Revision 1553cb43af08443e2d04a01bd6925db002234174 authored by Ian Clelland on 28 September 2017, 19:28:02 UTC, committed by Chromium WPT Sync on 28 September 2017, 19:28:02 UTC
This CL disables Web Bluetooth by rejecting the requestDevices call if disallowed by feature policy. Web Bluetooth is allowed by default in the top level frame, and in its same-origin children, and disallowed by default in cross-origin child frames. To enable in a particular cross-origin iframe, use the allow attribute, like: <iframe src="https://..." allow="bluetooth"></iframe> To block blueooth in a same-origin frame, specify 'none' as an origin list in the allow attribute: <iframe src="https://..." allow="bluetooth 'none'"></iframe> Or include a Feature-Policy HTTP header with a document which either allows Web Bluetooth in certain origins: Feature-Policy: bluetooth 'self' https://example.com or in all frames: Feature-Policy: bluetooth '*' or disallows it completely: Feature-Policy: bluetooth 'none' Bug: 518042 Change-Id: I44767f3f65065e9fe0d84a051d4a6b503b439b89
1 parent 37f4e33
Computing file changes ...