelist' to refer to what is more
correctly a feature policy declaration (a feature name and a whitelist of
origins), and overloading the term 'feature policy' to refer to the contents of
a feature policy header (a collection of declarations). This CL tries to
rationalize the terminology used for class naming in blink and in content.

This is part 1 of 5 in the effort to move the FeaturePolicy implementation
into the content layer, which will facilitate use of the framework for browser-
based policy decisions.

See the other CLs in this series:
[1/5] (This CL)                                   (Rename classes)
[2/5] https://codereview.chromium.org/2654873004/ (Centralize content-side code)
[3/5] https://codereview.chromium.org/2655663004/ (Maintain parallel FP in browser)
[4/5] https://codereview.chromium.org/2651883008/ (Use content/ FP in blink)
[5/5] https://codereview.chromium.org/2656533004/ (Remove unused blink code.)

BUG= 685195 
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_site_isolation

Review-Url: https://codereview.chromium.org/2648423002
Cr-Commit-Position: refs/heads/master@{#447885}

[modify] https://crrev.com/4dbcfdcb2ce26ac7f1a3effa09631053fe5a224a/content/browser/frame_host/frame_tree_node.cc
[modify] https://crrev.com/4dbcfdcb2ce26ac7f1a3effa09631053fe5a224a/content/browser/frame_host/frame_tree_node.h
[modify] https://crrev.com/4dbcfdcb2ce26ac7f1a3effa09631053fe5a224a/content/browser/frame_host/render_frame_host_impl.cc
[modify] https://crrev.com/4dbcfdcb2ce26ac7f1a3effa09631053fe5a224a/content/browser/frame_host/render_frame_host_impl.h
[modify] https://crrev.com/4dbcfdcb2ce26ac7f1a3effa09631053fe5a224a/content/browser/site_per_process_browsertest.cc
[modify] https://crrev.com/4dbcfdcb2ce26ac7f1a3effa09631053fe5a224a/content/common/frame_messages.h
[modify] https://crrev.com/4dbcfdcb2ce26ac7f1a3effa09631053fe5a224a/content/common/frame_replication_state.cc
[modify] https://crrev.com/4dbcfdcb2ce26ac7f1a3effa09631053fe5a224a/content/common/frame_replication_state.h
[modify] https://crrev.com/4dbcfdcb2ce26ac7f1a3effa09631053fe5a224a/content/renderer/render_frame_impl.cc
[modify] https://crrev.com/4dbcfdcb2ce26ac7f1a3effa09631053fe5a224a/content/renderer/render_frame_impl.h
[modify] https://crrev.com/4dbcfdcb2ce26ac7f1a3effa09631053fe5a224a/content/renderer/render_frame_proxy.cc
[modify] https://crrev.com/4dbcfdcb2ce26ac7f1a3effa09631053fe5a224a/third_party/WebKit/Source/core/dom/SecurityContext.cpp
[modify] https://crrev.com/4dbcfdcb2ce26ac7f1a3effa09631053fe5a224a/third_party/WebKit/Source/core/dom/SecurityContext.h
[modify] https://crrev.com/4dbcfdcb2ce26ac7f1a3effa09631053fe5a224a/third_party/WebKit/Source/core/loader/FrameLoader.cpp
[modify] https://crrev.com/4dbcfdcb2ce26ac7f1a3effa09631053fe5a224a/third_party/WebKit/Source/core/loader/FrameLoaderClient.h
[modify] https://crrev.com/4dbcfdcb2ce26ac7f1a3effa09631053fe5a224a/third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp
[modify] https://crrev.com/4dbcfdcb2ce26ac7f1a3effa09631053fe5a224a/third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.h
[modify] https://crrev.com/4dbcfdcb2ce26ac7f1a3effa09631053fe5a224a/third_party/WebKit/Source/platform/feature_policy/FeaturePolicyTest.cpp
[modify] https://crrev.com/4dbcfdcb2ce26ac7f1a3effa09631053fe5a224a/third_party/WebKit/Source/web/FrameLoaderClientImpl.cpp
[modify] https://crrev.com/4dbcfdcb2ce26ac7f1a3effa09631053fe5a224a/third_party/WebKit/Source/web/FrameLoaderClientImpl.h
[modify] https://crrev.com/4dbcfdcb2ce26ac7f1a3effa09631053fe5a224a/third_party/WebKit/Source/web/WebRemoteFrameImpl.cpp
[modify] https://crrev.com/4dbcfdcb2ce26ac7f1a3effa09631053fe5a224a/third_party/WebKit/Source/web/WebRemoteFrameImpl.h
[modify] https://crrev.com/4dbcfdcb2ce26ac7f1a3effa09631053fe5a224a/third_party/WebKit/public/platform/WebFeaturePolicy.h
[modify] https://crrev.com/4dbcfdcb2ce26ac7f1a3effa09631053fe5a224a/third_party/WebKit/public/web/WebFrameClient.h
[modify] https://crrev.com/4dbcfdcb2ce26ac7f1a3effa09631053fe5a224a/third_party/WebKit/public/web/WebRemoteFrame.h
Project Member

