<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[282746] trunk</title>
</head>
<body>

<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt;  }
#msg dl a { font-weight: bold}
#msg dl a:link    { color:#fc3; }
#msg dl a:active  { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff  {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/282746">282746</a></dd>
<dt>Author</dt> <dd>commit-queue@webkit.org</dd>
<dt>Date</dt> <dd>2021-09-20 07:22:03 -0700 (Mon, 20 Sep 2021)</dd>
</dl>

<h3>Log Message</h3>
<pre>Web Share permission policy "web-share" and "self" as the allowlist
https://bugs.webkit.org/show_bug.cgi?id=214448

Patch by Marcos Caceres <marcos@marcosc.com> on 2021-09-20
Reviewed by Youenn Fablet.

Source/WebCore:

Tests: http/tests/webshare/webshare-allow-attribute-canShare.https.html
       http/tests/webshare/webshare-allow-attribute-share.https.html

* html/FeaturePolicy.cpp:
(WebCore::policyTypeName):
(WebCore::FeaturePolicy::parse):
(WebCore::FeaturePolicy::allows const):
* html/FeaturePolicy.h:
* page/Navigator.cpp:
(WebCore::Navigator::canShare):
(WebCore::Navigator::share):

LayoutTests:

* http/tests/webshare/resources/webshare-postmessage.html: Added.
* http/tests/webshare/webshare-allow-attribute-canShare.https-expected.txt: Added.
* http/tests/webshare/webshare-allow-attribute-canShare.https.html: Added.
* http/tests/webshare/webshare-allow-attribute-share.https-expected.txt: Added.
* http/tests/webshare/webshare-allow-attribute-share.https.html: Added.
* platform/mac-wk1/TestExpectations:
* platform/win/TestExpectations:</pre>

<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkLayoutTestsChangeLog">trunk/LayoutTests/ChangeLog</a></li>
<li><a href="#trunkLayoutTestsplatformmacwk1TestExpectations">trunk/LayoutTests/platform/mac-wk1/TestExpectations</a></li>
<li><a href="#trunkLayoutTestsplatformwinTestExpectations">trunk/LayoutTests/platform/win/TestExpectations</a></li>
<li><a href="#trunkSourceWebCoreChangeLog">trunk/Source/WebCore/ChangeLog</a></li>
<li><a href="#trunkSourceWebCorehtmlFeaturePolicycpp">trunk/Source/WebCore/html/FeaturePolicy.cpp</a></li>
<li><a href="#trunkSourceWebCorehtmlFeaturePolicyh">trunk/Source/WebCore/html/FeaturePolicy.h</a></li>
<li><a href="#trunkSourceWebCorepageNavigatorcpp">trunk/Source/WebCore/page/Navigator.cpp</a></li>
</ul>

<h3>Added Paths</h3>
<ul>
<li>trunk/LayoutTests/http/tests/webshare/</li>
<li>trunk/LayoutTests/http/tests/webshare/resources/</li>
<li><a href="#trunkLayoutTestshttptestswebshareresourceswebsharepostmessagehtml">trunk/LayoutTests/http/tests/webshare/resources/webshare-postmessage.html</a></li>
<li><a href="#trunkLayoutTestshttptestswebsharewebshareallowattributecanSharehttpsexpectedtxt">trunk/LayoutTests/http/tests/webshare/webshare-allow-attribute-canShare.https-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestswebsharewebshareallowattributecanSharehttpshtml">trunk/LayoutTests/http/tests/webshare/webshare-allow-attribute-canShare.https.html</a></li>
<li><a href="#trunkLayoutTestshttptestswebsharewebshareallowattributesharehttpsexpectedtxt">trunk/LayoutTests/http/tests/webshare/webshare-allow-attribute-share.https-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestswebsharewebshareallowattributesharehttpshtml">trunk/LayoutTests/http/tests/webshare/webshare-allow-attribute-share.https.html</a></li>
</ul>

</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkLayoutTestsChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/ChangeLog (282745 => 282746)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/ChangeLog      2021-09-20 14:09:25 UTC (rev 282745)
+++ trunk/LayoutTests/ChangeLog 2021-09-20 14:22:03 UTC (rev 282746)
</span><span class="lines">@@ -1,5 +1,20 @@
</span><span class="cx"> 2021-09-20  Marcos Caceres  <marcos@marcosc.com>
</span><span class="cx"> 
</span><ins>+        Web Share permission policy "web-share" and "self" as the allowlist
+        https://bugs.webkit.org/show_bug.cgi?id=214448
+
+        Reviewed by Youenn Fablet.
