[Battery] Allow usage from SecureContext or top-level browsing context only.

Make the Battery Status API available only within a secure context that is
also a top-level browsing context. This disallows the use of the API within
framed content, as well as from any content that is not a secure context.

Details: https://github.com/w3c/battery/issues/10

WPT updated in https://github.com/w3c/web-platform-tests/pull/5871

BUG=661792

Review-Url: https://codereview.chromium.org/2880763002
Cr-Commit-Position: refs/heads/master@{#476263}

third_party/WebKit/LayoutTests/battery-status/detached-no-crash-expected.txt

@@ -4,7 +4,7 @@ On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE
 
 
 PASS typeof(nav.getBattery()) == 'object' is true
-PASS nav.getBattery() is undefined.
+Error Code is 18
 PASS successfullyParsed is true
 
 TEST COMPLETE

third_party/WebKit/LayoutTests/battery-status/detached-no-crash.html

@@ -18,8 +18,15 @@ function processMessage(event) {
         w.close();
         w = null;
     } else if (event.data == "closed") {
-        shouldBeUndefined("nav.getBattery()");
-        finishJSTest();
+      nav.getBattery().then(battery => {
+        assert_unreachable('getBattery should reject on a closed window');
+      })
+      .catch(error => {
+        // DOMException.SECURITY_ERR = 18.
+        debug('Error Code is ' + error.code);
+        assert_equals(error.code, DOMException.SECURITY_ERR);
+      });
+      setTimeout(finishJSTest, 0);
     }
 }
 

third_party/WebKit/LayoutTests/external/wpt/battery-status/battery-iframe.https-expected.txt

-This is a testharness.js-based test.
-FAIL throw a 'SecurityError' when invoking navigator.getBattery() within iframe assert_unreached: Should have rejected: undefined Reached unreachable code
-Harness: the test ran to completion.
-

third_party/WebKit/LayoutTests/external/wpt/battery-status/battery-insecure-context-expected.txt

-This is a testharness.js-based test.
-FAIL navigator.getBattery() shall throw a 'SecurityError' in an insecure context assert_unreached: Should have rejected: undefined Reached unreachable code
-Harness: the test ran to completion.
-

third_party/WebKit/Source/modules/battery/NavigatorBattery.cpp

@@ -4,8 +4,10 @@
 
 #include "modules/battery/NavigatorBattery.h"
 
-#include "core/dom/ExecutionContext.h"
-#include "core/frame/LocalFrame.h"
+#include "core/dom/DOMException.h"
+#include "core/dom/Document.h"
+#include "core/dom/ExceptionCode.h"
+#include "core/frame/LocalDOMWindow.h"
 #include "modules/battery/BatteryManager.h"
 
 namespace blink {
@@ -19,10 +21,26 @@ ScriptPromise NavigatorBattery::getBattery(ScriptState* script_state,
 }
 
 ScriptPromise NavigatorBattery::getBattery(ScriptState* script_state) {
-  if (!battery_manager_) {
-    battery_manager_ =
-        BatteryManager::Create(ExecutionContext::From(script_state));
+  ExecutionContext* execution_context = ExecutionContext::From(script_state);
+
+  // Check secure context.
+  String error_message;
+  if (!execution_context->IsSecureContext(error_message)) {
+    return ScriptPromise::RejectWithDOMException(
+        script_state, DOMException::Create(kSecurityError, error_message));
+  }
+
+  // Check top-level browsing context.
+  if (!ToDocument(execution_context)->domWindow()->GetFrame() ||
+      !ToDocument(execution_context)->GetFrame()->IsMainFrame()) {
+    return ScriptPromise::RejectWithDOMException(
+        script_state, DOMException::Create(
+                          kSecurityError, "Not a top-level browsing context."));
   }
+
+  if (!battery_manager_)
+    battery_manager_ = BatteryManager::Create(execution_context);
+
   return battery_manager_->StartRequest(script_state);
 }