Name Description Size
Feature.cpp 1839
Feature.h 1369
FeaturePolicy.cpp 10333
FeaturePolicy.h FeaturePolicy ~~~~~~~~~~~~~ Each document and each HTMLIFrameElement have a FeaturePolicy object which is used to allow or deny features in their contexts. FeaturePolicy is composed by a set of directives configured by the 'Feature-Policy' HTTP Header and the 'allow' attribute in HTMLIFrameElements. Both header and attribute are parsed by FeaturePolicyParser which returns an array of Feature objects. Each Feature object has a feature name and one of these policies: - eNone - the feature is fully disabled. - eAll - the feature is allowed. - eAllowList - the feature is allowed for a list of origins. An interesting element of FeaturePolicy is the inheritance: each context inherits the feature-policy directives from the parent context, if it exists. When a context inherits a policy for feature X, it only knows if that feature is allowed or denied (it ignores the list of allowed origins for instance). This information is stored in an array of inherited feature strings because we care only to know when they are denied. FeaturePolicy can be reset if the 'allow' or 'src' attributes change in HTMLIFrameElements. 'src' attribute is important to compute correcly the features via FeaturePolicy 'src' keyword. When FeaturePolicy must decide if feature X is allowed or denied for the current origin, it checks if the parent context denied that feature. If not, it checks if there is a Feature object for that feature named X and if the origin is allowed or not. From a C++ point of view, use FeaturePolicyUtils to obtain the list of features and to check if they are allowed in the current context. pref can be used to disable the HTTP header support. 7643
FeaturePolicyParser.cpp static 4623
FeaturePolicyParser.h 981
FeaturePolicyUtils.cpp IMPORTANT: Do not change this list without review from a DOM peer _AND_ a DOM Security peer! 10153
FeaturePolicyUtils.h 2846
fuzztest 3 925
test 2