+
+        * http/tests/webshare/resources/webshare-postmessage.html: Added.
+        * http/tests/webshare/webshare-allow-attribute-canShare.https-expected.txt: Added.
+        * http/tests/webshare/webshare-allow-attribute-canShare.https.html: Added.
+        * http/tests/webshare/webshare-allow-attribute-share.https-expected.txt: Added.
+        * http/tests/webshare/webshare-allow-attribute-share.https.html: Added.
+        * platform/mac-wk1/TestExpectations:
+        * platform/win/TestExpectations:
+
+2021-09-20  Marcos Caceres  <marcos@marcosc.com>
+
</ins><span class="cx">         Web Share tests are out of date
</span><span class="cx">         https://bugs.webkit.org/show_bug.cgi?id=229489
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkLayoutTestshttptestswebshareresourceswebsharepostmessagehtml"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/webshare/resources/webshare-postmessage.html (0 => 282746)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/webshare/resources/webshare-postmessage.html                                (rev 0)
+++ trunk/LayoutTests/http/tests/webshare/resources/webshare-postmessage.html   2021-09-20 14:22:03 UTC (rev 282746)
</span><span class="lines">@@ -0,0 +1,70 @@
</span><ins>+<!DOCTYPE html>
+<meta charset="utf-8" />
+<meta viewport="width=device-width, initial-scale=1.0" />
+<style>
+  html {
+    height: 100%;
+    margin: 0;
+    padding: 0;
+  }
+  body {
+    margin: 0;
+    padding: 0;
+    display: grid;
+  }
+  button {
+    height: 100vh;
+    width: 100%;
+    border: 1px solid black;
+  }
+</style>
+<body>
+  <button id="share-button">SHARE!</button>
+  <script>
+    window.addEventListener(
+      "message",
+      async (event) => {
+        const shareButton = document.getElementById("share-button");
+        const { action } = event.data;
+        let result = null;
+        let exceptionMessage;
+        let exceptionName;
+        switch (action) {
+          case "call canShare()":
+            try {
+              result = navigator.canShare({ text: "some text" });
+            } catch (e) {
+              exceptionMessage = e.message;
+              exceptionName = e.name;
+            }
+            break;
+          case "call share()":
+            await userActivationFromParent(shareButton, event);
+            try {
+              await navigator.share({ text: "some text" });
+              result = "share completed";
+            } catch (e) {
+              result = "threw";
+              exceptionMessage = e.message;
+              exceptionName = e.name;
+            }
+            break;
+          default:
+            throw new Error(`Unknown action: ${action}`);
+        }
+        event.source.postMessage(
+          { action, result, exceptionMessage, exceptionName },
+          event.origin
+        );
+      },
+      { once: true }
+    );
+
+    function userActivationFromParent(shareButton, event) {
+      return new Promise((resolve) => {
+        shareButton.addEventListener("click", resolve, { once: true });
+        event.source.postMessage("activate me!", event.origin);
+      });
+    }
+  </script>
+</body>
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestswebsharewebshareallowattributecanSharehttpsexpectedtxt"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/webshare/webshare-allow-attribute-canShare.https-expected.txt (0 => 282746)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/webshare/webshare-allow-attribute-canShare.https-expected.txt                               (rev 0)
+++ trunk/LayoutTests/http/tests/webshare/webshare-allow-attribute-canShare.https-expected.txt  2021-09-20 14:22:03 UTC (rev 282746)
</span><span class="lines">@@ -0,0 +1,18 @@
</span><ins>+CONSOLE MESSAGE: Feature policy 'WebShare' check failed for iframe with origin 'https://localhost:8443' and allow attribute ''.
+CONSOLE MESSAGE: Feature policy 'WebShare' check failed for iframe with origin 'https://localhost:8443' and allow attribute 'web-share 'none''.
+CONSOLE MESSAGE: Feature policy 'WebShare' check failed for iframe with origin 'https://127.0.0.1:8443' and allow attribute 'web-share 'none''.
+CONSOLE MESSAGE: Feature policy 'WebShare' check failed for iframe with origin 'https://localhost:8443' and allow attribute 'web-share 'self''.
+CONSOLE MESSAGE: Feature policy 'WebShare' check failed for iframe with origin 'https://127.0.0.1:8443' and allow attribute 'web-share https://localhost:8443'.
