Trust Tokens: Avoid printing console errors on "unactionable" failures

We occasionally fail Trust Tokens operations due to transient unavailability of the entire Trust Tokens logic, for instance when third party cookies are being blocked unconditionally due a user setting. This logic (in url_loader_factory.cc, providing the `authorizer` callback argument to TrustTokenRequestHelperFactory) means that Trust Tokens operations will sometimes fail "during normal operation," at no fault of the caller's. We'd like to avoid printing console errors in this case. For instance, right now because third party cookies are disabled by default in incognito mode, we print a console error on every Trust Tokens operation executed in incognito mode. This CL extends the Trust Tokens-related console message suppression in FrameConsole to encompass "unactionable" Trust Tokens failures, like ones due to TrustTokenOperationStatus::kUnavailable, which represents an unavoidable unavailability of the Trust Tokens subsystem. Test: Adds an inspector-protocol WPT ensuring no errors are logged Bug: 1111572 Change-Id: I53898a272fb8063cdbddfda0e916e49525973d09 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2385878Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Commit-Queue: David Van Cleve <davidvc@chromium.org> Cr-Commit-Position: refs/heads/master@{#804251}

Trust Tokens: Avoid printing console errors on "unactionable" failures
We occasionally fail Trust Tokens operations due to transient unavailability of the entire Trust Tokens logic, for instance when third party cookies are being blocked unconditionally due a user setting. This logic (in url_loader_factory.cc, providing the `authorizer` callback argument to TrustTokenRequestHelperFactory) means that Trust Tokens operations will sometimes fail "during normal operation," at no fault of the caller's. We'd like to avoid printing console errors in this case. For instance, right now because third party cookies are disabled by default in incognito mode, we print a console error on every Trust Tokens operation executed in incognito mode. This CL extends the Trust Tokens-related console message suppression in FrameConsole to encompass "unactionable" Trust Tokens failures, like ones due to TrustTokenOperationStatus::kUnavailable, which represents an unavoidable unavailability of the Trust Tokens subsystem. Test: Adds an inspector-protocol WPT ensuring no errors are logged Bug: 1111572 Change-Id: I53898a272fb8063cdbddfda0e916e49525973d09 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2385878Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Commit-Queue: David Van Cleve <davidvc@chromium.org> Cr-Commit-Position: refs/heads/master@{#804251}
3e32429d · David Van Cleve · Commit Bot · 191a1324 · 3e32429d · 3e32429d
Commit 3e32429d authored Sep 03, 2020 by David Van Cleve Committed by Commit Bot Sep 03, 2020
8 changed files
--- a/third_party/blink/renderer/core/frame/frame_console.cc
+++ b/third_party/blink/renderer/core/frame/frame_console.cc
@@ -119,7 +119,7 @@ void FrameConsole::DidFailLoading(DocumentLoader* loader,
                                  uint64_t request_identifier,
                                  const ResourceError& error) {
  // Report failures only.
-  if (error.IsCancellation() || error.IsTrustTokenCacheHit())
+  if (error.IsCancellation() || error.IsUnactionableTrustTokensStatus())
    return;
  StringBuilder message;

--- a/third_party/blink/renderer/platform/loader/fetch/resource_error.cc
+++ b/third_party/blink/renderer/platform/loader/fetch/resource_error.cc
@@ -179,8 +179,11 @@ bool ResourceError::IsCancellation() const {
  return error_code_ == net::ERR_ABORTED;
 }
-bool ResourceError::IsTrustTokenCacheHit() const {
+bool ResourceError::IsUnactionableTrustTokensStatus() const {
-  return error_code_ == net::ERR_TRUST_TOKEN_OPERATION_CACHE_HIT;
+  return error_code_ == net::ERR_TRUST_TOKEN_OPERATION_CACHE_HIT ||
+         (error_code_ == net::ERR_TRUST_TOKEN_OPERATION_FAILED &&
+          trust_token_operation_error_ ==
+              network::mojom::TrustTokenOperationStatus::kUnavailable);
 }
 bool ResourceError::IsCacheMiss() const {

--- a/third_party/blink/renderer/platform/loader/fetch/resource_error.h
+++ b/third_party/blink/renderer/platform/loader/fetch/resource_error.h
@@ -80,11 +80,17 @@ class PLATFORM_EXPORT ResourceError final {
  bool IsCancellation() const;
-  // If the error was due to a Trust Tokens cache hit, the purpose of this
+  // Returns true if the error was the outcome of a Trust Tokens operation and
+  // the error does *not* represent an actionable failure:
+  // - If the error was due to a Trust Tokens cache hit, the purpose of this
  // request was to update some state in the network stack (with a response from
  // the server), but that this state was already present, so there was no need
  // to send the request.
-  bool IsTrustTokenCacheHit() const;
+  // - If the error was due to Trust Tokens unavailability---perhaps because the
+  // user has disabled the feature---then all Trust Tokens operations will fail
+  // even when everything is working as intended from the developer's
+  // perspective, so a console message isn't actionable.
+  bool IsUnactionableTrustTokensStatus() const;
  bool IsAccessCheck() const { return is_access_check_; }
  bool HasCopyInCache() const { return has_copy_in_cache_; }

