From a9d99fe532234a31af29696d1e2d659b6304697d Mon Sep 17 00:00:00 2001 From: Jun Date: Thu, 21 Mar 2024 16:46:24 -0700 Subject: [PATCH 01/13] Update index.bs --- index.bs | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/index.bs b/index.bs index 745a4a3c..a5a152dd 100644 --- a/index.bs +++ b/index.bs @@ -809,9 +809,12 @@ partial interface HTMLIFrameElement { string indicating whether the violated permissions policy was enforced in this case. [=PermissionsPolicyViolationReportBody/disposition=] will be set to - "enforce" if the policy was enforced, or "report" if the violation + "enforce" if the policy was enforced, "report" if the violation resulted only in this report being generated (with no further action taken - by the user agent in response to the violation). + by the user agent in response to the violation), "potential-enforce" if the + policy was potentially enforced on iframes, or "potential-report" if the + potential violation on iframes resulted only in this report being + generated.

\``Permissions-Policy-Report-Only`\` From 0984a8102943b6bd66c6c886c550c787ffe32c9f Mon Sep 17 00:00:00 2001 From: Jun Date: Fri, 26 Apr 2024 18:32:55 -0700 Subject: [PATCH 02/13] Update index.bs --- index.bs | 25 ++++++++++++++++++------- 1 file changed, 18 insertions(+), 7 deletions(-) diff --git a/index.bs b/index.bs index a5a152dd..81b8811d 100644 --- a/index.bs +++ b/index.bs @@ -951,6 +951,12 @@ partial interface HTMLIFrameElement { fullscreen [=feature=]. 1. [=map/Set=] |container policy|[fullscreen] = the special value *. + 1. [=map/For each=] [=feature=] in |container policy|: + 1. If [=feature=]'s allowlist does not [=list/contain=] the special + value *, then [=list/for each=] [=origins=] in + allowlist: + 1. Executing Is feature enabled in document for origin? + on |feature|, |element|'s [=node document=], |origin|, True, and True. 1. Return |container policy|. @@ -1083,13 +1089,14 @@ partial interface HTMLIFrameElement {
Given a [=feature=] (|feature|), a {{Document}} object - (|document|), an [=origin=] (|origin|), and an optional boolean (|report|), - with a default value of True, this algorithm returns "Disabled" - if |feature| should be considered disabled, and "Enabled" + (|document|), an [=origin=] (|origin|), an optional boolean (|report|) with + a default value of True, and an optional boolean (|potential|) with a + default value of False, this algorithm returns "Disabled" if + |feature| should be considered disabled, and "Enabled" otherwise. If |report| is True, then it will also [=generate and queue a report=] if the feature is not enabled in either |document|'s - [=Document/permissions policy=] or |document|'s [=Document/report-only - permissions policy=]

+ [=Document/permissions policy=] or |document|'s + [=Document/report-only permissions policy=]

Note: The default value of True for |report| means that most permissions policy checks will generate a violation report if the feature is not @@ -1113,16 +1120,20 @@ partial interface HTMLIFrameElement { 1. Let |endpoint| be the result of calling Get the reporting endpoint for a feature given |feature| and |policy|. + 1. Let |disposition| be "potential-enforce" if + |potential| is True, or "enforce" otherwise. 1. Call Generate report for violation of permissions policy on settings given |feature|, |settings|, - "Enforce", and |endpoint|. + |disposition|, and |endpoint|. 1. Else, if |report-only result| is "Disabled": 1. Let |report-only endpoint| be the result of calling Get the reporting endpoint for a feature given |feature| and |report-only policy|. + 1. Let |disposition| be "potential-report" if + |potential| is True, or "report" otherwise. 1. Call Generate report for violation of permissions policy on settings given |feature|, |settings|, - "Report", and |report-only endpoint|. + |potential|, and |report-only endpoint|. 1. Return result
