Enable FP reporting for VR/XR policy violations.

This queues a report through the Reporting API whenever VR or XR device access are requested in a frame in which the 'vr' feature is not allowed according to feature policy. Bug: 867471 Cq-Include-Trybots: luci.chromium.try:win_optional_gpu_tests_rel Change-Id: I5e0256c799f986e30b1f3746ef0fce1b6d9f93eb Reviewed-on: https://chromium-review.googlesource.com/1195438Reviewed-by: Brandon Jones <bajones@chromium.org> Commit-Queue: Ian Clelland <iclelland@chromium.org> Cr-Commit-Position: refs/heads/master@{#590451}

Enable FP reporting for VR/XR policy violations.
This queues a report through the Reporting API whenever VR or XR device access are requested in a frame in which the 'vr' feature is not allowed according to feature policy. Bug: 867471 Cq-Include-Trybots: luci.chromium.try:win_optional_gpu_tests_rel Change-Id: I5e0256c799f986e30b1f3746ef0fce1b6d9f93eb Reviewed-on: https://chromium-review.googlesource.com/1195438Reviewed-by: Brandon Jones <bajones@chromium.org> Commit-Queue: Ian Clelland <iclelland@chromium.org> Cr-Commit-Position: refs/heads/master@{#590451}
c12c50e9 · Ian Clelland · Commit Bot · 7d9d5aee · c12c50e9 · c12c50e9
Commit c12c50e9 authored Sep 11, 2018 by Ian Clelland Committed by Commit Bot Sep 11, 2018
6 changed files
--- a/third_party/WebKit/LayoutTests/external/wpt/feature-policy/reporting/vr-reporting.https.html
+++ b/third_party/WebKit/LayoutTests/external/wpt/feature-policy/reporting/vr-reporting.https.html
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+  </head>
+  <body>
+    <script>
+var check_report_format = (reports, observer) => {
+  let report = reports[0];
+  assert_equals(report.type, "feature-policy");
+  assert_equals(report.url, document.location.href);
+  assert_equals(report.body.feature, "vr");
+  assert_equals(report.body.sourceFile, document.location.href);
+  assert_equals(typeof report.body.message, "string");
+  assert_equals(typeof report.body.lineNumber, "number");
+  assert_equals(typeof report.body.columnNumber, "number");
+};
+promise_test(async (t) => {
+  const report = new Promise(resolve => {
+    new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                          {types: ['feature-policy']}).observe();
+  });
+  await promise_rejects(t, 'SecurityError', navigator.getVRDisplays(),
+                        "VR device access should not be allowed in this document.");
+  const [reports, observer] = await report;
+  check_report_format(reports, observer);
+}, "VR Report Format");
+    </script>
+  </body>
+</html>
--- a/third_party/WebKit/LayoutTests/external/wpt/feature-policy/reporting/vr-reporting.https.html.headers
+++ b/third_party/WebKit/LayoutTests/external/wpt/feature-policy/reporting/vr-reporting.https.html.headers
+Feature-Policy: vr 'none'
--- a/third_party/WebKit/LayoutTests/external/wpt/feature-policy/reporting/xr-reporting.https.html
+++ b/third_party/WebKit/LayoutTests/external/wpt/feature-policy/reporting/xr-reporting.https.html
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+  </head>
+  <body>
+    <script>
+var check_report_format = (reports, observer) => {
+  let report = reports[0];
+  assert_equals(report.type, "feature-policy");
+  assert_equals(report.url, document.location.href);
+  assert_equals(report.body.feature, "vr");
+  assert_equals(report.body.sourceFile, document.location.href);
+  assert_equals(typeof report.body.message, "string");
+  assert_equals(typeof report.body.lineNumber, "number");
+  assert_equals(typeof report.body.columnNumber, "number");
+};
+promise_test(async (t) => {
+  const report = new Promise(resolve => {
+    new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                          {types: ['feature-policy']}).observe();
+  });
+  await promise_rejects(t, 'SecurityError', navigator.xr.requestDevice(),
+                        "XR device access should not be allowed in this document.");
+  const [reports, observer] = await report;
+  check_report_format(reports, observer);
+}, "XR Report Format");
+    </script>
+  </body>
+</html>
--- a/third_party/WebKit/LayoutTests/external/wpt/feature-policy/reporting/xr-reporting.https.html.headers
+++ b/third_party/WebKit/LayoutTests/external/wpt/feature-policy/reporting/xr-reporting.https.html.headers
+Feature-Policy: vr 'none'
--- a/third_party/blink/renderer/modules/vr/navigator_vr.cc
+++ b/third_party/blink/renderer/modules/vr/navigator_vr.cc
@@ -144,7 +144,8 @@ ScriptPromise NavigatorVR::getVRDisplays(ScriptState* script_state) {
        script_state, DOMException::Create(DOMExceptionCode::kInvalidStateError,
                                           kNotAssociatedWithDocumentMessage));
  }
-  if (!frame->IsFeatureEnabled(mojom::FeaturePolicyFeature::kWebVr)) {
+  if (!frame->IsFeatureEnabled(mojom::FeaturePolicyFeature::kWebVr,
+                               ReportOptions::kReportOnFailure)) {
    return ScriptPromise::RejectWithDOMException(
        script_state, DOMException::Create(DOMExceptionCode::kSecurityError,
                                           kFeaturePolicyBlockedMessage));

--- a/third_party/blink/renderer/modules/xr/xr.cc
+++ b/third_party/blink/renderer/modules/xr/xr.cc
@@ -73,7 +73,8 @@ ScriptPromise XR::requestDevice(ScriptState* script_state) {
    did_log_requestDevice_ = true;
  }
-  if (!frame->IsFeatureEnabled(mojom::FeaturePolicyFeature::kWebVr)) {
+  if (!frame->IsFeatureEnabled(mojom::FeaturePolicyFeature::kWebVr,
+                               ReportOptions::kReportOnFailure)) {
    // Only allow the call to be made if the appropraite feature policy is in
    // place.
    return ScriptPromise::RejectWithDOMException(