fenced-frame
fenced-frame copied to clipboard
WICG
Spec: fix 'src' permissions policy allowlist.
The 'src' allowlist is a feature unique to iframes and fenced frames that, if set, only allows a given feature for the origin loaded in the src/config attribute. This is calculated in the embedder. However, when loading a fenced frame with a fenced frame config, that origin is opaque to the embedder but transparent to the inner content. This causes a mismatch where the inner content is told to only allow a feature for an opaque 'src', but it will see it was navigated to a transparent URL. It will then disallow the feature, even though it is navigated to the FencedFrameConfig installed in the "src" or "config" attribute.
The mismatch is fixed by recalculating the document's permissions policy allowlists once the mapped URL is known. More specifically, this is done during the create and initialize a Document object algorithm right after the |permissionsPolicy| is first loaded into the document. Any allowlists that match the opaque 'src' (a value set by the embedder that doesn't and shouldn't know the final navigated URL) are replaced with the document's fenced frame config's mapped URL's origin.