From 0e110371f64315a87add9dd87c2fcd8cb1c26c44 Mon Sep 17 00:00:00 2001 From: Jun Date: Tue, 30 Apr 2024 16:00:45 -0700 Subject: [PATCH 03/13] Update index.bs --- index.bs | 43 ++++++++++++++++++++++++++++--------------- 1 file changed, 28 insertions(+), 15 deletions(-) diff --git a/index.bs b/index.bs index 81b8811d..c5e878ff 100644 --- a/index.bs +++ b/index.bs @@ -780,6 +780,7 @@ partial interface HTMLIFrameElement { readonly attribute long? lineNumber; readonly attribute long? columnNumber; readonly attribute DOMString disposition; + readonly attribute DOMString? allowAttribute; }; @@ -816,6 +817,10 @@ partial interface HTMLIFrameElement { potential violation on iframes resulted only in this report being generated. + - allowAttribute: If + known, the value of <{iframe}> element's <{iframe/allow}> attribute, or + null otherwise. +

\``Permissions-Policy-Report-Only`\` HTTP Header Field

@@ -942,10 +947,11 @@ partial interface HTMLIFrameElement { policy, which may be empty. 1. If |element| is not an <{iframe}> element, then return an empty [=policy directive=]. + 1. Let |allowAttribute| be the value of |element|'s <{iframe/allow}> + attribute. 1. Let |container policy| be the result of running Parse policy - directive given the value of |element|'s <{iframe/allow}> attribute, - the [=Document/origin=] of |element|'s [=node document=], and |element|'s - declared origin. + directive given |allowAttribute|, the [=Document/origin=] of |element|'s + [=node document=], and |element|'s declared origin. 1. If |element|'s <{iframe/allowfullscreen}> attribute is specified, and |container policy| does not [=map/contain=] an entry for the fullscreen [=feature=]. @@ -956,7 +962,8 @@ partial interface HTMLIFrameElement { value *, then [=list/for each=] [=origins=] in allowlist: 1. Executing Is feature enabled in document for origin? - on |feature|, |element|'s [=node document=], |origin|, True, and True. + on |feature|, |element|'s [=node document=], |origin|, True, True, and + |allowAttribute|. 1. Return |container policy|. @@ -1090,12 +1097,12 @@ partial interface HTMLIFrameElement {
Given a [=feature=] (|feature|), a {{Document}} object (|document|), an [=origin=] (|origin|), an optional boolean (|report|) with - a default value of True, and an optional boolean (|potential|) with a - default value of False, this algorithm returns "Disabled" if - |feature| should be considered disabled, and "Enabled" - otherwise. If |report| is True, then it will also [=generate and queue a - report=] if the feature is not enabled in either |document|'s - [=Document/permissions policy=] or |document|'s + a default value of True, an optional boolean (|potential|) with a default + value of False, and an optional string (|allowAttribute|), this algorithm + returns "Disabled" if |feature| should be considered disabled, + and "Enabled" otherwise. If |report| is True, then it will also + [=generate and queue a report=] if the feature is not enabled in either + |document|'s [=Document/permissions policy=] or |document|'s [=Document/report-only permissions policy=]

Note: The default value of True for |report| means that most permissions @@ -1124,7 +1131,7 @@ partial interface HTMLIFrameElement { |potential| is True, or "enforce" otherwise. 1. Call Generate report for violation of permissions policy on settings given |feature|, |settings|, - |disposition|, and |endpoint|. + |disposition|, |endpoint|, and |allowAttribute|. 1. Else, if |report-only result| is "Disabled": 1. Let |report-only endpoint| be the result of calling Get the reporting endpoint for a feature given @@ -1133,7 +1140,7 @@ partial interface HTMLIFrameElement { |potential| is True, or "report" otherwise. 1. Call Generate report for violation of permissions policy on settings given |feature|, |settings|, - |potential|, and |report-only endpoint|. + |potential|, |report-only endpoint|, and |allowAttribute|. 1. Return result
@@ -1157,9 +1164,9 @@ partial interface HTMLIFrameElement {