--- a/third_party/blink/web_tests/NeverFixTests
+++ b/third_party/blink/web_tests/NeverFixTests
@@ -2032,8 +2032,10 @@ crbug.com/1047176 [ Mac ] fast/events/wheel/wheelevent-ctrl.html [ Skip ]
 # These tests will pass once the --enable-features=TrustTokens flag is on by
 # default. A virtual test suite runs the same tests with the flag enabled.
+crbug.com/1061765 http/tests/inspector-protocol/trust-tokens/* [ Skip ]
 crbug.com/1061765 http/tests/loading/trust-tokens/* [ Skip ]
 crbug.com/1061765 external/wpt/trust-tokens/end-to-end/* [ Skip ]
+virtual/trust-tokens/http/tests/inspector-protocol/trust-tokens/* [ Pass ]
 virtual/trust-tokens/http/tests/loading/trust-tokens/* [ Pass ]
 virtual/trust-tokens/external/wpt/trust-tokens/end-to-end/* [ Pass ]

--- a/third_party/blink/web_tests/VirtualTestSuites
+++ b/third_party/blink/web_tests/VirtualTestSuites
@@ -678,7 +678,7 @@
  },
  {
    "prefix": "trust-tokens",
-    "bases": [ "external/wpt/trust-tokens/end-to-end", "http/tests/loading/trust-tokens" ],
+    "bases": [ "external/wpt/trust-tokens/end-to-end", "http/tests/loading/trust-tokens", "http/tests/inspector-protocol/trust-tokens" ],
    "args": [ "--enable-features=TrustTokens" ]
  },
  {

--- a/third_party/blink/web_tests/http/tests/inspector-protocol/trust-tokens/no-console-warning-with-cookies-disabled.js
+++ b/third_party/blink/web_tests/http/tests/inspector-protocol/trust-tokens/no-console-warning-with-cookies-disabled.js
+(async function(testRunner) {
+  const {session, dp} = await testRunner.startBlank(
+      `Check that no console error is printed on a Trust Tokens failure due to the subsystem being unavailable with third party cookies disabled.`);
+  await dp.Log.enable();
+  testRunner.log('Log Enabled');
+  let numEntries = 0;
+  dp.Log.onEntryAdded(event => {
+    ++numEntries;
+    const entry = event.params.entry;
+    testRunner.log('Log.onEntryAdded');
+    testRunner.log(`source: ${entry.source}`);
+    testRunner.log(`level: ${entry.level}`);
+    testRunner.log(`text: ${entry.text}`);
+  });
+  await session.evaluate(`testRunner.setBlockThirdPartyCookies(true);`);
+  const obtainedError = await session.evaluateAsync(`
+      fetch('/issue', {trustToken:{type:'token-request'}}).catch((e)=>e.toString());
+        `);
+  testRunner.log(`Trust Tokens operation concluded with expected failure, throwing exception "${obtainedError}".`);
+  if (numEntries > 0) {
+    testRunner.fail(`Shouldn't observe any errors in the console, but saw ${numEntries} many.`);
+  }
+  testRunner.completeTest();
+})
--- a/third_party/blink/web_tests/virtual/trust-tokens/http/tests/inspector-protocol/trust-tokens/README.txt
+++ b/third_party/blink/web_tests/virtual/trust-tokens/http/tests/inspector-protocol/trust-tokens/README.txt
+This test suite contains tests that require --enable-features=TrustTokens,
+specifically concerning (the absence of) console messages printed during Trust
+Tokens operations.
--- a/third_party/blink/web_tests/virtual/trust-tokens/http/tests/inspector-protocol/trust-tokens/no-console-warning-with-cookies-disabled-expected.txt
+++ b/third_party/blink/web_tests/virtual/trust-tokens/http/tests/inspector-protocol/trust-tokens/no-console-warning-with-cookies-disabled-expected.txt
+Check that no console error is printed on a Trust Tokens failure due to the subsystem being unavailable with third party cookies disabled.
+Log Enabled
+Trust Tokens operation concluded with expected failure, throwing exception "OperationError: Error executing Trust Tokens operation".