Diff
Modified: trunk/LayoutTests/ChangeLog (255667 => 255668)
--- trunk/LayoutTests/ChangeLog 2020-02-04 10:00:38 UTC (rev 255667)
+++ trunk/LayoutTests/ChangeLog 2020-02-04 10:57:44 UTC (rev 255668)
@@ -1,3 +1,24 @@
+2020-02-04 youenn fablet <[email protected]>
+
+ MediaDevices should handle changes of iframe allow attribute value
+ https://bugs.webkit.org/show_bug.cgi?id=207112
+
+ Reviewed by Eric Carlson.
+
+ * TestExpectations:
+ * fullscreen/full-screen-enabled-expected.txt:
+ * fullscreen/full-screen-enabled-prefixed-expected.txt:
+ * fullscreen/full-screen-iframe-not-allowed-expected.txt:
+ * fullscreen/full-screen-iframe-without-allow-attribute-allowed-from-parent-expected.txt:
+ * fullscreen/full-screen-restrictions-expected.txt:
+ * http/tests/fullscreen/fullscreen-feature-policy-expected.txt:
+ * http/tests/media/media-stream/enumerate-devices-iframe-allow-attribute-expected.txt:
+ * http/tests/media/media-stream/get-display-media-iframe-allow-attribute-expected.txt:
+ * http/tests/ssl/media-stream/get-user-media-different-host-expected.txt:
+ * http/tests/ssl/media-stream/get-user-media-nested-expected.txt:
+ * http/tests/webrtc/enumerateDevicesInFrames-expected.txt: Added.
+ * http/tests/webrtc/enumerateDevicesInFrames.html: Added.
+
2020-02-03 Antti Koivisto <[email protected]>
Accelerated animations freeze on render tree rebuild
Modified: trunk/LayoutTests/TestExpectations (255667 => 255668)
--- trunk/LayoutTests/TestExpectations 2020-02-04 10:00:38 UTC (rev 255667)
+++ trunk/LayoutTests/TestExpectations 2020-02-04 10:57:44 UTC (rev 255668)
@@ -771,6 +771,8 @@
webkit.org/b/189905 imported/w3c/web-platform-tests/resource-timing/resource_initiator_types.html [ Pass Failure ]
webkit.org/b/190523 imported/w3c/web-platform-tests/resource-timing/resource_timing_cross_origin_redirect_chain.html [ Pass Failure ]
+imported/w3c/web-platform-tests/mediacapture-streams/MediaStream-default-feature-policy.https.html [ DumpJSConsoleLogInStdErr ]
+
# These fetch tests are flaky or fail.
imported/w3c/web-platform-tests/fetch/api/redirect/redirect-count.any.html [ Pass Failure ]
imported/w3c/web-platform-tests/fetch/api/redirect/redirect-count.any.worker.html [ Pass Failure ]
Modified: trunk/LayoutTests/fullscreen/full-screen-enabled-expected.txt (255667 => 255668)
--- trunk/LayoutTests/fullscreen/full-screen-enabled-expected.txt 2020-02-04 10:00:38 UTC (rev 255667)
+++ trunk/LayoutTests/fullscreen/full-screen-enabled-expected.txt 2020-02-04 10:57:44 UTC (rev 255668)
@@ -1,3 +1,4 @@
+CONSOLE MESSAGE: line 56: Feature policy 'Fullscreen' check failed for iframe with origin '' and allow attribute 'fullscreen 'none''.
This tests the fullscreenEnabled property laid out in section 4 of the W3C Full Screen API
EXPECTED (iframe.contentDocument.webkitFullscreenEnabled == 'true') OK
EXPECTED (iframe2.contentDocument.webkitFullscreenEnabled == 'false') OK
Modified: trunk/LayoutTests/fullscreen/full-screen-enabled-prefixed-expected.txt (255667 => 255668)
--- trunk/LayoutTests/fullscreen/full-screen-enabled-prefixed-expected.txt 2020-02-04 10:00:38 UTC (rev 255667)
+++ trunk/LayoutTests/fullscreen/full-screen-enabled-prefixed-expected.txt 2020-02-04 10:57:44 UTC (rev 255668)
@@ -1,3 +1,4 @@
+CONSOLE MESSAGE: line 56: Feature policy 'Fullscreen' check failed for iframe with origin '' and allow attribute 'fullscreen 'none''.
This tests the fullscreenEnabled property laid out in section 4 of the W3C Full Screen API
EXPECTED (iframe.contentDocument.webkitFullscreenEnabled == 'true') OK
EXPECTED (iframe2.contentDocument.webkitFullscreenEnabled == 'false') OK
Modified: trunk/LayoutTests/fullscreen/full-screen-iframe-not-allowed-expected.txt (255667 => 255668)
--- trunk/LayoutTests/fullscreen/full-screen-iframe-not-allowed-expected.txt 2020-02-04 10:00:38 UTC (rev 255667)
+++ trunk/LayoutTests/fullscreen/full-screen-iframe-not-allowed-expected.txt 2020-02-04 10:57:44 UTC (rev 255668)
@@ -1,3 +1,4 @@
+CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for iframe with origin '' and allow attribute 'fullscreen 'none''.
Test for bug 56264: Handle entering full screen security restrictions
To test manually, click the "Go full screen" button - the page should not enter full screen mode.
Modified: trunk/LayoutTests/fullscreen/full-screen-iframe-without-allow-attribute-allowed-from-parent-expected.txt (255667 => 255668)
--- trunk/LayoutTests/fullscreen/full-screen-iframe-without-allow-attribute-allowed-from-parent-expected.txt 2020-02-04 10:00:38 UTC (rev 255667)
+++ trunk/LayoutTests/fullscreen/full-screen-iframe-without-allow-attribute-allowed-from-parent-expected.txt 2020-02-04 10:57:44 UTC (rev 255668)
@@ -1,3 +1,4 @@
+CONSOLE MESSAGE: line 1: Feature policy 'Fullscreen' check failed for iframe with origin 'null' and allow attribute ''.
Test entering full screen security restrictions. An iframe without an allow attribute is still permitted to fullscreen if the request comes from the containing document.