Comment 2 by bugdroid1@chromium.org, Feb 3 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/9071e0ea6e201c38826160e2c397327a9681473e

commit 9071e0ea6e201c38826160e2c397327a9681473e
Author: iclelland <iclelland@chromium.org>
Date: Fri Feb 03 06:35:56 2017

Move content-side Feature Policy code into content/{common,child}/feature_policy

This is part 2 of 5 in the effort to move the FeaturePolicy implementation
into the content layer, which will facilitate use of the framework for browser-
based policy decisions.

See the other CLs in this series:
[1/5] https://codereview.chromium.org/2648423002/ (Rename classes)
[2/5] (This CL)                                   (Centralize content-side code)
[3/5] https://codereview.chromium.org/2655663004/ (Maintain parallel FP in browser)
[4/5] https://codereview.chromium.org/2651883008/ (Use content/ FP in blink)
[5/5] https://codereview.chromium.org/2656533004/ (Remove unused blink code.)

BUG= 685195 

Review-Url: https://codereview.chromium.org/2654873004
Cr-Commit-Position: refs/heads/master@{#447952}

[modify] https://crrev.com/9071e0ea6e201c38826160e2c397327a9681473e/content/child/BUILD.gn
[add] https://crrev.com/9071e0ea6e201c38826160e2c397327a9681473e/content/child/feature_policy/OWNERS
[add] https://crrev.com/9071e0ea6e201c38826160e2c397327a9681473e/content/child/feature_policy/feature_policy_platform.cc
[add] https://crrev.com/9071e0ea6e201c38826160e2c397327a9681473e/content/child/feature_policy/feature_policy_platform.h
[modify] https://crrev.com/9071e0ea6e201c38826160e2c397327a9681473e/content/common/BUILD.gn
[modify] https://crrev.com/9071e0ea6e201c38826160e2c397327a9681473e/content/common/DEPS
[add] https://crrev.com/9071e0ea6e201c38826160e2c397327a9681473e/content/common/feature_policy/OWNERS
[add] https://crrev.com/9071e0ea6e201c38826160e2c397327a9681473e/content/common/feature_policy/feature_policy.cc
[add] https://crrev.com/9071e0ea6e201c38826160e2c397327a9681473e/content/common/feature_policy/feature_policy.h
[modify] https://crrev.com/9071e0ea6e201c38826160e2c397327a9681473e/content/common/frame_replication_state.cc
[modify] https://crrev.com/9071e0ea6e201c38826160e2c397327a9681473e/content/common/frame_replication_state.h
[modify] https://crrev.com/9071e0ea6e201c38826160e2c397327a9681473e/content/renderer/render_frame_impl.cc
[modify] https://crrev.com/9071e0ea6e201c38826160e2c397327a9681473e/content/renderer/render_frame_proxy.cc
Project Member

Comment 3 by bugdroid1@chromium.org, Feb 9 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/2c79efe295ea0cd234b3e13b44369fdba046280e

commit 2c79efe295ea0cd234b3e13b44369fdba046280e
Author: iclelland <iclelland@chromium.org>
Date: Thu Feb 09 22:44:03 2017

Introduce content-side Feature Policy object and maintain in parallel with renderer policy.

This is part 3 of 5 in the effort to move the FeaturePolicy implementation
into the content layer, which will facilitate use of the framework for browser-
based policy decisions.

