Test third-party cookie blocking for SharedWorker and WebLock

Test that web features like SharedWorker and WebLocks that allow to communicate between tabs are blocked when third-party cookies are blocked. The WebLock test is disabled until WebLock works correctly Bug: 989926, 1016355 Change-Id: Ifd885b4e22338d211b35635ad0d85f0981c8e518 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1883632Reviewed-by: Maksim Orlovich <morlovich@chromium.org> Commit-Queue: Christian Dullweber <dullweber@chromium.org> Cr-Commit-Position: refs/heads/master@{#710270}

Test third-party cookie blocking for SharedWorker and WebLock
Test that web features like SharedWorker and WebLocks that allow to communicate between tabs are blocked when third-party cookies are blocked. The WebLock test is disabled until WebLock works correctly Bug: 989926, 1016355 Change-Id: Ifd885b4e22338d211b35635ad0d85f0981c8e518 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1883632Reviewed-by: Maksim Orlovich <morlovich@chromium.org> Commit-Queue: Christian Dullweber <dullweber@chromium.org> Cr-Commit-Position: refs/heads/master@{#710270}
85946310 · Christian Dullweber · Commit Bot · 9142572d · 85946310 · 85946310
Commit 85946310 authored Oct 29, 2019 by Christian Dullweber Committed by Commit Bot Oct 29, 2019
3 changed files
--- a/chrome/browser/net/cookie_policy_browsertest.cc
+++ b/chrome/browser/net/cookie_policy_browsertest.cc
@@ -25,6 +25,7 @@
 #include "content/public/test/test_navigation_observer.h"
 #include "net/dns/mock_host_resolver.h"
 #include "net/test/embedded_test_server/embedded_test_server.h"
+#include "ui/base/window_open_disposition.h"

 using content::BrowserThread;

@@ -35,6 +36,12 @@ const std::vector<std::string> kStorageTypes{
    "IndexedDb", "WebSql",       "CacheStorage", "ServiceWorker",
 };

+// TODO(crbug.com/1016355): WebLocks can't be blocked yet.
+const std::vector<std::string> kCrossTabCommunicationTypes{
+    "SharedWorker",
+    //"WebLock",
+};
+
 class CookiePolicyBrowserTest : public InProcessBrowserTest {
 protected:
  CookiePolicyBrowserTest()
@@ -65,6 +72,13 @@ class CookiePolicyBrowserTest : public InProcessBrowserTest {
    ui_test_utils::NavigateToURL(browser(), main_url);
  }

+  void NavigateToNewTabWithFrame(const std::string& host) {
+    GURL main_url(https_server_.GetURL(host, "/iframe.html"));
+    ui_test_utils::NavigateToURLWithDisposition(
+        browser(), main_url, WindowOpenDisposition::NEW_FOREGROUND_TAB,
+        ui_test_utils::BROWSER_TEST_WAIT_FOR_NAVIGATION);
+  }
+
  void NavigateFrameTo(const std::string& host, const std::string& path) {
    GURL page = https_server_.GetURL(host, path);
    content::WebContents* web_contents =
@@ -126,6 +140,25 @@ class CookiePolicyBrowserTest : public InProcessBrowserTest {
    }
  }

+  void SetCrossTabInfoForFrame(content::RenderFrameHost* frame) {
+    for (const auto& data_type : kCrossTabCommunicationTypes) {
+      bool data;
+      EXPECT_TRUE(content::ExecuteScriptAndExtractBool(
+          frame, "set" + data_type + "()", &data));
+      EXPECT_TRUE(data) << data_type;
+    }
+  }
+
+  void ExpectCrossTabInfoForFrame(content::RenderFrameHost* frame,
+                                  bool expected) {
+    for (const auto& data_type : kCrossTabCommunicationTypes) {
+      bool data;
+      EXPECT_TRUE(content::ExecuteScriptAndExtractBool(
+          frame, "has" + data_type + "();", &data));
+      EXPECT_EQ(expected, data) << data_type;
+    }
+  }
+
  content::RenderFrameHost* GetFrame() {
    content::WebContents* web_contents =
        browser()->tab_strip_model()->GetActiveWebContents();
@@ -569,4 +602,108 @@ IN_PROC_BROWSER_TEST_F(CookiePolicyBrowserTest, NestedFirstPartyIFrameStorage) {
  ExpectStorageForFrame(GetNestedFrame(), true);
 }

