Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 824b90ee9bc0d7dc0bd0e554e296d6fc899ec2f3
https://github.com/WebKit/WebKit/commit/824b90ee9bc0d7dc0bd0e554e296d6fc899ec2f3
Author: Sihui Liu <sihui_...@apple.com>
Date: 2024-05-29 (Wed, 29 May 2024)
Changed paths:
M LayoutTests/fullscreen/full-screen-enabled-expected.txt
M LayoutTests/fullscreen/full-screen-enabled-prefixed-expected.txt
M LayoutTests/fullscreen/full-screen-enabled-prefixed.html
M LayoutTests/fullscreen/full-screen-enabled.html
M LayoutTests/fullscreen/full-screen-iframe-not-allowed-expected.txt
M
LayoutTests/fullscreen/full-screen-iframe-without-allow-attribute-allowed-from-parent-expected.txt
M LayoutTests/fullscreen/full-screen-restrictions-expected.txt
M LayoutTests/http/tests/fullscreen/fullscreen-feature-policy-expected.txt
M LayoutTests/http/tests/gamepad/gamepad-allow-attribute.https-expected.txt
M
LayoutTests/http/tests/media/media-stream/enumerate-devices-iframe-allow-attribute-expected.txt
M
LayoutTests/http/tests/media/media-stream/get-user-media-in-embed-element-expected.txt
M
LayoutTests/http/tests/paymentrequest/payment-allow-attribute.https-expected.txt
M
LayoutTests/http/tests/security/sandboxed-iframe-geolocation-getCurrentPosition-expected.txt
M
LayoutTests/http/tests/security/sandboxed-iframe-geolocation-watchPosition-expected.txt
M
LayoutTests/http/tests/ssl/media-stream/get-user-media-different-host-expected.txt
M LayoutTests/http/tests/ssl/media-stream/get-user-media-nested-expected.txt
M LayoutTests/http/tests/webrtc/enumerateDevicesInFrames-expected.txt
M LayoutTests/http/tests/webrtc/enumerateDevicesInFrames.html
M
LayoutTests/http/tests/webshare/webshare-allow-attribute-canShare.https-expected.txt
M
LayoutTests/http/tests/webshare/webshare-allow-attribute-share.https-expected.txt
M
LayoutTests/http/tests/webxr/webxr-third-party-iframe-issessionsupported-denied-by-insufficient-feature-policy-expected.txt
M
LayoutTests/http/tests/webxr/webxr-third-party-iframe-makexrcompatible-denied-by-insufficient-feature-policy-expected.txt
M
LayoutTests/imported/w3c/web-platform-tests/geolocation-API/disabled-by-permissions-policy.https.sub-expected.txt
M
LayoutTests/imported/w3c/web-platform-tests/geolocation-API/enabled-by-permission-policy-attribute-redirect-on-load.https.sub-expected.txt
M
LayoutTests/imported/w3c/web-platform-tests/geolocation-API/enabled-by-permissions-policy.https.sub-expected.txt
M
LayoutTests/imported/w3c/web-platform-tests/geolocation-API/enabled-on-self-origin-by-permissions-policy.https.sub-expected.txt
M
LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe-allow-expected.txt
M
LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe-allowfullscreen-expected.txt
M
LayoutTests/imported/w3c/web-platform-tests/permissions-policy/payment-allowed-by-permissions-policy-attribute-redirect-on-load.https.sub-expected.txt
M
LayoutTests/imported/w3c/web-platform-tests/permissions-policy/payment-allowed-by-permissions-policy.https.sub-expected.txt
M
LayoutTests/imported/w3c/web-platform-tests/permissions-policy/payment-default-permissions-policy.https.sub-expected.txt
M
LayoutTests/imported/w3c/web-platform-tests/permissions-policy/payment-disabled-by-permissions-policy.https.sub-expected.txt
M
LayoutTests/imported/w3c/web-platform-tests/screen-wake-lock/wakelock-enabled-by-feature-policy-attribute-redirect-on-load.https.sub-expected.txt
M
LayoutTests/imported/w3c/web-platform-tests/web-share/disabled-by-permissions-policy-cross-origin.https.sub-expected.txt
M
LayoutTests/platform/glib/imported/w3c/web-platform-tests/geolocation-API/disabled-by-permissions-policy.https.sub-expected.txt
M
