Google Git
Sign in
chromium / chromium / src / 25a1416a6d94b0b26cb925a2c3be288ed361a219^! / . / content / browser / renderer_host / frame_tree_node.h
commit25a1416a6d94b0b26cb925a2c3be288ed361a219[log] [tgz]
authorLiam Brady <lbrady@google.com>Fri Dec 02 15:25:57 2022
committerChromium LUCI CQ <chromium-scoped@luci-project-accounts.iam.gserviceaccount.com>Fri Dec 02 15:25:57 2022
treeb4a53f5b7415bba21d13fee91877137ffc456fd7
parentbea60b3e522a1cd994e4b919c463e7c97d413126 [diff] [blame]
Fenced frame: introduce `allow` attribute

This CL introduces a new `allow` attribute for fenced frames. This is
based off of the attribute of the same name for iframes, and has the
same syntax for building up the permissions policies.

The attribute is sent through a new fenced frame mojo call,
`DidChangeFramePolicy`, where it is read into the fenced frame's frame
tree node to be processed during navigation.

`NavigationRequest::CheckPermissionsPoliciesForFencedFrames` now
includes checks for the fenced frame's frame policy on top of the checks
currently in place for its parent's policies.

When the fenced frame configuration code is in place, the k-anonymous
permissions needed for the fenced frame to load will be checked against
the allowed permissions which includes the "allow" attribute. Until
then, this uses the same restrictions that are currently in place for
the parent's permissions policies of a fenced frame. That is, if a
permissions policy is explicitly specified with the `allow` attribute,
attribution reporting and shared storage must be enabled for the frame's
origin.

See the "Permission policy for API backed fenced frames" explainer:
https://github.com/WICG/fenced-frame/blob/master/explainer/permissions_policy_for_API_backed_fenced_frames.md

Change-Id: I9b0e35a41edaa0dab5f7e573c0a5c4ff2c1afa61
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3999825
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Reviewed-by: Dominic Farolino <dom@chromium.org>
Commit-Queue: Liam Brady <lbrady@google.com>
Reviewed-by: Rakina Zata Amni <rakina@chromium.org>
Reviewed-by: Shivani Sharma <shivanisha@chromium.org>
Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1078585}

diff --git a/content/browser/renderer_host/frame_tree_node.h b/content/browser/renderer_host/frame_tree_node.h
index cc6507f..e678bffa 100644
--- a/content/browser/renderer_host/frame_tree_node.h
+++ b/content/browser/renderer_host/frame_tree_node.h

@@ -228,8 +228,10 @@
   // this frame. This includes flags inherited from parent frames and the latest
   // flags from the <iframe> element hosting this frame. The returned policies
   // may not yet have taken effect, since "sandbox" and "allow" attribute
-  // updates in an <iframe> element take effect on next navigation. To retrieve
-  // the currently active policy for this frame, use effective_frame_policy().
+  // updates in an <iframe> element take effect on next navigation. For
+  // <fencedframe> elements, not everything in the frame policy might actually
+  // take effect after the navigation. To retrieve the currently active policy
+  // for this frame, use effective_frame_policy().
   const blink::FramePolicy& pending_frame_policy() const {
     return pending_frame_policy_;
   }
close