Move decision to reuse DOMWindow to DocumentInit, it has all the state needed

Change-Id: I95c2de6a9924eabaf149cb982a3e3e756a022f2d
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2238381
Commit-Queue: Daniel Cheng <dcheng@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Auto-Submit: Nate Chapin <japhet@chromium.org>
Cr-Commit-Position: refs/heads/master@{#779979}

third_party/blink/renderer/core/dom/document_init.cc

@@ -517,6 +517,16 @@ DocumentInit& DocumentInit::WithWebBundleClaimedUrl(
   return *this;
 }
 
+bool DocumentInit::ShouldReuseDOMWindow() const {
+  DCHECK(GetFrame());
+  // Secure transitions can only happen when navigating from the initial empty
+  // document.
+  if (!GetFrame()->Loader().StateMachine()->IsDisplayingInitialEmptyDocument())
+    return false;
+  return GetFrame()->GetDocument()->GetSecurityOrigin()->CanAccess(
+      GetDocumentOrigin().get());
+}
+
 Document* DocumentInit::CreateDocument() const {
 #if DCHECK_IS_ON()
   DCHECK(document_loader_ || execution_context_ || for_test_);

third_party/blink/renderer/core/dom/document_init.h

@@ -208,6 +208,8 @@ class CORE_EXPORT DocumentInit final {
   DocumentInit& WithWebBundleClaimedUrl(const KURL& web_bundle_claimed_url);
   const KURL& GetWebBundleClaimedUrl() const { return web_bundle_claimed_url_; }
 
+  bool ShouldReuseDOMWindow() const;
+
  private:
   DocumentInit() = default;
 

third_party/blink/renderer/core/loader/document_loader.cc

@@ -1623,16 +1623,9 @@ void DocumentLoader::InstallNewDocument(
   // object.
   init.CalculateAndCacheDocumentOrigin();
 
-  // A javascript: url or XSLT inherits CSP from the document in which it was
-  // executed.
-  ContentSecurityPolicy* csp =
-      IsJavaScriptURLOrXSLTCommit()
-          ? frame_->GetDocument()->GetContentSecurityPolicy()
-          : content_security_policy_.Get();
-  global_object_reuse_policy_ =
-      GetFrameLoader().ShouldReuseDefaultView(init.GetDocumentOrigin(), csp)
-          ? GlobalObjectReusePolicy::kUseExisting
-          : GlobalObjectReusePolicy::kCreateNew;
+  global_object_reuse_policy_ = init.ShouldReuseDOMWindow()
+                                    ? GlobalObjectReusePolicy::kUseExisting
+                                    : GlobalObjectReusePolicy::kCreateNew;
 
   if (GetFrameLoader().StateMachine()->IsDisplayingInitialEmptyDocument()) {
     GetFrameLoader().StateMachine()->AdvanceTo(

third_party/blink/renderer/core/loader/frame_loader.cc

@@ -1432,31 +1432,6 @@ void FrameLoader::DidDropNavigation() {
   }
 }
 
-bool FrameLoader::ShouldReuseDefaultView(
-    const scoped_refptr<const SecurityOrigin>& origin,
-    const ContentSecurityPolicy* csp) {
-  // Secure transitions can only happen when navigating from the initial empty
-  // document.
-  if (!state_machine_.IsDisplayingInitialEmptyDocument())
-    return false;
-
-  // The Window object should only be re-used if it is same-origin.
-  // Since sandboxing turns the origin into an opaque origin it needs to also
-  // be considered when deciding whether to reuse it.
-  // Spec:
-  // https://html.spec.whatwg.org/C/#initialise-the-document-object
-  if ((csp && (csp->GetSandboxMask() &
-               network::mojom::blink::WebSandboxFlags::kOrigin) !=
-                  network::mojom::blink::WebSandboxFlags::kNone) ||
-      ((EffectiveSandboxFlags() &
-        network::mojom::blink::WebSandboxFlags::kOrigin) !=
-       network::mojom::blink::WebSandboxFlags::kNone)) {
-    return false;
-  }
-
-  return frame_->GetDocument()->GetSecurityOrigin()->CanAccess(origin.get());
-}
-
 bool FrameLoader::CancelProvisionalLoaderForNewNavigation() {
   // This seems to correspond to step 9 of the specification:
   // "9. Abort the active document of browsingContext."

third_party/blink/renderer/core/loader/frame_loader.h

@@ -234,9 +234,6 @@ class CORE_EXPORT FrameLoader final {
 
   void DidDropNavigation();
 
-  bool ShouldReuseDefaultView(const scoped_refptr<const SecurityOrigin>&,
-                              const ContentSecurityPolicy*);
-
   bool HasAccessedInitialDocument() { return has_accessed_initial_document_; }
 
   static bool NeedsHistoryItemRestore(WebFrameLoadType type);