Given a [=feature=] (|feature|), an environment settings object - (|settings|), a string (|disposition|), and a string-or-null (|endpoint|), - this algorithm generates a report about the violation of the - policy for |feature|. + (|settings|), a string (|disposition|), a string-or-null (|endpoint|), and + a string-or-null (|allowAttribute|), this algorithm generates a + report about the violation of the policy for |feature|. 1. Let |body| be a new {{PermissionsPolicyViolationReportBody}}, initialized as follows: @@ -1174,6 +1181,8 @@ partial interface HTMLIFrameElement { :: null : [=PermissionsPolicyViolationReportBody/disposition=] :: |disposition| + : [=PermissionsPolicyViolationReportBody/allowAttribute=] + :: |allowAttribute| 1. If the user agent is currently executing script, and can extract the source file's URL, line number, and column number from |settings|, then @@ -1181,6 +1190,10 @@ partial interface HTMLIFrameElement { [=PermissionsPolicyViolationReportBody/lineNumber=], and [=PermissionsPolicyViolationReportBody/columnNumber=] accordingly. + 1. If |allowAttribute| is not null, then set |body|'s + [=PermissionsPolicyViolationReportBody/allowAttribute=] to + |allowAttribute|. + 1. Execute [=generate and queue a report=] with |body|, "permissions-policy-violation", |endpoint|, and |settings|. From 6c89e5801d161faa638fd1b37d63366e795aaf1e Mon Sep 17 00:00:00 2001 From: Jun Date: Tue, 6 Aug 2024 15:08:34 -0700 Subject: [PATCH 04/13] introduce potential permissions policy violation type --- index.bs | 77 ++++++++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 58 insertions(+), 19 deletions(-) diff --git a/index.bs b/index.bs index 20a331b7..56da59fd 100644 --- a/index.bs +++ b/index.bs @@ -852,12 +852,9 @@ partial interface HTMLIFrameElement { string indicating whether the violated permissions policy was enforced in this case. [=PermissionsPolicyViolationReportBody/disposition=] will be set to - "enforce" if the policy was enforced, "report" if the violation + "enforce" if the policy was enforced, or "report" if the violation resulted only in this report being generated (with no further action taken - by the user agent in response to the violation), "potential-enforce" if the - policy was potentially enforced on iframes, or "potential-report" if the - potential violation on iframes resulted only in this report being - generated. + by the user agent in response to the violation). - allowAttribute: If known, the value of <{iframe}> element's <{iframe/allow}> attribute, or @@ -1166,22 +1163,30 @@ partial interface HTMLIFrameElement { 1. Let |settings| be |document|'s environment settings object. 1. If |result| is "Disabled": 1. Let |endpoint| be the result of calling Get the - reporting endpoint for a feature given |feature| and - |policy|. - 1. Let |disposition| be "potential-enforce" if - |potential| is True, or "enforce" otherwise. - 1. Call Generate report for violation of permissions - policy on settings given |feature|, |settings|, - |disposition|, |endpoint|, and |allowAttribute|. + reporting endpoint for a feature given |feature| and + |policy|. + 1. If |potential| is True: + 1. Call Generate report for potential violation + of permissions policy on settings given |feature|, + |settings|, "enforce", |endpoint|, and + |allowAttribute|. + 1. Else: + 1. Call Generate report for violation of + permissions policy on settings given |feature|, |settings|, + "enforce", and |endpoint|. 1. Else, if |report-only result| is "Disabled": 1. Let |report-only endpoint| be the result of calling Get the reporting endpoint for a feature given + abstract-op>Get the reporting endpoint for a feature given |feature| and |report-only policy|. - 1. Let |disposition| be "potential-report" if - |potential| is True, or "report" otherwise. - 1. Call Generate report for violation of permissions - policy on settings given |feature|, |settings|, - |potential|, |report-only endpoint|, and |allowAttribute|. + 1. If |potential| is True: + 1. Call Generate report for potential violation of + permissions policy on settings given |feature|, |settings|, + "report", |report-only endpoint|, and + |allowAttribute|. + 1. Else: + 1. Call Generate report for violation of permissions + policy on settings given |feature|, |settings|, + "report", and |report-only endpoint|. 1. Return result
