[DevTools] Add tests for blocked cookies

Change-Id: I325e45c4a6131b09d04ec14836cf7290ad329fc5
Bug: 856777
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1793982
Commit-Queue: Joey Arhar <jarhar@chromium.org>
Reviewed-by: Andrey Kosyakov <caseq@chromium.org>
Cr-Commit-Position: refs/heads/master@{#695750}

third_party/blink/web_tests/http/tests/inspector-protocol/network/blocked-cookie-domain-mismatch-expected.txt

+Verifies that cookies blocked for a request of a subdomain of the cookie's domain are included in the blocked cookies of Network.RequestWillBeSentExtraInfo events.
+
+requestWillBeSentExtraInfo blocked cookies: [
+  {
+    "blockedReason": "DomainMismatch",
+    "cookie": {
+      "name": "name",
+      "value": "value",
+      "domain": "cookie.test",
+      "path": "/inspector-protocol/network/resources",
+      "expires": -1,
+      "size": 9,
+      "httpOnly": false,
+      "secure": false,
+      "session": true
+    }
+  }
+]
+

third_party/blink/web_tests/http/tests/inspector-protocol/network/blocked-cookie-domain-mismatch.js

+(async function(testRunner) {
+  const {page, session, dp} = await testRunner.startBlank(
+      `Verifies that cookies blocked for a request of a subdomain of the cookie's domain are included in the blocked cookies of Network.RequestWillBeSentExtraInfo events.\n`);
+  await dp.Network.enable();
+
+  const setCookieUrl = 'https://cookie.test:8443/inspector-protocol/network/resources/set-cookie.php?cookie='
+      + encodeURIComponent('name=value');
+  const subdomainUrl = 'https://subdomain.cookie.test:8443/inspector-protocol/network/resources/hello-world.html';
+
+  const helper = (await testRunner.loadScript('resources/extra-info-helper.js'))(dp, session);
+
+  // set a cookie in a domain
+  await helper.navigateWithExtraInfo(setCookieUrl);
+
+  // navigate to a subdomain to see that the cookie was blocked
+  const {requestExtraInfo, responseExtraInfo} = await helper.navigateWithExtraInfo(subdomainUrl);
+  testRunner.log(`requestWillBeSentExtraInfo blocked cookies: ${JSON.stringify(requestExtraInfo.params.blockedCookies, null, 2)}`);
+
+  testRunner.completeTest();
+})

third_party/blink/web_tests/http/tests/inspector-protocol/network/blocked-cookie-not-on-path-expected.txt

+Verifies that cookies not within the current path of the request to a domain send Network.*ExtraInfo events with corresponding blocked cookies.
+
+requestWillBeSentExtraInfo blocked cookies: [
+  {
+    "blockedReason": "NotOnPath",
+    "cookie": {
+      "name": "name",
+      "value": "value",
+      "domain": "cookie.test",
+      "path": "/inspector-protocol/network/resources/set-cookie.php",
+      "expires": -1,
+      "size": 9,
+      "httpOnly": false,
+      "secure": false,
+      "session": true
+    }
+  }
+]
+

third_party/blink/web_tests/http/tests/inspector-protocol/network/blocked-cookie-not-on-path.js

+(async function(testRunner) {
+  const {page, session, dp} = await testRunner.startBlank(
+      `Verifies that cookies not within the current path of the request to a domain send Network.*ExtraInfo events with corresponding blocked cookies.\n`);
+  await dp.Network.enable();
+
+  const setCookieUrl = 'https://cookie.test:8443/inspector-protocol/network/resources/set-cookie.php?cookie='
+      + encodeURIComponent('name=value; Path=/inspector-protocol/network/resources/set-cookie.php');
+  const differentPathUrl = 'https://cookie.test:8443/inspector-protocol/network/resources/hello-world.php';
+
+  const helper = (await testRunner.loadScript('resources/extra-info-helper.js'))(dp, session);
+
+  // set a cookie with a path
+  await helper.navigateWithExtraInfo(setCookieUrl);
+
+  // navigate to a different path to see that the cookie was blocked
+  const {requestExtraInfo, responseExtraInfo} = await helper.navigateWithExtraInfo(differentPathUrl);
+  testRunner.log(`requestWillBeSentExtraInfo blocked cookies: ${JSON.stringify(requestExtraInfo.params.blockedCookies, null, 2)}`);
+
+  testRunner.completeTest();
+})