+PASS iframe src: "https://localhost:8443/webshare/resources/webshare-postmessage.html" with allow="" MUST NOT be allowed to call canShare().
+PASS iframe src: "https://127.0.0.1:8443/webshare/resources/webshare-postmessage.html" with allow="" is allowed to call canShare().
+PASS iframe src: "https://localhost:8443/webshare/resources/webshare-postmessage.html" with allow="web-share" is allowed to call canShare().
+PASS iframe src: "https://127.0.0.1:8443/webshare/resources/webshare-postmessage.html" with allow="web-share" is allowed to call canShare().
+PASS iframe src: "https://localhost:8443/webshare/resources/webshare-postmessage.html" with allow="web-share *" is allowed to call canShare().
+PASS iframe src: "https://127.0.0.1:8443/webshare/resources/webshare-postmessage.html" with allow="web-share *" is allowed to call canShare().
+PASS iframe src: "https://localhost:8443/webshare/resources/webshare-postmessage.html" with allow="web-share 'none'" MUST NOT be allowed to call canShare().
+PASS iframe src: "https://127.0.0.1:8443/webshare/resources/webshare-postmessage.html" with allow="web-share 'none'" MUST NOT be allowed to call canShare().
+PASS iframe src: "https://localhost:8443/webshare/resources/webshare-postmessage.html" with allow="web-share 'self'" MUST NOT be allowed to call canShare().
+PASS iframe src: "https://127.0.0.1:8443/webshare/resources/webshare-postmessage.html" with allow="web-share 'self'" is allowed to call canShare().
+PASS iframe src: "https://localhost:8443/webshare/resources/webshare-postmessage.html" with allow="web-share https://localhost:8443" is allowed to call canShare().
+PASS iframe src: "https://127.0.0.1:8443/webshare/resources/webshare-postmessage.html" with allow="web-share https://localhost:8443" MUST NOT be allowed to call canShare().
+
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestswebsharewebshareallowattributecanSharehttpshtml"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/webshare/webshare-allow-attribute-canShare.https.html (0 => 282746)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/webshare/webshare-allow-attribute-canShare.https.html                               (rev 0)
+++ trunk/LayoutTests/http/tests/webshare/webshare-allow-attribute-canShare.https.html  2021-09-20 14:22:03 UTC (rev 282746)
</span><span class="lines">@@ -0,0 +1,109 @@
</span><ins>+<!DOCTYPE html>
+<html>
+  <head>
+    <title>
+      Test allow attribute with "web-share" and canShare() method
+    </title>
+    <meta name="viewport" content="initial-scale=5, width=device-width" />
+    <script src="../resources/js-test-pre.js"></script>
+    <script>
+      testRunner?.dumpAsText();
+      testRunner?.waitUntilDone();
+
+      function waitFor(target, eventName) {
+        return new Promise((resolve) => {
+          target.addEventListener(eventName, resolve, { once: true });
+        });
+      }
+
+      window.addEventListener("load", async () => {
+        for (const iframe of document.querySelectorAll("iframe")) {
+          const { enabled, src } = iframe.dataset;
+          const isAllowed = enabled === "true";
+          const action = "call canShare()";
+          iframe.contentWindow.postMessage({ action }, "*");
+          const { data } = await waitFor(window, "message");
+          const { exceptionMessage, exceptionName, result } = data;
+
+          const msg = `iframe src: "${iframe.src}" with allow="${
+            iframe.allow
+          }" ${
+            isAllowed ? "is allowed to" : "MUST NOT be allowed to"
+          } ${action}. ${exceptionName ?? ""} ${exceptionMessage ?? ""}`;
+
+          switch (result) {
+            case true:
+              isAllowed ? testPassed(msg) : testFailed(msg);
+              break;
+            case false:
+              !isAllowed ? testPassed(msg) : testFailed(msg);
+              break;
+            default:
+              testFailed(msg + ` - result was: ${result}`);
+          }
+        }
+        testRunner.notifyDone();
+      });
+    </script>
+  </head>
+  <body>
+    <iframe
+      data-enabled="false"
+      src="https://localhost:8443/webshare/resources/webshare-postmessage.html"
+    ></iframe>
+    <iframe
+      data-enabled="true"
+      src="./resources/webshare-postmessage.html"
+    ></iframe>
+    <iframe
+      allow="web-share"
+      data-enabled="true"
+      src="https://localhost:8443/webshare/resources/webshare-postmessage.html"
+    ></iframe>
+    <iframe
+      allow="web-share"
+      data-enabled="true"