@@ -1209,6 +1214,40 @@ partial interface HTMLIFrameElement { this algorithm generates a report about the violation of the policy for |feature|. + 1. Let |body| be a new {{PermissionsPolicyViolationReportBody}}, initialized + as follows: + + : [=PermissionsPolicyViolationReportBody/featureId=] + :: |feature|'s string representation. + : [=PermissionsPolicyViolationReportBody/sourceFile=] + :: null + : [=PermissionsPolicyViolationReportBody/lineNumber=] + :: null + : [=PermissionsPolicyViolationReportBody/columnNumber=] + :: null + : [=PermissionsPolicyViolationReportBody/disposition=] + :: |disposition| + + 1. If the user agent is currently executing script, and can extract the + source file's URL, line number, and column number from |settings|, then + set |body|'s [=PermissionsPolicyViolationReportBody/sourceFile=], + [=PermissionsPolicyViolationReportBody/lineNumber=], and + [=PermissionsPolicyViolationReportBody/columnNumber=] accordingly. + + 1. Execute [=generate and queue a report=] with |body|, + "permissions-policy-violation", |endpoint|, and |settings|. + + +
+
+ ## Generate report for potential violation of permissions policy on settings ## {#algo-report-potential-permissions-policy-violation} + +
+ Given a [=policy-controlled feature|feature=] (|feature|), an environment settings object + (|settings|), a string (|disposition|), a string-or-null (|endpoint|), and a string-or-null + (|allowAttribute|), this algorithm generates a report about the violation of the + policy for |feature|. + 1. Let |body| be a new {{PermissionsPolicyViolationReportBody}}, initialized as follows: @@ -1236,7 +1275,7 @@ partial interface HTMLIFrameElement { |allowAttribute|. 1. Execute [=generate and queue a report=] with |body|, - "permissions-policy-violation", |endpoint|, and |settings|. + "potential-permissions-policy-violation", |endpoint|, and |settings|.
From 4119841afa1ba59830ee85af1cfc700774e59ca4 Mon Sep 17 00:00:00 2001 From: Jun Date: Wed, 14 Aug 2024 11:02:15 -0700 Subject: [PATCH 05/13] Update index.bs --- index.bs | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/index.bs b/index.bs index 56da59fd..d9317c13 100644 --- a/index.bs +++ b/index.bs @@ -995,13 +995,14 @@ partial interface HTMLIFrameElement { fullscreen [=policy-controlled feature|feature=]. 1. [=map/Set=] |container policy|[fullscreen] = the special value *. - 1. [=map/For each=] [=feature=] in |container policy|: + 1. [=map/For each=] |feature| in |container policy|: 1. If [=feature=]'s allowlist does not [=list/contain=] the special - value *, then [=list/for each=] [=origins=] in + value *, then [=list/for each=] |origin| in allowlist: - 1. Executing Is feature enabled in document for origin? + 1. Call Is feature enabled in document for origin? on |feature|, |element|'s [=node document=], |origin|, True, True, and |allowAttribute|. + Note: The purpose of the call is to generate a report, and not to allow or deny a feature usage. 1. Return |container policy|. @@ -1270,10 +1271,6 @@ partial interface HTMLIFrameElement { [=PermissionsPolicyViolationReportBody/lineNumber=], and [=PermissionsPolicyViolationReportBody/columnNumber=] accordingly. - 1. If |allowAttribute| is not null, then set |body|'s - [=PermissionsPolicyViolationReportBody/allowAttribute=] to - |allowAttribute|. - 1. Execute [=generate and queue a report=] with |body|, "potential-permissions-policy-violation", |endpoint|, and |settings|. From 76b1991ae617bff1cdb7bef065d93edcc22456f0 Mon Sep 17 00:00:00 2001 From: Jun Date: Wed, 14 Aug 2024 11:08:27 -0700 Subject: [PATCH 06/13] indent --- index.bs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.bs b/index.bs index d9317c13..b53747a9 100644 --- a/index.bs +++ b/index.bs @@ -1002,7 +1002,7 @@ partial interface HTMLIFrameElement { 1. Call Is feature enabled in document for origin? on |feature|, |element|'s [=node document=], |origin|, True, True, and |allowAttribute|. - Note: The purpose of the call is to generate a report, and not to allow or deny a feature usage. + Note: The purpose of the call is to generate a report, and not to allow or deny a feature usage. 