third_party/blink/web_tests/http/tests/inspector-protocol/network/blocked-cookie-same-site-lax-expected.txt

+Verifies that making cross origin requests with SameSite=Lax cookies sends us Network.RequestWillBeSentExtraInfo events with corresponding blocked cookies.
+
+Browser initiated navigation blocked cookies: []
+
+Javascript initiated navigation blocked cookies: []
+
+Javascript initiated subresource blocked cookies: [
+  {
+    "blockedReason": "SameSiteLax",
+    "cookie": {
+      "name": "name",
+      "value": "value",
+      "domain": "cookie.test",
+      "path": "/inspector-protocol/network/resources",
+      "expires": -1,
+      "size": 9,
+      "httpOnly": false,
+      "secure": false,
+      "session": true,
+      "sameSite": "Lax"
+    }
+  }
+]
+

third_party/blink/web_tests/http/tests/inspector-protocol/network/blocked-cookie-same-site-lax.js

+(async function(testRunner) {
+  const {page, session, dp} = await testRunner.startBlank(
+      `Verifies that making cross origin requests with SameSite=Lax cookies sends us Network.RequestWillBeSentExtraInfo events with corresponding blocked cookies.\n`);
+  await dp.Network.enable();
+
+  const setCookieUrl = 'https://cookie.test:8443/inspector-protocol/network/resources/set-cookie.php?cookie='
+      + encodeURIComponent('name=value; SameSite=Lax');
+  const firstPartyUrl = 'https://cookie.test:8443/inspector-protocol/network/resources/hello-world.html';
+  const thirdPartyUrl = 'https://thirdparty.test:8443/inspector-protocol/network/resources/hello-world.html';
+
+  const helper = (await testRunner.loadScript('resources/extra-info-helper.js'))(dp, session);
+
+  // set the SameSite=Lax cookie
+  await helper.navigateWithExtraInfo(setCookieUrl);
+
+  // navigate to a different domain and back from the browser and see that the cookie is not blocked
+  await helper.navigateWithExtraInfo(thirdPartyUrl);
+  var {requestExtraInfo} = await helper.navigateWithExtraInfo(firstPartyUrl);
+  testRunner.log(`Browser initiated navigation blocked cookies: ${JSON.stringify(requestExtraInfo.params.blockedCookies, null, 2)}\n`);
+
+  // navigate to a different domain and back from javascript and see that the cookie is not blocked
+  await helper.navigateWithExtraInfo(thirdPartyUrl);
+  var {requestExtraInfo} = await helper.jsNavigateWithExtraInfo(firstPartyUrl);
+  testRunner.log(`Javascript initiated navigation blocked cookies: ${JSON.stringify(requestExtraInfo.params.blockedCookies, null, 2)}\n`);
+
+  // navigate away and make a subresource request from javascript, see that the cookie is blocked
+  await helper.navigateWithExtraInfo(thirdPartyUrl);
+  var {requestExtraInfo} = await helper.fetchWithExtraInfo(firstPartyUrl);
+  testRunner.log(`Javascript initiated subresource blocked cookies: ${JSON.stringify(requestExtraInfo.params.blockedCookies, null, 2)}`);
+
+  testRunner.completeTest();
+})

third_party/blink/web_tests/http/tests/inspector-protocol/network/blocked-cookie-same-site-strict-expected.txt

