Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Permission Policy #132

Merged
merged 8 commits into from
Jul 15, 2024
Merged

Add Permission Policy #132

merged 8 commits into from
Jul 15, 2024

Conversation

marcoscaceres
Copy link
Collaborator

@marcoscaceres marcoscaceres commented Jun 22, 2024
edited
Loading

Closes #78

Depends on #129

The following tasks have been completed:

Implementation commitment:

  • WebKit
  • Chromium (link to issue)
  • Gecko (link to issue)

Documentation and checks

  • Affects privacy
  • Affects security
  • Pinged MDN
  • Updated Explainer

Preview | Diff

@marcoscaceres
Copy link
Collaborator Author

This obviously depends on #129 .... will slot this into the algorithm after 129 in merged.

@marcoscaceres
Copy link
Collaborator Author

Webkit tracking bug https://bugs.webkit.org/show_bug.cgi?id=275783

RByers
RByers reviewed Jun 22, 2024
View reviewed changes
Copy link
Member

@RByers RByers left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks! Looks good overall, just a question about integration here vs. how it's done for WebAuthn.

index.html Outdated
@@ -272,6 +272,16 @@ <h3>
The <dfn data-dfn-for="DigitalCredential">data</dfn> member is the
credential's response data.
</p>
<h3>
[[\DiscoverFromExternalSource]](origin, options, sameOriginWithAncestors)
internal method
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

WebAuthn seems to say we can't do this here due to lack of access to the settings object. I haven't looked into the details though, WDYT?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, right! I need to add it to the Cred Man itself! That's what they do for WebAuthn. I'll do that.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@RByers sent w3c/webappsec-credential-management#242

marcoscaceres
marcoscaceres commented Jul 1, 2024
View reviewed changes
index.html Outdated Show resolved Hide resolved
marcoscaceres
marcoscaceres commented Jul 1, 2024
View reviewed changes
index.html Outdated Show resolved Hide resolved
marcoscaceres
marcoscaceres commented Jul 1, 2024
View reviewed changes
index.html Outdated Show resolved Hide resolved
marcoscaceres
marcoscaceres commented Jul 1, 2024
View reviewed changes
index.html Outdated Show resolved Hide resolved
samuelgoto
samuelgoto reviewed Jul 1, 2024
View reviewed changes
index.html Outdated
</h2>
<p>
This specification defines a [=policy-controlled feature=] identified
by the string <dfn class="permission">"digital-credentials-get"</dfn>
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

FYI we also kicked off the registration in the permissions policy spec here:

https://github.com/w3c/webappsec-permissions-policy/pull/549/files

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great. I'll add WebKit there too.

samuelgoto
samuelgoto approved these changes Jul 1, 2024
View reviewed changes
Copy link
Collaborator

@samuelgoto samuelgoto left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@marcoscaceres
Copy link
Collaborator Author

Ok, cool. I'll add some tests.

marcoscaceres added a commit to marcoscaceres/WebKit that referenced this pull request Jul 10, 2024
@marcoscaceres
Digital Credentials: implement digital-credentials-get permission policy
ac2e88c 
https://bugs.webkit.org/show_bug.cgi?id=275783
rdar://130821690

Reviewed by NOBODY (OOPS!).

Implements the digital-credentials-get permission policy directive.
This directive allows a site to control whether the .get() method
can be used in the Digital Credential API.

Related spec change:
WICG/digital-credentials#132

* LayoutTests/http/tests/identity/allow-attribute.https-expected.txt: Added.
* LayoutTests/http/tests/identity/allow-attribute.https.html: Added.
* LayoutTests/http/tests/identity/resources/iframe.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/default-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/default-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/permissions-policy/resources/digital-credentials-get.html: Added.
* Source/WebCore/Modules/credentialmanagement/CredentialsContainer.h:
* Source/WebCore/Modules/identity/IdentityCredentialsContainer.cpp:
(WebCore::IdentityCredentialsContainer::get):
* Source/WebCore/html/PermissionsPolicy.cpp:
(WebCore::toFeatureNameForLogging):
(WebCore::readFeatureIdentifier):
(WebCore::defaultAllowlistValue):
(WebCore::PermissionsPolicy::PermissionsPolicy):
* Source/WebCore/html/PermissionsPolicy.h:
@marcoscaceres marcoscaceres mentioned this pull request Jul 10, 2024
Merged
marcoscaceres added a commit to marcoscaceres/WebKit that referenced this pull request Jul 11, 2024
@marcoscaceres
Digital Credentials: implement digital-credentials-get permission policy
9222359 
https://bugs.webkit.org/show_bug.cgi?id=275783
rdar://130821690

Reviewed by NOBODY (OOPS!).

