Origin isolation: test initial about:blank

The initial about:blank inheriting its origin from the parent is a rather special case, and deserves its own tests when origin isolation is involved. Bug: 1042415 Change-Id: I6c7d41e05b601bd1044f1c70f1ee7c75a44ffb14 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2255519 Commit-Queue: Domenic Denicola <domenic@chromium.org> Reviewed-by: James MacLean <wjmaclean@chromium.org> Cr-Commit-Position: refs/heads/master@{#780830}

Origin isolation: test initial about:blank
The initial about:blank inheriting its origin from the parent is a rather special case, and deserves its own tests when origin isolation is involved. Bug: 1042415 Change-Id: I6c7d41e05b601bd1044f1c70f1ee7c75a44ffb14 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2255519 Commit-Queue: Domenic Denicola <domenic@chromium.org> Reviewed-by: James MacLean <wjmaclean@chromium.org> Cr-Commit-Position: refs/heads/master@{#780830}
45c98a0e · Domenic Denicola · Commit Bot · 4d4e20b1 · 45c98a0e · 45c98a0e
Commit 45c98a0e authored Jun 22, 2020 by Domenic Denicola Committed by Commit Bot Jun 22, 2020
4 changed files
--- a/third_party/blink/web_tests/external/wpt/origin-isolation/about-blank.https.sub.html
+++ b/third_party/blink/web_tests/external/wpt/origin-isolation/about-blank.https.sub.html
+<!DOCTYPE html>
+<meta charset="utf-8">
+<title>The initial about:blank respects origin isolation</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+
+<div id="log"></div>
+
+<script type="module">
+import {
+  insertIframe,
+  setBothDocumentDomains,
+  testSameAgentCluster,
+  testDifferentAgentClusters
+} from "./resources/helpers.mjs";
+
+promise_setup(async () => {
+  await insertAboutBlankIframe();
+  await insertIframe("{{hosts[][www]}}");
+});
+
+// Since the initial about:blank inherits its origin from its parent, it is
+// same-origin with the parent, and thus cross-origin with child2.
+testSameAgentCluster([self, 0], "parent to about:blank");
+testDifferentAgentClusters([0, 1], "about:blank to child2");
+testDifferentAgentClusters([1, 0], "child2 to about:blank");
+
+async function insertAboutBlankIframe() {
+  const iframe = document.createElement("iframe");
+  document.body.append(iframe);
+
+  // Now use document.write() to get the child frame script in there, without
+  // actually navigating anywhere.
+  // We need to absolutize the URL to since about:blank doesn't have a base URL.
+  const scriptURL = (new URL("./resources/child-frame-script.mjs", import.meta.url)).href;
+  iframe.contentDocument.write(`<script type="module" src="${scriptURL}"></scr` + `ipt>`);
+  iframe.contentDocument.close();
+
+  await new Promise((resolve, reject) => {
+    // Note that since this code runs during the same event loop turn as the
+    // contentDocument.write() above, we know that the load/error events will
+    // not have been fired at this time. (The spec guarantees they are fired
+    // from queued tasks.)
+    const script = iframe.contentDocument.querySelector("script");
+    script.onload = resolve;
+    script.onerror = () => reject(
+      new Error("Could not load the child frame script into the about:blank page")
+    );
+  });
+
+  await setBothDocumentDomains(iframe.contentWindow);
+}
+</script>
--- a/third_party/blink/web_tests/external/wpt/origin-isolation/about-blank.https.sub.html.headers
+++ b/third_party/blink/web_tests/external/wpt/origin-isolation/about-blank.https.sub.html.headers
+Origin-Isolation: ?1
--- a/third_party/blink/web_tests/external/wpt/origin-isolation/resources/child-frame-script.mjs
+++ b/third_party/blink/web_tests/external/wpt/origin-isolation/resources/child-frame-script.mjs
+import { sendWasmModule } from "./helpers.mjs";
+
+window.onmessage = async (e) => {
+  // These could come from the parent or siblings.
+  if (e.data.constructor === WebAssembly.Module) {
+    e.source.postMessage("WebAssembly.Module message received", "*");
+  }
+
+  // These only come from the parent.
+  if (e.data.command === "set document.domain") {
+    document.domain = e.data.newDocumentDomain;
+    parent.postMessage("document.domain is set", "*");
+  } else if (e.data.command === "send WASM module") {
+    const destinationFrameWindow = parent.frames[e.data.indexIntoParentFrameOfDestination];
+    const whatHappened = await sendWasmModule(destinationFrameWindow);
+    parent.postMessage(whatHappened, "*");
+  } else if (e.data.command === "access document") {
+    const destinationFrameWindow = parent.frames[e.data.indexIntoParentFrameOfDestination];
+    try {
+      destinationFrameWindow.document;
+      parent.postMessage("accessed document successfully", "*");
+    } catch (e) {
+      parent.postMessage(e.name, "*");
+    }
+  } else if (e.data.command === "access location.href") {
+    const destinationFrameWindow = parent.frames[e.data.indexIntoParentFrameOfDestination];
+    try {
+      destinationFrameWindow.location.href;
+      parent.postMessage("accessed location.href successfully", "*");
+    } catch (e) {
+      parent.postMessage(e.name, "*");
+    }
+  }
+
+  // We could also receive e.data === "WebAssembly.Module message received",
+  // but that's handled by await sendWasmModule() above.
+};
+
+window.onmessageerror = e => {
+  e.source.postMessage("messageerror", "*");
+};
+
+document.body.textContent = location.href;
--- a/third_party/blink/web_tests/external/wpt/origin-isolation/resources/send-origin-isolation-header.py
+++ b/third_party/blink/web_tests/external/wpt/origin-isolation/resources/send-origin-isolation-header.py
@@ -17,50 +17,5 @@ def main(request, response):
    <title>Helper page for origin isolation tests</title>

    <body>
-
-    <script type="module">
-    import { sendWasmModule } from "./helpers.mjs";
-
-    window.onmessage = async (e) => {
-      // These could come from the parent or siblings.
-      if (e.data.constructor === WebAssembly.Module) {
-        e.source.postMessage("WebAssembly.Module message received", "*");
-      }
-
-      // These only come from the parent.
-      if (e.data.command === "set document.domain") {
-        document.domain = e.data.newDocumentDomain;
-        parent.postMessage("document.domain is set", "*");
-      } else if (e.data.command === "send WASM module") {
-        const destinationFrameWindow = parent.frames[e.data.indexIntoParentFrameOfDestination];
-        const whatHappened = await sendWasmModule(destinationFrameWindow);
-        parent.postMessage(whatHappened, "*");
-      } else if (e.data.command === "access document") {
-        const destinationFrameWindow = parent.frames[e.data.indexIntoParentFrameOfDestination];
-        try {
-          destinationFrameWindow.document;
-          parent.postMessage("accessed document successfully", "*");
-        } catch (e) {
-          parent.postMessage(e.name, "*");
-        }
-      } else if (e.data.command === "access location.href") {
-        const destinationFrameWindow = parent.frames[e.data.indexIntoParentFrameOfDestination];
-        try {
-          destinationFrameWindow.location.href;
-          parent.postMessage("accessed location.href successfully", "*");
-        } catch (e) {
-          parent.postMessage(e.name, "*");
-        }
-      }
-
-      // We could also receive e.data === "WebAssembly.Module message received",
-      // but that's handled by await sendWasmModule() above.
-    };
-
-    window.onmessageerror = e => {
-      e.source.postMessage("messageerror", "*");
-    };
-
-    document.body.textContent = location.href;
-    </script>
+    <script type="module" src="child-frame-script.mjs"></script>
    """