Implement `fenced-frame-unparititioned-data` Permissions Policy [chromium/src : main]
1 view
Skip to first unread message
Andrew Verge (Gerrit)
Oct 9, 2024, 12:41:34 PM10/9/24
to Luna Lu, Chromium Metrics Reviews, AyeAye, alexmo...@chromium.org, asvitkine...@chromium.org, jmedle...@chromium.org, navigation...@chromium.org, creis...@chromium.org, devtools...@chromium.org, feature-co...@chromium.org, blink-re...@chromium.org, iclella...@chromium.org, devtools-re...@chromium.org, blink-...@chromium.org, kinuko...@chromium.org
Message from Andrew Verge![]( "Open in Gerrit")
Set Ready For Review
Related details
Attention set is empty
Submit Requirements:
Code-Coverage
Code-Review
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Andrew Verge (Gerrit)
Oct 15, 2024, 5:45:24 PM10/15/24
to Chromium IPC Reviews, Yao Xiao, Alex Rudenko, Jeremy Roman, Ari Chivukula, Liam Brady, Chromium LUCI CQ, Luna Lu, Chromium Metrics Reviews, AyeAye, alexmo...@chromium.org, asvitkine...@chromium.org, jmedle...@chromium.org, navigation...@chromium.org, creis...@chromium.org, devtools...@chromium.org, feature-co...@chromium.org, blink-re...@chromium.org, iclella...@chromium.org, devtools-re...@chromium.org, blink-...@chromium.org, kinuko...@chromium.org
Attention needed from Alex Rudenko, Andrew Verge, Ari Chivukula, Chromium IPC Reviews, Jeremy Roman, Liam Brady and Yao Xiao
Andrew Verge added 1 comment![]( "Open in Gerrit")
Patchset-level comments
File-level comment, Patchset 11 (Latest):
Andrew Verge . resolved
Adding yaoxia@ for Shared Storage OWNERS
Adding alexrudenko@ for Devtools OWNERS
Adding jbroman@ for fenced_frame_permissions_policies.h OWNERS
Adding arichiv@ for permissions_policy_features.json5 OWNERS
Adding lbrady@ for reviewing the core logic of the CL.
Related details
Attention is currently required from:
- Alex Rudenko
- Andrew Verge
- Ari Chivukula
- Chromium IPC Reviews
- Jeremy Roman
- Liam Brady
- Yao Xiao
Submit Requirements:
Code-Coverage
Code-Review
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Andrew Verge (Gerrit)
Oct 15, 2024, 5:46:44 PM10/15/24
to Shivani Sharma, Xiaochen Zhou, Chromium IPC Reviews, Yao Xiao, Alex Rudenko, Jeremy Roman, Liam Brady, Chromium LUCI CQ, Luna Lu, Chromium Metrics Reviews, AyeAye, alexmo...@chromium.org, asvitkine...@chromium.org, jmedle...@chromium.org, navigation...@chromium.org, creis...@chromium.org, devtools...@chromium.org, feature-co...@chromium.org, blink-re...@chromium.org, iclella...@chromium.org, devtools-re...@chromium.org, blink-...@chromium.org, kinuko...@chromium.org
Attention needed from Alex Rudenko, Andrew Verge, Chromium IPC Reviews, Jeremy Roman, Liam Brady and Yao Xiao
Andrew Verge added 1 comment![]( "Open in Gerrit")
Patchset-level comments
Attention is currently required from:
- Alex Rudenko
- Andrew Verge
- Chromium IPC Reviews
- Jeremy Roman
- Liam Brady
- Yao Xiao
Submit Requirements:
Code-Coverage
Code-Review
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
gwsq (Gerrit)
Oct 15, 2024, 5:49:20 PM10/15/24
to Andrew Verge, Chromium IPC Reviews, Ken Buchanan, Shivani Sharma, Xiaochen Zhou, Yao Xiao, Alex Rudenko, Jeremy Roman, Liam Brady, Chromium LUCI CQ, Luna Lu, Chromium Metrics Reviews, AyeAye, alexmo...@chromium.org, asvitkine...@chromium.org, jmedle...@chromium.org, navigation...@chromium.org, creis...@chromium.org, devtools...@chromium.org, feature-co...@chromium.org, blink-re...@chromium.org, iclella...@chromium.org, devtools-re...@chromium.org, blink-...@chromium.org, kinuko...@chromium.org
Attention needed from Alex Rudenko, Andrew Verge, Jeremy Roman, Ken Buchanan, Liam Brady and Yao Xiao
Message from gwsq![]( "Open in Gerrit")
From googleclient/chrome/chromium_gwsq/ipc/config.gwsq:
IPC: ke...@chromium.org
📎 It looks like you’re making a possibly security-sensitive change! 📎 IPC security review isn’t a rubberstamp, so your friendly security reviewer will need a fair amount of context to review your CL effectively. Please review your CL description and code comments to make sure they provide context for someone unfamiliar with your project/area. Pay special attention to where data comes from and which processes it flows between (and their privilege levels). Feel free to point your security reviewer at design docs, bugs, or other links if you can’t reasonably make a self-contained CL description. (Also see https://cbea.ms/git-commit/).