+Verifies that making cross origin requests with SameSite=Strict cookies sends us Network.RequestWillBeSentExtraInfo events with corresponding blocked cookies.
+
+Browser initiated navigation blocked cookies: []
+
+Javascript initiated navigation blocked cookies: [
+  {
+    "blockedReason": "SameSiteStrict",
+    "cookie": {
+      "name": "name",
+      "value": "value",
+      "domain": "cookie.test",
+      "path": "/inspector-protocol/network/resources",
+      "expires": -1,
+      "size": 9,
+      "httpOnly": false,
+      "secure": false,
+      "session": true,
+      "sameSite": "Strict"
+    }
+  }
+]
+
+Javascript initiated subresource blocked cookies: [
+  {
+    "blockedReason": "SameSiteStrict",
+    "cookie": {
+      "name": "name",
+      "value": "value",
+      "domain": "cookie.test",
+      "path": "/inspector-protocol/network/resources",
+      "expires": -1,
+      "size": 9,
+      "httpOnly": false,
+      "secure": false,
+      "session": true,
+      "sameSite": "Strict"
+    }
+  }
+]
+

third_party/blink/web_tests/http/tests/inspector-protocol/network/blocked-cookie-same-site-strict.js

+(async function(testRunner) {
+  const {page, session, dp} = await testRunner.startBlank(
+      `Verifies that making cross origin requests with SameSite=Strict cookies sends us Network.RequestWillBeSentExtraInfo events with corresponding blocked cookies.\n`);
+  await dp.Network.enable();
+
+  const setCookieUrl = 'https://cookie.test:8443/inspector-protocol/network/resources/set-cookie.php?cookie='
+      + encodeURIComponent('name=value; SameSite=Strict');
+  const firstPartyUrl = 'https://cookie.test:8443/inspector-protocol/network/resources/hello-world.html';
+  const thirdPartyUrl = 'https://thirdparty.test:8443/inspector-protocol/network/resources/hello-world.html';
+
+  const helper = (await testRunner.loadScript('resources/extra-info-helper.js'))(dp, session);
+
+  // set the SameSite=Strict cookie
+  await helper.navigateWithExtraInfo(setCookieUrl);
+
+  // navigate to a different domain and back from the browser and see that the cookie is not blocked
+  await helper.navigateWithExtraInfo(thirdPartyUrl);
+  var {requestExtraInfo, responseExtraInfo} = await helper.navigateWithExtraInfo(firstPartyUrl);
+  testRunner.log(`Browser initiated navigation blocked cookies: ${JSON.stringify(requestExtraInfo.params.blockedCookies, null, 2)}\n`);
+
+  // navigate to a different domain and back from javascript and see that the cookie is blocked
+  await helper.navigateWithExtraInfo(thirdPartyUrl);
+  var {requestExtraInfo, responseExtraInfo} = await helper.jsNavigateWithExtraInfo(firstPartyUrl);
+  testRunner.log(`Javascript initiated navigation blocked cookies: ${JSON.stringify(requestExtraInfo.params.blockedCookies, null, 2)}\n`);
+
+  // navigate away and make a subresource request from javascript, see that the cookie is blocked
+  await helper.navigateWithExtraInfo(thirdPartyUrl);
+  await helper.fetchWithExtraInfo(firstPartyUrl);
+  testRunner.log(`Javascript initiated subresource blocked cookies: ${JSON.stringify(requestExtraInfo.params.blockedCookies, null, 2)}`);
+
+  testRunner.completeTest();
+})

third_party/blink/web_tests/http/tests/inspector-protocol/network/blocked-cookie-secure-only-expected.txt