1. Return |container policy|. From 168e0baa11cbe06d29e01c4e621a3f3d782eadd9 Mon Sep 17 00:00:00 2001 From: Jun Date: Wed, 14 Aug 2024 11:11:50 -0700 Subject: [PATCH 07/13] fix indent --- index.bs | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/index.bs b/index.bs index b53747a9..bcba36dd 100644 --- a/index.bs +++ b/index.bs @@ -1002,7 +1002,8 @@ partial interface HTMLIFrameElement { 1. Call Is feature enabled in document for origin? on |feature|, |element|'s [=node document=], |origin|, True, True, and |allowAttribute|. - Note: The purpose of the call is to generate a report, and not to allow or deny a feature usage. + + Note: The purpose of the call is to generate a report, and not to allow or deny a feature usage. 1. Return |container policy|. From f655cc04af079e872d6e07dd57b9d46308260ec4 Mon Sep 17 00:00:00 2001 From: Jun Date: Mon, 19 Aug 2024 15:44:17 -0700 Subject: [PATCH 08/13] Update index.bs --- index.bs | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/index.bs b/index.bs index bcba36dd..199f6f00 100644 --- a/index.bs +++ b/index.bs @@ -856,9 +856,10 @@ partial interface HTMLIFrameElement { resulted only in this report being generated (with no further action taken by the user agent in response to the violation). - - allowAttribute: If - known, the value of <{iframe}> element's <{iframe/allow}> attribute, or - null otherwise. + - allowAttribute: For + reports of potential violations, which can be attributed to a specific + <{iframe}> element, the value of the <{iframe/allow}> attribute of that + element, or omitted otherwise.

\``Permissions-Policy-Report-Only`\` HTTP Header Field

From e410bb43c310c36a5511d331ae932ba8433985e7 Mon Sep 17 00:00:00 2001 From: Jun Date: Mon, 19 Aug 2024 16:37:23 -0700 Subject: [PATCH 09/13] Remove changes from `is-feature-enabled` and `process-policy-attributes` --- index.bs | 57 +++++++++++++++++--------------------------------------- 1 file changed, 17 insertions(+), 40 deletions(-) diff --git a/index.bs b/index.bs index 199f6f00..6dc70503 100644 --- a/index.bs +++ b/index.bs @@ -986,25 +986,15 @@ partial interface HTMLIFrameElement { policy, which may be empty. 1. If |element| is not an <{iframe}> element, then return an empty [=policy directive=]. - 1. Let |allowAttribute| be the value of |element|'s <{iframe/allow}> - attribute. 1. Let |container policy| be the result of running Parse policy - directive given |allowAttribute|, the [=Document/origin=] of |element|'s - [=node document=], and |element|'s declared origin. + directive given the value of |element|'s <{iframe/allow}> attribute, + the [=Document/origin=] of |element|'s [=node document=], and |element|'s + declared origin. 1. If |element|'s <{iframe/allowfullscreen}> attribute is specified, and |container policy| does not [=map/contain=] an entry for the fullscreen [=policy-controlled feature|feature=]. 1. [=map/Set=] |container policy|[fullscreen] = the special value *. - 1. [=map/For each=] |feature| in |container policy|: - 1. If [=feature=]'s allowlist does not [=list/contain=] the special - value *, then [=list/for each=] |origin| in - allowlist: - 1. Call Is feature enabled in document for origin? - on |feature|, |element|'s [=node document=], |origin|, True, True, and - |allowAttribute|. - - Note: The purpose of the call is to generate a report, and not to allow or deny a feature usage. 1. Return |container policy|. @@ -1137,14 +1127,13 @@ partial interface HTMLIFrameElement {
