Add "Required Permissions To Load" to Fenced Frame Config.

Update FencedFrameConfig to include a new field:
required_permissions_to_load_. Previously, opaque-ads fenced frames
were always loaded with a static list of permissions which were always
enabled regardless of whether or not they were necessary. This was done
so that fenced frames loaded with an API can have access to the
necessary reporting tools (such as private aggregation).

However, not all config-generating APIs require all features to be
enabled in order to function properly. For instance, shared storage is
one of the enabled features, but FLEDGE does not need it.

With this change, config-generating APIs can now set the specific
permissions they require for a fenced frame to be enabled, and include
them directly in the configuration. This ensures that only the
necessary permissions are enabled, which enhances security for pages
loaded into fenced frames.

Fenced frames created without an API will now not allow any features in
their permissions policies.

This CL updates various tests to respond to this change.

Change-Id: Ifb3cadc561d1de178ebbc540073f27b9b026ccac
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4334571
Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Reviewed-by: Dominic Farolino <dom@chromium.org>
Commit-Queue: Liam Brady <lbrady@google.com>
Cr-Commit-Position: refs/heads/main@{#1139026}
31 files changed
tree: d0c7cebc0aa2e4eaa76124a7e4a78aac583f05d4
  1. android_webview/
  2. apps/
  3. ash/
  4. base/
  5. build/
  6. build_overrides/
  7. buildtools/
  8. cc/
  9. chrome/
  10. chromecast/
  11. chromeos/
  12. codelabs/
  13. components/
  14. content/
  15. courgette/
  16. crypto/
  17. dbus/
  18. device/
  19. docs/
  20. extensions/
  21. fuchsia_web/
  22. gin/
  23. google_apis/
  24. google_update/
  25. gpu/
  26. headless/
  27. infra/
  28. ios/
  29. ipc/
  30. media/
  31. mojo/
  32. native_client_sdk/
  33. net/
  34. pdf/
  35. ppapi/
  36. printing/
  37. remoting/
  38. rlz/
  39. sandbox/
  40. services/
  41. skia/
  42. sql/
  43. storage/
  44. styleguide/
  45. testing/
  46. third_party/
  47. tools/
  48. ui/
  49. url/
  50. weblayer/
  51. .clang-format
  52. .clang-tidy
  53. .eslintrc.js
  54. .git-blame-ignore-revs
  55. .gitattributes
  56. .gitignore
  57. .gn
  58. .mailmap
  59. .rustfmt.toml
  60. .vpython3
  61. .yapfignore
  62. ATL_OWNERS
  63. AUTHORS
  64. BUILD.gn
  65. CODE_OF_CONDUCT.md
  66. codereview.settings
  67. DEPS
  68. DIR_METADATA
  69. LICENSE
  70. LICENSE.chromium_os
  71. OWNERS
  72. PRESUBMIT.py
  73. PRESUBMIT_test.py
  74. PRESUBMIT_test_mocks.py
  75. README.md
  76. WATCHLISTS
README.md

Logo Chromium

Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.

The project's web site is https://www.chromium.org.

To check out the source code locally, don't use git clone! Instead, follow the instructions on how to get the code.

Documentation in the source is rooted in docs/README.md.

Learn how to Get Around the Chromium Source Code Directory Structure .

For historical reasons, there are some small top level directories. Now the guidance is that new top level directories are for product (e.g. Chrome, Android WebView, Ash). Even if these products have multiple executables, the code should be in subdirectories of the product.

If you found a bug, please file it at https://crbug.com/new.