New issue
Advanced search Search tips

Issue 703703 link

Starred by 6 users

Issue metadata

Status: Started
Owner:
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Android , Windows , Chrome , Mac
Pri: 3
Type: Feature


Sign in to add a comment

Add a Feature Policy introspection interface for JavaScript

Project Member Reported by iclell...@chromium.org, Mar 21 2017

Issue description

There should be an interface, available from sciprts, to inspect the policy which is currently being applied to a document or child frame.

See design proposal at https://docs.google.com/document/d/1xHEbR9ZTbHNqY9ituKKDxoZQbOZ3rpLfJ37U_JagdR4/edit#heading=h.n2ykb059lc7p
 

Comment 1 by lunalu@chromium.org, May 26 2017

Cc: lunalu@chromium.org
Do we have a Github issue for it yet?
I am going to create one then

Comment 4 by lunalu@chromium.org, Jun 12 2017

Cc: -lunalu@chromium.org iclell...@chromium.org
Owner: loonyb...@chromium.org
 Issue 709973  has been merged into this issue.
Blocking: 707649
Blocking: 732003
Project Member

Comment 8 by bugdroid1@chromium.org, Nov 21 2017

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/f4bdf01c99906c9f59d8e6ea4993562860ab7d3d

commit f4bdf01c99906c9f59d8e6ea4993562860ab7d3d
Author: Luna Lu <loonybear@chromium.org>
Date: Tue Nov 21 18:33:06 2017

JS exposure of feature policy

The feature policy can be inspected via the following methods:
allowsFeature(feature)
-- whether or not |feature| is allowed on the origin of the document.
allowsFeature(feature, origin)
-- whether or not |feature| is allowed on the given origin.
allowedFeatures()
-- a list of features that are enabled on the origin of the document.
getAllowlistForFeature(feature)
-- a list of explicitly named origins where the given feature is enabled, or
   {'*'} if the feature is enabled on all origins.

For more details, see the design doc at:
https://docs.google.com/a/chromium.org/document/d/1wvk3cXkblNnbkMcsKayseK-k0SMGiP9b9fQFgfpqQpc/edit?usp=sharing

Bug: 703703
Change-Id: I261f2251791ed18937d06c4eb24abf06676241cc
Reviewed-on: https://chromium-review.googlesource.com/686036
Reviewed-by: Bo <boliu@chromium.org>
Reviewed-by: Ian Clelland <iclelland@chromium.org>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Luna Lu <loonybear@chromium.org>
Cr-Commit-Position: refs/heads/master@{#518310}
[modify] https://crrev.com/f4bdf01c99906c9f59d8e6ea4993562860ab7d3d/android_webview/tools/system_webview_shell/test/data/webexposed/global-interface-listing-expected.txt
[add] https://crrev.com/f4bdf01c99906c9f59d8e6ea4993562860ab7d3d/third_party/WebKit/LayoutTests/http/tests/feature-policy/policy_main_document.php
[modify] https://crrev.com/f4bdf01c99906c9f59d8e6ea4993562860ab7d3d/third_party/WebKit/LayoutTests/webexposed/global-interface-listing-expected.txt
[modify] https://crrev.com/f4bdf01c99906c9f59d8e6ea4993562860ab7d3d/third_party/WebKit/Source/core/BUILD.gn
[modify] https://crrev.com/f4bdf01c99906c9f59d8e6ea4993562860ab7d3d/third_party/WebKit/Source/core/core_idl_files.gni
[modify] https://crrev.com/f4bdf01c99906c9f59d8e6ea4993562860ab7d3d/third_party/WebKit/Source/core/dom/BUILD.gn
[modify] https://crrev.com/f4bdf01c99906c9f59d8e6ea4993562860ab7d3d/third_party/WebKit/Source/core/dom/Document.cpp
[modify] https://crrev.com/f4bdf01c99906c9f59d8e6ea4993562860ab7d3d/third_party/WebKit/Source/core/dom/Document.h
[modify] https://crrev.com/f4bdf01c99906c9f59d8e6ea4993562860ab7d3d/third_party/WebKit/Source/core/dom/Document.idl
[add] https://crrev.com/f4bdf01c99906c9f59d8e6ea4993562860ab7d3d/third_party/WebKit/Source/core/dom/Policy.cpp
[add] https://crrev.com/f4bdf01c99906c9f59d8e6ea4993562860ab7d3d/third_party/WebKit/Source/core/dom/Policy.h
[add] https://crrev.com/f4bdf01c99906c9f59d8e6ea4993562860ab7d3d/third_party/WebKit/Source/core/dom/Policy.idl
[add] https://crrev.com/f4bdf01c99906c9f59d8e6ea4993562860ab7d3d/third_party/WebKit/Source/core/dom/PolicyTest.cpp
[modify] https://crrev.com/f4bdf01c99906c9f59d8e6ea4993562860ab7d3d/third_party/WebKit/Source/platform/exported/Platform.cpp
[modify] https://crrev.com/f4bdf01c99906c9f59d8e6ea4993562860ab7d3d/third_party/WebKit/Source/platform/runtime_enabled_features.json5
[modify] https://crrev.com/f4bdf01c99906c9f59d8e6ea4993562860ab7d3d/third_party/WebKit/common/feature_policy/feature_policy.cc
[modify] https://crrev.com/f4bdf01c99906c9f59d8e6ea4993562860ab7d3d/third_party/WebKit/common/feature_policy/feature_policy.h