Given a [=policy-controlled feature|feature=] (|feature|), a {{Document}} object - (|document|), an [=origin=] (|origin|), an optional boolean (|report|), with a - default value of True, an optional boolean (|potential|) with a default value of - False, and an optional string (|allowAttribute|), this algorithm returns - "Disabled" if |feature| should be considered disabled, and - "Enabled" otherwise. If |report| is True, then it will also - [=generate and queue a report=] if the feature is not enabled in either - |document|'s [=Document/permissions policy=] or |document|'s - [=Document/report-only permissions policy=]. + (|document|), an [=origin=] (|origin|), and an optional boolean (|report|), + with a default value of True, this algorithm returns "Disabled" + if |feature| should be considered disabled, and "Enabled" + otherwise. If |report| is True, then it will also [=generate and queue a + report=] if the feature is not enabled in either |document|'s + [=Document/permissions policy=] or |document|'s [=Document/report-only + permissions policy=]. Note: The default value of True for |report| means that most permissions policy checks will generate a violation report if the feature is not @@ -1167,29 +1156,17 @@ partial interface HTMLIFrameElement { 1. If |result| is "Disabled": 1. Let |endpoint| be the result of calling Get the reporting endpoint for a feature given |feature| and - |policy|. - 1. If |potential| is True: - 1. Call Generate report for potential violation - of permissions policy on settings given |feature|, - |settings|, "enforce", |endpoint|, and - |allowAttribute|. - 1. Else: - 1. Call Generate report for violation of - permissions policy on settings given |feature|, |settings|, - "enforce", and |endpoint|. + |policy|. + 1. Call Generate report for violation of permissions + policy on settings given |feature|, |settings|, + "Enforce", and |endpoint|. 1. Else, if |report-only result| is "Disabled": 1. Let |report-only endpoint| be the result of calling Get the reporting endpoint for a feature given |feature| and |report-only policy|. - 1. If |potential| is True: - 1. Call Generate report for potential violation of - permissions policy on settings given |feature|, |settings|, - "report", |report-only endpoint|, and - |allowAttribute|. - 1. Else: - 1. Call Generate report for violation of permissions - policy on settings given |feature|, |settings|, - "report", and |report-only endpoint|. + 1. Call Generate report for violation of permissions + policy on settings given |feature|, |settings|, + "Report", and |report-only endpoint|. 1. Return result
From 40f16c9be1fb9148825e3461687c702621d35a7e Mon Sep 17 00:00:00 2001 From: Jun Date: Mon, 19 Aug 2024 16:38:45 -0700 Subject: [PATCH 10/13] Nits --- index.bs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/index.bs b/index.bs index 6dc70503..85c29db3 100644 --- a/index.bs +++ b/index.bs @@ -1155,14 +1155,14 @@ partial interface HTMLIFrameElement { 1. Let |settings| be |document|'s environment settings object. 1. If |result| is "Disabled": 1. Let |endpoint| be the result of calling Get the - reporting endpoint for a feature given |feature| and + reporting endpoint for a feature given |feature| and |policy|. 1. Call Generate report for violation of permissions policy on settings given |feature|, |settings|, "Enforce", and |endpoint|. 1. Else, if |report-only result| is "Disabled": 1. Let |report-only endpoint| be the result of calling Get the reporting endpoint for a feature given + abstract-op>Get the reporting endpoint for a feature given |feature| and |report-only policy|. 1. Call Generate report for violation of permissions policy on settings given |feature|, |settings|, From 95d98ba4a5b17c644b793ca3a62759d87d3cff18 Mon Sep 17 00:00:00 2001 From: Jun Date: Mon, 19 Aug 2024 18:13:44 -0700 Subject: [PATCH 11/13] Add reporting code to observable policy --- index.bs | 27 +++++++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) diff --git a/index.bs b/index.bs index 85c29db3..51b94b01 100644 --- a/index.bs +++ b/index.bs @@ -764,12 +764,35 @@ partial interface HTMLIFrameElement {

To get the observable policy for an Element |node|, run the following steps:

1. Let |inherited policy| be an empty [=ordered map=]. - 3. [=set/For each=] supported feature |feature|: + 2. [=set/For each=] supported feature |feature|: 1. Let |isInherited| be the result of running Define an inherited policy for feature in container at origin on |feature|, |node| and |node|'s declared origin. 2. Set |inherited policy|[|feature|] to |isInherited|. - 4. Return a new permissions policy with Disabled": + 1. Let |endpoint| be the result of calling Get + the reporting endpoint for a feature given |feature| and + |document|'s [=Document/permissions policy=]. + 2. Call Generate report for potential violation + of permissions policy on settings given |feature|, + |settings|, "Enforce", and |endpoint|. + 4. If the result of running Define an inherited + policy for feature in container at origin on |feature|, + |node|, |node|'s declared origin and True is + "Disabled": + 1. Let |report-only endpoint| be the result of calling Get the reporting endpoint for a feature + given |feature| and |document|'s [=Document/report-only + permissions policy=]. + 2. Call Generate report for potential violation + of permissions policy on settings given |feature|, + |settings|, "Report", and |report-only + endpoint|. + 3. Return a new permissions policy with inherited policy |inherited policy|, declared policy a [=struct=] with both [=declared policy/declarations=] and [=declared policy/reporting From 984db36a06f9a3a790cda2114b5463964c5d948f Mon Sep 17 00:00:00 2001 From: Jun Date: Mon, 19 Aug 2024 18:40:12 -0700 Subject: [PATCH 12/13] Update index.bs --- index.bs | 26 +++++++++++++++----------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/index.bs b/index.bs index 51b94b01..1b7cc1bc 100644 --- a/index.bs +++ b/index.bs @@ -1072,17 +1072,19 @@ partial interface HTMLIFrameElement {
Given a [=policy-controlled feature|feature=] (|feature|), null or a navigable container - (|container|), and an origin for a {{Document}} in - that container (|origin|), this algorithm returns the [=inherited policy for - a feature|inherited policy value=] for |feature|. + (|container|), an origin for a {{Document}} in + that container (|origin|), and an optional boolean (|report-only|), with + a default value of False, this algorithm returns the [=inherited policy + for a feature|inherited policy value=] for |feature|. 1. If |container| is null, return "Enabled". 1. If the result of executing Get feature value for - origin on |feature|, |container|'s node document, and - |container|'s node document's origin is + origin on |feature|, |container|'s node document, + |container|'s node document's origin, and |report-only| is "Disabled", return "Disabled". 1. If the result of executing Get feature value for - origin on |feature|, |container|'s node document, and - |origin| is "Disabled", return "Disabled". + origin on |feature|, |container|'s node document, |origin|, + and |report-only| is "Disabled", return + "Disabled". 1. Let |container policy| be the result of running Process permissions policy attributes on |container|. 1. If |feature| [=map/exists=] in |container policy|: @@ -1103,10 +1105,12 @@ partial interface HTMLIFrameElement {
Given a [=policy-controlled feature|feature=] (|feature|), a {{Document}} object - (|document|), and an [=origin=] (|origin|), this algorithm - returns "Disabled" if |feature| should be considered - disabled, and "Enabled" otherwise. - 1. Let |policy| be |document|'s [=Document/permissions policy=]. + (|document|), an [=origin=] (|origin|), and a boolean (|report-only|), + this algorithm returns "Disabled" if |feature| should be + considered disabled, and "Enabled" otherwise. + 1. Let |policy| be |document|'s [=Document/report-only permissions + policy=] if |report-only| is True, or |document|'s + [=Document/permissions policy=] otherwise. 1. If |policy|'s inherited policy for |feature| is "Disabled", return "Disabled". 1. If |feature| is present in |policy|'s declared From 9df72a461848313fcd824823973f4140861b06fc Mon Sep 17 00:00:00 2001 From: Jun Date: Fri, 20 Sep 2024 13:07:04 -0700 Subject: [PATCH 13/13] Update index.bs Add a monkey patch --- index.bs | 70 +++++++++++++++++++++++++++++++++++--------------------- 1 file changed, 44 insertions(+), 26 deletions(-) diff --git a/index.bs b/index.bs index 1b7cc1bc..93015518 100644 --- a/index.bs +++ b/index.bs @@ -764,35 +764,12 @@ partial interface HTMLIFrameElement {