LayoutTests/platform/glib/imported/w3c/web-platform-tests/geolocation-API/enabled-by-permission-policy-attribute-redirect-on-load.https.sub-expected.txt
M
LayoutTests/platform/glib/imported/w3c/web-platform-tests/geolocation-API/enabled-by-permissions-policy.https.sub-expected.txt
M
LayoutTests/platform/glib/imported/w3c/web-platform-tests/geolocation-API/enabled-on-self-origin-by-permissions-policy.https.sub-expected.txt
M
LayoutTests/platform/glib/imported/w3c/web-platform-tests/screen-wake-lock/wakelock-enabled-by-feature-policy-attribute-redirect-on-load.https.sub-expected.txt
M
LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/geolocation-API/disabled-by-permissions-policy.https.sub-expected.txt
M
LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/geolocation-API/enabled-by-permission-policy-attribute-redirect-on-load.https.sub-expected.txt
M
LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/geolocation-API/enabled-by-permissions-policy.https.sub-expected.txt
M
LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/geolocation-API/enabled-on-self-origin-by-permissions-policy.https.sub-expected.txt
M Source/WebCore/Modules/applepay/PaymentSession.cpp
M Source/WebCore/Modules/audiosession/DOMAudioSession.cpp
M Source/WebCore/Modules/gamepad/NavigatorGamepad.cpp
M Source/WebCore/Modules/geolocation/Geolocation.cpp
M Source/WebCore/Modules/mediastream/MediaDevices.cpp
M Source/WebCore/Modules/mediastream/UserMediaController.cpp
M Source/WebCore/Modules/mediastream/UserMediaRequest.cpp
M Source/WebCore/Modules/permissions/Permissions.cpp
M Source/WebCore/Modules/screen-wake-lock/WakeLock.cpp
M Source/WebCore/Modules/speech/SpeechRecognition.cpp
M Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp
M Source/WebCore/Modules/webxr/WebXRSystem.cpp
M Source/WebCore/dom/Document.cpp
M Source/WebCore/dom/Document.h
M Source/WebCore/dom/FullscreenManager.cpp
M Source/WebCore/dom/SecurityContext.cpp
M Source/WebCore/dom/SecurityContext.h
M Source/WebCore/html/HTMLIFrameElement.cpp
M Source/WebCore/html/HTMLIFrameElement.h
M Source/WebCore/html/PermissionsPolicy.cpp
M Source/WebCore/html/PermissionsPolicy.h
M Source/WebCore/html/canvas/WebGLRenderingContextBase.cpp
M Source/WebCore/loader/FrameLoader.cpp
M Source/WebCore/page/LocalDOMWindow.cpp
M Source/WebCore/page/Navigator.cpp
M Source/WebCore/xml/XMLHttpRequest.cpp
Log Message:
-----------
Implement PermissionsPolicy check based on latest spec
https://bugs.webkit.org/show_bug.cgi?id=274544
rdar://128557367
Reviewed by Youenn Fablet.
The existing check (implemented in
isPermissionsPolicyAllowedByDocumentAndAllOwners()) visits all ancestors of
Document
to compute result, which is not possible when Frames and Documents are in
different processes with site isolation.
According to latest spec, Document only needs to know policy of its parent and
policy of its container to compute
PermissionsPolicy, as Document stores the computed policy in itself. This makes
it possible to implement the check with
site isolation. Therefore, this patch updates the implementation to match
latest spec.
New test pass after change:
imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe-allow.html
imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe-allowfullscreen.html
* LayoutTests/fullscreen/full-screen-enabled-expected.txt:
* LayoutTests/fullscreen/full-screen-enabled-prefixed-expected.txt:
* LayoutTests/fullscreen/full-screen-enabled-prefixed.html: The test is
modified because latest spec specifies that
adding or removing allow attribute on iframe has no effect on already loaded
document (see
https://html.spec.whatwg.org/#attr-iframe-allowfullscreen). The test should
reload document to test changed attribute
value.
* LayoutTests/fullscreen/full-screen-enabled.html: Ditto.