IPC reviewer(s): ke...@chromium.org
Reviewer source(s):
ke...@chromium.org is from context(googleclient/chrome/chromium_gwsq/ipc/config.gwsq)
Related details
Attention is currently required from:
- Alex Rudenko
- Andrew Verge
- Jeremy Roman
- Ken Buchanan
- Liam Brady
- Yao Xiao
Submit Requirements:
Code-Coverage
Code-Review
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Alex Rudenko (Gerrit)
Oct 16, 2024, 2:17:17 AM10/16/24
to Andrew Verge, Chromium IPC Reviews, Ken Buchanan, Shivani Sharma, Xiaochen Zhou, Yao Xiao, Jeremy Roman, Liam Brady, Chromium LUCI CQ, Luna Lu, Chromium Metrics Reviews, AyeAye, alexmo...@chromium.org, asvitkine...@chromium.org, jmedle...@chromium.org, navigation...@chromium.org, creis...@chromium.org, devtools...@chromium.org, feature-co...@chromium.org, blink-re...@chromium.org, iclella...@chromium.org, devtools-re...@chromium.org, blink-...@chromium.org, kinuko...@chromium.org
Attention needed from Andrew Verge, Andrew Verge, Jeremy Roman, Ken Buchanan, Liam Brady and Yao Xiao
Alex Rudenko voted and added 1 comment![]( "Open in Gerrit")
Votes added by Alex Rudenko
| Code-Review | +1 |
1 comment
Patchset-level comments
Attention is currently required from:
- Andrew Verge
- Andrew Verge
- Jeremy Roman
- Ken Buchanan
- Liam Brady
- Yao Xiao
Submit Requirements:
Code-Coverage
Code-Review
Andrew Verge (Gerrit)
Oct 16, 2024, 11:41:18 AM10/16/24
to Ian Clelland, Alex Rudenko, Chromium IPC Reviews, Ken Buchanan, Shivani Sharma, Xiaochen Zhou, Yao Xiao, Jeremy Roman, Liam Brady, Chromium LUCI CQ, Luna Lu, Chromium Metrics Reviews, AyeAye, alexmo...@chromium.org, asvitkine...@chromium.org, jmedle...@chromium.org, navigation...@chromium.org, creis...@chromium.org, devtools...@chromium.org, feature-co...@chromium.org, blink-re...@chromium.org, iclella...@chromium.org, devtools-re...@chromium.org, blink-...@chromium.org, kinuko...@chromium.org
Attention needed from Andrew Verge, Jeremy Roman, Ken Buchanan, Liam Brady and Yao Xiao
Andrew Verge added 1 comment![]( "Open in Gerrit")
Patchset-level comments
Andrew Verge . resolved
Adding iclelland@ for Permissions Policy expertise in general.
Sorry for so many reviewers, trying to balance domain expertise and OWNERs approvals.