Implements the digital-credentials-get permission policy directive.
This directive allows a site to control whether the .get() method
can be used in the Digital Credential API.

Related spec change:
WICG/digital-credentials#132

* LayoutTests/http/tests/identity/allow-attribute.https-expected.txt: Added.
* LayoutTests/http/tests/identity/allow-attribute.https.html: Added.
* LayoutTests/http/tests/identity/resources/iframe.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/default-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/default-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/permissions-policy/resources/digital-credentials-get.html: Added.
* Source/WebCore/Modules/credentialmanagement/CredentialsContainer.h:
* Source/WebCore/Modules/identity/IdentityCredentialsContainer.cpp:
(WebCore::IdentityCredentialsContainer::get):
* Source/WebCore/html/PermissionsPolicy.cpp:
(WebCore::toFeatureNameForLogging):
(WebCore::readFeatureIdentifier):
(WebCore::defaultAllowlistValue):
(WebCore::PermissionsPolicy::PermissionsPolicy):
* Source/WebCore/html/PermissionsPolicy.h:
marcoscaceres added a commit to marcoscaceres/WebKit that referenced this pull request Jul 11, 2024
@marcoscaceres
Digital Credentials: implement digital-credentials-get permission policy
74e0b32 
https://bugs.webkit.org/show_bug.cgi?id=275783
rdar://130821690

Reviewed by NOBODY (OOPS!).

Implements the digital-credentials-get permission policy directive.
This directive allows a site to control whether the .get() method
can be used in the Digital Credential API.

Related spec change:
WICG/digital-credentials#132

* LayoutTests/http/tests/identity/allow-attribute.https-expected.txt: Added.
* LayoutTests/http/tests/identity/allow-attribute.https.html: Added.
* LayoutTests/http/tests/identity/resources/iframe.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/default-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/default-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/permissions-policy/resources/digital-credentials-get.html: Added.
* LayoutTests/platform/glib/TestExpectations:
* LayoutTests/platform/mac-site-isolation/TestExpectations:
* LayoutTests/platform/mac-wk1/TestExpectations:
* Source/WebCore/Modules/credentialmanagement/CredentialsContainer.h:
(WebCore::CredentialsContainer::document const):
* Source/WebCore/Modules/identity/IdentityCredentialsContainer.cpp:
(WebCore::IdentityCredentialsContainer::get):
* Source/WebCore/html/PermissionsPolicy.cpp:
(WebCore::toFeatureNameForLogging):
(WebCore::readFeatureIdentifier):
(WebCore::defaultAllowlistValue):
* Source/WebCore/html/PermissionsPolicy.h:
marcoscaceres added a commit to marcoscaceres/WebKit that referenced this pull request Jul 11, 2024
@marcoscaceres
Digital Credentials: implement digital-credentials-get permission policy
4aaa50d 
https://bugs.webkit.org/show_bug.cgi?id=275783
rdar://130821690

Reviewed by NOBODY (OOPS!).

Implements the digital-credentials-get permission policy directive.
This directive allows a site to control whether the .get() method
can be used in the Digital Credential API.

