Skip to content

Commit

Permalink
COOP: modify redirect handling
Browse files Browse the repository at this point in the history
This commit modifies the way we handle redirects with COOP. Instead of always
comparing a response to the current Document, we will compare it to the
previous redirect when enforcing COOP.

See camillelamy/explainers#12 for context.

Tests: web-platform-tests/wpt#24915.
  • Loading branch information
camillelamy authored and mfreed7 committed Sep 11, 2020
1 parent a80a748 commit f3c293e
Showing 1 changed file with 55 additions and 27 deletions.
82 changes: 55 additions & 27 deletions source
Original file line number Diff line number Diff line change
Expand Up @@ -80479,18 +80479,33 @@ interface <dfn>BarProp</dfn> {

<h4>Browsing context group switches due to cross-origin opener policy</h4>

<p>To <dfn data-x="check-browsing-context-group-switch-response">check if a response requires a
browsing context group switch</dfn>, given a <span>browsing context</span>
<var>browsingContext</var>, an <span>origin</span> <var>responseOrigin</var> and a
<span>cross-origin opener policy</span> <var>responseCOOP</var>:</p>
<p>A <dfn data-x="coop-enforcement-result">cross-origin opener policy enforcement result</dfn> is
a <span>struct</span> with the following <span data-x="struct item">items</span>:</p>

<ol>
<li><p>Let <var>activeDocumentNavigationOrigin</var> be <var>browsingContext</var>'s <span>active
document</span>'s <span>origin</span>.</p></li>
<ul>
<li><p>A boolean <dfn data-x="coop-enforcement-bcg-switch">needs a browsing context group
switch</dfn>.</p></li>

<li><p>Let <var>activeDocumentCOOP</var> be <var>browsingContext</var>'s <span>active
document</span>'s <span data-x="concept-document-coop">cross-origin opener
policy</span>.</p></li>
<li><p>An <span>origin</span> <dfn data-x="coop-enforcement-origin">origin</dfn>.</p></li>

<li><p>A <span>cross-origin opener policy</span> <dfn
data-x="coop-enforcement-coop">cross-origin opener policy</dfn>.</p></li>
</ul>

<p>To <dfn data-x="coop-enforce">enforce a response's cross-origin opener policy</dfn>, given a
<span>browsing context</span> <var>browsingContext</var>, an <span>origin</span>
<var>responseOrigin</var>, a <span>cross-origin opener policy</span> <var>responseCOOP</var>, and
a <span data-x="coop-enforcement-result">cross-origin opener policy enforcement result</span>
<var>currentCOOPEnforcementResult</var>:</p>

<ol>
<li><p>Let <var>newCOOPEnforcementResult</var> be a new <span
data-x="coop-enforcement-result">cross-origin opener policy enforcement result</span> whose <span
data-x="coop-enforcement-bcg-switch">needs a browsing context group switch</span> is
<var>currentCOOPEnforcementResult</var>'s <span data-x="coop-enforcement-bcg-switch">needs a
browsing context group switch</span>, <span data-x="coop-enforcement-origin">origin</span> is
<var>responseOrigin</var>, and <span data-x="coop-enforcement-coop">cross-origin opener
policy</span> is <var>responseCOOP</var>.</p></li>

<li><p>Let <var>isInitialAboutBlank</var> be false.</p></li>

Expand All @@ -80500,26 +80515,34 @@ interface <dfn>BarProp</dfn> {
<var>isInitialAboutBlank</var> to true.</p></li>

<li><p>If the result of <span data-x="matching-coop">matching</span>
<var>activeDocumentCOOP</var>, <var>activeDocumentNavigationOrigin</var>,
<var>responseCOOP</var> and <var>responseOrigin</var> is true, then return false.</p></li>
<var>currentCOOPEnforcementResult</var>'s <span
data-x="coop-enforcement-coop">cross-origin opener policy</span>,
<var>currentCOOPEnforcementResult</var>'s <span
data-x="coop-enforcement-origin">origin</span>,
<var>responseCOOP</var>, and <var>responseOrigin</var> is true, then return
<var>newCOOPEnforcementResult</var>.</p></li>