Related details
Attention is currently required from:
- Andrew Verge
- Jeremy Roman
- Ken Buchanan
- Liam Brady
- Yao Xiao
Submit Requirements:
Code-Coverage
Code-Review
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Liam Brady (Gerrit)
Oct 16, 2024, 11:46:28 AM10/16/24
to Andrew Verge, Ian Clelland, Alex Rudenko, Chromium IPC Reviews, Ken Buchanan, Shivani Sharma, Xiaochen Zhou, Yao Xiao, Jeremy Roman, Chromium LUCI CQ, Luna Lu, Chromium Metrics Reviews, AyeAye, alexmo...@chromium.org, asvitkine...@chromium.org, jmedle...@chromium.org, navigation...@chromium.org, creis...@chromium.org, devtools...@chromium.org, feature-co...@chromium.org, blink-re...@chromium.org, iclella...@chromium.org, devtools-re...@chromium.org, blink-...@chromium.org, kinuko...@chromium.org
Attention needed from Andrew Verge, Jeremy Roman, Ken Buchanan and Yao Xiao
Liam Brady added 3 comments![]( "Open in Gerrit")
Patchset-level comments
Liam Brady . resolved
Core logic looks good. Just a couple test-based things.
File third_party/blink/web_tests/wpt_internal/fenced_frame/resources/permissions_policy_helper.js
Line 1, Patchset 11 (Latest):
// Runs a single test case that checks if the fenced-frame-unpartitioned-dataLiam Brady . unresolved
I think this file should either be generalized or renamed to something unpartitioned-data-specific. (Probably easier to just rename). It might be confusing since there are other permissions tests that don't use this file as a helper.
File third_party/blink/web_tests/wpt_internal/fenced_frame/unpartitioned-data-permissions-policy-self.tentative.https.sub.html
Line 15, Patchset 11 (Latest):
// Set sharedStorage value for HTTPS_ORIGINLiam Brady . unresolved
Should this be a function in the helper js file? And have the 3 files just invoke that in their `promise_setup()`?
Related details
Attention is currently required from:
- Andrew Verge
- Jeremy Roman
- Ken Buchanan
- Yao Xiao
Submit Requirements:
Code-Coverage
Code-Review
No-Unresolved-Comments
Yao Xiao (Gerrit)
Oct 16, 2024, 2:32:59 PM10/16/24
to Andrew Verge, Ian Clelland, Alex Rudenko, Chromium IPC Reviews, Ken Buchanan, Shivani Sharma, Xiaochen Zhou, Jeremy Roman, Liam Brady, Chromium LUCI CQ, Luna Lu, Chromium Metrics Reviews, AyeAye, alexmo...@chromium.org, asvitkine...@chromium.org, jmedle...@chromium.org, navigation...@chromium.org, creis...@chromium.org, devtools...@chromium.org, feature-co...@chromium.org, blink-re...@chromium.org, iclella...@chromium.org, devtools-re...@chromium.org, blink-...@chromium.org, kinuko...@chromium.org
Attention needed from Andrew Verge, Andrew Verge, Ian Clelland, Jeremy Roman and Ken Buchanan
Yao Xiao voted and added 1 comment![]( "Open in Gerrit")
Votes added by Yao Xiao
| Code-Review | +1 |
1 comment
Patchset-level comments
Attention is currently required from:
- Andrew Verge
- Andrew Verge
- Ian Clelland
- Jeremy Roman
- Ken Buchanan
Ken Buchanan (Gerrit)
Oct 17, 2024, 9:27:12 AM10/17/24
