Bug 1665252 - remove allowpaymentrequest attribute from HTMLIFrameElement r=dom-workers-and-storage-reviewers,smaug,asuth

Differential Revision: https://phabricator.services.mozilla.com/D90505
2020-09-24 03:41:26 +00:00
parent 604116cf00
commit 4dbaa97fdd
12 changed files with 14 additions and 79 deletions
--- a/dom/base/Document.cpp
+++ b/dom/base/Document.cpp
@@ -1292,7 +1292,6 @@ Document::Document(const char* aContentType)
      mIsTopLevelContentDocument(false),
      mIsContentDocument(false),
      mDidCallBeginLoad(false),
      mAllowPaymentRequest(false),
      mEncodingMenuDisabled(false),
      mLinksEnabled(true),
      mIsSVGGlyphsDocument(false),
@@ -6387,9 +6386,6 @@ nsresult Document::SetSubDocumentFor(Element* aElement, Document* aSubDoc) {
    // aSubDoc is nullptr, remove the mapping
    if (mSubDocuments) {
      if (Document* subDoc = GetSubDocumentFor(aElement)) {
        subDoc->SetAllowPaymentRequest(false);
      }
      mSubDocuments->Remove(aElement);
    }
  } else {
@@ -6412,7 +6408,6 @@ nsresult Document::SetSubDocumentFor(Element* aElement, Document* aSubDoc) {
    }
    if (entry->mSubDocument) {
      entry->mSubDocument->SetAllowPaymentRequest(false);
      entry->mSubDocument->SetParentDocument(nullptr);
      // Release the old sub document
@@ -6422,23 +6417,6 @@ nsresult Document::SetSubDocumentFor(Element* aElement, Document* aSubDoc) {
    entry->mSubDocument = aSubDoc;
    NS_ADDREF(entry->mSubDocument);
    // set allowpaymentrequest for the binding subdocument
    if (!mAllowPaymentRequest) {
      aSubDoc->SetAllowPaymentRequest(false);
    } else {
      nsresult rv = nsContentUtils::CheckSameOrigin(aElement, aSubDoc);
      if (NS_SUCCEEDED(rv)) {
        aSubDoc->SetAllowPaymentRequest(true);
      } else {
        if (aElement->IsHTMLElement(nsGkAtoms::iframe) &&
            aElement->GetBoolAttr(nsGkAtoms::allowpaymentrequest)) {
          aSubDoc->SetAllowPaymentRequest(true);
        } else {
          aSubDoc->SetAllowPaymentRequest(false);
        }
      }
    }
    aSubDoc->SetParentDocument(this);
  }
--- a/dom/base/Document.h
+++ b/dom/base/Document.h
@@ -2159,10 +2159,6 @@ class Document : public nsINode,
  bool IsTopLevelContentDocument() const { return mIsTopLevelContentDocument; }
  void SetIsTopLevelContentDocument(bool aIsTopLevelContentDocument) {
    mIsTopLevelContentDocument = aIsTopLevelContentDocument;
    // When a document is set as TopLevelContentDocument, it must be
    // allowpaymentrequest. We handle the false case while a document is
    // appended in SetSubDocumentFor
    SetAllowPaymentRequest(aIsTopLevelContentDocument);
  }
  bool IsContentDocument() const { return mIsContentDocument; }
@@ -3873,12 +3869,6 @@ class Document : public nsINode,
    --mIgnoreOpensDuringUnloadCounter;
  }
  bool AllowPaymentRequest() const { return mAllowPaymentRequest; }
  void SetAllowPaymentRequest(bool aAllowPaymentRequest) {
    mAllowPaymentRequest = aAllowPaymentRequest;
  }
  mozilla::dom::FeaturePolicy* FeaturePolicy() const;
  bool ModuleScriptsEnabled();
@@ -4502,9 +4492,6 @@ class Document : public nsINode,
  // True if we have called BeginLoad and are expecting a paired EndLoad call.
  bool mDidCallBeginLoad : 1;
  // True if the document is allowed to use PaymentRequest.
  bool mAllowPaymentRequest : 1;
  // True if the encoding menu should be disabled.