To get the observable policy for an Element |node|, run the following steps:

1. Let |inherited policy| be an empty [=ordered map=]. - 2. [=set/For each=] supported feature |feature|: + 3. [=set/For each=] supported feature |feature|: 1. Let |isInherited| be the result of running Define an inherited policy for feature in container at origin on |feature|, |node| and |node|'s declared origin. 2. Set |inherited policy|[|feature|] to |isInherited|. - 3. If |node| is a navigable container: - 1. Let |document| be |node|'s node document. - 2. Let |settings| be |document|'s environment settings - object. - 3. If |isInherited| is "Disabled": - 1. Let |endpoint| be the result of calling Get - the reporting endpoint for a feature given |feature| and - |document|'s [=Document/permissions policy=]. - 2. Call Generate report for potential violation - of permissions policy on settings given |feature|, - |settings|, "Enforce", and |endpoint|. - 4. If the result of running Define an inherited - policy for feature in container at origin on |feature|, - |node|, |node|'s declared origin and True is - "Disabled": - 1. Let |report-only endpoint| be the result of calling Get the reporting endpoint for a feature - given |feature| and |document|'s [=Document/report-only - permissions policy=]. - 2. Call Generate report for potential violation - of permissions policy on settings given |feature|, - |settings|, "Report", and |report-only - endpoint|. - 3. Return a new permissions policy with inherited policy |inherited policy|, declared policy a [=struct=] with both [=declared policy/declarations=] and [=declared policy/reporting @@ -1212,6 +1189,41 @@ partial interface HTMLIFrameElement {
+
+ ## Check potential violation of permissions policy in container ## {#algo-check-potential-violation-in-container} + +
+ Given a navigable container (|container|), this algorithm sends potential + violation reports. + 1. Let |document| be |container|'s node document. + 2. Let |settings| be |document|'s environment settings + object. + 3. [=set/For each=] supported feature |feature|: + 1. If the result of running Define an inherited + policy for feature in container at origin on |feature|, + |container| and |container|'s declared origin is + "Disabled": + 1. Let |endpoint| be the result of calling Get + the reporting endpoint for a feature given |feature| and + |document|'s [=Document/permissions policy=]. + 2. Call Generate report for potential violation + of permissions policy on settings given |feature|, + |settings|, "Enforce", and |endpoint|. + 2. If the result of running Define an inherited + policy for feature in container at origin on |feature|, + |container|, |container|'s declared origin and True is + "Disabled": + 1. Let |report-only endpoint| be the result of calling Get the reporting endpoint for a feature + given |feature| and |document|'s [=Document/report-only + permissions policy=]. + 2. Call Generate report for potential violation + of permissions policy on settings given |feature|, + |settings|, "Report", and |report-only + endpoint|. + +
+
## Generate report for violation of permissions policy on settings ## {#algo-report-permissions-policy-violation} @@ -1329,7 +1341,13 @@ partial interface HTMLIFrameElement { navigationParams's origin, navigationParams's response, and True. And in the same section, in step 10, set the new {{Document}}'s - [=Document/report-only permissions policy=] to |reportOnlyPermissionsPolicy|. + [=Document/report-only permissions policy=] to |reportOnlyPermissionsPolicy|. + + And in the same section, in step 19 before the return, insert the following step: + + 19. If navigationParams's navigable's container is not null, call Check potential violation of permissions policy in + container given navigationParams's navigable's container.