CSP 1.1: Make the CSP_NEXT flag runtime enabled.
authormkwst@chromium.org <mkwst@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Sat, 1 Dec 2012 06:53:25 +0000 (06:53 +0000)
committermkwst@chromium.org <mkwst@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Sat, 1 Dec 2012 06:53:25 +0000 (06:53 +0000)
https://bugs.webkit.org/show_bug.cgi?id=103652

Reviewed by Adam Barth.

Source/WebCore:

Content Security Policy 1.1 continues to live behind the CSP_NEXT flag,
this patch adds another layer on top of that in order to enable runtime
decisions about whether it should be active.

* bindings/generic/RuntimeEnabledFeatures.cpp:
(WebCore):
* bindings/generic/RuntimeEnabledFeatures.h:
(RuntimeEnabledFeatures):
(WebCore::RuntimeEnabledFeatures::experimentalContentSecurityPolicyFeaturesEnabled):
(WebCore::RuntimeEnabledFeatures::setExperimentalContentSecurityPolicyFeaturesEnabled):
    Adds methods in order to correctly handle enabling and disabling
    CSP 1.1 features.
* dom/Document.idl:
    Gate the 'document.securityPolicy' object on the runtime flag.
* page/ContentSecurityPolicy.cpp:
(WebCore::CSPDirectiveList::addDirective):
    Check that experimental features are runtime enabled before
    processing 1.1 directives.
(WebCore::ContentSecurityPolicy::experimentalFeaturesEnabled):
(WebCore):
* page/ContentSecurityPolicy.h:
    Adds a new method which checks against the runtime flag to determine
    whether CSP 1.1 features are enabled.

Source/WebKit/chromium:

The CSP_NEXT flag continues to be enabled on the Chromium port, but this
patch now locks the features away behind the securityPolicy runtime
flag.

* public/WebRuntimeFeatures.h:
(WebRuntimeFeatures):
* src/WebRuntimeFeatures.cpp:
(WebKit::WebRuntimeFeatures::enableExperimentalContentSecurityPolicyFeatures):
(WebKit):
(WebKit::WebRuntimeFeatures::isExperimentalContentSecurityPolicyFeaturesEnabled):
    Adds the feature to WebRuntimeFeatures so it can be toggled from
    inside Chromium.

Tools:

Ensures that the new SecurityPolicy runtime flag is enabled for Chromium's tests.

* DumpRenderTree/chromium/TestShell.cpp:
(TestShell::TestShell):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@136305 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebCore/ChangeLog
Source/WebCore/bindings/generic/RuntimeEnabledFeatures.cpp
Source/WebCore/bindings/generic/RuntimeEnabledFeatures.h
Source/WebCore/dom/Document.idl
Source/WebCore/page/ContentSecurityPolicy.cpp
Source/WebCore/page/ContentSecurityPolicy.h
Source/WebKit/chromium/ChangeLog
Source/WebKit/chromium/public/WebRuntimeFeatures.h
Source/WebKit/chromium/src/WebRuntimeFeatures.cpp
Tools/ChangeLog
Tools/DumpRenderTree/chromium/TestShell.cpp

index c9c06a9..b871dd1 100644 (file)
@@ -1,3 +1,34 @@
+2012-11-30  Mike West  <mkwst@chromium.org>
+
+        CSP 1.1: Make the CSP_NEXT flag runtime enabled.
+        https://bugs.webkit.org/show_bug.cgi?id=103652
+
+        Reviewed by Adam Barth.
+
+        Content Security Policy 1.1 continues to live behind the CSP_NEXT flag,
+        this patch adds another layer on top of that in order to enable runtime
+        decisions about whether it should be active.
+
+        * bindings/generic/RuntimeEnabledFeatures.cpp:
+        (WebCore):
+        * bindings/generic/RuntimeEnabledFeatures.h:
+        (RuntimeEnabledFeatures):
+        (WebCore::RuntimeEnabledFeatures::experimentalContentSecurityPolicyFeaturesEnabled):
+        (WebCore::RuntimeEnabledFeatures::setExperimentalContentSecurityPolicyFeaturesEnabled):
+            Adds methods in order to correctly handle enabling and disabling
+            CSP 1.1 features.
+        * dom/Document.idl:
+            Gate the 'document.securityPolicy' object on the runtime flag.
+        * page/ContentSecurityPolicy.cpp:
+        (WebCore::CSPDirectiveList::addDirective):
+            Check that experimental features are runtime enabled before
+            processing 1.1 directives.
+        (WebCore::ContentSecurityPolicy::experimentalFeaturesEnabled):
+        (WebCore):
+        * page/ContentSecurityPolicy.h:
+            Adds a new method which checks against the runtime flag to determine
+            whether CSP 1.1 features are enabled.
+
 2012-11-30  Simon Fraser  <simon.fraser@apple.com>
 