+Verifies that storing and sending Secure cookies over http sends Network.*ExtraInfo events with corresponding blocked cookies.
+
+ResponseReceivedExtraInfo blocked cookies: [
+  {
+    "blockedReason": "SecureOnly",
+    "cookieLine": "name=value; Secure",
+    "cookie": {
+      "name": "name",
+      "value": "value",
+      "domain": "cookie.test",
+      "path": "/inspector-protocol/network/resources",
+      "expires": -1,
+      "size": 9,
+      "httpOnly": false,
+      "secure": true,
+      "session": true
+    }
+  }
+]
+
+RequestWillBeSentExtraInfo blocked cookies: [
+  {
+    "blockedReason": "SecureOnly",
+    "cookie": {
+      "name": "name",
+      "value": "value",
+      "domain": "cookie.test",
+      "path": "/inspector-protocol/network/resources",
+      "expires": -1,
+      "size": 9,
+      "httpOnly": false,
+      "secure": true,
+      "session": true
+    }
+  }
+]
+
+

third_party/blink/web_tests/http/tests/inspector-protocol/network/blocked-cookie-secure-only.js

+(async function(testRunner) {
+  const {page, session, dp} = await testRunner.startBlank(
+      `Verifies that storing and sending Secure cookies over http sends Network.*ExtraInfo events with corresponding blocked cookies.\n`);
+  await dp.Network.enable();
+
+  const setCookieInsecureUrl = 'http://cookie.test:8000/inspector-protocol/network/resources/set-cookie.php?cookie='
+      + encodeURIComponent('name=value; Secure');
+  const setCookieSecureUrl = 'https://cookie.test:8443/inspector-protocol/network/resources/set-cookie.php?cookie='
+      + encodeURIComponent('name=value; Secure');
+
+  const helper = (await testRunner.loadScript('resources/extra-info-helper.js'))(dp, session);
+
+  // navigate to the set-cookie over http and see that the cookie gets blocked
+  var {requestExtraInfo, responseExtraInfo} = await helper.navigateWithExtraInfo(setCookieInsecureUrl);
+  testRunner.log(`ResponseReceivedExtraInfo blocked cookies: ${JSON.stringify(responseExtraInfo.params.blockedCookies, null, 2)}\n`);
+
+  // navigate to the set-cookie over https to actually set the cookie
+  await helper.navigateWithExtraInfo(setCookieSecureUrl);
+
+  // navigate there again over http to see that the cookie was not sent
+  var {requestExtraInfo, responseExtraInfo} = await helper.navigateWithExtraInfo(setCookieInsecureUrl);
+  testRunner.log(`RequestWillBeSentExtraInfo blocked cookies: ${JSON.stringify(requestExtraInfo.params.blockedCookies, null, 2)}\n`);
+
+  testRunner.completeTest();
+})

third_party/blink/web_tests/http/tests/inspector-protocol/network/blocked-setcookie-invalid-domain-expected.txt

+Verifies that setting a cookie with a domain attribute which does not match the current domain sends a Network.ResponseReceivedExtraInfo event with the corresponding blocked cookie.
+
+Bad domain attribute blocked set-cookies: [
+  {
+    "blockedReason": "InvalidDomain",
+    "cookieLine": "name=value; Domain=cookie.test"
+  }
+]
+

third_party/blink/web_tests/http/tests/inspector-protocol/network/blocked-setcookie-invalid-domain.js

+(async function(testRunner) {
+  const {page, session, dp} = await testRunner.startBlank(
+      `Verifies that setting a cookie with a domain attribute which does not match the current domain sends a Network.ResponseReceivedExtraInfo event with the corresponding blocked cookie.\n`);
+  await dp.Network.enable();
+
+  const setCookieUrlBadDomain = 'https://thirdparty.test:8443/inspector-protocol/network/resources/set-cookie.php?cookie='
+      + encodeURIComponent('name=value; Domain=cookie.test');
+
+  const helper = (await testRunner.loadScript('resources/extra-info-helper.js'))(dp, session);
+
+  // try to set the cookie from a different domain than the one it specifies, see that it is blocked
+  const {requestExtraInfo, responseExtraInfo} = await helper.navigateWithExtraInfo(setCookieUrlBadDomain);
+  testRunner.log(`Bad domain attribute blocked set-cookies: ${JSON.stringify(responseExtraInfo.params.blockedCookies, null, 2)}`);
+
+  testRunner.completeTest();
+})

third_party/blink/web_tests/http/tests/inspector-protocol/network/blocked-setcookie-invalid-prefix-expected.txt

