[COOP] ReportingObserver [3/M] Implementation.

Define the coop-access-violation report. Dispatch the report to the
ReportingObserver(s).

Branch:
[1/M] https://chromium-review.googlesource.com/c/chromium/src/+/2332257
[2/M] https://chromium-review.googlesource.com/c/chromium/src/+/2332258
[3/M] This patch.

Change-Id: Iec11a14f6f8fec0d0516c40ed28883932c47450a
Bug: 111169
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2323360
Commit-Queue: Arthur Sonzogni <arthursonzogni@chromium.org>
Reviewed-by: Pâris Meuleman <pmeuleman@chromium.org>
Reviewed-by: Camille Lamy <clamy@chromium.org>
Reviewed-by: Yuki Shiino <yukishiino@chromium.org>
Cr-Commit-Position: refs/heads/master@{#795905}

third_party/blink/renderer/bindings/generated_in_core.gni

@@ -443,6 +443,8 @@ generated_interface_sources_in_core = [
   "$root_gen_dir/third_party/blink/renderer/bindings/core/v8/v8_composition_event.h",
   "$root_gen_dir/third_party/blink/renderer/bindings/core/v8/v8_computed_accessible_node.cc",
   "$root_gen_dir/third_party/blink/renderer/bindings/core/v8/v8_computed_accessible_node.h",
+  "$root_gen_dir/third_party/blink/renderer/bindings/core/v8/v8_coop_access_violation_report_body.cc",
+  "$root_gen_dir/third_party/blink/renderer/bindings/core/v8/v8_coop_access_violation_report_body.h",
   "$root_gen_dir/third_party/blink/renderer/bindings/core/v8/v8_count_queuing_strategy.cc",
   "$root_gen_dir/third_party/blink/renderer/bindings/core/v8/v8_count_queuing_strategy.h",
   "$root_gen_dir/third_party/blink/renderer/bindings/core/v8/v8_csp_violation_report_body.cc",

third_party/blink/renderer/bindings/idl_in_core.gni

@@ -247,6 +247,7 @@ static_idl_files_in_core = get_path_info(
           "//third_party/blink/renderer/core/fileapi/file_reader_sync.idl",
           "//third_party/blink/renderer/core/fileapi/url_file_api.idl",
           "//third_party/blink/renderer/core/frame/bar_prop.idl",
+          "//third_party/blink/renderer/core/frame/coop_access_violation_report_body.idl",
           "//third_party/blink/renderer/core/frame/csp/csp_violation_report_body.idl",
           "//third_party/blink/renderer/core/frame/deprecation_report_body.idl",
           "//third_party/blink/renderer/core/frame/document_policy_violation_report_body.idl",

third_party/blink/renderer/core/core_idl_files.gni

@@ -182,6 +182,7 @@ core_interface_idl_files_core_only =
                     "fileapi/file_reader.idl",
                     "fileapi/file_reader_sync.idl",
                     "frame/bar_prop.idl",
+                    "frame/coop_access_violation_report_body.idl",
                     "frame/csp/csp_violation_report_body.idl",
                     "frame/deprecation_report_body.idl",
                     "frame/document_policy_violation_report_body.idl",

third_party/blink/renderer/core/frame/BUILD.gn

@@ -13,6 +13,8 @@ blink_core_sources("frame") {
     "bar_prop.h",
     "browser_controls.cc",
     "browser_controls.h",
+    "coop_access_violation_report_body.cc",
+    "coop_access_violation_report_body.h",
     "csp/content_security_policy.cc",
     "csp/content_security_policy.h",
     "csp/csp_directive.h",

third_party/blink/renderer/core/frame/coop_access_violation_report_body.cc

+// Copyright 2020 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "third_party/blink/renderer/core/frame/coop_access_violation_report_body.h"
+
+namespace blink {
+
+CoopAccessViolationReportBody::CoopAccessViolationReportBody(
+    std::unique_ptr<SourceLocation> source_location,
+    const String& property)
+    : LocationReportBody(std::move(source_location)), property_(property) {}
+
+void CoopAccessViolationReportBody::BuildJSONValue(
+    V8ObjectBuilder& builder) const {
+  LocationReportBody::BuildJSONValue(builder);
+  builder.AddString("property", property());
+}
+
+}  // namespace blink