Project Member

Comment 9 by bugdroid1@chromium.org, Dec 20 2017

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/832440db5c586d1bdeedfd01489e43d09de36aa9

commit 832440db5c586d1bdeedfd01489e43d09de36aa9
Author: Luna Lu <loonybear@chromium.org>
Date: Wed Dec 20 21:16:37 2017

JS exposure of feature policy (2)

The feature policy can be inspected via the following methods:
allowsFeature(feature, optional origin)
allowedFeatures()
getAllowlistForFeature(feature)

Previously feature policy is exposed via document (https://chromium-review.googlesource.com/c/chromium/src/+/686036).
This CL allow feature policy introspection in iframes.

Bug: 703703
Change-Id: I26ab245234c771330a72759f983807fbdd284781

TBR: boliu
Change-Id: I26ab245234c771330a72759f983807fbdd284781
Reviewed-on: https://chromium-review.googlesource.com/790970
Commit-Queue: Luna Lu <loonybear@chromium.org>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Reviewed-by: Ian Clelland <iclelland@chromium.org>
Cr-Commit-Position: refs/heads/master@{#525458}
[modify] https://crrev.com/832440db5c586d1bdeedfd01489e43d09de36aa9/android_webview/tools/system_webview_shell/test/data/webexposed/global-interface-listing-expected.txt
[add] https://crrev.com/832440db5c586d1bdeedfd01489e43d09de36aa9/third_party/WebKit/LayoutTests/http/tests/feature-policy/policy_iframes.php
[modify] https://crrev.com/832440db5c586d1bdeedfd01489e43d09de36aa9/third_party/WebKit/LayoutTests/webexposed/element-instance-property-listing-expected.txt
[modify] https://crrev.com/832440db5c586d1bdeedfd01489e43d09de36aa9/third_party/WebKit/LayoutTests/webexposed/global-interface-listing-expected.txt
[modify] https://crrev.com/832440db5c586d1bdeedfd01489e43d09de36aa9/third_party/WebKit/Source/core/BUILD.gn
[modify] https://crrev.com/832440db5c586d1bdeedfd01489e43d09de36aa9/third_party/WebKit/Source/core/core_idl_files.gni
[modify] https://crrev.com/832440db5c586d1bdeedfd01489e43d09de36aa9/third_party/WebKit/Source/core/dom/BUILD.gn
[modify] https://crrev.com/832440db5c586d1bdeedfd01489e43d09de36aa9/third_party/WebKit/Source/core/dom/Document.cpp
[modify] https://crrev.com/832440db5c586d1bdeedfd01489e43d09de36aa9/third_party/WebKit/Source/core/dom/Document.h
[delete] https://crrev.com/b4d9f7cbbf3f2516bed257a5f9ba2b7cd6560a4c/third_party/WebKit/Source/core/dom/Policy.h
[delete] https://crrev.com/b4d9f7cbbf3f2516bed257a5f9ba2b7cd6560a4c/third_party/WebKit/Source/core/dom/PolicyTest.cpp
[modify] https://crrev.com/832440db5c586d1bdeedfd01489e43d09de36aa9/third_party/WebKit/Source/core/html/HTMLIFrameElement.cpp
[modify] https://crrev.com/832440db5c586d1bdeedfd01489e43d09de36aa9/third_party/WebKit/Source/core/html/HTMLIFrameElement.h
[modify] https://crrev.com/832440db5c586d1bdeedfd01489e43d09de36aa9/third_party/WebKit/Source/core/html/HTMLIFrameElement.idl
[add] https://crrev.com/832440db5c586d1bdeedfd01489e43d09de36aa9/third_party/WebKit/Source/core/policy/BUILD.gn
[add] https://crrev.com/832440db5c586d1bdeedfd01489e43d09de36aa9/third_party/WebKit/Source/core/policy/DocumentPolicy.h
[add] https://crrev.com/832440db5c586d1bdeedfd01489e43d09de36aa9/third_party/WebKit/Source/core/policy/IFramePolicy.h
[rename] https://crrev.com/832440db5c586d1bdeedfd01489e43d09de36aa9/third_party/WebKit/Source/core/policy/Policy.cpp
[add] https://crrev.com/832440db5c586d1bdeedfd01489e43d09de36aa9/third_party/WebKit/Source/core/policy/Policy.h
[rename] https://crrev.com/832440db5c586d1bdeedfd01489e43d09de36aa9/third_party/WebKit/Source/core/policy/Policy.idl
[add] https://crrev.com/832440db5c586d1bdeedfd01489e43d09de36aa9/third_party/WebKit/Source/core/policy/PolicyTest.cpp

