Instrument history.length to see if it leaks entropy about users' cross-domain identity.

Bug: 973801
Change-Id: I61319729a0fd1938264370ee1359dff75cfcc225
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2171969Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Reviewed-by: Asanka Herath <asanka@chromium.org>
Commit-Queue: Dylan Cutler <dylancutler@google.com>
Cr-Commit-Position: refs/heads/master@{#766470}

third_party/blink/renderer/core/frame/history.cc

@@ -25,6 +25,8 @@
 
 #include "third_party/blink/renderer/core/frame/history.h"
 
+#include "third_party/blink/public/common/privacy_budget/identifiability_metric_builder.h"
+#include "third_party/blink/public/common/privacy_budget/identifiability_metrics.h"
 #include "third_party/blink/renderer/core/dom/document.h"
 #include "third_party/blink/renderer/core/execution_context/execution_context.h"
 #include "third_party/blink/renderer/core/frame/frame_console.h"
@@ -76,7 +78,17 @@ unsigned History::length(ExceptionState& exception_state) const {
         "fully active");
     return 0;
   }
-  return GetFrame()->Client()->BackForwardLength();
+
+  unsigned result = GetFrame()->Client()->BackForwardLength();
+  Document* document = DomWindow()->document();
+  IdentifiabilityMetricBuilder(
+      base::UkmSourceId::FromInt64(document->UkmSourceID()))
+      .Set(IdentifiableSurface::FromTypeAndInput(
+               IdentifiableSurface::Type::kWebFeature,
+               static_cast<uint64_t>(WebFeature::kHistoryLength)),
+           IdentifiabilityDigestHelper(result))
+      .Record(document->UkmRecorder());
+  return result;
 }
 
 ScriptValue History::state(ScriptState* script_state,