Pass fetch client settings object to ServiceWorkerUpdateChecker

ServiceWorkerUpdateChecker should take an fetch client settings
object so that it can set referrer policy and insecure requests
policy.

This is a follow-up CL of crrev.com/c/1905028

Bug: 937177
Change-Id: I25af7462728b41cd970a858f70a9bc02b7286df5
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1923774Reviewed-by: Hiroki Nakagawa <nhiroki@chromium.org>
Commit-Queue: Kenichi Ishibashi <bashi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#718004}

content/browser/service_worker/service_worker_register_job.cc

@@ -362,10 +362,10 @@ void ServiceWorkerRegisterJob::TriggerUpdateCheckInBrowser(
             ServiceWorkerConsts::kInvalidServiceWorkerResourceId);
 
   update_checker_ = std::make_unique<ServiceWorkerUpdateChecker>(
-      std::move(resources), script_url_, script_resource_id,
-      outside_fetch_client_settings_object_->outgoing_referrer,
-      version_to_update, std::move(loader_factory), force_bypass_cache_,
-      registration()->update_via_cache(), time_since_last_check, context_);
+      std::move(resources), script_url_, script_resource_id, version_to_update,
+      std::move(loader_factory), force_bypass_cache_,
+      registration()->update_via_cache(), time_since_last_check, context_,
+      outside_fetch_client_settings_object_.Clone());
   update_checker_->Start(
       base::BindOnce(&ServiceWorkerRegisterJob::OnUpdateCheckFinished,
                      weak_factory_.GetWeakPtr()));

content/browser/service_worker/service_worker_single_script_update_checker.cc

@@ -91,12 +91,13 @@ class ServiceWorkerSingleScriptUpdateChecker::WrappedIOBuffer
 
 ServiceWorkerSingleScriptUpdateChecker::ServiceWorkerSingleScriptUpdateChecker(
     const GURL& script_url,
-    const GURL& referrer,
     bool is_main_script,
     const GURL& main_script_url,
     const GURL& scope,
     bool force_bypass_cache,
     blink::mojom::ServiceWorkerUpdateViaCache update_via_cache,
+    const blink::mojom::FetchClientSettingsObjectPtr&
+        fetch_client_settings_object,
     base::TimeDelta time_since_last_check,
     const net::HttpRequestHeaders& default_headers,
     ServiceWorkerUpdatedScriptLoader::BrowserContextGetter
@@ -129,7 +130,17 @@ ServiceWorkerSingleScriptUpdateChecker::ServiceWorkerSingleScriptUpdateChecker(
   resource_request.site_for_cookies = main_script_url;
   resource_request.do_not_prompt_for_login = true;
   resource_request.headers = default_headers;
-  resource_request.referrer = referrer;
+  resource_request.referrer_policy = Referrer::ReferrerPolicyForUrlRequest(
+      fetch_client_settings_object->referrer_policy);
+  // https://w3c.github.io/webappsec-referrer-policy/#determine-requests-referrer
+  resource_request.referrer =
+      Referrer::SanitizeForRequest(
+          script_url, Referrer(fetch_client_settings_object->outgoing_referrer,
+                               fetch_client_settings_object->referrer_policy))
+          .url;
+  resource_request.upgrade_if_insecure =
+      fetch_client_settings_object->insecure_requests_policy ==
+      blink::mojom::InsecureRequestsPolicy::kUpgrade;
 
   // ResourceRequest::request_initiator is the request's origin in the spec.
   // https://fetch.spec.whatwg.org/#concept-request-origin

content/browser/service_worker/service_worker_single_script_update_checker.h

@@ -100,12 +100,13 @@ class CONTENT_EXPORT ServiceWorkerSingleScriptUpdateChecker
   // imported.
   ServiceWorkerSingleScriptUpdateChecker(
       const GURL& script_url,
-      const GURL& referrer,
       bool is_main_script,
       const GURL& main_script_url,
       const GURL& scope,
       bool force_bypass_cache,
       blink::mojom::ServiceWorkerUpdateViaCache update_via_cache,
+      const blink::mojom::FetchClientSettingsObjectPtr&
+          fetch_client_settings_object,
       base::TimeDelta time_since_last_check,
       const net::HttpRequestHeaders& default_headers,
       ServiceWorkerUpdatedScriptLoader::BrowserContextGetter

content/browser/service_worker/service_worker_single_script_update_checker_unittest.cc