to Andrew Verge, Yao Xiao, Ian Clelland, Alex Rudenko, Chromium IPC Reviews, Shivani Sharma, Xiaochen Zhou, Jeremy Roman, Liam Brady, Chromium LUCI CQ, Luna Lu, Chromium Metrics Reviews, AyeAye, alexmo...@chromium.org, asvitkine...@chromium.org, jmedle...@chromium.org, navigation...@chromium.org, creis...@chromium.org, devtools...@chromium.org, feature-co...@chromium.org, blink-re...@chromium.org, iclella...@chromium.org, devtools-re...@chromium.org, blink-...@chromium.org, kinuko...@chromium.org
Attention needed from Andrew Verge, Andrew Verge, Ian Clelland and Jeremy Roman
Ken Buchanan voted and added 1 comment![]( "Open in Gerrit")
Votes added by Ken Buchanan
| Code-Review | +1 |
1 comment
Patchset-level comments
Ken Buchanan . resolved
mojom lgtm
Related details
Attention is currently required from:
- Andrew Verge
- Andrew Verge
- Ian Clelland
- Jeremy Roman
Jeremy Roman (Gerrit)
Oct 17, 2024, 3:40:47 PM10/17/24
to Andrew Verge, Jeremy Roman, Ken Buchanan, Yao Xiao, Ian Clelland, Alex Rudenko, Chromium IPC Reviews, Shivani Sharma, Xiaochen Zhou, Liam Brady, Chromium LUCI CQ, Luna Lu, Chromium Metrics Reviews, AyeAye, alexmo...@chromium.org, asvitkine...@chromium.org, jmedle...@chromium.org, navigation...@chromium.org, creis...@chromium.org, devtools...@chromium.org, feature-co...@chromium.org, blink-re...@chromium.org, iclella...@chromium.org, devtools-re...@chromium.org, blink-...@chromium.org, kinuko...@chromium.org
Attention needed from Andrew Verge, Andrew Verge and Ian Clelland
Jeremy Roman voted Code-Review+1![]( "Open in Gerrit")
| Code-Review | +1 |
Related details
Attention is currently required from:
- Andrew Verge
- Andrew Verge
- Ian Clelland
Andrew Verge (Gerrit)
Oct 18, 2024, 11:28:10 AM10/18/24
to Jeremy Roman, Ken Buchanan, Yao Xiao, Ian Clelland, Alex Rudenko, Chromium IPC Reviews, Shivani Sharma, Xiaochen Zhou, Liam Brady, Chromium LUCI CQ, Luna Lu, Chromium Metrics Reviews, AyeAye, alexmo...@chromium.org, asvitkine...@chromium.org, jmedle...@chromium.org, navigation...@chromium.org, creis...@chromium.org, devtools...@chromium.org, feature-co...@chromium.org, blink-re...@chromium.org, iclella...@chromium.org, devtools-re...@chromium.org, blink-...@chromium.org, kinuko...@chromium.org
Attention needed from Alex Rudenko, Andrew Verge, Ian Clelland, Jeremy Roman, Ken Buchanan, Liam Brady and Yao Xiao
Andrew Verge added 2 comments![]( "Open in Gerrit")
File third_party/blink/web_tests/wpt_internal/fenced_frame/resources/permissions_policy_helper.js
Line 1, Patchset 11:
// Runs a single test case that checks if the fenced-frame-unpartitioned-dataLiam Brady . resolved
I think this file should either be generalized or renamed to something unpartitioned-data-specific. (Probably easier to just rename). It might be confusing since there are other permissions tests that don't use this file as a helper.
Andrew Verge
Renamed.
File third_party/blink/web_tests/wpt_internal/fenced_frame/unpartitioned-data-permissions-policy-self.tentative.https.sub.html
Should this be a function in the helper js file? And have the 3 files just invoke that in their `promise_setup()`?
