Skip to content

Commit

Permalink
[Partitioned Popins] (6) Add permissions policy for popin
Browse files Browse the repository at this point in the history
This CL adds a permissions policy to control access to the partitioned
popin feature and sets the default to 'self'.

This series of CLs implement core components of the Partitioned Popin
system, significant additional effort will be needed to align with the
explainer and I2P, but all of that will depend on this work:
(1) Implement `popin` window feature
(2) `popin` feature triggers tab modal popup
(3) `popin` feature triggers third-party storage partitioning
(4) Renderer awareness of popin top-origin
(5) Limit window.opener access for popin
(6) Add permissions policy for popin

Explainer: https://explainers-by-googlers.github.io/partitioned-popins/
I2P: https://groups.google.com/a/chromium.org/g/blink-dev/c/ApU_zUmpQ2g/

Bug: 340606651
Change-Id: Ifde9f8e3529d794b5242df561603df7739a1f892
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5802591
Auto-Submit: Ari Chivukula <[email protected]>
Reviewed-by: Daniel Cheng <[email protected]>
Commit-Queue: Ari Chivukula <[email protected]>
Cr-Commit-Position: refs/heads/main@{#1344862}
  • Loading branch information
arichiv authored and chromium-wpt-export-bot committed Aug 21, 2024
1 parent fee3544 commit 2fd0573
Show file tree
Hide file tree
Showing 7 changed files with 129 additions and 0 deletions.
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
// META: script=/resources/testdriver.js
// META: script=/resources/testdriver-vendor.js

'use strict';

// Spec: https://explainers-by-googlers.github.io/partitioned-popins/
// Step 1 (window) Set up listener to resolve messages as they come in.
// Step 2 (window) Open iframe for other origin.
// Step 3 (iframe) Open partitioned popin.
// Step 4 (popin) Cleanup.
// Step 5 (iframe) Report success.
// Step 6 (window) Cleanup.

async_test(t => {
const id = String(Date.now());
// Step 1
window.addEventListener("message", t.step_func(e => {
switch (e.data.type) {
case 'popin':
// Step 6
assert_equals(e.data.message, "Success");
t.done();
break;
}
}));

// Step 2
const iframe = document.createElement("iframe");
iframe.allow = "popins";
iframe.src = "https://{{hosts[alt][]}}:{{ports[https][0]}}/partitioned-popins/resources/partitioned-popins.permissions-iframe.html";
document.body.appendChild(iframe);
}, "Verify Partitioned Popins in an iframe work when the policy is *");
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Permissions-Policy: popins=*
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
// META: script=/resources/testdriver.js
// META: script=/resources/testdriver-vendor.js

'use strict';

// Spec: https://explainers-by-googlers.github.io/partitioned-popins/
// Step 1 (window) Set up listener to resolve messages as they come in.
// Step 2 (window) Open iframe for other origin.
// Step 3 (iframe) Open partitioned popin.
// Step 4 (popin) Cleanup.
// Step 5 (iframe) Report failure.
// Step 6 (window) Cleanup.

async_test(t => {
const id = String(Date.now());
// Step 1
window.addEventListener("message", t.step_func(e => {
switch (e.data.type) {
case 'popin':
// Step 6
assert_equals(e.data.message, "Failure");
t.done();
break;
}
}));

// Step 2
const iframe = document.createElement("iframe");
iframe.src = "https://{{hosts[alt][]}}:{{ports[https][0]}}/partitioned-popins/resources/partitioned-popins.permissions-iframe.html";
document.body.appendChild(iframe);
}, "Verify Partitioned Popins in an iframe fails when the policy isn't set");
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
// META: script=/resources/testdriver.js
// META: script=/resources/testdriver-vendor.js

'use strict';

// Spec: https://explainers-by-googlers.github.io/partitioned-popins/
// Step 1 (window) Set up listener to resolve messages as they come in.
// Step 2 (window) Open iframe for other origin.
// Step 3 (iframe) Open partitioned popin.
// Step 4 (popin) Cleanup.
// Step 5 (iframe) Report failure.
// Step 6 (window) Cleanup.

async_test(t => {
const id = String(Date.now());
// Step 1
window.addEventListener("message", t.step_func(e => {
switch (e.data.type) {
case 'popin':
// Step 6
assert_equals(e.data.message, "Failure");
t.done();
break;
}
}));

// Step 2
const iframe = document.createElement("iframe");
iframe.allow = "popins";
iframe.src = "https://{{hosts[alt][]}}:{{ports[https][0]}}/partitioned-popins/resources/partitioned-popins.permissions-iframe.html";
document.body.appendChild(iframe);
}, "Verify Partitioned Popins in an iframe fail when the policy is 'self'");
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Permissions-Policy: popins=self
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
<!doctype html>
<meta charset="utf-8">
<script src="/resources/testdriver.js"></script>
<script src="/resources/testdriver-vendor.js"></script>
<script>
(async function() {
test_driver.set_test_context(window.top);

// Step 3 (partitioned-popins/partitioned-popins.permission-{}.tentative.sub.https.window.js)
let message = "Success";
try {
window.open("/partitioned-popins/resources/partitioned-popins.permissions-popin.html", '_blank', 'popin');
} catch (_) {
message = "Failure";
}

// Step 5 (partitioned-popins/partitioned-popins.permission-{}.tentative.sub.https.window.js)
window.top.postMessage({type: "popin", message: message}, "*");
})();
</script>
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
<!doctype html>
<meta charset="utf-8">
<script src="/resources/testdriver.js"></script>
<script src="/resources/testdriver-vendor.js"></script>
<script>
(async function() {
test_driver.set_test_context(window.opener);

// Step 4 (partitioned-popins/partitioned-popins.permission-{}.tentative.sub.https.window.js)
window.close();
})();
</script>

0 comments on commit 2fd0573

Please sign in to comment.