third_party/blink/renderer/core/frame/coop_access_violation_report_body.h

+// Copyright 2020 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef THIRD_PARTY_BLINK_RENDERER_CORE_FRAME_COOP_ACCESS_VIOLATION_REPORT_BODY_H_
+#define THIRD_PARTY_BLINK_RENDERER_CORE_FRAME_COOP_ACCESS_VIOLATION_REPORT_BODY_H_
+
+#include "third_party/blink/renderer/bindings/core/v8/source_location.h"
+#include "third_party/blink/renderer/bindings/core/v8/v8_object_builder.h"
+#include "third_party/blink/renderer/core/frame/location_report_body.h"
+
+namespace blink {
+
+class CORE_EXPORT CoopAccessViolationReportBody : public LocationReportBody {
+  DEFINE_WRAPPERTYPEINFO();
+
+ public:
+  CoopAccessViolationReportBody(std::unique_ptr<SourceLocation> source_location,
+                                const String& property);
+  ~CoopAccessViolationReportBody() final = default;
+  const String& property() const { return property_; }
+  void BuildJSONValue(V8ObjectBuilder& builder) const final;
+
+ private:
+  const String property_;
+};
+
+}  // namespace blink
+
+#endif  // THIRD_PARTY_BLINK_RENDERER_CORE_FRAME_COOP_ACCESS_VIOLATION_REPORT_BODY_H_

third_party/blink/renderer/core/frame/coop_access_violation_report_body.idl

+// Copyright 2020 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// https://html.spec.whatwg.org/#cross-origin-opener-policies
+
+[
+  NoInterfaceObject
+] interface CoopAccessViolationReportBody : ReportBody {
+  readonly attribute DOMString? sourceFile;
+  readonly attribute unsigned long? lineNumber;
+  readonly attribute unsigned long? columnNumber;
+  readonly attribute DOMString property;
+  [CallWith=ScriptState] object toJSON();
+};

third_party/blink/renderer/core/frame/dom_window.cc

@@ -17,12 +17,15 @@
 #include "third_party/blink/renderer/core/events/message_event.h"
 #include "third_party/blink/renderer/core/execution_context/execution_context.h"
 #include "third_party/blink/renderer/core/execution_context/security_context.h"
+#include "third_party/blink/renderer/core/frame/coop_access_violation_report_body.h"
 #include "third_party/blink/renderer/core/frame/csp/content_security_policy.h"
 #include "third_party/blink/renderer/core/frame/frame.h"
 #include "third_party/blink/renderer/core/frame/frame_client.h"
 #include "third_party/blink/renderer/core/frame/frame_console.h"
 #include "third_party/blink/renderer/core/frame/local_dom_window.h"
 #include "third_party/blink/renderer/core/frame/location.h"
+#include "third_party/blink/renderer/core/frame/report.h"
+#include "third_party/blink/renderer/core/frame/reporting_context.h"
 #include "third_party/blink/renderer/core/frame/settings.h"
 #include "third_party/blink/renderer/core/frame/user_activation.h"
 #include "third_party/blink/renderer/core/input/input_device_capabilities.h"
@@ -451,7 +454,7 @@ void DOMWindow::ReportCoopAccess(v8::Isolate* isolate,
     return;
 
   LocalDOMWindow* accessing_window = IncumbentDOMWindow(isolate);
-  Frame* accessing_frame = accessing_window->GetFrame();
+  LocalFrame* accessing_frame = accessing_window->GetFrame();
 
   // A frame might be destroyed, but its context can still be able to execute
   // some code. Those accesses are ignored. See https://crbug.com/1108256.
@@ -463,12 +466,14 @@ void DOMWindow::ReportCoopAccess(v8::Isolate* isolate,
   if (accessing_frame->IsCrossOriginToParentFrame())
     return;
 