+Verifies that setting a cookie with an invalid __Secure- or __Host- prefix sends us Network.ResponseReceivedExtraInfo events with corresponding blocked cookies.
+
+Bad __Secure- prefix blocked set-cookies: [
+  {
+    "blockedReason": "InvalidPrefix",
+    "cookieLine": "__Secure-name=value"
+  }
+]
+Bad __Host- prefix blocked set-cookies: [
+  {
+    "blockedReason": "InvalidPrefix",
+    "cookieLine": "__Host-name=value; Secure"
+  }
+]
+

third_party/blink/web_tests/http/tests/inspector-protocol/network/blocked-setcookie-invalid-prefix.js

+(async function(testRunner) {
+  const {page, session, dp} = await testRunner.startBlank(
+      `Verifies that setting a cookie with an invalid __Secure- or __Host- prefix sends us Network.ResponseReceivedExtraInfo events with corresponding blocked cookies.\n`);
+  await dp.Network.enable();
+
+  const setCookieUrlBadSecure = 'https://cookie.test:8443/inspector-protocol/network/resources/set-cookie.php?cookie='
+      + encodeURIComponent('__Secure-name=value');
+  const setCookieUrlBadHost = 'https://cookie.test:8443/inspector-protocol/network/resources/set-cookie.php?cookie='
+      + encodeURIComponent('__Host-name=value; Secure');
+
+  const helper = (await testRunner.loadScript('resources/extra-info-helper.js'))(dp, session);
+
+  var {requestExtraInfo, responseExtraInfo} = await helper.navigateWithExtraInfo(setCookieUrlBadSecure);
+  testRunner.log(`Bad __Secure- prefix blocked set-cookies: ${JSON.stringify(responseExtraInfo.params.blockedCookies, null, 2)}`);
+
+  var {requestExtraInfo, responseExtraInfo} = await helper.navigateWithExtraInfo(setCookieUrlBadHost);
+  testRunner.log(`Bad __Host- prefix blocked set-cookies: ${JSON.stringify(responseExtraInfo.params.blockedCookies, null, 2)}`);
+
+  testRunner.completeTest();
+})

third_party/blink/web_tests/http/tests/inspector-protocol/network/blocked-setcookie-overwrite-secure-expected.txt

+Verifies that when we get a non-secure set-cookie header that would overwrite a secure one, we get a Network.ResponseReceivedExtraInfo event with the blocked cookie.
+set-cookie that would overwrite secure cookie blocked set-cookies: [
+  {
+    "blockedReason": "OverwriteSecure",
+    "cookieLine": "name=value",
+    "cookie": {
+      "name": "name",
+      "value": "value",
+      "domain": "cookie.test",
+      "path": "/inspector-protocol/network/resources",
+      "expires": -1,
+      "size": 9,
+      "httpOnly": false,
+      "secure": false,
+      "session": true
+    }
+  }
+]
+

third_party/blink/web_tests/http/tests/inspector-protocol/network/blocked-setcookie-overwrite-secure.js