+      src="./resources/webshare-postmessage.html"
+    ></iframe>
+    <iframe
+      allow="web-share *"
+      data-enabled="true"
+      src="https://localhost:8443/webshare/resources/webshare-postmessage.html"
+    ></iframe>
+    <iframe
+      allow="web-share *"
+      data-enabled="true"
+      src="./resources/webshare-postmessage.html"
+    ></iframe>
+    <iframe
+      allow="web-share 'none'"
+      data-enabled="false"
+      src="https://localhost:8443/webshare/resources/webshare-postmessage.html"
+    ></iframe>
+    <iframe
+      allow="web-share 'none'"
+      data-enabled="false"
+      src="./resources/webshare-postmessage.html"
+    ></iframe>
+    <iframe
+      allow="web-share 'self'"
+      data-enabled="false"
+      src="https://localhost:8443/webshare/resources/webshare-postmessage.html"
+    ></iframe>
+    <iframe
+      allow="web-share 'self'"
+      data-enabled="true"
+      src="./resources/webshare-postmessage.html"
+    ></iframe>
+    <iframe
+      allow="web-share https://localhost:8443"
+      data-enabled="true"
+      src="https://localhost:8443/webshare/resources/webshare-postmessage.html"
+    ></iframe>
+    <iframe
+      allow="web-share https://localhost:8443"
+      data-enabled="false"
+      src="./resources/webshare-postmessage.html"
+    ></iframe>
+  </body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestswebsharewebshareallowattributesharehttpsexpectedtxt"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/webshare/webshare-allow-attribute-share.https-expected.txt (0 => 282746)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/webshare/webshare-allow-attribute-share.https-expected.txt                          (rev 0)
+++ trunk/LayoutTests/http/tests/webshare/webshare-allow-attribute-share.https-expected.txt     2021-09-20 14:22:03 UTC (rev 282746)
</span><span class="lines">@@ -0,0 +1,18 @@
</span><ins>+CONSOLE MESSAGE: Feature policy 'WebShare' check failed for iframe with origin 'https://localhost:8443' and allow attribute ''.
+CONSOLE MESSAGE: Feature policy 'WebShare' check failed for iframe with origin 'https://localhost:8443' and allow attribute 'web-share 'none''.
+CONSOLE MESSAGE: Feature policy 'WebShare' check failed for iframe with origin 'https://127.0.0.1:8443' and allow attribute 'web-share 'none''.
+CONSOLE MESSAGE: Feature policy 'WebShare' check failed for iframe with origin 'https://localhost:8443' and allow attribute 'web-share 'self''.
+CONSOLE MESSAGE: Feature policy 'WebShare' check failed for iframe with origin 'https://127.0.0.1:8443' and allow attribute 'web-share https://localhost:8443'.
+PASS iframe src: "https://localhost:8443/webshare/resources/webshare-postmessage.html" with allow="" MUST NOT be allowed to call share(). NotAllowedError Third-party iframes are not allowed to call share() unless explicitly allowed via Feature-Policy (web-share)
+PASS iframe src: "https://127.0.0.1:8443/webshare/resources/webshare-postmessage.html" with allow="" is allowed to call share().
+PASS iframe src: "https://localhost:8443/webshare/resources/webshare-postmessage.html" with allow="web-share" is allowed to call share().
+PASS iframe src: "https://127.0.0.1:8443/webshare/resources/webshare-postmessage.html" with allow="web-share" is allowed to call share().
+PASS iframe src: "https://localhost:8443/webshare/resources/webshare-postmessage.html" with allow="web-share *" is allowed to call share().
+PASS iframe src: "https://127.0.0.1:8443/webshare/resources/webshare-postmessage.html" with allow="web-share *" is allowed to call share().
+PASS iframe src: "https://localhost:8443/webshare/resources/webshare-postmessage.html" with allow="web-share 'none'" MUST NOT be allowed to call share(). NotAllowedError Third-party iframes are not allowed to call share() unless explicitly allowed via Feature-Policy (web-share)
+PASS iframe src: "https://127.0.0.1:8443/webshare/resources/webshare-postmessage.html" with allow="web-share 'none'" MUST NOT be allowed to call share(). NotAllowedError Third-party iframes are not allowed to call share() unless explicitly allowed via Feature-Policy (web-share)
+PASS iframe src: "https://localhost:8443/webshare/resources/webshare-postmessage.html" with allow="web-share 'self'" MUST NOT be allowed to call share(). NotAllowedError Third-party iframes are not allowed to call share() unless explicitly allowed via Feature-Policy (web-share)
+PASS iframe src: "https://127.0.0.1:8443/webshare/resources/webshare-postmessage.html" with allow="web-share 'self'" is allowed to call share().
