From 85769e47bfd0deea8e8bad48555bccf459058b92 Mon Sep 17 00:00:00 2001
From: Ian Clelland <iclelland@chromium.org>
Date: Fri, 9 Oct 2020 15:07:34 -0400
Subject: [PATCH] Allow header to enable features.

This allows the header alone to enable delegation of a feature to specific
origins, if not otherwise blocked or affected by the container policy. The
order of precedence becomes:

1. Explicitly blocked by header: Disabled
2. Explicitly blocked by allow attribute: Disabled
3. Explicitly allowed by allow attribute: Enabled
4. Explicitly allowed by header: Enabled
5a. (Default behaviour when default allowlist is '*'): Enabled
5b. (Default behaviour when default allowlist is 'self'): Enabled if same-
    origin; Disabled if cross-origin.

Fixes: #408
---
 index.bs | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/index.bs b/index.bs
index e47ff383..9d76f085 100644
--- a/index.bs
+++ b/index.bs
@@ -932,6 +932,9 @@ partial interface HTMLIFrameElement {
         1. If the <a>allowlist</a> for |feature| in |container policy|
           <a>matches</a> |origin|, return "<code>Enabled</code>".
         1. Otherwise return "<code>Disabled</code>".
+    1. If |feature| is present in |policy|’s <a>declared policy</a>, and the
+      <a>allowlist</a> for |feature| in |policy|’s <a>declared policy</a>
+      <a>matches</a> |origin|, then return "<code>Enabled</code>".
     1. If |feature|'s <a>default allowlist</a> is <code>*</code>, return
       "<code>Enabled</code>".
     1. If |feature|'s <a>default allowlist</a> is <code>'self'</code>, and