Related spec change:
WICG/digital-credentials#132

* LayoutTests/http/tests/identity/allow-attribute.https-expected.txt: Added.
* LayoutTests/http/tests/identity/allow-attribute.https.html: Added.
* LayoutTests/http/tests/identity/resources/iframe.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/default-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/default-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/permissions-policy/resources/digital-credentials-get.html: Added.
* LayoutTests/platform/glib/TestExpectations:
* LayoutTests/platform/mac-site-isolation/TestExpectations:
* LayoutTests/platform/mac-wk1/TestExpectations:
* Source/WebCore/Modules/credentialmanagement/CredentialsContainer.h:
(WebCore::CredentialsContainer::document const):
* Source/WebCore/Modules/identity/IdentityCredentialsContainer.cpp:
(WebCore::IdentityCredentialsContainer::get):
* Source/WebCore/html/PermissionsPolicy.cpp:
(WebCore::toFeatureNameForLogging):
(WebCore::readFeatureIdentifier):
(WebCore::defaultAllowlistValue):
* Source/WebCore/html/PermissionsPolicy.h:
marcoscaceres added a commit to marcoscaceres/WebKit that referenced this pull request Jul 11, 2024
@marcoscaceres
Digital Credentials: implement digital-credentials-get permission policy
a56199a 
https://bugs.webkit.org/show_bug.cgi?id=275783
rdar://130821690

Reviewed by NOBODY (OOPS!).

Implements the digital-credentials-get permission policy directive.
This directive allows a site to control whether the .get() method
can be used in the Digital Credential API.

Related spec change:
WICG/digital-credentials#132

* LayoutTests/http/tests/identity/allow-attribute.https-expected.txt: Added.
* LayoutTests/http/tests/identity/allow-attribute.https.html: Added.
* LayoutTests/http/tests/identity/resources/iframe.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/default-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/default-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/permissions-policy/resources/digital-credentials-get.html: Added.
* LayoutTests/platform/glib/TestExpectations:
* LayoutTests/platform/mac-site-isolation/TestExpectations:
* LayoutTests/platform/mac-wk1/TestExpectations:
* Source/WebCore/Modules/credentialmanagement/CredentialsContainer.h:
(WebCore::CredentialsContainer::document const):
* Source/WebCore/Modules/identity/IdentityCredentialsContainer.cpp:
(WebCore::IdentityCredentialsContainer::get):
* Source/WebCore/html/PermissionsPolicy.cpp:
(WebCore::toFeatureNameForLogging):
(WebCore::readFeatureIdentifier):
(WebCore::defaultAllowlistValue):
* Source/WebCore/html/PermissionsPolicy.h:
marcoscaceres added a commit to marcoscaceres/WebKit that referenced this pull request Jul 15, 2024
@marcoscaceres
Digital Credentials: implement digital-credentials-get permission policy
f3a0a94 
https://bugs.webkit.org/show_bug.cgi?id=275783
rdar://130821690

Reviewed by NOBODY (OOPS!).

Implements the digital-credentials-get permission policy directive.
This directive allows a site to control whether the .get() method
can be used in the Digital Credential API.

Related spec change:
WICG/digital-credentials#132

* LayoutTests/http/tests/identity/allow-attribute.https-expected.txt: Added.
* LayoutTests/http/tests/identity/allow-attribute.https.html: Added.
* LayoutTests/http/tests/identity/resources/iframe.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/default-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/default-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/permissions-policy/resources/digital-credentials-get.html: Added.
* LayoutTests/platform/glib/TestExpectations:
* LayoutTests/platform/mac-site-isolation/TestExpectations:
* LayoutTests/platform/mac-wk1/TestExpectations:
* LayoutTests/platform/wincairo/TestExpectations:
* Source/WebCore/Modules/credentialmanagement/CredentialsContainer.h:
(WebCore::CredentialsContainer::document const):
* Source/WebCore/Modules/identity/IdentityCredentialsContainer.cpp:
(WebCore::IdentityCredentialsContainer::get):
* Source/WebCore/html/PermissionsPolicy.cpp:
(WebCore::toFeatureNameForLogging):
(WebCore::readFeatureIdentifier):
(WebCore::defaultAllowlistValue):
* Source/WebCore/html/PermissionsPolicy.h:
@marcoscaceres
Copy link
Collaborator Author

I'll send the test up from the WebKit patch. They should land tomorrow, but I'll go ahead and merge this now.

@marcoscaceres marcoscaceres merged commit c67ab03 into main Jul 15, 2024
1 check passed
@marcoscaceres marcoscaceres deleted the permissions-policy branch July 15, 2024 01:22
marcoscaceres added a commit to marcoscaceres/WebKit that referenced this pull request Jul 16, 2024
@marcoscaceres
Digital Credentials: implement digital-credentials-get permission policy
75f33ff 
https://bugs.webkit.org/show_bug.cgi?id=275783
rdar://130821690

Reviewed by NOBODY (OOPS!).