@@ -121,10 +121,15 @@ class ServiceWorkerSingleScriptUpdateCheckerTest : public testing::Test {
       std::unique_ptr<ServiceWorkerResponseWriter> writer,
       network::TestURLLoaderFactory* loader_factory,
       base::Optional<CheckResult>* out_check_result) {
+    auto fetch_client_settings_object =
+        blink::mojom::FetchClientSettingsObject::New(
+            network::mojom::ReferrerPolicy::kDefault, GURL(main_script_url),
+            blink::mojom::InsecureRequestsPolicy::kDoNotUpgrade);
     return std::make_unique<ServiceWorkerSingleScriptUpdateChecker>(
-        GURL(url), GURL(main_script_url), url == main_script_url,
-        GURL(main_script_url), scope, force_bypass_cache, update_via_cache,
-        time_since_last_check, net::HttpRequestHeaders(),
+        GURL(url), url == main_script_url, GURL(main_script_url), scope,
+        force_bypass_cache, update_via_cache,
+        std::move(fetch_client_settings_object), time_since_last_check,
+        net::HttpRequestHeaders(),
         base::BindRepeating([](BrowserContext* context) { return context; },
                             browser_context_.get()),
         base::MakeRefCounted<network::WeakWrapperSharedURLLoaderFactory>(

content/browser/service_worker/service_worker_update_checker.cc

@@ -82,25 +82,26 @@ ServiceWorkerUpdateChecker::ServiceWorkerUpdateChecker(
     std::vector<ServiceWorkerDatabase::ResourceRecord> scripts_to_compare,
     const GURL& main_script_url,
     int64_t main_script_resource_id,
-    const GURL& referrer,
     scoped_refptr<ServiceWorkerVersion> version_to_update,
     scoped_refptr<network::SharedURLLoaderFactory> loader_factory,
     bool force_bypass_cache,
     blink::mojom::ServiceWorkerUpdateViaCache update_via_cache,
     base::TimeDelta time_since_last_check,
-    ServiceWorkerContextCore* context)
+    ServiceWorkerContextCore* context,
+    blink::mojom::FetchClientSettingsObjectPtr fetch_client_settings_object)
     : main_script_url_(main_script_url),
       main_script_resource_id_(main_script_resource_id),
-      referrer_(referrer),
       scripts_to_compare_(std::move(scripts_to_compare)),
       version_to_update_(std::move(version_to_update)),
       loader_factory_(std::move(loader_factory)),
       force_bypass_cache_(force_bypass_cache),
       update_via_cache_(update_via_cache),
       time_since_last_check_(time_since_last_check),
-      context_(context) {
+      context_(context),
+      fetch_client_settings_object_(std::move(fetch_client_settings_object)) {
   DCHECK(context_);
-  DCHECK(referrer.is_valid());
+  DCHECK(fetch_client_settings_object_);
+  DCHECK(fetch_client_settings_object_->outgoing_referrer.is_valid());
 }
 
 ServiceWorkerUpdateChecker::~ServiceWorkerUpdateChecker() = default;
@@ -255,8 +256,8 @@ void ServiceWorkerUpdateChecker::CheckOneScript(const GURL& url,
 
   auto writer = storage->CreateResponseWriter(storage->NewResourceId());
   running_checker_ = std::make_unique<ServiceWorkerSingleScriptUpdateChecker>(
-      url, referrer_, is_main_script, main_script_url_,
-      version_to_update_->scope(), force_bypass_cache_, update_via_cache_,
+      url, is_main_script, main_script_url_, version_to_update_->scope(),
+      force_bypass_cache_, update_via_cache_, fetch_client_settings_object_,
       time_since_last_check_, default_headers_, browser_context_getter_,
       loader_factory_, std::move(compare_reader), std::move(copy_reader),
       std::move(writer),

content/browser/service_worker/service_worker_update_checker.h

@@ -83,13 +83,13 @@ class CONTENT_EXPORT ServiceWorkerUpdateChecker {
       std::vector<ServiceWorkerDatabase::ResourceRecord> scripts_to_compare,
       const GURL& main_script_url,
       int64_t main_script_resource_id,
-      const GURL& referrer,
       scoped_refptr<ServiceWorkerVersion> version_to_update,
       scoped_refptr<network::SharedURLLoaderFactory> loader_factory,
       bool force_bypass_cache,
       blink::mojom::ServiceWorkerUpdateViaCache update_via_cache,
       base::TimeDelta time_since_last_check,
-      ServiceWorkerContextCore* context);
+      ServiceWorkerContextCore* context,
+      blink::mojom::FetchClientSettingsObjectPtr fetch_client_settings_object);
   ~ServiceWorkerUpdateChecker();
 
   // |callback| is always triggered when the update check finishes.
@@ -120,8 +120,6 @@ class CONTENT_EXPORT ServiceWorkerUpdateChecker {
   const GURL main_script_url_;
   const int64_t main_script_resource_id_;
 
-  const GURL referrer_;
-
   std::vector<ServiceWorkerDatabase::ResourceRecord> scripts_to_compare_;
   size_t next_script_index_to_compare_ = 0;
   std::map<GURL, ComparedScriptInfo> script_check_results_;
@@ -156,6 +154,8 @@ class CONTENT_EXPORT ServiceWorkerUpdateChecker {
   // ServiceWorkerJobCoordinator and ServiceWorkerRegisterJob.
   ServiceWorkerContextCore* const context_;
 
+  blink::mojom::FetchClientSettingsObjectPtr fetch_client_settings_object_;
+
   base::WeakPtrFactory<ServiceWorkerUpdateChecker> weak_factory_{this};
 
   DISALLOW_IMPLICIT_CONSTRUCTORS(ServiceWorkerUpdateChecker);