+PASS iframe src: "https://localhost:8443/webshare/resources/webshare-postmessage.html" with allow="web-share https://localhost:8443" is allowed to call share().
+PASS iframe src: "https://127.0.0.1:8443/webshare/resources/webshare-postmessage.html" with allow="web-share https://localhost:8443" MUST NOT be allowed to call share(). NotAllowedError Third-party iframes are not allowed to call share() unless explicitly allowed via Feature-Policy (web-share)
+
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestswebsharewebshareallowattributesharehttpshtml"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/webshare/webshare-allow-attribute-share.https.html (0 => 282746)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/webshare/webshare-allow-attribute-share.https.html                          (rev 0)
+++ trunk/LayoutTests/http/tests/webshare/webshare-allow-attribute-share.https.html     2021-09-20 14:22:03 UTC (rev 282746)
</span><span class="lines">@@ -0,0 +1,144 @@
</span><ins>+<!DOCTYPE html>
+<html>
+  <head>
+    <title>
+      Test allow attribute with "web-share" and share() method
+    </title>
+    <meta name="viewport" content="initial-scale=1, width=device-width" />
+    <script src="/js-test-resources/ui-helper.js"></script>
+    <script src="../resources/js-test-pre.js"></script>
+    <script>
+      testRunner?.dumpAsText();
+      testRunner?.waitUntilDone();
+
+      function waitFor(target, eventName) {
+        return new Promise((resolve) => {
+          target.addEventListener(eventName, resolve, { once: true });
+        });
+      }
+
+      function userActivation(element) {
+        const promise = UIHelper.isIOSFamily()
+          ? UIHelper.tapElement(element)
+          : UIHelper.activateElement(element);
+        return promise;
+      }
+
+      const iframeDetails = [
+        {
+          enabled: "false",
+          src: "https://localhost:8443/webshare/resources/webshare-postmessage.html",
+        },
+        {
+          enabled: "true",
+          src: "./resources/webshare-postmessage.html",
+        },
+        {
+          allow: "web-share",
+          enabled: "true",
+          src: "https://localhost:8443/webshare/resources/webshare-postmessage.html",
+        },
+        {
+          allow: "web-share",
+          enabled: "true",
+          src: "./resources/webshare-postmessage.html",
+        },
+        {
+          allow: "web-share *",
+          enabled: "true",
+          src: "https://localhost:8443/webshare/resources/webshare-postmessage.html",
+        },
+        {
+          allow: "web-share *",
+          enabled: "true",
+          src: "./resources/webshare-postmessage.html",
+        },
+        {
+          allow: "web-share 'none'",
+          enabled: "false",
+          src: "https://localhost:8443/webshare/resources/webshare-postmessage.html",
+        },
+        {
+          allow: "web-share 'none'",
+          enabled: "false",
+          src: "./resources/webshare-postmessage.html",
+        },
+        {
+          allow: "web-share 'self'",
+          enabled: "false",
+          src: "https://localhost:8443/webshare/resources/webshare-postmessage.html",
+        },
+        {
+          allow: "web-share 'self'",
+          enabled: "true",
+          src: "./resources/webshare-postmessage.html",
+        },
+        {
+          allow: "web-share https://localhost:8443",
+          enabled: "true",
+          src: "https://localhost:8443/webshare/resources/webshare-postmessage.html",
+        },
+        {
+          allow: "web-share https://localhost:8443",
+          enabled: "false",
+          src: "./resources/webshare-postmessage.html",
+        },
+      ];
+
+      async function loadIframe(details) {
+        const iframe = document.createElement("iframe");
+        if (details.hasOwnProperty("allow")) {
+          iframe.setAttribute("allow", details.allow);
+        }
+        iframe.dataset.enabled = details.enabled;
+        iframe.src = details.src;
+        document.body.appendChild(iframe);
+        await waitFor(iframe, "load");
+        return iframe;
+      }
+
+      async function runTests () {
+        for (const details of iframeDetails) {
+          const iframe = await loadIframe(details);
+          const { enabled } = iframe.dataset;
+          const isAllowed = enabled === "true";
+          const action = "call share()";