Blockedon: 810833

Comment 11 Deleted

Shouldn't allowedFeatures() return a frozen array?
It's currently defined in the spec as returning sequence<DOMString>, and the implementation matches that. The spec isn't frozen though, and that might be a good change to make before shipping, since the underlying policy can't be mutated by changing the values in the list returned by policy.allowedFeatures().

Do you want to make that suggestion on https://github.com/WICG/feature-policy/pull/184 ?
Labels: Merge-Request-69
Requesting merge of Origin Trial configuration for this API for M69
(Intent to experiment approved at https://groups.google.com/a/chromium.org/d/msg/blink-dev/pQZopKWaQIk/Z-XD1hvwBQAJ)
Cc: benmason@chromium.org
Project Member

Comment 17 by sheriffbot@chromium.org, Jul 24

Labels: -Merge-Request-69 Hotlist-Merge-Approved Merge-Approved-69
Your change meets the bar and is auto-approved for M69. Please go ahead and merge the CL to branch 3497 manually. Please contact milestone owner if you have questions.
Owners: amineer@(Android), kariahda@(iOS), cindyb@(ChromeOS), govind@(Desktop)

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Project Member

Comment 18 by bugdroid1@chromium.org, Jul 24

Labels: -merge-approved-69 merge-merged-3497
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/7e67004d5f060f4ac77ecf2191082beb0bb33783

commit 7e67004d5f060f4ac77ecf2191082beb0bb33783
Author: Ian Clelland <iclelland@chromium.org>
Date: Tue Jul 24 14:49:20 2018

Make Feature Policy JS API an Origin Trial

TBR=iclelland@chromium.org

(cherry picked from commit 6662b3a128f03150d8de6152067f5fd22e8ca955)

Bug: 703703
Change-Id: I4ab576d16835e13ad618e4e2794132be1a80f845
Reviewed-on: https://chromium-review.googlesource.com/1144274
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Reviewed-by: Jason Chase <chasej@chromium.org>
Commit-Queue: Ian Clelland <iclelland@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#576999}
Reviewed-on: https://chromium-review.googlesource.com/1148541
Reviewed-by: Ian Clelland <iclelland@chromium.org>
Cr-Commit-Position: refs/branch-heads/3497@{#41}
Cr-Branched-From: 271eaf50594eb818c9295dc78d364aea18c82ea8-refs/heads/master@{#576753}
[modify] https://crrev.com/7e67004d5f060f4ac77ecf2191082beb0bb33783/third_party/blink/public/platform/web_feature.mojom
[modify] https://crrev.com/7e67004d5f060f4ac77ecf2191082beb0bb33783/third_party/blink/renderer/core/dom/document.idl
[modify] https://crrev.com/7e67004d5f060f4ac77ecf2191082beb0bb33783/third_party/blink/renderer/core/html/html_iframe_element.idl
[modify] https://crrev.com/7e67004d5f060f4ac77ecf2191082beb0bb33783/third_party/blink/renderer/core/policy/policy.idl
[modify] https://crrev.com/7e67004d5f060f4ac77ecf2191082beb0bb33783/third_party/blink/renderer/platform/runtime_enabled_features.json5
[modify] https://crrev.com/7e67004d5f060f4ac77ecf2191082beb0bb33783/tools/metrics/histograms/enums.xml

Blockedon: 917057
Blockedon: 917070

Sign in to add a comment