Implements the digital-credentials-get permission policy directive.
This directive allows a site to control whether the .get() method
can be used in the Digital Credential API.

Related spec change:
WICG/digital-credentials#132

* LayoutTests/http/tests/identity/allow-attribute.https-expected.txt: Added.
* LayoutTests/http/tests/identity/allow-attribute.https.html: Added.
* LayoutTests/http/tests/identity/resources/iframe.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/default-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/default-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/permissions-policy/resources/digital-credentials-get.html: Added.
* LayoutTests/platform/glib/TestExpectations:
* LayoutTests/platform/mac-site-isolation/TestExpectations:
* LayoutTests/platform/mac-wk1/TestExpectations:
* LayoutTests/platform/wincairo/TestExpectations:
* Source/WebCore/Modules/credentialmanagement/CredentialsContainer.h:
(WebCore::CredentialsContainer::document const):
* Source/WebCore/Modules/identity/IdentityCredentialsContainer.cpp:
(WebCore::IdentityCredentialsContainer::get):
* Source/WebCore/html/PermissionsPolicy.cpp:
(WebCore::toFeatureNameForLogging):
(WebCore::readFeatureIdentifier):
(WebCore::defaultAllowlistValue):
* Source/WebCore/html/PermissionsPolicy.h:
marcoscaceres added a commit to marcoscaceres/WebKit that referenced this pull request Jul 16, 2024
@marcoscaceres
Digital Credentials: implement digital-credentials-get permission policy
f18a0c1 
https://bugs.webkit.org/show_bug.cgi?id=275783
rdar://130821690

Reviewed by NOBODY (OOPS!).

Implements the digital-credentials-get permission policy directive.
This directive allows a site to control whether the .get() method
can be used in the Digital Credential API.

Related spec change:
WICG/digital-credentials#132

* LayoutTests/http/tests/identity/allow-attribute.https-expected.txt: Added.
* LayoutTests/http/tests/identity/allow-attribute.https.html: Added.
* LayoutTests/http/tests/identity/resources/iframe.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/default-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/default-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/permissions-policy/resources/digital-credentials-get.html: Added.
* LayoutTests/platform/glib/TestExpectations:
* LayoutTests/platform/mac-site-isolation/TestExpectations:
* LayoutTests/platform/mac-wk1/TestExpectations:
* LayoutTests/platform/win/TestExpectations:
* Source/WebCore/Modules/identity/IdentityCredentialsContainer.cpp:
(WebCore::IdentityCredentialsContainer::get):
* Source/WebCore/html/PermissionsPolicy.cpp:
(WebCore::toFeatureNameForLogging):
(WebCore::readFeatureIdentifier):
(WebCore::defaultAllowlistValue):
* Source/WebCore/html/PermissionsPolicy.h:
* Source/WebKit/Shared/WebCoreArgumentCoders.serialization.in:
marcoscaceres added a commit to marcoscaceres/WebKit that referenced this pull request Jul 16, 2024
@marcoscaceres
Digital Credentials: implement digital-credentials-get permission policy
b9ac3a1 
https://bugs.webkit.org/show_bug.cgi?id=275783
rdar://130821690

Reviewed by NOBODY (OOPS!).

Implements the digital-credentials-get permission policy directive.
This directive allows a site to control whether the .get() method
can be used in the Digital Credential API.

Related spec change:
WICG/digital-credentials#132

* LayoutTests/http/tests/identity/allow-attribute.https-expected.txt: Added.
* LayoutTests/http/tests/identity/allow-attribute.https.html: Added.
* LayoutTests/http/tests/identity/resources/iframe.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/default-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/default-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/override-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/override-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/override-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/permissions-policy/resources/digital-credentials-get.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/permissions-policy/resources/permissions-policy.js:
(test_feature_availability):
* LayoutTests/platform/glib/TestExpectations:
* LayoutTests/platform/mac-site-isolation/TestExpectations:
* LayoutTests/platform/mac-wk1/TestExpectations:
* LayoutTests/platform/win/TestExpectations:
* Source/WebCore/Modules/identity/IdentityCredentialsContainer.cpp:
(WebCore::IdentityCredentialsContainer::get):
* Source/WebCore/html/PermissionsPolicy.cpp:
(WebCore::toFeatureNameForLogging):
(WebCore::readFeatureIdentifier):
(WebCore::defaultAllowlistValue):
* Source/WebCore/html/PermissionsPolicy.h:
* Source/WebKit/Shared/WebCoreArgumentCoders.serialization.in:
marcoscaceres added a commit to marcoscaceres/WebKit that referenced this pull request Jul 16, 2024
@marcoscaceres
Digital Credentials: implement digital-credentials-get permission policy
4711fec 
https://bugs.webkit.org/show_bug.cgi?id=275783
rdar://130821690