See the other CLs in this series:
[1/5] https://codereview.chromium.org/2648423002/ (Rename classes)
[2/5] https://codereview.chromium.org/2654873004/ (Centralize content-side code)
[3/5] (This CL)                                   (Maintain parallel FP in browser)
[4/5] https://codereview.chromium.org/2651883008/ (Use content/ FP in blink)
[5/5] https://codereview.chromium.org/2656533004/ (Remove unused blink code.)

BUG= 685195 
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_site_isolation

Review-Url: https://codereview.chromium.org/2655663004
Cr-Commit-Position: refs/heads/master@{#449444}

[modify] https://crrev.com/2c79efe295ea0cd234b3e13b44369fdba046280e/content/browser/frame_host/frame_tree_node.cc
[modify] https://crrev.com/2c79efe295ea0cd234b3e13b44369fdba046280e/content/browser/frame_host/frame_tree_node.h
[modify] https://crrev.com/2c79efe295ea0cd234b3e13b44369fdba046280e/content/browser/frame_host/navigator_impl.cc
[modify] https://crrev.com/2c79efe295ea0cd234b3e13b44369fdba046280e/content/browser/frame_host/render_frame_host_impl.cc
[modify] https://crrev.com/2c79efe295ea0cd234b3e13b44369fdba046280e/content/browser/frame_host/render_frame_host_impl.h
[modify] https://crrev.com/2c79efe295ea0cd234b3e13b44369fdba046280e/content/common/feature_policy/feature_policy.cc
[modify] https://crrev.com/2c79efe295ea0cd234b3e13b44369fdba046280e/content/common/feature_policy/feature_policy.h
[add] https://crrev.com/2c79efe295ea0cd234b3e13b44369fdba046280e/content/common/feature_policy/feature_policy_unittest.cc
[modify] https://crrev.com/2c79efe295ea0cd234b3e13b44369fdba046280e/content/test/BUILD.gn
[modify] https://crrev.com/2c79efe295ea0cd234b3e13b44369fdba046280e/third_party/WebKit/public/platform/WebFeaturePolicy.h

Comment 4 by iclell...@chromium.org, Mar 4 2017

Blockedon: 698481
Project Member

Comment 5 by bugdroid1@chromium.org, Mar 7 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/419a628d898182f01fe1974bca078351ef4660cb

commit 419a628d898182f01fe1974bca078351ef4660cb
Author: iclelland <iclelland@chromium.org>
Date: Tue Mar 07 18:40:46 2017

Remove unused blink::FeaturePolicy class.

This is part 5 of 5 in the effort to move the FeaturePolicy implementation
into the content layer, which will facilitate use of the framework for browser-
based policy decisions.

See the other CLs in this series:
[1/5] https://codereview.chromium.org/2648423002/ (Rename classes)
[2/5] https://codereview.chromium.org/2654873004/ (Centralize content-side code)
[3/5] https://codereview.chromium.org/2655663004/ (Maintain parallel FP in browser)
[4/5] https://codereview.chromium.org/2651883008/ (Use content/ FP in blink)
[5/5] (This CL)                                   (Remove unused blink code.)

BUG= 685195 

Review-Url: https://codereview.chromium.org/2656533004
Cr-Commit-Position: refs/heads/master@{#455152}

[modify] https://crrev.com/419a628d898182f01fe1974bca078351ef4660cb/third_party/WebKit/Source/core/html/HTMLIFrameElementAllow.cpp
[modify] https://crrev.com/419a628d898182f01fe1974bca078351ef4660cb/third_party/WebKit/Source/core/loader/FrameLoader.cpp
[modify] https://crrev.com/419a628d898182f01fe1974bca078351ef4660cb/third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp
[modify] https://crrev.com/419a628d898182f01fe1974bca078351ef4660cb/third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.h
[modify] https://crrev.com/419a628d898182f01fe1974bca078351ef4660cb/third_party/WebKit/Source/platform/feature_policy/FeaturePolicyFuzzer.cpp
[modify] https://crrev.com/419a628d898182f01fe1974bca078351ef4660cb/third_party/WebKit/Source/platform/feature_policy/FeaturePolicyTest.cpp

Comment 6 by iclell...@chromium.org, Mar 21 2017

Status: Fixed (was: Started)
Closing this as fixed; the policy is now replicated in the browser in all cases.

Sign in to add a comment