To test manually, press any key - the page should enter full screen mode.
Modified: trunk/LayoutTests/fullscreen/full-screen-restrictions-expected.txt (255667 => 255668)
--- trunk/LayoutTests/fullscreen/full-screen-restrictions-expected.txt 2020-02-04 10:00:38 UTC (rev 255667)
+++ trunk/LayoutTests/fullscreen/full-screen-restrictions-expected.txt 2020-02-04 10:57:44 UTC (rev 255668)
@@ -1,3 +1,4 @@
+CONSOLE MESSAGE: Feature policy 'Fullscreen' check failed for iframe with origin '' and allow attribute 'fullscreen 'none''.
This tests the restrictions to entering full screen mode laid out in section 4.1 of the W3C Full Screen API
"The context object is not in a document."
EVENT(webkitfullscreenerror)
Modified: trunk/LayoutTests/http/tests/fullscreen/fullscreen-feature-policy-expected.txt (255667 => 255668)
--- trunk/LayoutTests/http/tests/fullscreen/fullscreen-feature-policy-expected.txt 2020-02-04 10:00:38 UTC (rev 255667)
+++ trunk/LayoutTests/http/tests/fullscreen/fullscreen-feature-policy-expected.txt 2020-02-04 10:57:44 UTC (rev 255668)
@@ -1,3 +1,14 @@
+CONSOLE MESSAGE: line 9: Feature policy 'Fullscreen' check failed for iframe with origin 'http://localhost:8000' and allow attribute ''.
+CONSOLE MESSAGE: line 9: Feature policy 'Fullscreen' check failed for iframe with origin 'http://localhost:8000' and allow attribute 'fullscreen 'none''.
+CONSOLE MESSAGE: line 9: Feature policy 'Fullscreen' check failed for iframe with origin 'http://127.0.0.1:8000' and allow attribute 'fullscreen 'none''.
+CONSOLE MESSAGE: line 9: Feature policy 'Fullscreen' check failed for iframe with origin 'http://localhost:8000' and allow attribute 'fullscreen 'self''.
+CONSOLE MESSAGE: line 9: Feature policy 'Fullscreen' check failed for iframe with origin 'http://127.0.0.1:8000' and allow attribute 'fullscreen http://localhost:8000'.
+CONSOLE MESSAGE: line 9: Feature policy 'Fullscreen' check failed for iframe with origin 'http://localhost:8000' and allow attribute 'fullscreen 'none''.
+CONSOLE MESSAGE: line 9: Feature policy 'Fullscreen' check failed for iframe with origin 'http://127.0.0.1:8000' and allow attribute 'fullscreen 'none''.
+CONSOLE MESSAGE: line 9: Feature policy 'Fullscreen' check failed for iframe with origin 'http://localhost:8000' and allow attribute 'fullscreen 'self''.
+CONSOLE MESSAGE: line 9: Feature policy 'Fullscreen' check failed for iframe with origin 'http://localhost:8000' and allow attribute 'fullscreen 'none''.
+CONSOLE MESSAGE: line 9: Feature policy 'Fullscreen' check failed for iframe with origin 'http://127.0.0.1:8000' and allow attribute 'fullscreen 'none''.
+CONSOLE MESSAGE: line 9: Feature policy 'Fullscreen' check failed for iframe with origin 'http://localhost:8000' and allow attribute 'fullscreen 'self''.
PASS iframe with src="" should have document.webkitFullscreenEnabled === false.
PASS iframe with src="" should have document.webkitFullscreenEnabled === true.
PASS iframe with allow="fullscreen", src="" should have document.webkitFullscreenEnabled === true.
Modified: trunk/LayoutTests/http/tests/media/media-stream/enumerate-devices-iframe-allow-attribute-expected.txt (255667 => 255668)
--- trunk/LayoutTests/http/tests/media/media-stream/enumerate-devices-iframe-allow-attribute-expected.txt 2020-02-04 10:00:38 UTC (rev 255667)
+++ trunk/LayoutTests/http/tests/media/media-stream/enumerate-devices-iframe-allow-attribute-expected.txt 2020-02-04 10:57:44 UTC (rev 255668)
@@ -1,3 +1,5 @@
-CONSOLE MESSAGE: line 4: Trying to call enumerateDevices from a frame without correct 'allow' attribute.
+CONSOLE MESSAGE: line 4: Feature policy 'Camera' check failed for iframe with origin 'http://localhost:8000' and allow attribute ''.
+CONSOLE MESSAGE: line 4: Feature policy 'Microphone' check failed for iframe with origin 'http://localhost:8000' and allow attribute ''.
+CONSOLE MESSAGE: line 4: Not allowed to call enumerateDevices.
PASS: "allow" attribute respected in all iframes
Modified: trunk/LayoutTests/http/tests/media/media-stream/get-display-media-iframe-allow-attribute-expected.txt (255667 => 255668)
--- trunk/LayoutTests/http/tests/media/media-stream/get-display-media-iframe-allow-attribute-expected.txt 2020-02-04 10:00:38 UTC (rev 255667)
+++ trunk/LayoutTests/http/tests/media/media-stream/get-display-media-iframe-allow-attribute-expected.txt 2020-02-04 10:57:44 UTC (rev 255668)
@@ -1,6 +1,3 @@
-CONSOLE MESSAGE: line 6: Trying to call getDisplayMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 6: Trying to call getDisplayMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 6: Trying to call getDisplayMedia from a frame without correct 'allow' attribute.