+          iframe.contentWindow.postMessage({ action }, "*");
+          const { data: activateMe } = await waitFor(window, "message");
+          if (activateMe !== "activate me!") {
+            throw new Error("Expected an activate request:" + activateMe);
+          }
+          await userActivation(iframe);
+          const { data } = await waitFor(window, "message");
+          const { exceptionMessage, exceptionName, result } = data;
+          const msg = `iframe src: "${iframe.src}" with allow="${
+            iframe.allow
+          }" ${
+            isAllowed ? "is allowed to" : "MUST NOT be allowed to"
+          } ${action}. ${exceptionName ?? ""} ${exceptionMessage ?? ""}`;
+          switch (result) {
+            case "share completed":
+              isAllowed ? testPassed(msg) : testFailed(msg);
+              break;
+            case "threw":
+              if (
+                !isAllowed &&
+                exceptionName === "NotAllowedError" &&
+                exceptionMessage.endsWith("Feature-Policy (web-share)")
+              ) {
+                testPassed(msg);
+              } else {
+                testFailed(msg);
+              }
+              break;
+            default:
+              testFailed(msg + ` - result was: ${result}`);
+          }
+          iframe.remove();
+        }
+        testRunner.notifyDone();
+      }
+    </script>
+  </head>
+  <body onload="runTests()">
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestsplatformmacwk1TestExpectations"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/platform/mac-wk1/TestExpectations (282745 => 282746)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/platform/mac-wk1/TestExpectations      2021-09-20 14:09:25 UTC (rev 282745)
+++ trunk/LayoutTests/platform/mac-wk1/TestExpectations 2021-09-20 14:22:03 UTC (rev 282746)
</span><span class="lines">@@ -1408,3 +1408,6 @@
</span><span class="cx"> webkit.org/b/230427 http/tests/misc/iframe-reparenting-id-collision.html [ Pass Failure ]
</span><span class="cx"> 
</span><span class="cx"> webkit.org/b/230425 printing/allowed-breaks.html [ Pass Failure ]
</span><ins>+
+# webkit.org/b/214448 Web Share API is not implemented for mac-wk1
+http/tests/webshare/ [ Skip ]
</ins></span></pre></div>
<a id="trunkLayoutTestsplatformwinTestExpectations"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/platform/win/TestExpectations (282745 => 282746)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/platform/win/TestExpectations  2021-09-20 14:09:25 UTC (rev 282745)
+++ trunk/LayoutTests/platform/win/TestExpectations     2021-09-20 14:22:03 UTC (rev 282746)
</span><span class="lines">@@ -147,7 +147,7 @@
</span><span class="cx"> http/tests/security/contentSecurityPolicy/report-cross-origin-no-cookies-when-private-browsing-enabled.py [ Skip ] 
</span><span class="cx"> http/tests/navigation/ping-attribute/area-cross-origin.html [ Skip ] 
</span><span class="cx"> http/tests/navigation/ping-attribute/anchor-cross-origin.html [ Skip ] 
</span><del>-http/tests/referrer-policy/no-referrer-when-downgrade/ [ Skip ] 
</del><ins>+http/tests/referrer-policy/no-referrer-when-downgrade/ [ Skip ]
</ins><span class="cx"> http/tests/referrer-policy/unsafe-url/cross-origin-http-http.html [ Skip ] 
</span><span class="cx"> http/tests/referrer-policy/unsafe-url/cross-origin-http.https.html [ Skip ] 
</span><span class="cx"> http/tests/referrer-policy-img/no-referrer-when-downgrade/ [ Skip ] 
</span><span class="lines">@@ -4692,3 +4692,6 @@
</span><span class="cx"> webkit.org/b/229594 js/dfg-int32array-overflow-values.html [ Pass Crash ]
</span><span class="cx"> 
</span><span class="cx"> webkit.org/b/230427 http/tests/misc/iframe-reparenting-id-collision.html [ Pass Failure ]
</span><ins>+
+# webkit.org/b/214448 Web Share API is not implemented in the Windows port
+http/tests/webshare/ [ Skip ]
</ins></span></pre></div>
<a id="trunkSourceWebCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/ChangeLog (282745 => 282746)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/ChangeLog   2021-09-20 14:09:25 UTC (rev 282745)
+++ trunk/Source/WebCore/ChangeLog      2021-09-20 14:22:03 UTC (rev 282746)
</span><span class="lines">@@ -1,3 +1,22 @@
</span><ins>+2021-09-20  Marcos Caceres  <marcos@marcosc.com>
+
+        Web Share permission policy "web-share" and "self" as the allowlist
+        https://bugs.webkit.org/show_bug.cgi?id=214448
+
+        Reviewed by Youenn Fablet.