Attention is currently required from:
- Alex Rudenko
- Andrew Verge
- Ian Clelland
- Jeremy Roman
- Ken Buchanan
- Liam Brady
- Yao Xiao
Submit Requirements:
Code-Coverage
Code-Review
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Liam Brady (Gerrit)
Oct 18, 2024, 11:43:25 AM10/18/24
to Andrew Verge, Jeremy Roman, Ken Buchanan, Yao Xiao, Ian Clelland, Alex Rudenko, Chromium IPC Reviews, Shivani Sharma, Xiaochen Zhou, Chromium LUCI CQ, Luna Lu, Chromium Metrics Reviews, AyeAye, alexmo...@chromium.org, asvitkine...@chromium.org, jmedle...@chromium.org, navigation...@chromium.org, creis...@chromium.org, devtools...@chromium.org, feature-co...@chromium.org, blink-re...@chromium.org, iclella...@chromium.org, devtools-re...@chromium.org, blink-...@chromium.org, kinuko...@chromium.org
Attention needed from Alex Rudenko, Andrew Verge, Andrew Verge, Ian Clelland, Jeremy Roman, Ken Buchanan and Yao Xiao
Liam Brady voted Code-Review+1![]( "Open in Gerrit")
Attention is currently required from:
- Alex Rudenko
- Andrew Verge
- Andrew Verge
- Ian Clelland
- Jeremy Roman
- Ken Buchanan
- Yao Xiao
Submit Requirements:
Code-Coverage
Code-Review
Ken Buchanan (Gerrit)
Oct 18, 2024, 11:48:56 AM10/18/24
to Andrew Verge, Liam Brady, Jeremy Roman, Yao Xiao, Ian Clelland, Alex Rudenko, Chromium IPC Reviews, Shivani Sharma, Xiaochen Zhou, Chromium LUCI CQ, Luna Lu, Chromium Metrics Reviews, AyeAye, alexmo...@chromium.org, asvitkine...@chromium.org, jmedle...@chromium.org, navigation...@chromium.org, creis...@chromium.org, devtools...@chromium.org, feature-co...@chromium.org, blink-re...@chromium.org, iclella...@chromium.org, devtools-re...@chromium.org, blink-...@chromium.org, kinuko...@chromium.org
Attention needed from Alex Rudenko, Andrew Verge, Andrew Verge, Ian Clelland, Jeremy Roman and Yao Xiao
Ken Buchanan voted Code-Review+1![]( "Open in Gerrit")
| Code-Review | +1 |
Related details
Attention is currently required from:
- Alex Rudenko
- Andrew Verge
- Andrew Verge
- Ian Clelland
- Jeremy Roman
- Yao Xiao
Yao Xiao (Gerrit)
Oct 18, 2024, 5:11:38 PM10/18/24
to Andrew Verge, Ken Buchanan, Liam Brady, Jeremy Roman, Ian Clelland, Alex Rudenko, Chromium IPC Reviews, Shivani Sharma, Xiaochen Zhou, Chromium LUCI CQ, Luna Lu, Chromium Metrics Reviews, AyeAye, alexmo...@chromium.org, asvitkine...@chromium.org, jmedle...@chromium.org, navigation...@chromium.org, creis...@chromium.org, devtools...@chromium.org, feature-co...@chromium.org, blink-re...@chromium.org, iclella...@chromium.org, devtools-re...@chromium.org, blink-...@chromium.org, kinuko...@chromium.org
Attention needed from Alex Rudenko, Andrew Verge, Andrew Verge, Ian Clelland and Jeremy Roman
Yao Xiao voted Code-Review+1![]( "Open in Gerrit")
| Code-Review | +1 |
Related details
Attention is currently required from:
- Alex Rudenko
- Andrew Verge
- Andrew Verge
- Ian Clelland
- Jeremy Roman
Ian Clelland (Gerrit)
Oct 21, 2024, 11:54:35 AM10/21/24
to Andrew Verge, Yao Xiao, Ken Buchanan, Liam Brady, Jeremy Roman, Alex Rudenko, Chromium IPC Reviews, Shivani Sharma, Xiaochen Zhou, Chromium LUCI CQ, Luna Lu, Chromium Metrics Reviews, AyeAye, alexmo...@chromium.org, asvitkine...@chromium.org, jmedle...@chromium.org, navigation...@chromium.org, creis...@chromium.org, devtools...@chromium.org, feature-co...@chromium.org, blink-re...@chromium.org, iclella...@chromium.org, devtools-re...@chromium.org, blink-...@chromium.org, kinuko...@chromium.org
Attention needed from Alex Rudenko, Andrew Verge, Andrew Verge and Jeremy Roman
Ian Clelland voted and added 1 comment![]( "Open in Gerrit")
Votes added by Ian Clelland
| Code-Review | +1 |
1 comment
Patchset-level comments
File-level comment, Patchset 12 (Latest):
Ian Clelland . resolved
Permissions policy integration LGTM, thanks!