         Avoid calling into NSUserDefaults every time we start a scroll
index f0169be..95da3d6 100644 (file)
@@ -229,4 +229,8 @@ bool RuntimeEnabledFeatures::isDialogElementEnabled = false;
 bool RuntimeEnabledFeatures::isRequestAutocompleteEnabled = false;
 #endif
 
+#if ENABLE(CSP_NEXT)
+bool RuntimeEnabledFeatures::areExperimentalContentSecurityPolicyFeaturesEnabled = false;
+#endif
+
 } // namespace WebCore
index 66f8e45..fabcaa6 100644 (file)
@@ -255,6 +255,11 @@ public:
     static void setDialogElementEnabled(bool isEnabled) { isDialogElementEnabled = isEnabled; }
 #endif
 
+#if ENABLE(CSP_NEXT)
+    static bool experimentalContentSecurityPolicyFeaturesEnabled() { return areExperimentalContentSecurityPolicyFeaturesEnabled; }
+    static void setExperimentalContentSecurityPolicyFeaturesEnabled(bool isEnabled) { areExperimentalContentSecurityPolicyFeaturesEnabled = isEnabled; }
+#endif
+
     static bool langAttributeAwareFormControlUIEnabled() { return isLangAttributeAwareFormControlUIEnabled; }
     // The lang attribute support is incomplete and should only be turned on for tests.
     static void setLangAttributeAwareFormControlUIEnabled(bool isEnabled) { isLangAttributeAwareFormControlUIEnabled = isEnabled; }
@@ -365,6 +370,10 @@ private:
 #if ENABLE(REQUEST_AUTOCOMPLETE)
     static bool isRequestAutocompleteEnabled;
 #endif
+
+#if ENABLE(CSP_NEXT)
+    static bool areExperimentalContentSecurityPolicyFeaturesEnabled;
+#endif
 };
 
 } // namespace WebCore
index 10cfefa..e3d4b45 100644 (file)
     [Conditional=PAGE_VISIBILITY_API] readonly attribute boolean webkitHidden;
 
     // Security Policy API: http://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html#script-interfaces
-    [Conditional=CSP_NEXT] readonly attribute DOMSecurityPolicy securityPolicy;
+    [Conditional=CSP_NEXT, V8EnabledAtRuntime=experimentalContentSecurityPolicyFeatures] readonly attribute DOMSecurityPolicy securityPolicy;
 
 };
 
index be722dc..4996302 100644 (file)
@@ -37,6 +37,7 @@
 #include "InspectorValues.h"
 #include "KURL.h"
 #include "PingLoader.h"
+#include "RuntimeEnabledFeatures.h"
 #include "SchemeRegistry.h"
 #include "ScriptCallStack.h"
 #include "ScriptCallStackFactory.h"
@@ -1313,7 +1314,7 @@ void CSPDirectiveList::addDirective(const String& name, const String& value)
     else if (equalIgnoringCase(name, reportURI))
         parseReportURI(name, value);
 #if ENABLE(CSP_NEXT)
-    else if (m_experimental) {
+    else if (m_experimental && m_policy->experimentalFeaturesEnabled()) {
         if (equalIgnoringCase(name, formAction))
             setCSPDirective<SourceListDirective>(name, value, m_formAction);
         else if (equalIgnoringCase(name, pluginTypes))
@@ -1710,4 +1711,13 @@ void ContentSecurityPolicy::reportBlockedScriptExecutionToInspector(const String
     InspectorInstrumentation::scriptExecutionBlockedByCSP(m_scriptExecutionContext, directiveText);
 }
 
+bool ContentSecurityPolicy::experimentalFeaturesEnabled() const
+{
+#if ENABLE(CSP_NEXT)
+    return RuntimeEnabledFeatures::experimentalContentSecurityPolicyFeaturesEnabled();
+#else
+    return false;
+#endif
+}
+
 }
index d2cf3b5..9cb40a3 100644 (file)
@@ -120,6 +120,8 @@ public:
     void enforceSandboxFlags(SandboxFlags) const;
     String evalDisabledErrorMessage() const;
 