Reviewed by NOBODY (OOPS!).

Implements the digital-credentials-get permission policy directive.
This directive allows a site to control whether the .get() method
can be used in the Digital Credential API.

Related spec change:
WICG/digital-credentials#132

* LayoutTests/http/tests/identity/allow-attribute.https-expected.txt: Added.
* LayoutTests/http/tests/identity/allow-attribute.https.html: Added.
* LayoutTests/http/tests/identity/resources/iframe.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/default-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/default-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/override-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/override-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/override-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/permissions-policy/resources/digital-credentials-get.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/permissions-policy/resources/permissions-policy.js:
(test_feature_availability):
* LayoutTests/platform/glib/TestExpectations:
* LayoutTests/platform/mac-site-isolation/TestExpectations:
* LayoutTests/platform/mac-wk1/TestExpectations:
* LayoutTests/platform/win/TestExpectations:
* Source/WebCore/Modules/identity/IdentityCredentialsContainer.cpp:
(WebCore::IdentityCredentialsContainer::get):
* Source/WebCore/html/PermissionsPolicy.cpp:
(WebCore::toFeatureNameForLogging):
(WebCore::readFeatureIdentifier):
(WebCore::defaultAllowlistValue):
* Source/WebCore/html/PermissionsPolicy.h:
* Source/WebKit/Shared/WebCoreArgumentCoders.serialization.in:
marcoscaceres added a commit to marcoscaceres/WebKit that referenced this pull request Jul 16, 2024
@marcoscaceres
Digital Credentials: implement digital-credentials-get permission policy
a39ff02 
https://bugs.webkit.org/show_bug.cgi?id=275783
rdar://130821690

Reviewed by NOBODY (OOPS!).

Implements the digital-credentials-get permission policy directive.
This directive allows a site to control whether the .get() method
can be used in the Digital Credential API.

Related spec change:
WICG/digital-credentials#132

* LayoutTests/http/tests/identity/allow-attribute.https-expected.txt: Added.
* LayoutTests/http/tests/identity/allow-attribute.https.html: Added.
* LayoutTests/http/tests/identity/resources/iframe.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/default-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/default-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/override-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/override-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/override-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/permissions-policy/resources/digital-credentials-get.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/permissions-policy/resources/permissions-policy.js:
(test_feature_availability):
* LayoutTests/platform/glib/TestExpectations:
* LayoutTests/platform/mac-site-isolation/TestExpectations:
* LayoutTests/platform/mac-wk1/TestExpectations:
* LayoutTests/platform/win/TestExpectations:
* Source/WebCore/Modules/identity/IdentityCredentialsContainer.cpp:
(WebCore::IdentityCredentialsContainer::get):
* Source/WebCore/html/PermissionsPolicy.cpp:
(WebCore::toFeatureNameForLogging):
(WebCore::readFeatureIdentifier):
(WebCore::defaultAllowlistValue):
* Source/WebCore/html/PermissionsPolicy.h:
* Source/WebKit/Shared/WebCoreArgumentCoders.serialization.in:
marcoscaceres added a commit to marcoscaceres/WebKit that referenced this pull request Jul 16, 2024
@marcoscaceres
Digital Credentials: implement digital-credentials-get permission policy
f089d8d 
https://bugs.webkit.org/show_bug.cgi?id=275783
rdar://130821690

Reviewed by NOBODY (OOPS!).

Implements the digital-credentials-get permission policy directive.
This directive allows a site to control whether the .get() method
can be used in the Digital Credential API.