+// Test third-party cookie blocking of features that allow to communicate
+// between tabs such as SharedWorkers.
+IN_PROC_BROWSER_TEST_F(CookiePolicyBrowserTest, MultiTabTest) {
+  NavigateToPageWithFrame("a.com");
+  NavigateFrameTo("b.com", "/browsing_data/site_data.html");
+
+  ExpectCrossTabInfoForFrame(GetFrame(), false);
+  SetCrossTabInfoForFrame(GetFrame());
+  ExpectCrossTabInfoForFrame(GetFrame(), true);
+
+  // Create a second tab to test communication between tabs.
+  NavigateToNewTabWithFrame("a.com");
+  NavigateFrameTo("b.com", "/browsing_data/site_data.html");
+  ExpectCrossTabInfoForFrame(GetFrame(), true);
+
+  SetBlockThirdPartyCookies(true);
+
+  NavigateToPageWithFrame("a.com");
+  NavigateFrameTo("b.com", "/browsing_data/site_data.html");
+  ExpectCrossTabInfoForFrame(GetFrame(), false);
+
+  // Allow all requests to b.com to access cookies.
+  auto cookie_settings =
+      CookieSettingsFactory::GetForProfile(browser()->profile());
+  GURL a_url = https_server_.GetURL("a.com", "/");
+  GURL b_url = https_server_.GetURL("b.com", "/");
+  cookie_settings->SetCookieSetting(b_url,
+                                    ContentSetting::CONTENT_SETTING_ALLOW);
+
+  NavigateToPageWithFrame("a.com");
+  NavigateFrameTo("b.com", "/browsing_data/site_data.html");
+  ExpectCrossTabInfoForFrame(GetFrame(), true);
+
+  // Remove ALLOW setting.
+  cookie_settings->ResetCookieSetting(b_url);
+
+  NavigateToPageWithFrame("a.com");
+  NavigateFrameTo("b.com", "/browsing_data/site_data.html");
+  ExpectCrossTabInfoForFrame(GetFrame(), false);
+
+  // Allow all third-parties on a.com to access cookies.
+  cookie_settings->SetThirdPartyCookieSetting(
+      a_url, ContentSetting::CONTENT_SETTING_ALLOW);
+
+  NavigateToPageWithFrame("a.com");
+  NavigateFrameTo("b.com", "/browsing_data/site_data.html");
+  ExpectCrossTabInfoForFrame(GetFrame(), true);
+}
+
+// Same as MultiTabTest but with a nested frame on a.com inside a b.com frame.
+// The a.com frame should be treated as third-party although it matches the
+// top-frame-origin.
+IN_PROC_BROWSER_TEST_F(CookiePolicyBrowserTest, MultiTabNestedTest) {
+  NavigateToPageWithFrame("a.com");
+  NavigateFrameTo("b.com", "/iframe.html");
+  NavigateNestedFrameTo("a.com", "/browsing_data/site_data.html");
+
+  ExpectCrossTabInfoForFrame(GetNestedFrame(), false);
+  SetCrossTabInfoForFrame(GetNestedFrame());
+  ExpectCrossTabInfoForFrame(GetNestedFrame(), true);
+
+  // Create a second tab to test communication between tabs.
+  NavigateToNewTabWithFrame("a.com");
+  NavigateFrameTo("b.com", "/iframe.html");
+  NavigateNestedFrameTo("a.com", "/browsing_data/site_data.html");
+  ExpectCrossTabInfoForFrame(GetNestedFrame(), true);
+
+  SetBlockThirdPartyCookies(true);
+
+  NavigateToPageWithFrame("a.com");
+  NavigateFrameTo("b.com", "/iframe.html");
+  NavigateNestedFrameTo("a.com", "/browsing_data/site_data.html");
+  ExpectCrossTabInfoForFrame(GetNestedFrame(), false);
+
+  // Allow all requests to a.com to access cookies.
+  auto cookie_settings =
+      CookieSettingsFactory::GetForProfile(browser()->profile());
+  GURL a_url = https_server_.GetURL("a.com", "/");
+  cookie_settings->SetCookieSetting(a_url,
+                                    ContentSetting::CONTENT_SETTING_ALLOW);
+
+  NavigateToPageWithFrame("a.com");
+  NavigateFrameTo("b.com", "/iframe.html");
+  NavigateNestedFrameTo("a.com", "/browsing_data/site_data.html");
+  ExpectCrossTabInfoForFrame(GetNestedFrame(), true);
+
+  // Remove ALLOW setting.
+  cookie_settings->ResetCookieSetting(a_url);
+
+  NavigateToPageWithFrame("a.com");
+  NavigateFrameTo("b.com", "/iframe.html");
+  NavigateNestedFrameTo("a.com", "/browsing_data/site_data.html");
+  ExpectCrossTabInfoForFrame(GetNestedFrame(), false);
+
+  // Allow all third-parties on a.com to access cookies.
+  cookie_settings->SetThirdPartyCookieSetting(
+      a_url, ContentSetting::CONTENT_SETTING_ALLOW);
+
+  NavigateToPageWithFrame("a.com");
+  NavigateFrameTo("b.com", "/iframe.html");
+  NavigateNestedFrameTo("a.com", "/browsing_data/site_data.html");
+  ExpectCrossTabInfoForFrame(GetNestedFrame(), true);
+}
+
 }  // namespace
--- a/content/test/data/browsing_data/shared_worker.js
+++ b/content/test/data/browsing_data/shared_worker.js
+// Copyright 2019 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+let clients = new Array();
+let value = null;
+
+// This shared worker allows to store and retrieve values across tabs.
+self.onconnect = e => {
+  let port = e.ports[0];
+  clients.push(port);
+  port.onmessage = e => {
+    if (e.data.value) {
+      value = e.data.value;
+    } else {
+      for (let client of clients)
+        client.postMessage({ "value": value });
+    }
+  };
+  port.start();
+  port.postMessage({ "connected": true });
+};
--- a/content/test/data/browsing_data/site_data.html
+++ b/content/test/data/browsing_data/site_data.html
@@ -153,6 +153,50 @@
    domAutomationController.send(history.length > 1);
  }