+    bool experimentalFeaturesEnabled() const;
+
 private:
     explicit ContentSecurityPolicy(ScriptExecutionContext*);
 
index a5f144f..a2303a5 100644 (file)
@@ -1,3 +1,23 @@
+2012-11-30  Mike West  <mkwst@chromium.org>
+
+        CSP 1.1: Make the CSP_NEXT flag runtime enabled.
+        https://bugs.webkit.org/show_bug.cgi?id=103652
+
+        Reviewed by Adam Barth.
+
+        The CSP_NEXT flag continues to be enabled on the Chromium port, but this
+        patch now locks the features away behind the securityPolicy runtime
+        flag.
+
+        * public/WebRuntimeFeatures.h:
+        (WebRuntimeFeatures):
+        * src/WebRuntimeFeatures.cpp:
+        (WebKit::WebRuntimeFeatures::enableExperimentalContentSecurityPolicyFeatures):
+        (WebKit):
+        (WebKit::WebRuntimeFeatures::isExperimentalContentSecurityPolicyFeaturesEnabled):
+            Adds the feature to WebRuntimeFeatures so it can be toggled from
+            inside Chromium.
+
 2012-11-30  Stephen White  <senorblanco@chromium.org>
 
         [Chromium] Suppress the new separable mask blurs in skia until the tests can be rebaselined.
index c916c12..8b20392 100644 (file)
@@ -160,6 +160,8 @@ public:
     WEBKIT_EXPORT static void enableCSSRegions(bool);
     WEBKIT_EXPORT static bool isCSSRegionsEnabled();
 
+    WEBKIT_EXPORT static void enableExperimentalContentSecurityPolicyFeatures(bool);
+    WEBKIT_EXPORT static bool isExperimentalContentSecurityPolicyFeaturesEnabled();
 private:
     WebRuntimeFeatures();
 };
index 5600a42..f40c235 100644 (file)
@@ -611,6 +611,24 @@ bool WebRuntimeFeatures::isDialogElementEnabled()
 #endif
 }
 
+void WebRuntimeFeatures::enableExperimentalContentSecurityPolicyFeatures(bool enable)
+{
+#if ENABLE(CSP_NEXT)
+    RuntimeEnabledFeatures::setExperimentalContentSecurityPolicyFeaturesEnabled(enable);
+#else
+    UNUSED_PARAM(enable);
+#endif
+}
+
+bool WebRuntimeFeatures::isExperimentalContentSecurityPolicyFeaturesEnabled()
+{
+#if ENABLE(CSP_NEXT)
+    return RuntimeEnabledFeatures::experimentalContentSecurityPolicyFeaturesEnabled();
+#else
+    return false;
+#endif
+}
+
 void WebRuntimeFeatures::enableCSSExclusions(bool enable)
 {
     RuntimeEnabledFeatures::setCSSExclusionsEnabled(enable);
index 629cccf..9c8f3ee 100644 (file)
@@ -1,3 +1,15 @@
+2012-11-30  Mike West  <mkwst@chromium.org>
+
+        CSP 1.1: Make the CSP_NEXT flag runtime enabled.
+        https://bugs.webkit.org/show_bug.cgi?id=103652
+
+        Reviewed by Adam Barth.
+
+        Ensures that the new SecurityPolicy runtime flag is enabled for Chromium's tests.
+
+        * DumpRenderTree/chromium/TestShell.cpp:
+        (TestShell::TestShell):
+
 2012-11-30  Roger Fong  <roger_fong@apple.com>
 
         Unreviewed. Removed temporary debugging change from DRT (r136300).
index 75fec13..0d40b34 100644 (file)
@@ -148,6 +148,7 @@ TestShell::TestShell()
     WebRuntimeFeatures::enableStyleScoped(true);
     WebRuntimeFeatures::enableScriptedSpeech(true);
     WebRuntimeFeatures::enableRequestAutocomplete(true);
+    WebRuntimeFeatures::enableExperimentalContentSecurityPolicyFeatures(true);
 
     // 30 second is the same as the value in Mac DRT.
     // If we use a value smaller than the timeout value of