Skip to content

Commit

Permalink
Move key generation & key comparison to powerful feature
Browse files Browse the repository at this point in the history
  • Loading branch information
@johannhof
johannhof committed Nov 23, 2022
1 parent 1b5edcf commit 189b999
Showing 1 changed file with 52 additions and 33 deletions.
85 changes: 52 additions & 33 deletions index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -331,40 +331,14 @@ <h3>
</ol>
</p>
<p>
A <dfn class="export">permission store key</dfn> is a [=tuple=] of ([=origin=] <dfn data-dfn-for="permission store key">top-level origin</dfn>, [=origin=] <dfn data-dfn-for="permission store key">granted origin</dfn>).
</p>

<p>
To <dfn class="export">generate a permission store key</dfn> given [=environment settings object=] |settings|, run these steps:
<ol class="algorithm">
<li>
Let |topLevelOrigin| be |settings|' [=environment/top-level origin=].
</li>
<li>
Return (|topLevelOrigin|, |topLevelOrigin|).
</li>
</ol>
A <dfn class="export">permission store key</dfn> has the type returned by the feature's [=powerful feature/permission key generation algorithm=].
<aside class="note">
Most permissions will want to set the permission grant on the top-level origin and delegate access via Permissions Policy.
However, others, like the Storage Access API, explicitly describe an embeddee relationship and could set a different granted origin.
Powerful features may override the key generation algorithm to specify a custom permission store key.
This is useful for features that want to restrict permissions based on additional context,
such as double-keying on both the embedded origin and the top-level origin.
</aside>
</p>

<p>
To <dfn class="export">compare [=permission store keys=]</dfn> |key1| and |key2|, run these steps:
<ol class="algorithm">
<li>
If |key1|'s [=permission store key/top-level origin=] is not [=same origin=] with |key2|'s [=permission store key/top-level origin=], return false.
</li>
<li>
If |key1|'s [=permission store key/granted origin=] is not [=same origin=] with |key2|'s [=permission store key/granted origin=], return false.
</li>
<li>
Return true.
</li>
</ol>
</p>

</p>
</section>
<section>
Expand Down Expand Up @@ -591,6 +565,51 @@ <h2>
</li>
</ol>
</dd>
<dt>
A <dfn data-dfn-for="powerful feature" class="export">permission key generation algorithm</dfn>:
</dt>
<dd>
<p>
Takes an [=environment settings object=], and returns a new [=permission store key=].
If unspecified, this defaults to the <a>default permission key generation algorithm</a>.
A feature that specifies a custom [=powerful feature/permission key generation algorithm=] MUST also specify a
[=powerful feature/permission key comparison algorithm=].
</p>
<p>
The <dfn data-export="">default permission key generation algorithm</dfn>,
given an [=environment settings object=] |settings|, runs the following steps:
</p>
<ol class="algorithm">
<li>
Return |settings|' [=environment/top-level origin=].
</li>
</ol>
<aside class="note" title="Permission Delegation">
Most powerful features grant permission to the top-level origin and delegate access to the requesting document via Permissions Policy.
This is called Permission Delegation.
</aside>
</dd>
<dt>
A <dfn data-dfn-for="powerful feature" class="export">permission key comparison algorithm</dfn>:
</dt>
<dd>
<p>
Takes two [=permission store keys=] and returns a boolean that shows whether the two keys are equal.
If unspecified, this defaults to the <a>default permission key comparison algorithm</a>.
</p>
<p>
The <dfn data-export="">default permission key comparison algorithm</dfn>,
given [=permission store keys=] |key1| and |key2| (both [=origins=]), runs the following steps:
</p>
<ol class="algorithm">
<li>
If |key1| is not [=same origin=] with |key2| return false.
</li>
<li>
Return true.
</li>
</ol>
</dd>
<dt>
A <dfn data-dfn-for="powerful feature" class="export">permission revocation
algorithm</dfn>:
Expand Down Expand Up @@ -718,7 +737,7 @@ <h3 id="reading-current-states">
</li>
</ol>
</li>
<li>Let |key| be the result of [=generate a permission store key|generating a permission store key=] with |settings|.
<li>Let |key| be the result of [=powerful feature/permission key generation algorithm|generating a permission store key=] with |settings|.
</li>
<li>Let |entry| be the result of [=get a permission store entry|getting a permission store entry=] with |feature|, |descriptor| and |key|.
</li>
Expand Down Expand Up @@ -765,7 +784,7 @@ <h3 id="requesting-more-permission">
</p>
</li>
<li>
Let |key| be the result of [=generate a permission store key|generating a permission store key=] with the [=current settings object=].
Let |key| be the result of [=powerful feature/permission key generation algorithm|generating a permission store key=] with the [=current settings object=].
</li>
<li>
[=Queue a task=] on the [=current settings object=]'s [=environment settings
Expand Down Expand Up @@ -848,7 +867,7 @@ <h3 id="reacting-to-revocation">
revocation algorithm=].
</li>
<li>
Let |key| be the result of [=generate a permission store key|generating a permission store key=] with the Realm's [=Realm/settings object=].
Let |key| be the result of [=powerful feature/permission key generation algorithm|generating a permission store key=] with the Realm's [=Realm/settings object=].
</li>
<li>
TODO: How do I get the feature descriptor to remove the feature here?
Expand Down

0 comments on commit 189b999

Please sign in to comment.