+  let sharedWorker; // Global variable to keep worker alive.
+  function connectSharedWorker() {
+    return new Promise((resolve, reject) => {
+      sharedWorker = new SharedWorker("shared_worker.js");
+      sharedWorker.onerror = reject;
+      sharedWorker.port.onmessage = resolve;
+      sharedWorker.port.start();
+    });
+  }
+
+  function setSharedWorker() {
+    connectSharedWorker().then(() => {
+      sharedWorker.port.postMessage({ "value": "foo" });
+      success_();
+    }).catch(failure_);
+  }
+
+  async function hasSharedWorker() {
+    connectSharedWorker().then(() => {
+      sharedWorker.port.onmessage = e => {
+        domAutomationController.send(e.data.value === "foo");
+      };
+      sharedWorker.port.postMessage({});
+    }).catch(failure_);
+  }
+
+  let lock;
+  function setWebLock() {
+    navigator.locks.request("foo", l => {
+      lock = new Promise((res, rej) => { });
+      // Now lock will be held while |lock| exists.
+      success_();
+      return lock;
+    }).catch(failure_);
+  }
+
+  function hasWebLock() {
+    navigator.locks.query().then(locks => {
+      if (locks.held.length)
+        domAutomationController.send(locks.held[0].name === "foo");
+      else
+        failure_();
+    });
+  }
 </script>

 <body>