[DIP] Add DocumentIsolationPolicy to PolicyContainer
This CL adds DocumentIsolationPolicy to the PolicyContainer.
DocumentIsolationPolicy is set when received from a network response. If
the navigation did not have a network response, it should be inherited
from the navigation initiator normally through the PolicyContainer.
Bug: 332883907
Change-Id: Ifb89d523167a4d9b5b0b7ec616805df035b71a91
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5428418
Commit-Queue: Camille Lamy <[email protected]>
Reviewed-by: Joe DeBlasio <[email protected]>
Cr-Commit-Position: refs/heads/main@{#1288046}
diff --git a/content/browser/renderer_host/policy_container_host.cc b/content/browser/renderer_host/policy_container_host.cc
index f58b03f..626edca 100644
--- a/content/browser/renderer_host/policy_container_host.cc
+++ b/content/browser/renderer_host/policy_container_host.cc
@@ -39,6 +39,7 @@
rhs.content_security_policies) &&
lhs.cross_origin_opener_policy == rhs.cross_origin_opener_policy &&
lhs.cross_origin_embedder_policy == rhs.cross_origin_embedder_policy &&
+ lhs.document_isolation_policy == rhs.document_isolation_policy &&
lhs.sandbox_flags == rhs.sandbox_flags &&
lhs.is_credentialless == rhs.is_credentialless &&
lhs.can_navigate_top_without_user_gesture ==
@@ -98,6 +99,17 @@
.value_or("<null>")
<< " }";
+ out << ", document_isolation_policy: " << "{ value: "
+ << policies.document_isolation_policy.value << ", reporting_endpoint: "
+ << policies.document_isolation_policy.reporting_endpoint.value_or(
+ "<null>")
+ << ", report_only_value: "
+ << policies.document_isolation_policy.report_only_value
+ << ", report_only_reporting_endpoint: "
+ << policies.document_isolation_policy.report_only_reporting_endpoint
+ .value_or("<null>")
+ << " }";
+
out << ", sandbox_flags: " << policies.sandbox_flags;
out << ", is_credentialless: " << policies.is_credentialless;
out << ", can_navigate_top_without_user_gesture: "
@@ -118,6 +130,7 @@
content_security_policies,
const network::CrossOriginOpenerPolicy& cross_origin_opener_policy,
const network::CrossOriginEmbedderPolicy& cross_origin_embedder_policy,
+ const network::DocumentIsolationPolicy& document_isolation_policy,
network::mojom::WebSandboxFlags sandbox_flags,
bool is_credentialless,
bool can_navigate_top_without_user_gesture,
@@ -128,6 +141,7 @@
content_security_policies(std::move(content_security_policies)),
cross_origin_opener_policy(cross_origin_opener_policy),
cross_origin_embedder_policy(cross_origin_embedder_policy),
+ document_isolation_policy(document_isolation_policy),
sandbox_flags(sandbox_flags),
is_credentialless(is_credentialless),
can_navigate_top_without_user_gesture(
@@ -158,6 +172,7 @@
mojo::Clone(response_head->parsed_headers->content_security_policy),
response_head->parsed_headers->cross_origin_opener_policy,
response_head->parsed_headers->cross_origin_embedder_policy,
+ response_head->parsed_headers->document_isolation_policy,
network::mojom::WebSandboxFlags::kNone,
/*is_credentialless=*/false,
/*can_navigate_top_without_user_gesture=*/true,
@@ -181,8 +196,9 @@
return PolicyContainerPolicies(
referrer_policy, ip_address_space, is_web_secure_context,
mojo::Clone(content_security_policies), cross_origin_opener_policy,
- cross_origin_embedder_policy, sandbox_flags, is_credentialless,
- can_navigate_top_without_user_gesture, allow_cross_origin_isolation);
+ cross_origin_embedder_policy, mojo::Clone(document_isolation_policy),
+ sandbox_flags, is_credentialless, can_navigate_top_without_user_gesture,
+ allow_cross_origin_isolation);
}
std::unique_ptr<PolicyContainerPolicies> PolicyContainerPolicies::ClonePtr()