+
+        Tests: http/tests/webshare/webshare-allow-attribute-canShare.https.html
+               http/tests/webshare/webshare-allow-attribute-share.https.html
+
+        * html/FeaturePolicy.cpp:
+        (WebCore::policyTypeName):
+        (WebCore::FeaturePolicy::parse):
+        (WebCore::FeaturePolicy::allows const):
+        * html/FeaturePolicy.h:
+        * page/Navigator.cpp:
+        (WebCore::Navigator::canShare):
+        (WebCore::Navigator::share):
+
</ins><span class="cx"> 2021-09-20  Zalan Bujtas  <zalan@apple.com>
</span><span class="cx"> 
</span><span class="cx">         [LFC][Integration] Remove redundant Run::m_isLineSpanning
</span></span></pre></div>
<a id="trunkSourceWebCorehtmlFeaturePolicycpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/html/FeaturePolicy.cpp (282745 => 282746)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/html/FeaturePolicy.cpp      2021-09-20 14:09:25 UTC (rev 282745)
+++ trunk/Source/WebCore/html/FeaturePolicy.cpp 2021-09-20 14:22:03 UTC (rev 282746)
</span><span class="lines">@@ -56,6 +56,8 @@
</span><span class="cx">         return "SyncXHR";
</span><span class="cx">     case FeaturePolicy::Type::Fullscreen:
</span><span class="cx">         return "Fullscreen";
</span><ins>+    case FeaturePolicy::Type::WebShare:
+        return "WebShare";
</ins><span class="cx"> #if ENABLE(DEVICE_ORIENTATION)
</span><span class="cx">     case FeaturePolicy::Type::Gyroscope:
</span><span class="cx">         return "Gyroscope";
</span><span class="lines">@@ -175,6 +177,7 @@
</span><span class="cx">     bool isPaymentInitialized = false;
</span><span class="cx">     bool isSyncXHRInitialized = false;
</span><span class="cx">     bool isFullscreenInitialized = false;
</span><ins>+    bool isWebShareInitialized = false;
</ins><span class="cx"> #if ENABLE(DEVICE_ORIENTATION)
</span><span class="cx">     bool isGyroscopeInitialized = false;
</span><span class="cx">     bool isAccelerometerInitialized = false;
</span><span class="lines">@@ -225,6 +228,11 @@
</span><span class="cx">             updateList(document, policy.m_fullscreenRule, item.substring(11));
</span><span class="cx">             continue;
</span><span class="cx">         }
</span><ins>+        if (item.startsWith("web-share")) {
+            isWebShareInitialized = true;
+            updateList(document, policy.m_webShareRule, item.substring(10));
+            continue;
+        }
</ins><span class="cx"> #if ENABLE(DEVICE_ORIENTATION)
</span><span class="cx">         if (item.startsWith("gyroscope")) {
</span><span class="cx">             isGyroscopeInitialized = true;
</span><span class="lines">@@ -264,6 +272,8 @@
</span><span class="cx">         policy.m_geolocationRule.allowedList.add(document.securityOrigin().data());
</span><span class="cx">     if (!isPaymentInitialized)
</span><span class="cx">         policy.m_paymentRule.allowedList.add(document.securityOrigin().data());
</span><ins>+    if (!isWebShareInitialized)
+        policy.m_webShareRule.allowedList.add(document.securityOrigin().data());
</ins><span class="cx"> #if ENABLE(DEVICE_ORIENTATION)
</span><span class="cx">     if (!isGyroscopeInitialized)
</span><span class="cx">         policy.m_gyroscopeRule.allowedList.add(document.securityOrigin().data());
</span><span class="lines">@@ -317,6 +327,8 @@
</span><span class="cx">         return isAllowedByFeaturePolicy(m_syncXHRRule, origin);
</span><span class="cx">     case Type::Fullscreen:
</span><span class="cx">         return isAllowedByFeaturePolicy(m_fullscreenRule, origin);
</span><ins>+    case Type::WebShare:
+        return isAllowedByFeaturePolicy(m_webShareRule, origin);
</ins><span class="cx"> #if ENABLE(DEVICE_ORIENTATION)
</span><span class="cx">     case Type::Gyroscope:
</span><span class="cx">         return isAllowedByFeaturePolicy(m_gyroscopeRule, origin);
</span></span></pre></div>
<a id="trunkSourceWebCorehtmlFeaturePolicyh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/html/FeaturePolicy.h (282745 => 282746)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/html/FeaturePolicy.h        2021-09-20 14:09:25 UTC (rev 282745)
+++ trunk/Source/WebCore/html/FeaturePolicy.h   2021-09-20 14:22:03 UTC (rev 282746)
</span><span class="lines">@@ -47,6 +47,7 @@
</span><span class="cx">         Payment,
</span><span class="cx">         SyncXHR,
</span><span class="cx">         Fullscreen,
</span><ins>+        WebShare,
</ins><span class="cx"> #if ENABLE(DEVICE_ORIENTATION)
</span><span class="cx">         Gyroscope,
</span><span class="cx">         Accelerometer,
</span><span class="lines">@@ -73,6 +74,8 @@
</span><span class="cx">     AllowRule m_paymentRule;
</span><span class="cx">     AllowRule m_syncXHRRule;
</span><span class="cx">     AllowRule m_fullscreenRule;
</span><ins>+    AllowRule m_webShareRule;
+
</ins><span class="cx"> #if ENABLE(DEVICE_ORIENTATION)
</span><span class="cx">     AllowRule m_gyroscopeRule;
</span><span class="cx">     AllowRule m_accelerometerRule;
</span></span></pre></div>
<a id="trunkSourceWebCorepageNavigatorcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/page/Navigator.cpp (282745 => 282746)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/page/Navigator.cpp  2021-09-20 14:09:25 UTC (rev 282745)
+++ trunk/Source/WebCore/page/Navigator.cpp     2021-09-20 14:22:03 UTC (rev 282746)
</span><span class="lines">@@ -30,6 +30,7 @@
</span><span class="cx"> #include "DOMPlugin.h"
</span><span class="cx"> #include "DOMPluginArray.h"
</span><span class="cx"> #include "Document.h"
</span><ins>+#include "FeaturePolicy.h"
</ins><span class="cx"> #include "Frame.h"
</span><span class="cx"> #include "FrameLoader.h"
</span><span class="cx"> #include "FrameLoaderClient.h"
</span><span class="lines">@@ -129,6 +130,9 @@
</span><span class="cx">     if (!document.isFullyActive())
</span><span class="cx">         return false;
</span><span class="cx"> 
</span><ins>+    if (!isFeaturePolicyAllowedByDocumentAndAllOwners(FeaturePolicy::Type::WebShare, document, LogFeaturePolicyFailure::Yes))
+        return false;
+
</ins><span class="cx">     bool hasShareableTitleOrText = !data.title.isNull() || !data.text.isNull();
</span><span class="cx">     bool hasShareableURL = !!shareableURLForShareData(document, data);
</span><span class="cx"> #if ENABLE(FILE_SHARE)
</span><span class="lines">@@ -147,6 +151,11 @@
</span><span class="cx">         return;
</span><span class="cx">     }
</span><span class="cx"> 
</span><ins>+    if (!isFeaturePolicyAllowedByDocumentAndAllOwners(FeaturePolicy::Type::WebShare, document, LogFeaturePolicyFailure::Yes)) {
+        promise->reject(NotAllowedError, "Third-party iframes are not allowed to call share() unless explicitly allowed via Feature-Policy (web-share)"_s);
+        return;
+    }
+
</ins><span class="cx">     if (m_hasPendingShare) {
</span><span class="cx">         promise->reject(NotAllowedError);
</span><span class="cx">         return;
</span><span class="lines">@@ -173,7 +182,7 @@
</span><span class="cx">     if (document.settings().webShareFileAPIEnabled() && !data.files.isEmpty()) {
</span><span class="cx">         if (m_loader)
</span><span class="cx">             m_loader->cancel();
</span><del>-        
</del><ins>+
</ins><span class="cx">         m_loader = ShareDataReader::create([this, promise = WTFMove(promise)] (ExceptionOr<ShareDataWithParsedURL&> readData) mutable {
</span><span class="cx">             showShareData(readData, WTFMove(promise));
</span><span class="cx">         });
</span></span></pre>
</div>
</div>

</body>
</html>