https://bugs.webkit.org/show_bug.cgi?id=66505

Reviewed by Eric Seidel.

Source/WebCore: 

There's been some discussion in the HTML working group about adding an
allow-popups directive to the iframe sandbox.  Microsoft has added it
to IE10 platform preview and is fairly adamant about this feature
because it's needed by one or their products that's planning to use
iframe sandbox.  Hixie says he'll add it to the spec once we implement
it, so here's our implementation.  (See discussion in the W3C linked in
the bug for more details.)

Tests: http/tests/security/popup-allowed-by-sandbox-is-sandboxed-control.html
       http/tests/security/popup-allowed-by-sandbox-is-sandboxed.html
       http/tests/security/popup-allowed-by-sandbox-when-allowed.html

* html/HTMLIFrameElement.cpp:
(WebCore::HTMLIFrameElement::parseMappedAttribute):
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::setOpener):
(WebCore::createWindow):
* loader/FrameLoader.h:
(WebCore::FrameLoader::forceSandboxFlags):
* loader/FrameLoaderTypes.h:
* loader/PolicyChecker.cpp:
(WebCore::PolicyChecker::checkNewWindowPolicy):
* page/SecurityOrigin.cpp:
(WebCore::SecurityOrigin::parseSandboxPolicy):
* page/SecurityOrigin.h:
(WebCore::SecurityOrigin::sandboxFlags):
* svg/graphics/SVGImage.cpp:
(WebCore::SVGImage::dataChanged):

LayoutTests: 

Test that the allow-popups directive works as expected.  Note:
no-popup-from-sandbox.html verifies that we still block popups without
the directive.

* http/tests/security/popup-allowed-by-sandbox-is-sandboxed-control-expected.txt: Added.
* http/tests/security/popup-allowed-by-sandbox-is-sandboxed-control.html: Added.
* http/tests/security/popup-allowed-by-sandbox-is-sandboxed-expected.txt: Added.
* http/tests/security/popup-allowed-by-sandbox-is-sandboxed.html: Added.
* http/tests/security/popup-allowed-by-sandbox-when-allowed-expected.txt: Added.
* http/tests/security/popup-allowed-by-sandbox-when-allowed.html: Added.


git-svn-id: http://svn.webkit.org/repository/webkit/trunk@99138 268f45cc-cd09-0410-ab3c-d52691b4dbfc