+(async function(testRunner) {
+  const {page, session, dp} = await testRunner.startBlank(
+      `Verifies that when we get a non-secure set-cookie header that would overwrite a secure one, we get a Network.ResponseReceivedExtraInfo event with the blocked cookie.`);
+  await dp.Network.enable();
+
+  const setCookieSecure = 'https://cookie.test:8443/inspector-protocol/network/resources/set-cookie-secure.php';
+  const setCookieInsecure = 'http://cookie.test:8000/inspector-protocol/network/resources/set-cookie.php?cookie='
+      + encodeURIComponent('name=value');
+
+  const helper = (await testRunner.loadScript('resources/extra-info-helper.js'))(dp, session);
+
+  // set a secure cookie
+  await helper.navigateWithExtraInfo(setCookieSecure);
+
+  // try to overwrite it with an insecure cookie
+  const {requestExtraInfo, responseExtraInfo} = await helper.navigateWithExtraInfo(setCookieInsecure);
+  testRunner.log(`set-cookie that would overwrite secure cookie blocked set-cookies: ${JSON.stringify(responseExtraInfo.params.blockedCookies, null, 2)}`);
+
+  testRunner.completeTest();
+})

third_party/blink/web_tests/http/tests/inspector-protocol/network/blocked-setcookie-same-site-lax-expected.txt

+Verifies that making cross origin requests which set SameSite=Lax cookies send us Network.ResponseReceivedExtraInfo events with corresponding blocked set-cookies.
+
+Javascript initiated subresource blocked set-cookies: [
+  {
+    "blockedReason": "SameSiteLax",
+    "cookieLine": "name=value; SameSite=Lax",
+    "cookie": {
+      "name": "name",
+      "value": "value",
+      "domain": "cookie.test",
+      "path": "/inspector-protocol/network/resources",
+      "expires": -1,
+      "size": 9,
+      "httpOnly": false,
+      "secure": false,
+      "session": true,
+      "sameSite": "Lax"
+    }
+  }
+]
+
+Javascript initiated navigation blocked set-cookies: []
+
+Browser initiated navigation blocked set-cookies: []
+

third_party/blink/web_tests/http/tests/inspector-protocol/network/blocked-setcookie-same-site-lax.js

+(async function(testRunner) {
+  const {page, session, dp} = await testRunner.startBlank(
+      `Verifies that making cross origin requests which set SameSite=Lax cookies send us Network.ResponseReceivedExtraInfo events with corresponding blocked set-cookies.\n`);
+  await dp.Network.enable();
+
+  const thirdPartyUrl = 'https://thirdparty.test:8443/inspector-protocol/network/resources/hello-world.html';
+  const setCookieUrl = 'https://cookie.test:8443/inspector-protocol/network/resources/set-cookie.php?cookie='
+      + encodeURIComponent('name=value; SameSite=Lax');
+
+  const helper = (await testRunner.loadScript('resources/extra-info-helper.js'))(dp, session);
+
+  // make a cross origin request to set the cookie, see that it gets blocked
+  await helper.navigateWithExtraInfo(thirdPartyUrl);
+  var {responseExtraInfo} = await helper.fetchWithExtraInfo(setCookieUrl);
+  testRunner.log(`Javascript initiated subresource blocked set-cookies: ${JSON.stringify(responseExtraInfo.params.blockedCookies, null, 2)}\n`);
+
+  // make a cross origin navigation via javascript to set the cookie, see that it is not blocked
+  await helper.navigateWithExtraInfo(thirdPartyUrl);
+  var {responseExtraInfo} = await helper.jsNavigateWithExtraInfo(setCookieUrl);
+  testRunner.log(`Javascript initiated navigation blocked set-cookies: ${JSON.stringify(responseExtraInfo.params.blockedCookies, null, 2)}\n`);
+
+  // make a cross origin navigation via browser to set the cookie, see that it is not blocked
+  await helper.navigateWithExtraInfo(thirdPartyUrl);
+  var {responseExtraInfo} = await helper.navigateWithExtraInfo(setCookieUrl);
+  testRunner.log(`Browser initiated navigation blocked set-cookies: ${JSON.stringify(responseExtraInfo.params.blockedCookies, null, 2)}`);
+
+  testRunner.completeTest();
+})

third_party/blink/web_tests/http/tests/inspector-protocol/network/blocked-setcookie-same-site-strict-expected.txt