PASS: <iframe allow=''> got "deny"
Modified: trunk/LayoutTests/http/tests/media/media-stream/get-display-media-iframe-allow-attribute.html (255667 => 255668)
--- trunk/LayoutTests/http/tests/media/media-stream/get-display-media-iframe-allow-attribute.html 2020-02-04 10:00:38 UTC (rev 255667)
+++ trunk/LayoutTests/http/tests/media/media-stream/get-display-media-iframe-allow-attribute.html 2020-02-04 10:57:44 UTC (rev 255668)
@@ -1,4 +1,4 @@
-<!doctype html>
+<!doctype html><!-- webkit-test-runner [ dumpJSConsoleLogInStdErr=true ] -->
<html>
<script src=""
<body>
Modified: trunk/LayoutTests/http/tests/ssl/media-stream/get-user-media-different-host-expected.txt (255667 => 255668)
--- trunk/LayoutTests/http/tests/ssl/media-stream/get-user-media-different-host-expected.txt 2020-02-04 10:00:38 UTC (rev 255667)
+++ trunk/LayoutTests/http/tests/ssl/media-stream/get-user-media-different-host-expected.txt 2020-02-04 10:57:44 UTC (rev 255668)
@@ -1,4 +1,5 @@
-CONSOLE MESSAGE: line 52: Trying to call getUserMedia from a frame without correct 'allow' attribute.
+CONSOLE MESSAGE: line 52: Feature policy 'Microphone' check failed for iframe with origin 'https://localhost:8443' and allow attribute ''.
+CONSOLE MESSAGE: line 52: Not allowed to call getUserMedia.
Tests that getUserMedia fails when the top level document and iframe do not have the same domain.
On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
Modified: trunk/LayoutTests/http/tests/ssl/media-stream/get-user-media-nested-expected.txt (255667 => 255668)
--- trunk/LayoutTests/http/tests/ssl/media-stream/get-user-media-nested-expected.txt 2020-02-04 10:00:38 UTC (rev 255667)
+++ trunk/LayoutTests/http/tests/ssl/media-stream/get-user-media-nested-expected.txt 2020-02-04 10:57:44 UTC (rev 255668)
@@ -1,4 +1,5 @@
-CONSOLE MESSAGE: line 52: Trying to call getUserMedia from a frame without correct 'allow' attribute.
+CONSOLE MESSAGE: line 52: Feature policy 'Microphone' check failed for iframe with origin 'https://localhost:8443' and allow attribute ''.
+CONSOLE MESSAGE: line 52: Not allowed to call getUserMedia.
Tests that getUserMedia fails when the top level document and iframe do not have the same domain.
On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
Added: trunk/LayoutTests/http/tests/webrtc/enumerateDevicesInFrames-expected.txt (0 => 255668)
--- trunk/LayoutTests/http/tests/webrtc/enumerateDevicesInFrames-expected.txt (rev 0)
+++ trunk/LayoutTests/http/tests/webrtc/enumerateDevicesInFrames-expected.txt 2020-02-04 10:57:44 UTC (rev 255668)
@@ -0,0 +1,7 @@
+CONSOLE MESSAGE: line 18: Feature policy 'Camera' check failed for iframe with origin 'http://127.0.0.1:8000' and allow attribute 'microphone:'none'; camera:'none''.
+CONSOLE MESSAGE: line 18: Feature policy 'Microphone' check failed for iframe with origin 'http://127.0.0.1:8000' and allow attribute 'microphone:'none'; camera:'none''.
+CONSOLE MESSAGE: line 18: Not allowed to call enumerateDevices.
+
+
+PASS allow attribute can be updated dynamically
+
Added: trunk/LayoutTests/http/tests/webrtc/enumerateDevicesInFrames.html (0 => 255668)
--- trunk/LayoutTests/http/tests/webrtc/enumerateDevicesInFrames.html (rev 0)
+++ trunk/LayoutTests/http/tests/webrtc/enumerateDevicesInFrames.html 2020-02-04 10:57:44 UTC (rev 255668)
@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<body>
+<script src=""
+<script src=""
+<script>
+function with_iframe(url, allow) {
+ let frame = document.createElement('iframe');
+ frame.src = ""
+ frame.setAttribute('allow', allow);
+ return new Promise(resolve => {
+ frame._onload_ = () => { resolve(frame); };
+ document.body.appendChild(frame);
+ });
+}
+
+promise_test(async () => {
+ let frame1 = await with_iframe("resources/", "microphone:'none'; camera:'none'");
+ let devices = await frame1.contentWindow.navigator.mediaDevices.enumerateDevices();
+ assert_equals(devices.length, 0);
+
+ frame1.removeAttribute('allow');
+ devices = await frame1.contentWindow.navigator.mediaDevices.enumerateDevices();
+ assert_not_equals(devices.length, 0);
+}, "allow attribute can be updated dynamically");
+</script>
+</body>
Modified: trunk/LayoutTests/imported/w3c/ChangeLog (255667 => 255668)
--- trunk/LayoutTests/imported/w3c/ChangeLog 2020-02-04 10:00:38 UTC (rev 255667)
+++ trunk/LayoutTests/imported/w3c/ChangeLog 2020-02-04 10:57:44 UTC (rev 255668)
@@ -1,3 +1,13 @@
+2020-02-04 youenn fablet <[email protected]>
+
+ MediaDevices should handle changes of iframe allow attribute value
+ https://bugs.webkit.org/show_bug.cgi?id=207112
+
+ Reviewed by Eric Carlson.
+
+ * web-platform-tests/mediacapture-streams/MediaStream-default-feature-policy.https-expected.txt:
+ * web-platform-tests/mediacapture-streams/MediaStream-feature-policy-none.https-expected.txt:
+
2020-02-02 Rob Buis <[email protected]>
Import WPT tests to verify pings do not send a referrer header
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/mediacapture-streams/MediaStream-default-feature-policy.https-expected.txt (255667 => 255668)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/mediacapture-streams/MediaStream-default-feature-policy.https-expected.txt 2020-02-04 10:00:38 UTC (rev 255667)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/mediacapture-streams/MediaStream-default-feature-policy.https-expected.txt 2020-02-04 10:57:44 UTC (rev 255668)
@@ -1,12 +1,3 @@
-CONSOLE MESSAGE: line 13: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 13: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 13: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 13: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 13: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 13: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 13: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 13: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 13: Trying to call getUserMedia from a frame without correct 'allow' attribute.
PASS Default "microphone" feature policy ["self"] allows the top-level document.
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/mediacapture-streams/MediaStream-feature-policy-none.https-expected.txt (255667 => 255668)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/mediacapture-streams/MediaStream-feature-policy-none.https-expected.txt 2020-02-04 10:00:38 UTC (rev 255667)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/mediacapture-streams/MediaStream-feature-policy-none.https-expected.txt 2020-02-04 10:57:44 UTC (rev 255668)
@@ -1,31 +1,59 @@
-CONSOLE MESSAGE: line 43: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 37: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 43: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 37: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 37: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 43: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 37: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 37: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 43: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 37: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 43: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 43: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 43: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 37: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 43: Trying to call getUserMedia from a frame without correct 'allow' attribute.
-CONSOLE MESSAGE: line 49: Trying to call getUserMedia from a frame without correct 'allow' attribute.
+CONSOLE MESSAGE: line 43: Feature policy 'Camera' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'camera 'none''.
+CONSOLE MESSAGE: line 43: Not allowed to call getUserMedia.
+CONSOLE MESSAGE: line 49: Feature policy 'Camera' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'camera 'none''.
+CONSOLE MESSAGE: line 49: Not allowed to call getUserMedia.
+CONSOLE MESSAGE: line 37: Feature policy 'Microphone' check failed for iframe with origin 'https://127.0.0.1:9443' and allow attribute 'camera 'none''.
+CONSOLE MESSAGE: line 37: Not allowed to call getUserMedia.
+CONSOLE MESSAGE: line 43: Feature policy 'Camera' check failed for iframe with origin 'https://127.0.0.1:9443' and allow attribute 'camera 'none''.
+CONSOLE MESSAGE: line 43: Not allowed to call getUserMedia.
+CONSOLE MESSAGE: line 49: Feature policy 'Microphone' check failed for iframe with origin 'https://127.0.0.1:9443' and allow attribute 'camera 'none''.
+CONSOLE MESSAGE: line 49: Not allowed to call getUserMedia.
+CONSOLE MESSAGE: line 37: Feature policy 'Microphone' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'microphone 'none''.
+CONSOLE MESSAGE: line 37: Not allowed to call getUserMedia.
+CONSOLE MESSAGE: line 49: Feature policy 'Microphone' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'microphone 'none''.
+CONSOLE MESSAGE: line 49: Not allowed to call getUserMedia.
+CONSOLE MESSAGE: line 37: Feature policy 'Microphone' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'microphone 'none';camera 'none''.
+CONSOLE MESSAGE: line 37: Not allowed to call getUserMedia.
+CONSOLE MESSAGE: line 43: Feature policy 'Camera' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'microphone 'none';camera 'none''.
+CONSOLE MESSAGE: line 43: Not allowed to call getUserMedia.
+CONSOLE MESSAGE: line 49: Feature policy 'Microphone' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'microphone 'none';camera 'none''.
+CONSOLE MESSAGE: line 49: Not allowed to call getUserMedia.
+CONSOLE MESSAGE: line 37: Feature policy 'Microphone' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'camera *;microphone 'none''.
+CONSOLE MESSAGE: line 37: Not allowed to call getUserMedia.
+CONSOLE MESSAGE: line 49: Feature policy 'Microphone' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'camera *;microphone 'none''.
+CONSOLE MESSAGE: line 49: Not allowed to call getUserMedia.
+CONSOLE MESSAGE: line 37: Feature policy 'Microphone' check failed for iframe with origin 'https://127.0.0.1:9443' and allow attribute 'camera *;microphone 'none''.
+CONSOLE MESSAGE: line 37: Not allowed to call getUserMedia.
+CONSOLE MESSAGE: line 49: Feature policy 'Microphone' check failed for iframe with origin 'https://127.0.0.1:9443' and allow attribute 'camera *;microphone 'none''.
+CONSOLE MESSAGE: line 49: Not allowed to call getUserMedia.
+CONSOLE MESSAGE: line 43: Feature policy 'Camera' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'camera 'none';microphone *'.
+CONSOLE MESSAGE: line 43: Not allowed to call getUserMedia.
+CONSOLE MESSAGE: line 49: Feature policy 'Camera' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'camera 'none';microphone *'.
+CONSOLE MESSAGE: line 49: Not allowed to call getUserMedia.
+CONSOLE MESSAGE: line 37: Feature policy 'Microphone' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'microphone *; microphone 'none''.
+CONSOLE MESSAGE: line 37: Not allowed to call getUserMedia.
+CONSOLE MESSAGE: line 49: Feature policy 'Microphone' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'microphone *; microphone 'none''.
+CONSOLE MESSAGE: line 49: Not allowed to call getUserMedia.
+CONSOLE MESSAGE: line 43: Feature policy 'Camera' check failed for iframe with origin 'https://127.0.0.1:9443' and allow attribute 'microphone *; camera 'self''.
+CONSOLE MESSAGE: line 43: Not allowed to call getUserMedia.
+CONSOLE MESSAGE: line 49: Feature policy 'Camera' check failed for iframe with origin 'https://127.0.0.1:9443' and allow attribute 'microphone *; camera 'self''.
+CONSOLE MESSAGE: line 49: Not allowed to call getUserMedia.
+CONSOLE MESSAGE: line 43: Feature policy 'Camera' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'microphone *; camera http:/example.org self'.
+CONSOLE MESSAGE: line 43: Not allowed to call getUserMedia.
+CONSOLE MESSAGE: line 49: Feature policy 'Camera' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'microphone *; camera http:/example.org self'.
+CONSOLE MESSAGE: line 49: Not allowed to call getUserMedia.
+CONSOLE MESSAGE: line 43: Feature policy 'Camera' check failed for iframe with origin 'https://127.0.0.1:9443' and allow attribute 'microphone *; camera http:/example.org 'self''.
+CONSOLE MESSAGE: line 43: Not allowed to call getUserMedia.
+CONSOLE MESSAGE: line 49: Feature policy 'Camera' check failed for iframe with origin 'https://127.0.0.1:9443' and allow attribute 'microphone *; camera http:/example.org 'self''.
+CONSOLE MESSAGE: line 49: Not allowed to call getUserMedia.
+CONSOLE MESSAGE: line 37: Feature policy 'Microphone' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'microphone https://127.0.0.1:9443'.
+CONSOLE MESSAGE: line 37: Not allowed to call getUserMedia.
+CONSOLE MESSAGE: line 49: Feature policy 'Microphone' check failed for iframe with origin 'https://localhost:9443' and allow attribute 'microphone https://127.0.0.1:9443'.
+CONSOLE MESSAGE: line 49: Not allowed to call getUserMedia.
+CONSOLE MESSAGE: line 43: Feature policy 'Camera' check failed for iframe with origin 'https://127.0.0.1:9443' and allow attribute 'microphone https://127.0.0.1:9443'.
+CONSOLE MESSAGE: line 43: Not allowed to call getUserMedia.
+CONSOLE MESSAGE: line 49: Feature policy 'Camera' check failed for iframe with origin 'https://127.0.0.1:9443' and allow attribute 'microphone https://127.0.0.1:9443'.
+CONSOLE MESSAGE: line 49: Not allowed to call getUserMedia.
PASS "camera 'none'" - same origin iframe
PASS "camera 'none'" - cross origin iframe
Modified: trunk/Source/WebCore/ChangeLog (255667 => 255668)
--- trunk/Source/WebCore/ChangeLog 2020-02-04 10:00:38 UTC (rev 255667)
+++ trunk/Source/WebCore/ChangeLog 2020-02-04 10:57:44 UTC (rev 255668)
@@ -1,3 +1,40 @@
+2020-02-04 youenn fablet <[email protected]>
+
+ MediaDevices should handle changes of iframe allow attribute value
+ https://bugs.webkit.org/show_bug.cgi?id=207112
+
+ Reviewed by Eric Carlson.
+
+ MediaDevices was computing whether it could access camera or microphone at creation time.
+ Since the iframe allow attribute can be modified, we cannot do that.
+ Instead, we get the feature policy everytime this is needed.
+
+ Refactor code to use the newly added routine to check for feature policy.
+ Update logging to give origin and allow attribute value of the frame that fail the feature policy check.
+
+ Test: http/tests/webrtc/enumerateDevicesInFrames.html
+
+ * Modules/mediastream/MediaDevices.cpp:
+ (WebCore::MediaDevices::MediaDevices):
+ (WebCore::MediaDevices::refreshDevices):
+ (WebCore::MediaDevices::enumerateDevices):
+ (WebCore::MediaDevices::listenForDeviceChanges):
+ * Modules/mediastream/MediaDevices.h:
+ * Modules/mediastream/UserMediaController.cpp:
+ (WebCore::UserMediaController::logGetUserMediaDenial):
+ (WebCore::UserMediaController::logGetDisplayMediaDenial):
+ (WebCore::UserMediaController::logEnumerateDevicesDenial):
+ * Modules/mediastream/UserMediaController.h:
+ * Modules/mediastream/UserMediaRequest.cpp:
+ (WebCore::UserMediaRequest::start):
+ * html/FeaturePolicy.cpp:
+ (WebCore::policyTypeName):
+ (WebCore::isFeaturePolicyAllowedByDocumentAndAllOwners):
+ * html/FeaturePolicy.h:
+ * page/DOMWindow.cpp:
+ (WebCore::DOMWindow::printErrorMessage const):
+ * page/DOMWindow.h:
+
2020-02-03 Fujii Hironori <[email protected]>
[WinCairo][curl][Clang] error: member access into incomplete type 'WebCore::SynchronousLoaderMessageQueue' in ~CurlRequest
Modified: trunk/Source/WebCore/Modules/mediastream/MediaDevices.cpp (255667 => 255668)
--- trunk/Source/WebCore/Modules/mediastream/MediaDevices.cpp 2020-02-04 10:00:38 UTC (rev 255667)
+++ trunk/Source/WebCore/Modules/mediastream/MediaDevices.cpp 2020-02-04 10:57:44 UTC (rev 255668)
@@ -62,11 +62,6 @@
static_assert(static_cast<size_t>(MediaDevices::DisplayCaptureSurfaceType::Window) == static_cast<size_t>(RealtimeMediaSourceSettings::DisplaySurfaceType::Window), "MediaDevices::DisplayCaptureSurfaceType::Window is not RealtimeMediaSourceSettings::DisplaySurfaceType::Window as expected");
static_assert(static_cast<size_t>(MediaDevices::DisplayCaptureSurfaceType::Application) == static_cast<size_t>(RealtimeMediaSourceSettings::DisplaySurfaceType::Application), "MediaDevices::DisplayCaptureSurfaceType::Application is not RealtimeMediaSourceSettings::DisplaySurfaceType::Application as expected");
static_assert(static_cast<size_t>(MediaDevices::DisplayCaptureSurfaceType::Browser) == static_cast<size_t>(RealtimeMediaSourceSettings::DisplaySurfaceType::Browser), "MediaDevices::DisplayCaptureSurfaceType::Browser is not RealtimeMediaSourceSettings::DisplaySurfaceType::Browser as expected");
-
- if (auto* controller = UserMediaController::from(document.page())) {
- m_canAccessCamera = controller->canCallGetUserMedia(document, { UserMediaController::CaptureType::Camera }) == UserMediaController::GetUserMediaAccess::CanCall;
- m_canAccessMicrophone = controller->canCallGetUserMedia(document, { UserMediaController::CaptureType::Microphone }) == UserMediaController::GetUserMediaAccess::CanCall;
- }
}
MediaDevices::~MediaDevices() = default;
@@ -160,13 +155,30 @@
request->start();
}
+static inline bool checkCameraAccess(const Document& document)
+{
+ return isFeaturePolicyAllowedByDocumentAndAllOwners(FeaturePolicy::Type::Camera, document, LogFeaturePolicyFailure::No);
+}
+
+static inline bool checkMicrophoneAccess(const Document& document)
+{
+ return isFeaturePolicyAllowedByDocumentAndAllOwners(FeaturePolicy::Type::Microphone, document, LogFeaturePolicyFailure::No);
+}
+
void MediaDevices::refreshDevices(const Vector<CaptureDevice>& newDevices)
{
+ auto* document = this->document();
+ if (!document)
+ return;
+
+ bool canAccessCamera = checkCameraAccess(*document);
+ bool canAccessMicrophone = checkMicrophoneAccess(*document);
+
Vector<Ref<MediaDeviceInfo>> devices;
for (auto& newDevice : newDevices) {
- if (!m_canAccessMicrophone && newDevice.type() == CaptureDevice::DeviceType::Microphone)
+ if (!canAccessMicrophone && newDevice.type() == CaptureDevice::DeviceType::Microphone)
continue;
- if (!m_canAccessCamera && newDevice.type() == CaptureDevice::DeviceType::Camera)
+ if (!canAccessCamera && newDevice.type() == CaptureDevice::DeviceType::Camera)
continue;
auto index = m_devices.findMatching([&newDevice](auto& oldDevice) {
@@ -194,8 +206,9 @@
promise.resolve({ });
return;
}
- if (!m_canAccessCamera && !m_canAccessMicrophone) {
- controller->logGetUserMediaDenial(*document, UserMediaController::GetUserMediaAccess::BlockedByFeaturePolicy, UserMediaController::BlockedCaller::EnumerateDevices);
+
+ if (!checkCameraAccess(*document) && !checkMicrophoneAccess(*document)) {
+ controller->logEnumerateDevicesDenial(*document);
promise.resolve({ });
return;
}
@@ -247,16 +260,19 @@
void MediaDevices::listenForDeviceChanges()
{
- if (m_listeningForDeviceChanges || (!m_canAccessCamera && !m_canAccessMicrophone))
- return;
-
- m_listeningForDeviceChanges = true;
-
auto* document = this->document();
auto* controller = document ? UserMediaController::from(document->page()) : nullptr;
if (!controller)
return;
+ bool canAccessCamera = isFeaturePolicyAllowedByDocumentAndAllOwners(FeaturePolicy::Type::Camera, *document, LogFeaturePolicyFailure::No);
+ bool canAccessMicrophone = isFeaturePolicyAllowedByDocumentAndAllOwners(FeaturePolicy::Type::Microphone, *document, LogFeaturePolicyFailure::No);
+
+ if (m_listeningForDeviceChanges || (!canAccessCamera && !canAccessMicrophone))
+ return;
+
+ m_listeningForDeviceChanges = true;
+
m_deviceChangeToken = controller->addDeviceChangeObserver([weakThis = makeWeakPtr(*this), this]() {
if (!weakThis || isContextStopped() || m_scheduledEventTimer.isActive())
return;
Modified: trunk/Source/WebCore/Modules/mediastream/MediaDevices.h (255667 => 255668)
--- trunk/Source/WebCore/Modules/mediastream/MediaDevices.h 2020-02-04 10:00:38 UTC (rev 255667)
+++ trunk/Source/WebCore/Modules/mediastream/MediaDevices.h 2020-02-04 10:57:44 UTC (rev 255668)
@@ -121,8 +121,6 @@
bool m_listeningForDeviceChanges { false };
Vector<Ref<MediaDeviceInfo>> m_devices;
- bool m_canAccessCamera { false };
- bool m_canAccessMicrophone { false };
OptionSet<GestureAllowedRequest> m_requestTypesForCurrentGesture;
WeakPtr<UserGestureToken> m_currentGestureToken;
Modified: trunk/Source/WebCore/Modules/mediastream/UserMediaController.cpp (255667 => 255668)
--- trunk/Source/WebCore/Modules/mediastream/UserMediaController.cpp 2020-02-04 10:00:38 UTC (rev 255667)
+++ trunk/Source/WebCore/Modules/mediastream/UserMediaController.cpp 2020-02-04 10:57:44 UTC (rev 255668)
@@ -28,15 +28,10 @@
#if ENABLE(MEDIA_STREAM)
-#include "CustomHeaderFields.h"
#include "DOMWindow.h"
#include "Document.h"
-#include "DocumentLoader.h"
#include "Frame.h"
#include "HTMLIFrameElement.h"
-#include "HTMLParserIdioms.h"
-#include "LegacySchemeRegistry.h"
-#include "Settings.h"
#include "UserMediaRequest.h"
namespace WebCore {
@@ -61,86 +56,27 @@
UserMediaController::provideTo(page, UserMediaController::supplementName(), makeUnique<UserMediaController>(client));
}
-static inline bool isAllowedByFeaturePolicy(const FeaturePolicy& featurePolicy, const SecurityOriginData& origin, OptionSet<UserMediaController::CaptureType> types)
+void UserMediaController::logGetUserMediaDenial(Document& document)
{
- if ((types & UserMediaController::CaptureType::Camera) && !featurePolicy.allows(FeaturePolicy::Type::Camera, origin))
- return false;
-
- if ((types & UserMediaController::CaptureType::Microphone) && !featurePolicy.allows(FeaturePolicy::Type::Microphone, origin))
- return false;
-
- if ((types & UserMediaController::CaptureType::Display) && !featurePolicy.allows(FeaturePolicy::Type::DisplayCapture, origin))
- return false;
-
- return true;
+ if (auto* window = document.domWindow())
+ window->printErrorMessage(makeString("Not allowed to call getUserMedia."));
}
-static UserMediaController::GetUserMediaAccess isAllowedToUse(const Document& document, const Document& topDocument, OptionSet<UserMediaController::CaptureType> types)
+void UserMediaController::logGetDisplayMediaDenial(Document& document)
{
- if (&document == &topDocument)
- return UserMediaController::GetUserMediaAccess::CanCall;
-
- auto* parentDocument = document.parentDocument();
- if (!parentDocument)
- return UserMediaController::GetUserMediaAccess::BlockedByParent;
-
- auto* element = document.ownerElement();
- ASSERT(element);
- if (!element || !is<HTMLIFrameElement>(*element))
- return UserMediaController::GetUserMediaAccess::BlockedByParent;
-
- auto& featurePolicy = downcast<HTMLIFrameElement>(*element).featurePolicy();
- if (isAllowedByFeaturePolicy(featurePolicy, document.securityOrigin().data(), types))
- return UserMediaController::GetUserMediaAccess::CanCall;
-
- return UserMediaController::GetUserMediaAccess::BlockedByFeaturePolicy;
+ if (auto* window = document.domWindow())
+ window->printErrorMessage(makeString("Not allowed to call getDisplayMedia."));
}
-UserMediaController::GetUserMediaAccess UserMediaController::canCallGetUserMedia(const Document& document, OptionSet<UserMediaController::CaptureType> types) const
+void UserMediaController::logEnumerateDevicesDenial(Document& document)
{
- ASSERT(!types.isEmpty());
-
- auto& topDocument = document.topDocument();
- if (&document != &topDocument) {
- for (auto* ancestorDocument = &document; ancestorDocument != &topDocument; ancestorDocument = ancestorDocument->parentDocument()) {
- auto status = isAllowedToUse(*ancestorDocument, topDocument, types);
- if (status != GetUserMediaAccess::CanCall)
- return status;
- }
- }
-
- return GetUserMediaAccess::CanCall;
+ // We redo the check to print to the console log.
+ isFeaturePolicyAllowedByDocumentAndAllOwners(FeaturePolicy::Type::Camera, document, LogFeaturePolicyFailure::Yes);
+ isFeaturePolicyAllowedByDocumentAndAllOwners(FeaturePolicy::Type::Microphone, document, LogFeaturePolicyFailure::Yes);
+ if (auto* window = document.domWindow())
+ window->printErrorMessage(makeString("Not allowed to call enumerateDevices."));
}
-void UserMediaController::logGetUserMediaDenial(Document& document, GetUserMediaAccess access, BlockedCaller caller)
-{
- auto& domWindow = *document.domWindow();
- const char* callerName;
-
- switch (caller) {
- case BlockedCaller::GetUserMedia:
- callerName = "getUserMedia";
- break;
- case BlockedCaller::GetDisplayMedia:
- callerName = "getDisplayMedia";
- break;
- case BlockedCaller::EnumerateDevices:
- callerName = "enumerateDevices";
- break;
- }
-
- switch (access) {
- case UserMediaController::GetUserMediaAccess::BlockedByParent:
- domWindow.printErrorMessage(makeString("The top-level frame has prevented a document with a different security origin from calling ", callerName, "."));
- break;
- case GetUserMediaAccess::BlockedByFeaturePolicy:
- domWindow.printErrorMessage(makeString("Trying to call ", callerName, " from a frame without correct 'allow' attribute."));
- break;
- case UserMediaController::GetUserMediaAccess::CanCall:
- break;
- }
-}
-
} // namespace WebCore
#endif // ENABLE(MEDIA_STREAM)
Modified: trunk/Source/WebCore/Modules/mediastream/UserMediaController.h (255667 => 255668)
--- trunk/Source/WebCore/Modules/mediastream/UserMediaController.h 2020-02-04 10:00:38 UTC (rev 255667)
+++ trunk/Source/WebCore/Modules/mediastream/UserMediaController.h 2020-02-04 10:57:44 UTC (rev 255668)
@@ -27,6 +27,7 @@
#if ENABLE(MEDIA_STREAM)
+#include "FeaturePolicy.h"
#include "Page.h"
#include "UserMediaClient.h"
#include <wtf/CompletionHandler.h>
@@ -51,25 +52,10 @@
UserMediaClient::DeviceChangeObserverToken addDeviceChangeObserver(WTF::Function<void()>&&);
void removeDeviceChangeObserver(UserMediaClient::DeviceChangeObserverToken);
- enum class GetUserMediaAccess {
- CanCall,
- BlockedByParent,
- BlockedByFeaturePolicy,
- };
- enum class CaptureType {
- Microphone = 1 << 0,
- Camera = 1 << 1,
- Display = 1 << 3
- };
- GetUserMediaAccess canCallGetUserMedia(const Document&, OptionSet<CaptureType>) const;
+ void logGetUserMediaDenial(Document&);
+ void logGetDisplayMediaDenial(Document&);
+ void logEnumerateDevicesDenial(Document&);
- enum class BlockedCaller {
- GetUserMedia,
- GetDisplayMedia,
- EnumerateDevices,
- };
- void logGetUserMediaDenial(Document&, GetUserMediaAccess, BlockedCaller);
-
WEBCORE_EXPORT static const char* supplementName();
static UserMediaController* from(Page* page) { return static_cast<UserMediaController*>(Supplement<Page>::from(page, supplementName())); }
Modified: trunk/Source/WebCore/Modules/mediastream/UserMediaRequest.cpp (255667 => 255668)
--- trunk/Source/WebCore/Modules/mediastream/UserMediaRequest.cpp 2020-02-04 10:00:38 UTC (rev 255667)
+++ trunk/Source/WebCore/Modules/mediastream/UserMediaRequest.cpp 2020-02-04 10:57:44 UTC (rev 255668)
@@ -198,24 +198,27 @@
// 6.10 Permission Failure: Reject p with a new DOMException object whose name attribute has
// the value NotAllowedError.
- OptionSet<UserMediaController::CaptureType> types;
- UserMediaController::BlockedCaller caller;
- if (m_request.type == MediaStreamRequest::Type::DisplayMedia) {
- types.add(UserMediaController::CaptureType::Display);
- caller = UserMediaController::BlockedCaller::GetDisplayMedia;
- } else {
- if (m_request.audioConstraints.isValid)
- types.add(UserMediaController::CaptureType::Microphone);
- if (m_request.videoConstraints.isValid)
- types.add(UserMediaController::CaptureType::Camera);
- caller = UserMediaController::BlockedCaller::GetUserMedia;
+ switch (m_request.type) {
+ case MediaStreamRequest::Type::DisplayMedia:
+ if (!isFeaturePolicyAllowedByDocumentAndAllOwners(FeaturePolicy::Type::DisplayCapture, document)) {
+ deny(MediaAccessDenialReason::PermissionDenied);
+ controller->logGetDisplayMediaDenial(document);
+ return;
+ }
+ break;
+ case MediaStreamRequest::Type::UserMedia:
+ if (m_request.audioConstraints.isValid && !isFeaturePolicyAllowedByDocumentAndAllOwners(FeaturePolicy::Type::Microphone, document)) {
+ deny(MediaAccessDenialReason::PermissionDenied);
+ controller->logGetUserMediaDenial(document);
+ return;
+ }
+ if (m_request.videoConstraints.isValid && !isFeaturePolicyAllowedByDocumentAndAllOwners(FeaturePolicy::Type::Camera, document)) {
+ deny(MediaAccessDenialReason::PermissionDenied);
+ controller->logGetUserMediaDenial(document);
+ return;
+ }
+ break;
}
- auto access = controller->canCallGetUserMedia(document, types);
- if (access != UserMediaController::GetUserMediaAccess::CanCall) {
- deny(MediaAccessDenialReason::PermissionDenied);
- controller->logGetUserMediaDenial(document, access, caller);
- return;
- }
PlatformMediaSessionManager::sharedManager().prepareToSendUserMediaPermissionRequest();
controller->requestUserMediaAccess(*this);
Modified: trunk/Source/WebCore/html/FeaturePolicy.cpp (255667 => 255668)
--- trunk/Source/WebCore/html/FeaturePolicy.cpp 2020-02-04 10:00:38 UTC (rev 255667)
+++ trunk/Source/WebCore/html/FeaturePolicy.cpp 2020-02-04 10:57:44 UTC (rev 255668)
@@ -26,6 +26,7 @@
#include "config.h"
#include "FeaturePolicy.h"
+#include "DOMWindow.h"
#include "Document.h"
#include "HTMLIFrameElement.h"
#include "HTMLNames.h"
@@ -36,19 +37,45 @@
using namespace HTMLNames;
-bool isFeaturePolicyAllowedByDocumentAndAllOwners(FeaturePolicy::Type type, const Document& document)
+static const char* policyTypeName(FeaturePolicy::Type type)
{
+ switch (type) {
+ case FeaturePolicy::Type::Camera:
+ return "Camera";
+ case FeaturePolicy::Type::Microphone:
+ return "Microphone";
+ case FeaturePolicy::Type::DisplayCapture:
+ return "DisplayCapture";
+ case FeaturePolicy::Type::SyncXHR:
+ return "SyncXHR";
+ case FeaturePolicy::Type::Fullscreen:
+ return "Fullscreen";
+ }
+ ASSERT_NOT_REACHED();
+ return "";
+}
+
+bool isFeaturePolicyAllowedByDocumentAndAllOwners(FeaturePolicy::Type type, const Document& document, LogFeaturePolicyFailure logFailure)
+{
auto& topDocument = document.topDocument();
auto* ancestorDocument = &document;
while (ancestorDocument != &topDocument) {
- if (!ancestorDocument)
+ if (!ancestorDocument) {
+ if (logFailure == LogFeaturePolicyFailure::Yes && document.domWindow())
+ document.domWindow()->printErrorMessage(makeString("Feature policy '", policyTypeName(type), "' check failed."));
return false;
+ }
auto* ownerElement = ancestorDocument->ownerElement();
if (is<HTMLIFrameElement>(ownerElement)) {
const auto& featurePolicy = downcast<HTMLIFrameElement>(ownerElement)->featurePolicy();
- if (!featurePolicy.allows(type, ancestorDocument->securityOrigin().data()))
+ if (!featurePolicy.allows(type, ancestorDocument->securityOrigin().data())) {
+ if (logFailure == LogFeaturePolicyFailure::Yes && document.domWindow()) {
+ auto& allowValue = downcast<HTMLIFrameElement>(ownerElement)->attributeWithoutSynchronization(HTMLNames::allowAttr);
+ document.domWindow()->printErrorMessage(makeString("Feature policy '", policyTypeName(type), "' check failed for iframe with origin '", document.securityOrigin().toString(), "' and allow attribute '", allowValue, "'."));
+ }
return false;
+ }
}
ancestorDocument = ancestorDocument->parentDocument();
Modified: trunk/Source/WebCore/html/FeaturePolicy.h (255667 => 255668)
--- trunk/Source/WebCore/html/FeaturePolicy.h 2020-02-04 10:00:38 UTC (rev 255667)
+++ trunk/Source/WebCore/html/FeaturePolicy.h 2020-02-04 10:57:44 UTC (rev 255668)
@@ -55,6 +55,7 @@
AllowRule m_fullscreenRule;
};
-extern bool isFeaturePolicyAllowedByDocumentAndAllOwners(FeaturePolicy::Type, const Document&);
+enum class LogFeaturePolicyFailure { No, Yes };
+extern bool isFeaturePolicyAllowedByDocumentAndAllOwners(FeaturePolicy::Type, const Document&, LogFeaturePolicyFailure = LogFeaturePolicyFailure::Yes);
} // namespace WebCore
Modified: trunk/Source/WebCore/page/DOMWindow.cpp (255667 => 255668)
--- trunk/Source/WebCore/page/DOMWindow.cpp 2020-02-04 10:00:38 UTC (rev 255667)
+++ trunk/Source/WebCore/page/DOMWindow.cpp 2020-02-04 10:57:44 UTC (rev 255668)
@@ -2368,7 +2368,7 @@
lockHistory, lockBackForwardList);
}
-void DOMWindow::printErrorMessage(const String& message)
+void DOMWindow::printErrorMessage(const String& message) const
{
if (message.isEmpty())
return;
Modified: trunk/Source/WebCore/page/DOMWindow.h (255667 => 255668)
--- trunk/Source/WebCore/page/DOMWindow.h 2020-02-04 10:00:38 UTC (rev 255667)
+++ trunk/Source/WebCore/page/DOMWindow.h 2020-02-04 10:57:44 UTC (rev 255668)
@@ -266,7 +266,7 @@
PageConsoleClient* console() const;
- void printErrorMessage(const String&);
+ void printErrorMessage(const String&) const;
String crossDomainAccessErrorMessage(const DOMWindow& activeWindow, IncludeTargetOrigin);
