-
Notifications
You must be signed in to change notification settings - Fork 3.1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[Partitioned Popins] (6) Add permissions policy for popin
This CL adds a permissions policy to control access to the partitioned popin feature and sets the default to 'self'. This series of CLs implement core components of the Partitioned Popin system, significant additional effort will be needed to align with the explainer and I2P, but all of that will depend on this work: (1) Implement `popin` window feature (2) `popin` feature triggers tab modal popup (3) `popin` feature triggers third-party storage partitioning (4) Renderer awareness of popin top-origin (5) Limit window.opener access for popin (6) Add permissions policy for popin Explainer: https://explainers-by-googlers.github.io/partitioned-popins/ I2P: https://groups.google.com/a/chromium.org/g/blink-dev/c/ApU_zUmpQ2g/ Bug: 340606651 Change-Id: Ifde9f8e3529d794b5242df561603df7739a1f892 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5802591 Auto-Submit: Ari Chivukula <[email protected]> Reviewed-by: Daniel Cheng <[email protected]> Commit-Queue: Ari Chivukula <[email protected]> Cr-Commit-Position: refs/heads/main@{#1344862}
- Loading branch information
1 parent
fee3544
commit 2fd0573
Showing
7 changed files
with
129 additions
and
0 deletions.
There are no files selected for viewing
32 changes: 32 additions & 0 deletions
32
partitioned-popins/partitioned-popins.permission-all.tentative.sub.https.window.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
// META: script=/resources/testdriver.js | ||
// META: script=/resources/testdriver-vendor.js | ||
|
||
'use strict'; | ||
|
||
// Spec: https://explainers-by-googlers.github.io/partitioned-popins/ | ||
// Step 1 (window) Set up listener to resolve messages as they come in. | ||
// Step 2 (window) Open iframe for other origin. | ||
// Step 3 (iframe) Open partitioned popin. | ||
// Step 4 (popin) Cleanup. | ||
// Step 5 (iframe) Report success. | ||
// Step 6 (window) Cleanup. | ||
|
||
async_test(t => { | ||
const id = String(Date.now()); | ||
// Step 1 | ||
window.addEventListener("message", t.step_func(e => { | ||
switch (e.data.type) { | ||
case 'popin': | ||
// Step 6 | ||
assert_equals(e.data.message, "Success"); | ||
t.done(); | ||
break; | ||
} | ||
})); | ||
|
||
// Step 2 | ||
const iframe = document.createElement("iframe"); | ||
iframe.allow = "popins"; | ||
iframe.src = "https://{{hosts[alt][]}}:{{ports[https][0]}}/partitioned-popins/resources/partitioned-popins.permissions-iframe.html"; | ||
document.body.appendChild(iframe); | ||
}, "Verify Partitioned Popins in an iframe work when the policy is *"); |
1 change: 1 addition & 0 deletions
1
partitioned-popins/partitioned-popins.permission-all.tentative.sub.https.window.js.headers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Permissions-Policy: popins=* |
31 changes: 31 additions & 0 deletions
31
partitioned-popins/partitioned-popins.permission-default.tentative.sub.https.window.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
// META: script=/resources/testdriver.js | ||
// META: script=/resources/testdriver-vendor.js | ||
|
||
'use strict'; | ||
|
||
// Spec: https://explainers-by-googlers.github.io/partitioned-popins/ | ||
// Step 1 (window) Set up listener to resolve messages as they come in. | ||
// Step 2 (window) Open iframe for other origin. | ||
// Step 3 (iframe) Open partitioned popin. | ||
// Step 4 (popin) Cleanup. | ||
// Step 5 (iframe) Report failure. | ||
// Step 6 (window) Cleanup. | ||
|
||
async_test(t => { | ||
const id = String(Date.now()); | ||
// Step 1 | ||
window.addEventListener("message", t.step_func(e => { | ||
switch (e.data.type) { | ||
case 'popin': | ||
// Step 6 | ||
assert_equals(e.data.message, "Failure"); | ||
t.done(); | ||
break; | ||
} | ||
})); | ||
|
||
// Step 2 | ||
const iframe = document.createElement("iframe"); | ||
iframe.src = "https://{{hosts[alt][]}}:{{ports[https][0]}}/partitioned-popins/resources/partitioned-popins.permissions-iframe.html"; | ||
document.body.appendChild(iframe); | ||
}, "Verify Partitioned Popins in an iframe fails when the policy isn't set"); |
32 changes: 32 additions & 0 deletions
32
partitioned-popins/partitioned-popins.permission-self.tentative.sub.https.window.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
// META: script=/resources/testdriver.js | ||
// META: script=/resources/testdriver-vendor.js | ||
|
||
'use strict'; | ||
|
||
// Spec: https://explainers-by-googlers.github.io/partitioned-popins/ | ||
// Step 1 (window) Set up listener to resolve messages as they come in. | ||
// Step 2 (window) Open iframe for other origin. | ||
// Step 3 (iframe) Open partitioned popin. | ||
// Step 4 (popin) Cleanup. | ||
// Step 5 (iframe) Report failure. | ||
// Step 6 (window) Cleanup. | ||
|
||
async_test(t => { | ||
const id = String(Date.now()); | ||
// Step 1 | ||
window.addEventListener("message", t.step_func(e => { | ||
switch (e.data.type) { | ||
case 'popin': | ||
// Step 6 | ||
assert_equals(e.data.message, "Failure"); | ||
t.done(); | ||
break; | ||
} | ||
})); | ||
|
||
// Step 2 | ||
const iframe = document.createElement("iframe"); | ||
iframe.allow = "popins"; | ||
iframe.src = "https://{{hosts[alt][]}}:{{ports[https][0]}}/partitioned-popins/resources/partitioned-popins.permissions-iframe.html"; | ||
document.body.appendChild(iframe); | ||
}, "Verify Partitioned Popins in an iframe fail when the policy is 'self'"); |
1 change: 1 addition & 0 deletions
1
partitioned-popins/partitioned-popins.permission-self.tentative.sub.https.window.js.headers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Permissions-Policy: popins=self |
20 changes: 20 additions & 0 deletions
20
partitioned-popins/resources/partitioned-popins.permissions-iframe.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
<!doctype html> | ||
<meta charset="utf-8"> | ||
<script src="/resources/testdriver.js"></script> | ||
<script src="/resources/testdriver-vendor.js"></script> | ||
<script> | ||
(async function() { | ||
test_driver.set_test_context(window.top); | ||
|
||
// Step 3 (partitioned-popins/partitioned-popins.permission-{}.tentative.sub.https.window.js) | ||
let message = "Success"; | ||
try { | ||
window.open("/partitioned-popins/resources/partitioned-popins.permissions-popin.html", '_blank', 'popin'); | ||
} catch (_) { | ||
message = "Failure"; | ||
} | ||
|
||
// Step 5 (partitioned-popins/partitioned-popins.permission-{}.tentative.sub.https.window.js) | ||
window.top.postMessage({type: "popin", message: message}, "*"); | ||
})(); | ||
</script> |
12 changes: 12 additions & 0 deletions
12
partitioned-popins/resources/partitioned-popins.permissions-popin.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
<!doctype html> | ||
<meta charset="utf-8"> | ||
<script src="/resources/testdriver.js"></script> | ||
<script src="/resources/testdriver-vendor.js"></script> | ||
<script> | ||
(async function() { | ||
test_driver.set_test_context(window.opener); | ||
|
||
// Step 4 (partitioned-popins/partitioned-popins.permission-{}.tentative.sub.https.window.js) | ||
window.close(); | ||
})(); | ||
</script> |