+Verifies that making cross origin requests which set SameSite=Strict cookies send us Network.ResponseReceivedExtraInfo events with corresponding blocked set-cookies.
+
+Javascript initiated subresource blocked set-cookies: [
+  {
+    "blockedReason": "SameSiteStrict",
+    "cookieLine": "name=value; SameSite=Strict",
+    "cookie": {
+      "name": "name",
+      "value": "value",
+      "domain": "cookie.test",
+      "path": "/inspector-protocol/network/resources",
+      "expires": -1,
+      "size": 9,
+      "httpOnly": false,
+      "secure": false,
+      "session": true,
+      "sameSite": "Strict"
+    }
+  }
+]
+
+Javascript initiated navigation blocked set-cookies: []
+
+Browser initiated navigation blocked set-cookies: []
+

third_party/blink/web_tests/http/tests/inspector-protocol/network/blocked-setcookie-same-site-strict.js

+(async function(testRunner) {
+  const {page, session, dp} = await testRunner.startBlank(
+      `Verifies that making cross origin requests which set SameSite=Strict cookies send us Network.ResponseReceivedExtraInfo events with corresponding blocked set-cookies.\n`);
+  await dp.Network.enable();
+
+  const thirdPartyUrl = 'https://thirdparty.test:8443/inspector-protocol/network/resources/hello-world.html';
+  const setCookieUrl = 'https://cookie.test:8443/inspector-protocol/network/resources/set-cookie.php?cookie='
+      + encodeURIComponent('name=value; SameSite=Strict');
+
+  const helper = (await testRunner.loadScript('resources/extra-info-helper.js'))(dp, session);
+
+  // make a cross origin request to set the cookie, see that it gets blocked
+  await helper.navigateWithExtraInfo(thirdPartyUrl);
+  var {responseExtraInfo} = await helper.fetchWithExtraInfo(setCookieUrl);
+  testRunner.log(`Javascript initiated subresource blocked set-cookies: ${JSON.stringify(responseExtraInfo.params.blockedCookies, null, 2)}\n`);
+
+  // make a cross origin navigation via javascript to set the cookie, see that it gets blocked
+  await helper.navigateWithExtraInfo(thirdPartyUrl);
+  var {responseExtraInfo} = await helper.jsNavigateWithExtraInfo(setCookieUrl);
+  testRunner.log(`Javascript initiated navigation blocked set-cookies: ${JSON.stringify(responseExtraInfo.params.blockedCookies, null, 2)}\n`);
+
+  // make a cross origin navigation via browser to set the cookie, see that it is not blocked
+  await helper.navigateWithExtraInfo(thirdPartyUrl);
+  var {responseExtraInfo} = await helper.navigateWithExtraInfo(setCookieUrl);
+  testRunner.log(`Browser initiated navigation blocked set-cookies: ${JSON.stringify(responseExtraInfo.params.blockedCookies, null, 2)}`);
+
+  testRunner.completeTest();
+})

third_party/blink/web_tests/http/tests/inspector-protocol/network/blocked-setcookie-syntax-error-expected.txt

+Verifies that receiving a set-cookie header with invalid syntax sends a Network.ResponseReceivedExtraInfo event with the blocked cookie.
+
+Invalid syntax blocked set-cookies: [
+  {
+    "blockedReason": "SyntaxError",
+    "cookieLine": "name=val\tue"
+  }
+]
+

third_party/blink/web_tests/http/tests/inspector-protocol/network/blocked-setcookie-syntax-error.js

