Origin isolation: test that insecure HTTP is not supported

Bug: 1042415
Change-Id: I2acd2fea79a12e1f60eb9a0114abcf61630e269a
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2202512
Commit-Queue: Domenic Denicola <domenic@chromium.org>
Reviewed-by: James MacLean <wjmaclean@chromium.org>
Cr-Commit-Position: refs/heads/master@{#774243}

third_party/blink/web_tests/external/wpt/origin-isolation/insecure-http.sub.html

+<!DOCTYPE html>
+<meta charset="utf-8">
+<title>Parent requests isolation, child requests isolation, child is a subdomain of the parent, but all over insecure HTTP</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+
+<div id="log"></div>
+
+<script type="module">
+import { insertIframe, sendWasmModule, setBothDocumentDomains } from "./resources/helpers.mjs";
+
+let frameWindow;
+promise_setup(async () => {
+  frameWindow = await insertIframe("{{hosts[][www]}}", "?1");
+});
+
+// All isolation requests are ignored, since this is over insecure HTTP.
+// So both end up in the site-keyed agent cluster.
+
+promise_test(async () => {
+  const whatHappened = await sendWasmModule(frameWindow);
+
+  assert_equals(whatHappened, "WebAssembly.Module message received");
+}, "message event must occur");
+
+promise_test(async () => {
+  await setBothDocumentDomains(frameWindow);
+
+  // Must not throw
+  frameWindow.document;
+}, "setting document.domain must give sync access");
+</script>

third_party/blink/web_tests/external/wpt/origin-isolation/insecure-http.sub.html.headers

+Origin-Isolation: ?1