Related details
Attention is currently required from:
- Alex Rudenko
- Andrew Verge
- Andrew Verge
- Jeremy Roman
Andrew Verge (Gerrit)
Oct 21, 2024, 12:25:07 PM10/21/24
to Ian Clelland, Yao Xiao, Ken Buchanan, Liam Brady, Jeremy Roman, Alex Rudenko, Chromium IPC Reviews, Shivani Sharma, Xiaochen Zhou, Chromium LUCI CQ, Luna Lu, Chromium Metrics Reviews, AyeAye, alexmo...@chromium.org, asvitkine...@chromium.org, jmedle...@chromium.org, navigation...@chromium.org, creis...@chromium.org, devtools...@chromium.org, feature-co...@chromium.org, blink-re...@chromium.org, iclella...@chromium.org, devtools-re...@chromium.org, blink-...@chromium.org, kinuko...@chromium.org
Attention needed from Alex Rudenko, Andrew Verge and Jeremy Roman
Andrew Verge voted Commit-Queue+2![]( "Open in Gerrit")
Attention is currently required from:
- Alex Rudenko
- Andrew Verge
- Jeremy Roman
Submit Requirements:
Code-Coverage
Code-Review
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Chromium LUCI CQ (Gerrit)
Oct 21, 2024, 1:23:41 PM10/21/24
to Andrew Verge, Ian Clelland, Yao Xiao, Ken Buchanan, Liam Brady, Jeremy Roman, Alex Rudenko, Chromium IPC Reviews, Shivani Sharma, Xiaochen Zhou, Luna Lu, Chromium Metrics Reviews, AyeAye, alexmo...@chromium.org, asvitkine...@chromium.org, jmedle...@chromium.org, navigation...@chromium.org, creis...@chromium.org, devtools...@chromium.org, feature-co...@chromium.org, blink-re...@chromium.org, iclella...@chromium.org, devtools-re...@chromium.org, blink-...@chromium.org, kinuko...@chromium.org
Chromium LUCI CQ submitted the change![]( "Open in Gerrit")
Change information
Commit message:
Implement `fenced-frame-unparititioned-data` Permissions Policy
The default value for this permission is *.
Regarding testing: The existing permissions_policy.js test framework relies on postMessage() to send test results out of the frame. Fenced frames do not have access to postMessage(), by design. I rolled my own test helper using RemoteContext instead.
Change-Id: Ieb8184dafd0dc4281c0375b0141c012cb0f0f793
Commit-Queue: Andrew Verge <ave...@chromium.org>
Reviewed-by: Yao Xiao <yao...@chromium.org>
Reviewed-by: Liam Brady <lbr...@google.com>
Reviewed-by: Ken Buchanan <ke...@chromium.org>
Reviewed-by: Ian Clelland <icle...@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1371476}
Files:
- M content/browser/shared_storage/shared_storage_document_service_impl.cc
- M third_party/blink/public/common/frame/fenced_frame_permissions_policies.h
- M third_party/blink/public/devtools_protocol/browser_protocol.pdl
- M third_party/blink/public/mojom/permissions_policy/permissions_policy_feature.mojom
- M third_party/blink/renderer/core/permissions_policy/permissions_policy_features.json5
- M third_party/blink/renderer/modules/shared_storage/shared_storage.cc
- A third_party/blink/web_tests/wpt_internal/fenced_frame/resources/unpartitioned_data_permissions_policy_helper.js
- A third_party/blink/web_tests/wpt_internal/fenced_frame/unpartitioned-data-permissions-policy-allow.tentative.https.sub.html
- A third_party/blink/web_tests/wpt_internal/fenced_frame/unpartitioned-data-permissions-policy-none.tentative.https.sub.html
- A third_party/blink/web_tests/wpt_internal/fenced_frame/unpartitioned-data-permissions-policy-none.tentative.https.sub.html.headers
- A third_party/blink/web_tests/wpt_internal/fenced_frame/unpartitioned-data-permissions-policy-self.tentative.https.sub.html
- A third_party/blink/web_tests/wpt_internal/fenced_frame/unpartitioned-data-permissions-policy-self.tentative.https.sub.html.headers
- M tools/metrics/histograms/enums.xml
Change size: M
Delta: 13 files changed, 246 insertions(+), 0 deletions(-)
Branch: refs/heads/main
Submit Requirements:
Code-Review: +1 by Ken Buchanan, +1 by Ian Clelland, +1 by Liam Brady, +1 by Yao Xiao
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Reply all
Reply to author
Forward
0 new messages