Ensure documents with no TopFrameOrigin correctly handle hasStorageAccess calls.

In some scenarios a document's TopFrameOrigin may be empty. This change ensures
that this case is handled correctly during hasStorageAccess() calls.

Bug: 1005778
Change-Id: Ic00cf3fcca143e83e277ca43835480c8d31536ed
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1814726
Commit-Queue: Brandon Maslen <brandm@microsoft.com>
Reviewed-by: Mike West <mkwst@chromium.org>
Cr-Commit-Position: refs/heads/master@{#699602}

third_party/blink/renderer/core/dom/document.cc

@@ -6136,6 +6136,7 @@ const KURL Document::SiteForCookies() const {
 
 ScriptPromise Document::hasStorageAccess(ScriptState* script_state) const {
   const bool has_access =
+      TopFrameOrigin() &&
       GetSecurityOrigin()->IsSameSchemeHostPort(TopFrameOrigin().get());
   ScriptPromiseResolver* resolver =
       MakeGarbageCollected<ScriptPromiseResolver>(script_state);

third_party/blink/web_tests/external/wpt/storage-access-api/hasStorageAccess.sub.window.js

@@ -56,4 +56,13 @@ if (topLevelDocument) {
   // Validate the nested-iframe scenario where the cross-origin frame containing
   //  the tests is not the first child.
   RunTestsInNestedIFrame("http://{{domains[www]}}:{{ports[http][0]}}/storage-access-api/hasStorageAccess.sub.window.html?testCase=nested-cross-origin-frame&allowed=false&rootdocument=false");
+
+  // Run tests specific to the top-level window only here. They won't get re-run inside of various iframes.
+  promise_test(() => {
+    let createdDocument = document.implementation.createDocument("", null);
+
+    return createdDocument.hasStorageAccess().then(hasAccess => {
+      assert_false(hasAccess, "Access should be denied to a generated document not part of the DOM.");
+    });
+  }, "[" + testPrefix + "] document.hasStorageAccess() should work on a document object.");
 }