* LayoutTests/fullscreen/full-screen-iframe-not-allowed-expected.txt:
*
LayoutTests/fullscreen/full-screen-iframe-without-allow-attribute-allowed-from-parent-expected.txt:
* LayoutTests/fullscreen/full-screen-restrictions-expected.txt:
* LayoutTests/http/tests/fullscreen/fullscreen-feature-policy-expected.txt:
* LayoutTests/http/tests/gamepad/gamepad-allow-attribute.https-expected.txt:
*
LayoutTests/http/tests/media/media-stream/enumerate-devices-iframe-allow-attribute-expected.txt:
*
LayoutTests/http/tests/media/media-stream/get-user-media-in-embed-element-expected.txt:
*
LayoutTests/http/tests/paymentrequest/payment-allow-attribute.https-expected.txt:
*
LayoutTests/http/tests/security/sandboxed-iframe-geolocation-getCurrentPosition-expected.txt:
*
LayoutTests/http/tests/security/sandboxed-iframe-geolocation-watchPosition-expected.txt:
*
LayoutTests/http/tests/ssl/media-stream/get-user-media-different-host-expected.txt:
* LayoutTests/http/tests/ssl/media-stream/get-user-media-nested-expected.txt:
* LayoutTests/http/tests/webrtc/enumerateDevicesInFrames-expected.txt:
* LayoutTests/http/tests/webrtc/enumerateDevicesInFrames.html:
*
LayoutTests/http/tests/webshare/webshare-allow-attribute-canShare.https-expected.txt:
*
LayoutTests/http/tests/webshare/webshare-allow-attribute-share.https-expected.txt:
*
LayoutTests/http/tests/webxr/webxr-third-party-iframe-issessionsupported-denied-by-insufficient-feature-policy-expected.txt:
*
LayoutTests/http/tests/webxr/webxr-third-party-iframe-makexrcompatible-denied-by-insufficient-feature-policy-expected.txt:
*
LayoutTests/imported/w3c/web-platform-tests/geolocation-API/disabled-by-permissions-policy.https.sub-expected.txt:
*
LayoutTests/imported/w3c/web-platform-tests/geolocation-API/enabled-by-permission-policy-attribute-redirect-on-load.https.sub-expected.txt:
*
LayoutTests/imported/w3c/web-platform-tests/geolocation-API/enabled-by-permissions-policy.https.sub-expected.txt:
*
LayoutTests/imported/w3c/web-platform-tests/geolocation-API/enabled-on-self-origin-by-permissions-policy.https.sub-expected.txt:
*
LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe-allow-expected.txt:
*
LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe-allowfullscreen-expected.txt:
*
LayoutTests/imported/w3c/web-platform-tests/permissions-policy/payment-allowed-by-permissions-policy-attribute-redirect-on-load.https.sub-expected.txt:
*
LayoutTests/imported/w3c/web-platform-tests/permissions-policy/payment-allowed-by-permissions-policy.https.sub-expected.txt:
*
LayoutTests/imported/w3c/web-platform-tests/permissions-policy/payment-default-permissions-policy.https.sub-expected.txt:
*
LayoutTests/imported/w3c/web-platform-tests/permissions-policy/payment-disabled-by-permissions-policy.https.sub-expected.txt:
*
LayoutTests/imported/w3c/web-platform-tests/screen-wake-lock/wakelock-enabled-by-feature-policy-attribute-redirect-on-load.https.sub-expected.txt:
*
LayoutTests/imported/w3c/web-platform-tests/web-share/disabled-by-permissions-policy-cross-origin.https.sub-expected.txt:
*
LayoutTests/platform/glib/imported/w3c/web-platform-tests/geolocation-API/disabled-by-permissions-policy.https.sub-expected.txt:
*
LayoutTests/platform/glib/imported/w3c/web-platform-tests/geolocation-API/enabled-by-permission-policy-attribute-redirect-on-load.https.sub-expected.txt:
*
LayoutTests/platform/glib/imported/w3c/web-platform-tests/geolocation-API/enabled-by-permissions-policy.https.sub-expected.txt:
*
LayoutTests/platform/glib/imported/w3c/web-platform-tests/geolocation-API/enabled-on-self-origin-by-permissions-policy.https.sub-expected.txt:
*
LayoutTests/platform/glib/imported/w3c/web-platform-tests/screen-wake-lock/wakelock-enabled-by-feature-policy-attribute-redirect-on-load.https.sub-expected.txt:
*
LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/geolocation-API/disabled-by-permissions-policy.https.sub-expected.txt:
*
LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/geolocation-API/enabled-by-permission-policy-attribute-redirect-on-load.https.sub-expected.txt:
*
LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/geolocation-API/enabled-by-permissions-policy.https.sub-expected.txt:
*
LayoutTests/platform/mac-wk1/imported/w3c/web-platform-tests/geolocation-API/enabled-on-self-origin-by-permissions-policy.https.sub-expected.txt:
* Source/WebCore/Modules/applepay/PaymentSession.cpp:
(WebCore::PaymentSession::canCreateSession):
* Source/WebCore/Modules/audiosession/DOMAudioSession.cpp:
(WebCore::DOMAudioSession::setType):
(WebCore::DOMAudioSession::type const):
(WebCore::DOMAudioSession::state const):
(WebCore::DOMAudioSession::scheduleStateChangeEvent):
* Source/WebCore/Modules/gamepad/NavigatorGamepad.cpp:
* Source/WebCore/Modules/geolocation/Geolocation.cpp:
(WebCore::Geolocation::shouldBlockGeolocationRequests):
* Source/WebCore/Modules/mediastream/MediaDevices.cpp:
(WebCore::checkCameraAccess):
(WebCore::checkMicrophoneAccess):
(WebCore::checkSpeakerAccess):
(WebCore::MediaDevices::listenForDeviceChanges):
* Source/WebCore/Modules/mediastream/UserMediaController.cpp:
(WebCore::UserMediaController::logEnumerateDevicesDenial):
* Source/WebCore/Modules/mediastream/UserMediaRequest.cpp:
(WebCore::UserMediaRequest::start):
* Source/WebCore/Modules/permissions/Permissions.cpp:
(WebCore::isAllowedByPermissionsPolicy):
* Source/WebCore/Modules/screen-wake-lock/WakeLock.cpp:
(WebCore::WakeLock::request):
* Source/WebCore/Modules/speech/SpeechRecognition.cpp:
(WebCore::SpeechRecognition::startRecognition):
* Source/WebCore/Modules/webauthn/AuthenticatorCoordinator.cpp:
(WebCore::AuthenticatorCoordinator::discoverFromExternalSource):
* Source/WebCore/Modules/webxr/WebXRSystem.cpp:
(WebCore::WebXRSystem::isSessionSupported):
(WebCore::WebXRSystem::isFeaturePermitted const):
* Source/WebCore/dom/Document.cpp:
(WebCore::Document::permissionsPolicy const):
(WebCore::Document::securityOriginDidChange):
* Source/WebCore/dom/Document.h:
* Source/WebCore/dom/FullscreenManager.cpp:
(WebCore::FullscreenManager::requestFullscreenForElement):
(WebCore::FullscreenManager::isFullscreenEnabled const):
* Source/WebCore/dom/SecurityContext.cpp:
(WebCore::SecurityContext::setSecurityOriginPolicy):
* Source/WebCore/dom/SecurityContext.h:
(WebCore::SecurityContext::securityOriginDidChange):
* Source/WebCore/html/HTMLIFrameElement.cpp:
(WebCore::HTMLIFrameElement::attributeChanged):
(WebCore::HTMLIFrameElement::permissionsPolicyDirective const):
(WebCore::HTMLIFrameElement::permissionsPolicy const): Deleted.
* Source/WebCore/html/HTMLIFrameElement.h:
* Source/WebCore/html/PermissionsPolicy.cpp:
(WebCore::defaultAllowlistValue):
(WebCore::isFeatureAllowedByDefaultAllowlist):
(WebCore::checkPermissionsPolicy):
(WebCore::declaredOrigin):
(WebCore::computeFeatureEnabled):
(WebCore::parseAllowlist):
(WebCore::parsePolicyDirective):
(WebCore::PermissionsPolicy::processPermissionsPolicyAttribute):
(WebCore::featureValueForOrigin):
(WebCore::PermissionsPolicy::computeInheritedPolicyValueInContainer const):
(WebCore::index):
(WebCore::PermissionsPolicy::inheritedPolicyValueForFeature const):
(WebCore::PermissionsPolicy::PermissionsPolicy):
(WebCore::PermissionsPolicy::isFeatureEnabled):
(WebCore::isPermissionsPolicyAllowedByDocumentAndAllOwners): Deleted.
(WebCore::PermissionsPolicy::parseAllowlist): Deleted.
(WebCore::PermissionsPolicy::parsePolicyDirective): Deleted.
(WebCore::PermissionsPolicy::declaredOrigin const): Deleted.
(WebCore::PermissionsPolicy::allows const): Deleted.
* Source/WebCore/html/PermissionsPolicy.h:
(WebCore::PermissionsPolicy::defaultPolicy): Deleted.
(WebCore::PermissionsPolicy::parse): Deleted.
* Source/WebCore/html/canvas/WebGLRenderingContextBase.cpp:
(WebCore::WebGLRenderingContextBase::makeXRCompatible):
* Source/WebCore/loader/FrameLoader.cpp:
(WebCore::FrameLoader::updateRequestAndAddExtraFields):
* Source/WebCore/page/LocalDOMWindow.cpp:
(WebCore::LocalDOMWindow::isAllowedToUseDeviceMotion const):
(WebCore::LocalDOMWindow::isAllowedToUseDeviceOrientation const):
* Source/WebCore/page/Navigator.cpp:
(WebCore::validateWebSharePolicy):
* Source/WebCore/xml/XMLHttpRequest.cpp:
(WebCore::XMLHttpRequest::createRequest):
Canonical link: https://commits.webkit.org/279452@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