+(async function(testRunner) {
+  const {page, session, dp} = await testRunner.startBlank(
+      `Verifies that receiving a set-cookie header with invalid syntax sends a Network.ResponseReceivedExtraInfo event with the blocked cookie.\n`);
+  await dp.Network.enable();
+
+  const setCookieInvalidSyntax = 'https://cookie.test:8443/inspector-protocol/network/resources/set-cookie-invalid-syntax.php';
+
+  const helper = (await testRunner.loadScript('resources/extra-info-helper.js'))(dp, session);
+
+  const {requestExtraInfo, responseExtraInfo} = await helper.navigateWithExtraInfo(setCookieInvalidSyntax);
+  testRunner.log(`Invalid syntax blocked set-cookies: ${JSON.stringify(responseExtraInfo.params.blockedCookies, null, 2)}`);
+
+  testRunner.completeTest();
+})

third_party/blink/web_tests/http/tests/inspector-protocol/network/extra-info-raw-headers-navigation.js

@@ -4,7 +4,8 @@
 
   await dp.Network.enable();
 
-  const setCookieUrl = 'https://cookie.test:8443/inspector-protocol/network/resources/set-cookie-samesitenone.php';
+  const setCookieUrl = 'https://cookie.test:8443/inspector-protocol/network/resources/set-cookie.php?cookie='
+      + encodeURIComponent('name=value; Secure; SameSite=None; HttpOnly');
   const helloWorldUrl = 'https://cookie.test:8443/inspector-protocol/network/resources/hello-world.html';
   const otherDomainUrl = 'https://thirdparty.test:8443/inspector-protocol/network/resources/hello-world.html';
 

third_party/blink/web_tests/http/tests/inspector-protocol/network/extra-info-raw-headers-subresource.js

@@ -4,7 +4,8 @@
 
   await dp.Network.enable();
 
-  const setCookieUrl = 'https://cookie.test:8443/inspector-protocol/network/resources/set-cookie-samesitenone.php';
+  const setCookieUrl = 'https://cookie.test:8443/inspector-protocol/network/resources/set-cookie.php?cookie='
+      + encodeURIComponent('name=value; Secure; SameSite=None; HttpOnly');
   const firstPartyUrl = 'https://cookie.test:8443/inspector-protocol/network/resources/hello-world.html';
   const thirdPartyUrl = 'https://thirdparty.test:8443/inspector-protocol/network/resources/hello-world.html';
 

third_party/blink/web_tests/http/tests/inspector-protocol/network/resources/extra-info-helper.js

@@ -14,6 +14,15 @@
       return {requestExtraInfo, responseExtraInfo};
     }
 
+    async jsNavigateWithExtraInfo(url) {
+      const requestExtraInfoPromise = this._dp.Network.onceRequestWillBeSentExtraInfo();
+      const responseExtraInfoPromise = this._dp.Network.onceResponseReceivedExtraInfo();
+      await this._session.evaluate(`window.location.href = '${url}'`);
+      const requestExtraInfo = await requestExtraInfoPromise;
+      const responseExtraInfo = await responseExtraInfoPromise;
+      return {requestExtraInfo, responseExtraInfo};
+    }
+
     async fetchWithExtraInfo(url) {
       const requestExtraInfoPromise = this._dp.Network.onceRequestWillBeSentExtraInfo();
       const responseExtraInfoPromise = this._dp.Network.onceResponseReceivedExtraInfo();

third_party/blink/web_tests/http/tests/inspector-protocol/network/resources/set-cookie-invalid-syntax.php

+<?php
+header("set-cookie: name=val\x09ue");
+?>

third_party/blink/web_tests/http/tests/inspector-protocol/network/resources/set-cookie-samesitenone.php

-<?php
-header('set-cookie: name=value; Secure; SameSite=None; HttpOnly')
-?>

third_party/blink/web_tests/http/tests/inspector-protocol/network/resources/set-cookie-secure.php

+<?php
+header("set-cookie: name=value; Secure");
+?>

third_party/blink/web_tests/http/tests/inspector-protocol/network/resources/set-cookie.php

+<?php
+header("set-cookie: " . $_GET["cookie"]);
+echo "set-cookie: " . $_GET["cookie"];
+?>