[CORS-RFC1918] Enabling blocking flag on WPT

Enable kBlockInsecurePrivateNetworkRequests by default on WPTs. Also
fixes a handful of tests expectations following this change.

Bug: 1154729
Change-Id: I3fd5810f6b511bf7b1100c66499e576d6f3c0055
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2611721Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org>
Reviewed-by: Mike West <mkwst@chromium.org>
Commit-Queue: Arthur Hemery <ahemery@chromium.org>
Cr-Commit-Position: refs/heads/master@{#843550}

content/public/common/content_switch_dependent_feature_overrides.cc

@@ -71,6 +71,9 @@ GetSwitchDependentFeatureOverrides(const base::CommandLine& command_line) {
       {switches::kEnableExperimentalWebPlatformFeatures,
        std::cref(net::features::kSchemefulSameSite),
        base::FeatureList::OVERRIDE_ENABLE_FEATURE},
+      {switches::kEnableExperimentalWebPlatformFeatures,
+       std::cref(features::kBlockInsecurePrivateNetworkRequests),
+       base::FeatureList::OVERRIDE_ENABLE_FEATURE},
 
       // Overrides for --enable-experimental-cookie-features.
       {switches::kEnableExperimentalCookieFeatures,

third_party/blink/web_tests/VirtualTestSuites

@@ -331,11 +331,8 @@
   },
   {
     "prefix": "cors-rfc1918",
-    "bases": ["http/tests/security/cors-rfc1918",
-              "external/wpt/cors-rfc1918",
-              "external/wpt/fetch/cors-rfc1918"],
-    "args": ["--enable-blink-features=CorsRFC1918",
-             "--enable-features=BlockInsecurePrivateNetworkRequests"]
+    "bases": ["http/tests/security/cors-rfc1918"],
+    "args": ["--enable-blink-features=CorsRFC1918"]
   },
   {
     "prefix": "single-renderer-process",

third_party/blink/web_tests/external/wpt/fetch/cors-rfc1918/non-secure-context.window-expected.txt

-This is a testharness.js-based test.
-PASS Local non secure page fetches local page.
-FAIL Public non secure page fetches local page. assert_equals: expected "failure" but got "success"
-Harness: the test ran to completion.
-

third_party/blink/web_tests/http/tests/inspector-protocol/network/request-will-be-sent-extra-info-client-security-state-expected.txt

@@ -3,6 +3,6 @@ Network Enabled
 {
     initiatorIPAddressSpace : Local
     initiatorIsSecureContext : true
-    privateNetworkRequestPolicy : Allow
+    privateNetworkRequestPolicy : BlockFromInsecureToMorePrivate
 }
 

third_party/blink/web_tests/http/tests/inspector-protocol/network/request-will-be-sent-extra-info-client-security-state-multiclient-expected.txt

@@ -3,11 +3,11 @@ Two sessions established and Network enabled on both
 {
     initiatorIPAddressSpace : Local
     initiatorIsSecureContext : true
-    privateNetworkRequestPolicy : Allow
+    privateNetworkRequestPolicy : BlockFromInsecureToMorePrivate
 }
 {
     initiatorIPAddressSpace : Local
     initiatorIsSecureContext : true
-    privateNetworkRequestPolicy : Allow
+    privateNetworkRequestPolicy : BlockFromInsecureToMorePrivate
 }
 

third_party/blink/web_tests/virtual/cors-rfc1918/external/wpt/fetch/cors-rfc1918/non-secure-context.window-expected.txt

-This is a testharness.js-based test.
-PASS Local non secure page fetches local page.
-PASS Public non secure page fetches local page.
-Harness: the test ran to completion.
-