<li>
<p>If all of the following are true:</p>

<ul>
<ul class="brief">
<li><p><var>isInitialAboutBlank</var></p></li>

<li><p><var>activeDocumentCOOP</var> is "<code
data-x="coop-same-origin-allow-popups">same-origin-allow-popups</code>".</p></li>
<li><p><var>currentCOOPEnforcementResult</var>'s <span
data-x="coop-enforcement-coop">cross-origin opener policy</span> is "<code
data-x="coop-same-origin-allow-popups">same-origin-allow-popups</code>"</p></li>

<li><p><var>responseCOOP</var> is "<code
data-x="coop-unsafe-none">unsafe-none</code>".</p></li>
data-x="coop-unsafe-none">unsafe-none</code>"</p></li>
</ul>

<p>then return false.</p>
<p>then return <var>newCOOPEnforcementResult</var>.</p>
</li>

<li><p>Return true.</p></li>
<li><p>Set <var>newCOOPEnforcementResult</var>'s <span data-x="coop-enforcement-bcg-switch">needs
a browsing context group switch</span> to true.</p></li>

<li><p>Return <var>newCOOPEnforcementResult</var>.</p></li>
</ol>

<p>To <dfn data-x="obtain-browsing-context-navigation">obtain a browsing context to use for a
Expand Down Expand Up @@ -82895,7 +82918,14 @@ interface <dfn>Location</dfn> { // but see also <a href="#the-location-interface

<li><p>Let <var>responseOrigin</var> be null.

<li><p>Let <var>browsingContextSwitchNeeded</var> be false.</p></li>
<li><p>Let <var>coopEnforcementResult</var> be a new <span
data-x="coop-enforcement-result">cross-origin opener policy enforcement result</span> whose <span
data-x="coop-enforcement-bcg-switch">needs a browsing context group switch</span> is false, <span
data-x="coop-enforcement-origin">origin</span> is <var>browsingContext</var>'s
<span>active document</span>'s <span>origin</span>, and <span
data-x="coop-enforcement-coop">cross-origin opener policy</span> is <var>browsingContext</var>'s
<span>active document</span>'s <span data-x="concept-document-coop">cross-origin opener
policy</span>.</p></li>

<li><p>Let <var>finalSandboxFlags</var> be an empty <span>sandboxing flag set</span>.</p></li>

Expand Down Expand Up @@ -83014,13 +83044,10 @@ interface <dfn>Location</dfn> { // but see also <a href="#the-location-interface
navigating to that response.</p>
</li>

<li><p>Let <var>responseRequiresBrowsingContexGroupSwitch</var> be the result of <span
data-x="check-browsing-context-group-switch-response">checking if the response requires a
browsing context group switch</span> given <var>browsingContext</var>,
<var>responseOrigin</var>, and <var>responseCOOP</var>.</p></li>

<li><p>If <var>responseRequiresBrowsingContextGroupSwitch</var> is true, set
<var>browsingContextSwitchNeeded</var> to true.</p></li>
<li><p>Set <var>coopEnforcementResult</var> to the result of <span
data-x="coop-enforce">enforcing the response's cross-origin opener policy</span> given
<var>browsingContext</var>, <var>responseOrigin</var>, <var>responseCOOP</var>, and
<var>coopEnforcementResult</var>.</p></li>
</ol>
</li>

Expand Down Expand Up @@ -83152,7 +83179,8 @@ interface <dfn>Location</dfn> { // but see also <a href="#the-location-interface
<var>reservedEnvironment</var>, <span data-x="navigation-params-browsing-context">browsing
context</span> is <var>browsingContext</var>, <span
data-x="navigation-params-bc-switch-needed">browsing context switch needed</span> is
<var>browsingContextSwitchNeeded</var>, and <span data-x="navigation-params-hh">history
<var>coopEnforcementResult</var>'s <span data-x="coop-enforcement-bcg-switch">needs a browsing
context group switch</span>, and <span data-x="navigation-params-hh">history
handling</span> is <var>historyHandling</var>.</p></li>

<li><p>Run <span>process a navigate response</span> with <var>navigationType</var>, the
Expand Down

0 comments on commit f3c293e

Please sign in to comment.