Add WP test for referrer policy inheritance when navigating back

When navigating back (through history navigation) to a srcdoc iframe,
we should expect the iframe to apply the same referrer policy it had
originally, even if in the mean time the referrer policy of the main
frame changed.

This CL adds a web platform test for this behaviour. Although the test
is failing at the moment in Chrome, we plan to fix this with the
Policy Container (https://crbug.com/1130587).

Bug: 1130587
Change-Id: I843808fddfc0c6fa5d65ce88599bce51471aa691
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2475033
Commit-Queue: Antonio Sartori <antoniosartori@chromium.org>
Reviewed-by: Dominic Farolino <dom@chromium.org>
Reviewed-by: Mike West <mkwst@chromium.org>
Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#821243}

third_party/blink/web_tests/external/wpt/common/security-features/subresource/xhr.py

@@ -12,4 +12,5 @@ def main(request, response):
                         response,
                         payload_generator = generate_payload,
                         access_control_allow_origin = b"*",
-                        content_type = b"application/json")
+                        content_type = b"application/json",
+                        cache_control = b"no-store")

third_party/blink/web_tests/external/wpt/referrer-policy/generic/inheritance/iframe-inheritance-history-about-srcdoc-expected.txt

+This is a testharness.js-based test.
+FAIL History navigation reuses original policy. assert_equals: History navigation reuses original policy. expected "http://web-platform.test:8001/" but got "http://web-platform.test:8001/custom"
+PASS New srcdoc iframe uses new policy.
+Harness: the test ran to completion.
+

third_party/blink/web_tests/external/wpt/referrer-policy/generic/inheritance/iframe-inheritance-history-about-srcdoc.html

+<!doctype html>
+<title>Referrer Policy: navigating back to an about:srcdoc iframe reuses the original referrer policy</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="resources/make-html-script.js"></script>
+<meta name="referrer" content="origin">
+<div id="log"></div>
+<script>
+  let reportedReferrer = () => {
+    return new Promise(resolve => {
+      window.addEventListener("message", msg => resolve(msg.data.referrer));
+    });
+  };
+
+  let iframeLoaded = iframe => {
+    return new Promise(resolve => {
+      iframe.onload = resolve;
+    });
+  };
+
+  promise_test(async t => {
+    // 1. Create an about:srcdoc iframe.
+    const iframe = document.createElement("iframe");
+    iframe.name = 'test_frame';
+    let iframe_load_1 = iframeLoaded(iframe);
+    let referrer_1 = reportedReferrer();
+    iframe.srcdoc = createScriptString(get_host_info().REMOTE_ORIGIN,
+                                       location.origin + "/custom");
+    document.body.appendChild(iframe);
+    await iframe_load_1;
+
+    // 2. Change the referrer policy of the main document.
+    document.getElementsByTagName('meta')[0].content = "unsafe-url";
+
+    // 3. Navigate the iframe elsewhere.
+    let iframe_load_2 = iframeLoaded(iframe);
+    window.open('/referrer-policy', 'test_frame');
+    await iframe_load_2;
+
+    // 4. Navigate the iframe back.
+    let iframe_load_3 = iframeLoaded(iframe);
+    let referrer_2 = reportedReferrer();
+    iframe.contentWindow.history.back();
+    await iframe_load_3;
+
+    // Despite the main document has changed its referrer policy in (2), the
+    // reported referrer for the history navigation to about:srcdoc in (4) must
+    // match with the one originally reported in (1).
+    assert_equals(await referrer_1, self.origin + '/',
+                  "First navigation uses correct policy.");
+    assert_equals(await referrer_2, self.origin + '/',
+                  "History navigation reuses original policy.");
+  }, "History navigation reuses original policy.");
+
+  promise_test(async t => {
+    // If we initiate a new about:srcdoc navigation, the new referrer policy
+    // should apply.
+    const new_iframe = document.createElement("iframe");
+    let new_iframe_referrer = reportedReferrer();
+    new_iframe.srcdoc = createScriptString(get_host_info().REMOTE_ORIGIN,
+                                           location.origin + "/custom");
+    document.body.appendChild(new_iframe);
+    assert_equals(await new_iframe_referrer, self.origin + '/custom');
+  }, "New srcdoc iframe uses new policy.");
+</script>

third_party/blink/web_tests/external/wpt/referrer-policy/generic/inheritance/resources/make-html-script.js

-function createScriptString(origin) {
-  return `<script src = "${origin}/common/security-features/resources/common.sub.js"><\/script>
-          <script>
-            requestViaXhr("${origin}/common/security-features/subresource/xhr.py").then(msg => {
-              top.postMessage({referrer: msg.referrer}, "*")
-            }).catch(e => {
-              top.postMessage({referrer: "FAILURE"}, "*");
-            });
+function createScriptString(origin, referrer) {
+  let request_init = referrer ? `{referrer: "${referrer}"}` : "";
+  return `<script>
+            fetch("${origin}/common/security-features/subresource/xhr.py",
+                  ${request_init})
+              .then(r => r.json())
+              .then(j => {
+                top.postMessage({referrer: j.headers.referer}, "*")
+              }).catch(e => {
+                top.postMessage({referrer: "FAILURE"}, "*");
+              });
           <\/script>`;
 }