Issue 916233 link

Starred by 1 user

Issue metadata

Status:	Fixed
Owner:	iclell...@chromium.org
Closed:	Jan 2
Components:	Blink>FeaturePolicy Blink>ReportingObserver
EstimatedDays:	----
NextAction:	----
OS:	Linux , Android , Windows , Chrome , Mac , Fuchsia
Pri:	3
Type:	Bug

Implement Feature-Policy-Report-Only header

Project Member Reported by iclell...@chromium.org, Dec 18

Issue description

To better align with CSP, Feature Policy report-only mode is moving to a new header, rather than mixing report-only and enforcing directives in the same policy definitions.

(https://github.com/WICG/feature-policy/blob/master/reporting.md#can-i-just-trigger-reports-without-actually-enforcing-the-policy)

The existing code which mixes reporting and enforcing directives can be removed, and replaced with code which parses the new header separately and applies it to the current document.

Project Member

Comment 1 by bugdroid1@chromium.org, Dec 22

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/3783894ab6b33d5112d834e43e8c06ad93a2dc09

commit 3783894ab6b33d5112d834e43e8c06ad93a2dc09
Author: Ian Clelland <iclelland@chromium.org>
Date: Sat Dec 22 00:12:17 2018

Add new Feature-Policy-Report-Only header

This removes the special parsing for "-report-only" features, and
replaces it with the new "Feature-Policy-Report-Only" header, as
noted in the explainer.
(https://github.com/WICG/feature-policy/blob/master/reporting.md)

Tests are updated for the new behaviour.

Bug:  916233 
Change-Id: Idc87e377123c618240ebf1186f7e68901d9fcbeb
Reviewed-on: https://chromium-review.googlesource.com/c/1378235
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Commit-Queue: Ian Clelland <iclelland@chromium.org>
Cr-Commit-Position: refs/heads/master@{#618685}
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/content/browser/frame_host/render_frame_host_feature_policy_unittest.cc
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/content/browser/frame_host/render_frame_host_impl.cc
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/content/browser/site_per_process_browsertest.cc
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/content/common/frame_messages.h
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/content/test/test_render_frame_host.cc
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/common/feature_policy/feature_policy.cc
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/common/feature_policy/feature_policy_mojom_traits.cc
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/common/feature_policy/feature_policy_mojom_traits.h
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/common/feature_policy/feature_policy_unittest.cc
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/public/common/feature_policy/feature_policy.h
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/public/mojom/feature_policy/feature_policy.mojom
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/public/platform/web_feature.mojom
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/renderer/core/dom/document.cc
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/renderer/core/dom/document.h
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/renderer/core/execution_context/security_context.cc
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/renderer/core/execution_context/security_context.h
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/renderer/core/feature_policy/feature_policy.cc
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/renderer/core/feature_policy/feature_policy_test.cc
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/renderer/core/feature_policy/iframe_policy.h
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/renderer/core/html/html_frame_element.cc
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/renderer/core/html/html_plugin_element.cc
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/renderer/core/loader/document_loader.cc
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/renderer/platform/network/http_names.json5
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/web_tests/external/wpt/feature-policy/reporting/camera-report-only.https.html.headers
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/web_tests/external/wpt/feature-policy/reporting/document-write-report-only.html.headers
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/web_tests/external/wpt/feature-policy/reporting/encrypted-media-report-only.https.html.headers
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/web_tests/external/wpt/feature-policy/reporting/fullscreen-report-only.html.headers
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/web_tests/external/wpt/feature-policy/reporting/generic-sensor-report-only.https.html.headers
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/web_tests/external/wpt/feature-policy/reporting/geolocation-report-only.https.html.headers
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/web_tests/external/wpt/feature-policy/reporting/microphone-report-only.https.html.headers
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/web_tests/external/wpt/feature-policy/reporting/midi-report-only.html.headers
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/web_tests/external/wpt/feature-policy/reporting/payment-report-only.https.html.headers
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/web_tests/external/wpt/feature-policy/reporting/picture-in-picture-report-only.html.headers
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/web_tests/external/wpt/feature-policy/reporting/sync-xhr-report-only.html.headers
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/web_tests/external/wpt/feature-policy/reporting/usb-report-only.https.html.headers
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/web_tests/external/wpt/feature-policy/reporting/vr-report-only.https.html.headers
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/third_party/blink/web_tests/external/wpt/feature-policy/reporting/xr-report-only.https.html.headers
[modify] https://crrev.com/3783894ab6b33d5112d834e43e8c06ad93a2dc09/tools/metrics/histograms/enums.xml

Comment 2 by iclell...@chromium.org, Jan 2

Status: Fixed (was: Started)

►

Issue 916233 link

Issue metadata

Implement Feature-Policy-Report-Only header

Issue description

Comment 1 by bugdroid1@chromium.org, Dec 22

Comment 1 Deleted

Comment 2 by iclell...@chromium.org, Jan 2

Comment 2 Deleted

Sign in to add a comment