Closed Bug 1676402 Opened 4 years ago Closed 4 years ago

[wpt-sync] Sync PR 26459 - Change Feature-Policy header semantics

Categories

(Core :: DOM: Security, task, P4)

task

Tracking

()

RESOLVED FIXED
84 Branch
Tracking Status
firefox84 --- fixed

People

(Reporter: wpt-sync, Unassigned)

References

()

Details

(Whiteboard: [wptsync downstream][domsecurity-backlog])

Attachments

(1 file)

Sync web-platform-tests PR 26459 into mozilla-central (this bug is closed when the sync is complete).

PR: https://github.com/web-platform-tests/wpt/pull/26459
Details from upstream follow.

b'Ian Clelland <iclelland@chromium.org>' wrote:

Change Feature-Policy header semantics

This change implements the algorithmic changes for a recent change
to the Feature/Permissions policy spec:
https://github.com/w3c/webappsec-permissions-policy/pull/378

With this change, the Feature-Policy or Permissions-Policy headers by
themselves cannot be used to delegate powerful features to cross-origin
iframes; the allow attribute must be used as well. To allow this to
still be ergonomic, the default value for the header for powerful
features is effectively '*', so that delegation is allowed by the header
implicitly. The header can now be used effectively to completely block
access to a feature, as any origins not present in the header allowlist
cannot be granted the feature through the allow attribute.

This also removes some code which previously only existed to track the
cases where this change would affect the output of an IsFeatureEnabled
call.

Several tests will have been modified or rewritten prior to landing
this change; this CL depends on the following (though they are all
independent, so they are not chained together):

This CL, while large, can best be understood as the union of the
following changes:

  • Algorithm changes, including the removal of previous "what-if" code
    and metrics:
    feature_policy.cc
    feature_policy.h
    execution_context.cc

  • Unit tests to cover those changes:
    feature_policy_unittest.cc
    render_frame_host_feature_policy_unittest.cc

  • Update WPT test expectations to account for the change in behaviour
    when only the header is used:
    3p/b/web_tests/external/wpt/feature-policy/feature-policy-*
    3p/b/web_tests/external/wpt/permissions-policy/permissions-policy-*

  • Update Blink web tests for fullscreen and payment request to validate
    that both are now working correctly with the new header semantics:
    3p/b/web_tests/http/tests/feature-policy/fullscreen*
    3p/b/web_tests/http/tests/feature-policy/payment*

  • Update Blink web tests for the iframe policy JS interface because of
    new test expectations when features are allowed/disallowed by header:
    3p/b/renderer/core/feature_policy/policy_test.cc
    3p/b/web_tests/http/tests/feature-policy/policy_iframes.php

Bug: 1095641
Change-Id: Iecbb0950c27a4565998ee5192590d6691a03b4a3

Reviewed-on: https://chromium-review.googlesource.com/2363169
WPT-Export-Revision: 581e27deb7e720badbd27b59c3f9c857a5fb138c

Component: web-platform-tests → DOM: Security
Product: Testing → Core
Whiteboard: [wptsync downstream] → [wptsync downstream][domsecurity-backlog]
Attached file Notable wpt changes
# CI Results Ran 14 Firefox configurations based on mozilla-central, and Firefox, Chrome, and Safari on GitHub CI Total 17 tests and 4 subtests ## Status Summary ### Firefox OK : 16[Gecko-android-em-7.0-x86_64-debug-geckoview, Gecko-android-em-7.0-x86_64-opt-geckoview, Gecko-android-em-7.0-x86_64-qr-debug-geckoview, Gecko-android-em-7.0-x86_64-qr-opt-geckoview] 17[Gecko-linux1804-64-debug, Gecko-linux1804-64-opt, Gecko-linux1804-64-qr-debug, Gecko-linux1804-64-qr-opt, Gecko-windows10-64-debug, Gecko-windows10-64-opt, Gecko-windows10-64-qr-debug, Gecko-windows10-64-qr-opt, Gecko-windows7-32-debug, Gecko-windows7-32-opt, GitHub] PASS: 13[GitHub] 285[Gecko-android-em-7.0-x86_64-debug-geckoview, Gecko-android-em-7.0-x86_64-opt-geckoview, Gecko-android-em-7.0-x86_64-qr-debug-geckoview, Gecko-android-em-7.0-x86_64-qr-opt-geckoview] 286[Gecko-linux1804-64-debug, Gecko-linux1804-64-opt, Gecko-linux1804-64-qr-debug, Gecko-linux1804-64-qr-opt, Gecko-windows10-64-debug, Gecko-windows10-64-opt, Gecko-windows10-64-qr-debug, Gecko-windows10-64-qr-opt, Gecko-windows7-32-debug, Gecko-windows7-32-opt] FAIL: 85[Gecko-android-em-7.0-x86_64-debug-geckoview, Gecko-android-em-7.0-x86_64-opt-geckoview, Gecko-android-em-7.0-x86_64-qr-debug-geckoview, Gecko-android-em-7.0-x86_64-qr-opt-geckoview] 88[Gecko-linux1804-64-debug, Gecko-linux1804-64-opt, Gecko-linux1804-64-qr-debug, Gecko-linux1804-64-qr-opt, Gecko-windows10-64-debug, Gecko-windows10-64-opt, Gecko-windows10-64-qr-debug, Gecko-windows10-64-qr-opt, Gecko-windows7-32-debug, Gecko-windows7-32-opt] 361[GitHub] ### Chrome OK : 17 PASS: 325 FAIL: 49 ### Safari OK : 17 PASS: 6 FAIL: 368 ## Links [Gecko CI (Treeherder)](https://treeherder.mozilla.org/#/jobs?repo=try&revision=c0fb94681a750f50587698249eb9daccfe04be01) [GitHub PR Head](https://wpt.fyi/results/?sha=2e74c86cd0e314a110f558bc5fba672d85cfc49c&label=pr_head) [GitHub PR Base](https://wpt.fyi/results/?sha=2e74c86cd0e314a110f558bc5fba672d85cfc49c&label=pr_base) ## Details ### Firefox-only Failures /permissions-policy/payment-allowed-by-permissions-policy.https.sub.html permissions policy header "payment=*" allows the top-level document.: FAIL permissions policy header "payment=*" allows same-origin iframes.: FAIL (See attachment for full changes)
Pushed by wptsync@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/1f0a86c8fabc [wpt PR 26459] - Change Feature-Policy header semantics, a=testonly https://hg.mozilla.org/integration/autoland/rev/f8dcf43d3d82 [wpt PR 26459] - Update wpt metadata, a=testonly
Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → FIXED
Target Milestone: --- → 84 Branch
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: