services/network/public/mojom/cross_origin_opener_policy.mojom - chromium/src - Git at Google

 // Copyright 2019 The Chromium Authors
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 module network.mojom;

 import "url/mojom/url.mojom";
 import "mojo/public/mojom/base/unguessable_token.mojom";
 import "services/network/public/mojom/source_location.mojom";

 enum CoopAccessReportType {
   kAccessFromCoopPageToOpener,
   kAccessFromCoopPageToOpenee,
   kAccessFromCoopPageToOther,
   kAccessToCoopPageFromOpener,
   kAccessToCoopPageFromOpenee,
   kAccessToCoopPageFromOther,
 };

 // Reports potential COOP violations. Implemented in the browser process.
 interface CrossOriginOpenerPolicyReporter {
   // Sends a report when two browsing contexts from different virtual browsing
   // context groups tries to access each other.
   // - |property| is the name of the access property (postMessage, open, ...).
   // - |source_location| represents the line of code that triggered the access.
   // - |reported_window_url| the sanitized URL of the second window. Empty when
   //   cross-origin with the reporting window.
   QueueAccessReport(CoopAccessReportType report_type, string property,
                     SourceLocation source_location,
                     string reported_window_url);
 };

 // Used to configure AccessMonitors in the renderer process that will report
 // accesses to a CrossOriginOpenerPolicyReporter.
 struct CrossOriginOpenerPolicyReporterParams {
   // The type of report generated by the reporter.
   network.mojom.CoopAccessReportType report_type;

   // The interface used to queue reports.
   pending_remote<network.mojom.CrossOriginOpenerPolicyReporter> reporter;

   // Whether the COOP header has at least defines one endpoint defined. When
   // there are none, no ReportingObserver event will be emitted since the
   // developer of the document is likely not interested in receiving them.
   bool endpoint_defined;

   // The reported window's sanitized URL. This corresponds to openerURL,
   // openeeURL or otherDocumentURL depending on the |report_type|.
   string reported_window_url;
 };

 // Cross-Origin-Opener-Policy enum representing parsed values.
 enum CrossOriginOpenerPolicyValue {
   // No restriction is applied, the relationship is kept with openers and
   // opened documents.
   kUnsafeNone,

   // Severs the opener relationship with openers that are not same-origin while
   // keeping the relationship with opened documents, provided they don't have a
   // Cross-Origin-Opener-Policy themselves.
   kSameOriginAllowPopups,

   // Severs the opener relationship with openers/opened documents that are not
   // same-origin.
   kSameOrigin,

   // COOP: same-origin with a COEP value compatible with crossOriginIsolation.
   kSameOriginPlusCoep,

   // Restrict which window properties other pages can interact with and vice
   // versa. Access of "closed" and "postMessage" remains possible across
   // openers.
   kRestrictProperties,

   // COOP: restrict-properties with a COEP value compatible with
   // crossOriginIsolation.
   kRestrictPropertiesPlusCoep,
 };

 // Cross-Origin-Opener-Policy enum representing parsed values.
 // Following spec draft:
 // https://gist.github.com/annevk/6f2dd8c79c77123f39797f6bdac43f3e
 struct CrossOriginOpenerPolicy {
     // The value of the policy.
     CrossOriginOpenerPolicyValue value =
         CrossOriginOpenerPolicyValue.kUnsafeNone;
     // The reporting endpoint for the policy.
     string? reporting_endpoint;
     // The value for the "report only" mode.
     CrossOriginOpenerPolicyValue report_only_value =
         CrossOriginOpenerPolicyValue.kUnsafeNone;
     // The reporting endpoint for the "report only" mode.
     string? report_only_reporting_endpoint;
     // The value of the policy when the default value of COOP is
     // same-origin-allow-popups.
     CrossOriginOpenerPolicyValue soap_by_default_value =
         CrossOriginOpenerPolicyValue.kUnsafeNone;
 };
	// Copyright 2019 The Chromium Authors
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	module network.mojom;

	import "url/mojom/url.mojom";
	import "mojo/public/mojom/base/unguessable_token.mojom";
	import "services/network/public/mojom/source_location.mojom";

	enum CoopAccessReportType {
	kAccessFromCoopPageToOpener,
	kAccessFromCoopPageToOpenee,
	kAccessFromCoopPageToOther,
	kAccessToCoopPageFromOpener,
	kAccessToCoopPageFromOpenee,
	kAccessToCoopPageFromOther,
	};

	// Reports potential COOP violations. Implemented in the browser process.
	interface CrossOriginOpenerPolicyReporter {
	// Sends a report when two browsing contexts from different virtual browsing
	// context groups tries to access each other.
	// - \|property\| is the name of the access property (postMessage, open, ...).
	// - \|source_location\| represents the line of code that triggered the access.
	// - \|reported_window_url\| the sanitized URL of the second window. Empty when
	// cross-origin with the reporting window.
	QueueAccessReport(CoopAccessReportType report_type, string property,
	SourceLocation source_location,
	string reported_window_url);
	};

	// Used to configure AccessMonitors in the renderer process that will report
	// accesses to a CrossOriginOpenerPolicyReporter.
	struct CrossOriginOpenerPolicyReporterParams {
	// The type of report generated by the reporter.
	network.mojom.CoopAccessReportType report_type;

	// The interface used to queue reports.
	pending_remote<network.mojom.CrossOriginOpenerPolicyReporter> reporter;

	// Whether the COOP header has at least defines one endpoint defined. When
	// there are none, no ReportingObserver event will be emitted since the
	// developer of the document is likely not interested in receiving them.
	bool endpoint_defined;

	// The reported window's sanitized URL. This corresponds to openerURL,
	// openeeURL or otherDocumentURL depending on the \|report_type\|.
	string reported_window_url;
	};

	// Cross-Origin-Opener-Policy enum representing parsed values.
	enum CrossOriginOpenerPolicyValue {
	// No restriction is applied, the relationship is kept with openers and
	// opened documents.
	kUnsafeNone,

	// Severs the opener relationship with openers that are not same-origin while
	// keeping the relationship with opened documents, provided they don't have a
	// Cross-Origin-Opener-Policy themselves.
	kSameOriginAllowPopups,

	// Severs the opener relationship with openers/opened documents that are not
	// same-origin.
	kSameOrigin,

	// COOP: same-origin with a COEP value compatible with crossOriginIsolation.
	kSameOriginPlusCoep,

	// Restrict which window properties other pages can interact with and vice
	// versa. Access of "closed" and "postMessage" remains possible across
	// openers.
	kRestrictProperties,

	// COOP: restrict-properties with a COEP value compatible with
	// crossOriginIsolation.
	kRestrictPropertiesPlusCoep,
	};

	// Cross-Origin-Opener-Policy enum representing parsed values.
	// Following spec draft:
	// https://gist.github.com/annevk/6f2dd8c79c77123f39797f6bdac43f3e
	struct CrossOriginOpenerPolicy {
	// The value of the policy.
	CrossOriginOpenerPolicyValue value =
	CrossOriginOpenerPolicyValue.kUnsafeNone;
	// The reporting endpoint for the policy.
	string? reporting_endpoint;
	// The value for the "report only" mode.
	CrossOriginOpenerPolicyValue report_only_value =
	CrossOriginOpenerPolicyValue.kUnsafeNone;
	// The reporting endpoint for the "report only" mode.
	string? report_only_reporting_endpoint;
	// The value of the policy when the default value of COOP is
	// same-origin-allow-popups.
	CrossOriginOpenerPolicyValue soap_by_default_value =
	CrossOriginOpenerPolicyValue.kUnsafeNone;
	};