  bool mEncodingMenuDisabled : 1;
--- a/dom/base/nsFrameLoader.cpp
+++ b/dom/base/nsFrameLoader.cpp
@@ -1482,14 +1482,6 @@ nsresult nsFrameLoader::SwapWithOtherLoader(nsFrameLoader* aOther,
    return NS_ERROR_NOT_IMPLEMENTED;
  }
  bool ourPaymentRequestAllowed =
      ourContent->HasAttr(kNameSpaceID_None, nsGkAtoms::allowpaymentrequest);
  bool otherPaymentRequestAllowed =
      otherContent->HasAttr(kNameSpaceID_None, nsGkAtoms::allowpaymentrequest);
  if (ourPaymentRequestAllowed != otherPaymentRequestAllowed) {
    return NS_ERROR_NOT_IMPLEMENTED;
  }
  nsILoadContext* ourLoadContext = ourContent->OwnerDoc()->GetLoadContext();
  nsILoadContext* otherLoadContext = otherContent->OwnerDoc()->GetLoadContext();
  MOZ_ASSERT(ourLoadContext && otherLoadContext,
--- a/dom/html/HTMLIFrameElement.cpp
+++ b/dom/html/HTMLIFrameElement.cpp
@@ -171,8 +171,7 @@ nsresult HTMLIFrameElement::AfterSetAttr(int32_t aNameSpaceID, nsAtom* aName,
    if (aName == nsGkAtoms::allow || aName == nsGkAtoms::src ||
        aName == nsGkAtoms::srcdoc || aName == nsGkAtoms::sandbox) {
      RefreshFeaturePolicy(true /* parse the feature policy attribute */);
-    } else if (aName == nsGkAtoms::allowfullscreen ||
+    } else if (aName == nsGkAtoms::allowfullscreen) {
               aName == nsGkAtoms::allowpaymentrequest) {
      RefreshFeaturePolicy(false /* parse the feature policy attribute */);
    }
  }
@@ -296,10 +295,6 @@ void HTMLIFrameElement::RefreshFeaturePolicy(bool aParseAllowAttribute) {
    }
  }
  if (AllowPaymentRequest()) {
    mFeaturePolicy->MaybeSetAllowedPolicy(u"payment"_ns);
  }
  if (AllowFullscreen()) {
    mFeaturePolicy->MaybeSetAllowedPolicy(u"fullscreen"_ns);
  }
--- a/dom/html/HTMLIFrameElement.h
+++ b/dom/html/HTMLIFrameElement.h
@@ -79,12 +79,6 @@ class HTMLIFrameElement final : public nsGenericHTMLFrameElement {
    SetHTMLBoolAttr(nsGkAtoms::allowfullscreen, aAllow, aError);
  }
  bool AllowPaymentRequest() const {
    return GetBoolAttr(nsGkAtoms::allowpaymentrequest);
  }
  void SetAllowPaymentRequest(bool aAllow, ErrorResult& aError) {
    SetHTMLBoolAttr(nsGkAtoms::allowpaymentrequest, aAllow, aError);
  }
  void GetWidth(DOMString& aWidth) { GetHTMLAttr(nsGkAtoms::width, aWidth); }
  void SetWidth(const nsAString& aWidth, ErrorResult& aError) {
    SetHTMLAttr(nsGkAtoms::width, aWidth, aError);
--- a/dom/payments/PaymentRequest.cpp
+++ b/dom/payments/PaymentRequest.cpp
@@ -606,14 +606,6 @@ already_AddRefed<PaymentRequest> PaymentRequest::Constructor(
    return nullptr;
  }
  // Check if AllowPaymentRequest on the owner document
  if (!doc->AllowPaymentRequest()) {
    aRv.ThrowSecurityError(
        "The PaymentRequest API is not enabled in this document, since "
        "allowPaymentRequest property is false");
    return nullptr;
  }
  // Get the top level principal
  nsCOMPtr<Document> topLevelDoc = doc->GetTopLevelContentDocument();
  MOZ_ASSERT(topLevelDoc);
--- a/dom/payments/test/echo_payment_request.html
+++ b/dom/payments/test/echo_payment_request.html
@@ -23,7 +23,7 @@
      }
    } else if (e.data === 'new PaymentRequest in a new iframe') {
      var ifrr = document.createElement('iframe');
-      ifrr.setAttribute('allowpaymentrequest', 'true');
+      ifrr.allow = "payment";
      ifrr.src = "https://example.com/tests/dom/payments/test/simple_payment_request.html";
      document.body.appendChild(ifrr);
    } else {
--- a/dom/payments/test/test_closePayment.html
+++ b/dom/payments/test/test_closePayment.html
@@ -207,12 +207,12 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1408234
    await requestChromeAction("test-setup", testName);
    return new Promise(async (resolve) => {
      const outer = document.createElement("iframe");
-      outer.allowPaymentRequest = true;
+      outer.allow = "payment";
      document.body.appendChild(outer);
      await getLoadedPaymentRequest(outer,"blank_page.html");
      const inner = outer.contentDocument.createElement("iframe");
-      inner.allowPaymentRequest = true;
+      inner.allow = "payment";
      outer.contentDocument.body.appendChild(inner);
      const request = await getLoadedPaymentRequest(inner,"blank_page.html");
