Disable framebusting intervention for M67

Bug: 624061
Change-Id: Ibe1c69d7329590ce86d53463e030e594ff079bf4
Reviewed-on: https://chromium-review.googlesource.com/1040787Reviewed-by: Nasko Oskov <nasko@chromium.org>
Commit-Queue: Nate Chapin <japhet@chromium.org>
Cr-Commit-Position: refs/heads/master@{#555631}

content/public/common/content_features.cc

@@ -129,7 +129,7 @@ const base::Feature kFontCacheScaling{"FontCacheScaling",
 // same-origin to the top frame, or if a user gesture is being processed.
 const base::Feature kFramebustingNeedsSameOriginOrUserGesture{
     "FramebustingNeedsSameOriginOrUserGesture",
-    base::FEATURE_ENABLED_BY_DEFAULT};
+    base::FEATURE_DISABLED_BY_DEFAULT};
 
 // Enables extended Gamepad API features like motion tracking and haptics.
 const base::Feature kGamepadExtensions{"GamepadExtensions",

third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/resources/iframe-that-performs-top-navigation-without-user-gesture.html

 <html>
 <body>
-The navigation should fail. This text should be visible.
+The navigation should succeed. This text shouldn't appear.
 <script>
 window.onload = function()
 {
     try {
         top.location = "http://localhost:8000/security/frameNavigation/resources/navigation-changed-iframe.html";
-        top.postMessage("FAIL", "*");
-    } catch(e) {
         top.postMessage("PASS", "*");
+    } catch(e) {
+        top.postMessage("FAIL", "*");
     }
 }
 </script>

third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/xss-DENIED-top-navigation-user-gesture-in-parent-expected.txt

-
-
---------
-Frame: '<!--framePath //<!--frame0-->-->'
---------
-The navigation should fail. This text should be visible.
+localhost
+PASSED: Navigation succeeded.

third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/xss-DENIED-top-navigation-without-user-gesture-expected.txt

-CONSOLE ERROR: line 8: Unsafe JavaScript attempt to initiate navigation for frame with URL 'http://127.0.0.1:8000/security/frameNavigation/xss-DENIED-top-navigation-without-user-gesture.html' from frame with URL 'http://localhost:8000/security/frameNavigation/resources/iframe-that-performs-top-navigation-without-user-gesture.html'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/features/5851021045661696.
-
-
-
---------
-Frame: '<!--framePath //<!--frame0-->-->'
---------
-The navigation should fail. This text should be visible.
+CONSOLE WARNING: line 8: Frame with URL 'http://localhost:8000/security/frameNavigation/resources/iframe-that-performs-top-navigation-without-user-gesture.html' attempted to navigate its top-level window with URL 'http://127.0.0.1:8000/security/frameNavigation/xss-DENIED-top-navigation-without-user-gesture.html'. Navigating the top-level window from a cross-origin iframe will soon require that the iframe has received a user gesture. See https://www.chromestatus.com/features/5851021045661696.
+localhost
+PASSED: Navigation succeeded.

third_party/blink/renderer/platform/runtime_enabled_features.json5

@@ -530,7 +530,7 @@
     {
       name: "FramebustingNeedsSameOriginOrUserGesture",
       settable_from_internals: true,
-      status: "stable",
+      status: "experimental",
     },
     {
       name: "FramesTimingFunction",