Related spec change:
WICG/digital-credentials#132

* LayoutTests/http/tests/identity/allow-attribute.https-expected.txt: Added.
* LayoutTests/http/tests/identity/allow-attribute.https.html: Added.
* LayoutTests/http/tests/identity/resources/iframe.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/default-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/default-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/override-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/override-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/override-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/permissions-policy/resources/digital-credentials-get.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/permissions-policy/resources/permissions-policy.js:
(test_feature_availability):
* LayoutTests/platform/glib/TestExpectations:
* LayoutTests/platform/mac-wk1/TestExpectations:
* LayoutTests/platform/win/TestExpectations:
* Source/WebCore/Modules/identity/IdentityCredentialsContainer.cpp:
(WebCore::IdentityCredentialsContainer::get):
* Source/WebCore/html/PermissionsPolicy.cpp:
(WebCore::toFeatureNameForLogging):
(WebCore::readFeatureIdentifier):
(WebCore::defaultAllowlistValue):
* Source/WebCore/html/PermissionsPolicy.h:
* Source/WebKit/Shared/WebCoreArgumentCoders.serialization.in:
marcoscaceres added a commit to marcoscaceres/WebKit that referenced this pull request Jul 17, 2024
@marcoscaceres
Digital Credentials: implement digital-credentials-get permission policy
00126ee 
https://bugs.webkit.org/show_bug.cgi?id=275783
rdar://130821690

Reviewed by NOBODY (OOPS!).

Implements the digital-credentials-get permission policy directive.
This directive allows a site to control whether the .get() method
can be used in the Digital Credential API.

Related spec change:
WICG/digital-credentials#132

* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/allow-attribute.https-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/allow-attribute.https.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/default-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/default-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/override-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/override-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/override-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/support/iframe.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/permissions-policy/resources/digital-credentials-get.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/permissions-policy/resources/permissions-policy.js:
(test_feature_availability):
* Source/WebCore/Modules/identity/IdentityCredentialsContainer.cpp:
(WebCore::IdentityCredentialsContainer::get):
* Source/WebCore/html/PermissionsPolicy.cpp:
(WebCore::toFeatureNameForLogging):
(WebCore::readFeatureIdentifier):
(WebCore::defaultAllowlistValue):
* Source/WebCore/html/PermissionsPolicy.h:
* Source/WebKit/Shared/WebCoreArgumentCoders.serialization.in:
webkit-commit-queue pushed a commit to marcoscaceres/WebKit that referenced this pull request Jul 20, 2024
@marcoscaceres
Digital Credentials: implement digital-credentials-get permission policy
9999285 
https://bugs.webkit.org/show_bug.cgi?id=275783
rdar://130821690

Reviewed by Matthew Finkel.

Implements the digital-credentials-get permission policy directive.
This directive allows a site to control whether the .get() method
can be used in the Digital Credential API.

Related spec change:
WICG/digital-credentials#132

* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/allow-attribute.https-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/allow-attribute.https.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/default-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/default-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/disabled-by-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/enabled-on-self-origin-by-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/override-permissions-policy.https.sub-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/override-permissions-policy.https.sub.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/override-permissions-policy.https.sub.html.headers: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/support/iframe.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/permissions-policy/resources/digital-credentials-get.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/permissions-policy/resources/permissions-policy.js:
(test_feature_availability):
* Source/WebCore/Modules/identity/IdentityCredentialsContainer.cpp:
(WebCore::IdentityCredentialsContainer::get):
* Source/WebCore/html/PermissionsPolicy.cpp:
(WebCore::toFeatureNameForLogging):
(WebCore::readFeatureIdentifier):
(WebCore::defaultAllowlistValue):
* Source/WebCore/html/PermissionsPolicy.h:
* Source/WebKit/Shared/WebCoreArgumentCoders.serialization.in:

Canonical link: https://commits.webkit.org/281154@main
@marcoscaceres
Copy link
Collaborator Author

Tests for permission policy can be found here: web-platform-tests/wpt#47662

@marcoscaceres marcoscaceres mentioned this pull request Aug 20, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@RByers RByers RByers left review comments

@samuelgoto samuelgoto samuelgoto approved these changes

@timcappalli timcappalli Awaiting requested review from timcappalli timcappalli is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Do we need a permissions policy for third-party frames?
3 participants
@marcoscaceres @samuelgoto @RByers