-  const base::UnguessableToken& accessing_main_frame =
-      accessing_window->GetFrame()->Tree().Top().GetFrameToken();
+  LocalFrame& accessing_main_frame =
+      To<LocalFrame>(accessing_frame->Tree().Top());
+  const base::UnguessableToken& accessing_main_frame_token =
+      accessing_main_frame.GetFrameToken();
 
   auto* it = coop_access_monitor_.begin();
   while (it != coop_access_monitor_.end()) {
-    if (it->accessing_main_frame != accessing_main_frame) {
+    if (it->accessing_main_frame != accessing_main_frame_token) {
       ++it;
       continue;
     }
@@ -486,8 +491,18 @@ void DOMWindow::ReportCoopAccess(v8::Isolate* isolate,
     it->reporter->QueueAccessReport(it->report_type, property_name,
                                     std::move(source_location));
 
-    // TODO(arthursonzogni): In the access-from-coop case, dispatch a
-    // reportingObserver event.
+    // TODO(arthursonzogni): Dispatch a console error/warning message.
+
+    // Send a coop-access-violation report.
+    if (it->report_type ==
+        network::mojom::CoopAccessReportType::kReportAccessFrom) {
+      ReportingContext::From(accessing_main_frame.DomWindow())
+          ->QueueReport(MakeGarbageCollected<Report>(
+              ReportType::kCoopAccessViolation,
+              accessing_main_frame.GetDocument()->Url().GetString(),
+              MakeGarbageCollected<CoopAccessViolationReportBody>(
+                  std::move(location), String(property_name))));
+    }
 
     // CoopAccessMonitor are used once and destroyed. This avoids sending
     // multiple reports for the same access.

third_party/blink/renderer/core/frame/report.cc

@@ -6,11 +6,12 @@
 
 namespace blink {
 
+constexpr const char ReportType::kCSPViolation[];
+constexpr const char ReportType::kCoopAccessViolation[];
 constexpr const char ReportType::kDeprecation[];
-constexpr const char ReportType::kFeaturePolicyViolation[];
 constexpr const char ReportType::kDocumentPolicyViolation[];
+constexpr const char ReportType::kFeaturePolicyViolation[];
 constexpr const char ReportType::kIntervention[];
-constexpr const char ReportType::kCSPViolation[];
 
 ScriptValue Report::toJSON(ScriptState* script_state) const {
   V8ObjectBuilder builder(script_state);

third_party/blink/renderer/core/frame/report.h

@@ -14,13 +14,14 @@ namespace blink {
 // The constants are implemented as static members of a class to have an unique
 // address and not violate ODR.
 struct CORE_EXPORT ReportType {
+  static constexpr const char kCSPViolation[] = "csp-violation";
+  static constexpr const char kCoopAccessViolation[] = "coop-access-violation";
   static constexpr const char kDeprecation[] = "deprecation";
-  static constexpr const char kFeaturePolicyViolation[] =
-      "feature-policy-violation";
   static constexpr const char kDocumentPolicyViolation[] =
       "document-policy-violation";
+  static constexpr const char kFeaturePolicyViolation[] =
+      "feature-policy-violation";
   static constexpr const char kIntervention[] = "intervention";
-  static constexpr const char kCSPViolation[] = "csp-violation";
 };
 
 class CORE_EXPORT Report : public ScriptWrappable {

third_party/blink/web_tests/external/wpt/html/cross-origin-opener-policy/reporting/access-reporting/reporting-observer-expected.txt

-This is a testharness.js-based test.
-FAIL Opener COOP assert_equals: No report received. expected 1 but got 0
-FAIL Openee COOP assert_equals: No report received. expected 1 but got 0
-FAIL Access from same-origin iframe assert_not_equals: No report received. got disallowed value "timeout"
-PASS Access from cross-site iframe
-Harness: the test ran to completion.
-