- Takes an [=environment settings object=], and returns a new [=permission key=]. If
- unspecified, this defaults to the [=default permission key generation algorithm=]. A
- feature that specifies a custom [=powerful feature/permission key generation
- algorithm=] MUST also specify a [=powerful feature/permission key comparison
- algorithm=].
+ Takes an [=origin=] |origin| and an [=origin=] |top level origin|, and returns a new
+ [=permission key=]. If unspecified, this defaults to the [=default permission key
+ generation algorithm=]. A feature that specifies a custom [=powerful feature/permission
+ key generation algorithm=] MUST also specify a [=powerful feature/permission key
+ comparison algorithm=].
The default permission key generation algorithm, given an
- [=environment settings object=] |settings|, runs the following steps:
+ [=origin=] |origin| and an [=origin=] |top level origin|, runs the following steps:
- - Return |settings|'s [=environment/top-level origin=].
+
- Return |top level origin|.
@@ -805,7 +805,9 @@
Let |key| be the result of [=powerful feature/permission key generation
- algorithm|generating a permission key=] for |descriptor| with |settings|.
+ algorithm|generating a permission key=] for |descriptor| with |settings|'s
+ [=environment settings object/origin=] and |settings|'s
+ [=environment/top-level origin=].
Let |entry| be the result of [=get a permission store entry|getting a permission
store entry=] with |descriptor| and |key|.
@@ -855,8 +857,12 @@
this framework.
+ Let |settings| be the [=current settings object=].
+
Let |key| be the result of [=powerful feature/permission key generation
- algorithm|generating a permission key=] with the [=current settings object=].
+ algorithm|generating a permission key=] for |descriptor| with |settings|'s
+ [=environment settings object/origin=] and |settings|'s [=environment/top-level
+ origin=].
[=Queue a task=] on the [=current settings object=]'s [=environment settings
object/responsible event loop=] to [=set a permission store entry=] with |descriptor|,
@@ -1235,19 +1241,35 @@
To set a permission given a {{PermissionDescriptor}}
|descriptor:PermissionDescriptor|, a {{PermissionState}} |state:PermissionState|, an
- optional |origin|, and an optional |user agent|:
+ optional [=permission key=] |key|, and an optional |user agent|:
- - Let |target origin| be [=current settings object=]'s [=environment settings
- object/origin=] if |origin| is null, or |origin| otherwise.
+
- Let |target key| be the result of [=powerful feature/permission key generation
+ algorithm|generating a permission key=] for |descriptor| with [=current settings
+ object=]'s [=environment settings object/origin=] and [=current settings object=]'s
+ [=environment/top-level origin=] if |key| is null, or |key| otherwise.
+
+ - Let |settings list| be a list containing all [=environment settings objects=]
+ which belong to the |user agent| if provided, or all user agents otherwise.
+
+ - Let |targets| be an empty list.
+
+ - [=list/For each=] [=environment settings object=] |settings| in |settings list|:
+
+ - Let |settings key| be be the result of [=powerful feature/permission key
+ generation algorithm|generating a permission key=] for |descriptor| with |settings|'s
+ [=environment settings object/origin=] and |settings|'s [=environment/top-level origin=].
+
+ - Let |matches| be the result of running the [=powerful feature/permission key
+ comparison algorithm=] for |descriptor|, given |settings key| and |key|.
+
+ - If |matches|, then [=list/append=] |settings| to |targets|.
+
- - Let |targets| be a list containing all [=environment settings objects=] whose
- [=environment settings object/origin=] is [=same origin=] with |target origin|, and which
- belong to the |user agent| if provided, or all user agents otherwise.
- Let |tasks| be an empty list.
- - For each [=environment settings object=] |target| in |targets|:
+
- [=list/For each=] [=environment settings object=] |target| in |targets|:
- [=Queue a task=] |task| on the [=permissions task source=] of |target|'s
[=relevant settings object=]'s [=environment settings object/global object=]'s
@@ -1437,6 +1459,7 @@
descriptor: permissions.PermissionDescriptor,
state: permissions.PermissionState,
origin: text,
+ ? topLevelOrigin: text,
? userContext: text,
}
@@ -1476,10 +1499,17 @@
- Let |origin| be the value of the `origin` field of |command parameters|.
+ - Let |top level origin| be the value of the `topLevelOrigin` field of
+ |command parameters|, if present, and |origin| otherwise.
+
+ - Let |key| be the result of [=powerful feature/permission key generation
+ algorithm|generating a permission key=] for |descriptor| with |origin| and
+ |top level origin|.
+
- Let |user agent| be the [=user agent=] that represents the [=user context=]
with the id |user context id|.
- - [=Set a permission=] with |typedDescriptor|, |state|, |origin|, and |user
+
- [=Set a permission=] with |typedDescriptor|, |state|, |key|, and |user
agent|.
- Return [=success=] with data `null`.