--- a/dom/payments/test/test_constructor.html
+++ b/dom/payments/test/test_constructor.html
@@ -304,7 +304,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1345361
        gScript.sendAsyncMessage("check-cross-origin-top-level-principal");
      });
-      ifrr.setAttribute('allowpaymentrequest', '');
+      ifrr.setAttribute('allow', 'payment');
      ifrr.src = "https://test1.example.com:443/tests/dom/payments/test/simple_payment_request.html";
      document.body.appendChild(ifrr);
    });
--- a/dom/payments/test/test_payment-request-in-iframe.html
+++ b/dom/payments/test/test_payment-request-in-iframe.html
@@ -67,7 +67,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1318988
      window.addEventListener("message", listener);
-      ifrr.setAttribute('allowpaymentrequest', 'true');
+      ifrr.setAttribute('allow', 'payment');
      ifrr.src = "https://test1.example.com:443/tests/dom/payments/test/simple_payment_request.html";
      document.body.appendChild(ifrr);
@@ -85,7 +85,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1318988
      ifrr.addEventListener('load', function() {
        if (i === 0) {
-          ifrr.removeAttribute("allowpaymentrequest");
+          ifrr.removeAttribute("allow");
        }
        ifrr.contentWindow.postMessage('new PaymentRequest', '*');
      });
@@ -94,18 +94,18 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1318988
        i++;
        if (i === 1) {
          is(event.data, "successful",
-             "Expected successful when running with allowpayment attribute.");
+             "Expected successful when running with allow=payment attribute.");
          ifrr.contentWindow.location.href = ifrr.src;
        } else {
          is(event.data, "SecurityError",
-             "Expected SecurityError when running without allowpayment attribute.");
+             "Expected SecurityError when running without allow=payment attribute.");
          window.removeEventListener("message", listener);
          resolve();
        }
      }
      window.addEventListener("message", listener);
-      ifrr.setAttribute('allowpaymentrequest', "true");
+      ifrr.setAttribute("allow", "payment");
      ifrr.src = "https://test1.example.com:443/tests/dom/payments/test/echo_payment_request.html";
      document.body.appendChild(ifrr);
@@ -117,14 +117,14 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1318988
      var ifrr = document.createElement('iframe');
      let listener = function(event) {
-        if (!ifrr.hasAttribute('allowpaymentrequest')) {
+        if (ifrr.allow =! 'payment') {
          is(event.data, "SecurityError",
-            "Expected 'SecurityError' without allowpaymentrequest in nested iframe");
+            "Expected 'SecurityError' without allow=payment in nested iframe");
-          ifrr.setAttribute('allowpaymentrequest', true);
+          ifrr.setAttribute('allow', "payment");
          ifrr.contentWindow.location.href = ifrr.src;
        } else {
          is(event.data, "successful",
-             "Expected 'successful' with allowpaymentrequest in nested iframe");
+             "Expected 'successful' with allow='payment' in nested iframe");
          window.removeEventListener("message", listener);
          resolve();
        }
--- a/dom/webidl/HTMLIFrameElement.webidl
+++ b/dom/webidl/HTMLIFrameElement.webidl
@@ -27,8 +27,6 @@ interface HTMLIFrameElement : HTMLElement {
           // attribute boolean seamless;
  [CEReactions, SetterThrows, Pure]
           attribute boolean allowFullscreen;
  [CEReactions, SetterThrows, Pure]
           attribute boolean allowPaymentRequest;
  [CEReactions, SetterThrows, Pure]
           attribute DOMString width;
  [CEReactions, SetterThrows, Pure]
--- a/xpcom/ds/StaticAtoms.py
+++ b/xpcom/ds/StaticAtoms.py
@@ -82,7 +82,6 @@ STATIC_ATOMS = [
    Atom("allowfullscreen", "allowfullscreen"),
    Atom("allowmodals", "allow-modals"),
    Atom("alloworientationlock", "allow-orientation-lock"),
    Atom("allowpaymentrequest", "allowpaymentrequest"),
    Atom("allowpointerlock", "allow-pointer-lock"),
    Atom("allowpopupstoescapesandbox", "allow-popups-to-escape-sandbox"),
    Atom("allowpopups", "allow-popups"),