Fetch Metadata: deprecate `nested-navigate` mode.

As discussed in
https://github.com/w3c/webappsec-fetch-metadata/issues/45,

We have decided to shift the model around nested navigations from
exposure via the request's `mode` to its `destination`. This patch
shift the `nested-navigate` mode to two parts:
 - `navigate` for frame and iframe.
 - `no-cors` for object.

Change-Id: I09a2be6b41547f6eeb1e308416234a40f0c9b5b3
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1862690
Commit-Queue: Yifan Luo <lyf@google.com>
Reviewed-by: Mike West <mkwst@chromium.org>
Cr-Commit-Position: refs/heads/master@{#709478}

services/network/sec_header_helpers.cc

@@ -103,11 +103,8 @@ void SetSecFetchSiteHeader(
 // Sec-Fetch-Mode
 void SetSecFetchModeHeader(net::URLRequest* request,
                            network::mojom::RequestMode mode) {
-  std::string header_value = "no-cors";
-  header_value = RequestModeToString(mode);
-  if (mode == network::mojom::RequestMode::kNavigateNestedFrame) {
-    header_value = "nested-navigate";
-  } else if (mode == network::mojom::RequestMode::kNavigateNestedObject) {
+  std::string header_value = RequestModeToString(mode);
+  if (mode == network::mojom::RequestMode::kNavigateNestedObject) {
     // TODO(mkwst): We might want this to be something more specific:
     // https://github.com/w3c/webappsec-fetch-metadata/issues/37.
     header_value = "no-cors";

third_party/blink/web_tests/external/wpt/fetch/metadata/iframe.tentative.https.sub.html

@@ -44,36 +44,36 @@
   create_test("{{host}}:{{ports[https][0]}}", FORCED, {
     "site": "same-origin",
     "user": "",
-    "mode": "nested-navigate"
+    "mode": "navigate"
   });
 
   create_test("{{hosts[][www]}}:{{ports[https][0]}}", FORCED, {
     "site": "same-site",
     "user": "",
-    "mode": "nested-navigate"
+    "mode": "navigate"
   });
 
   create_test("{{hosts[alt][www]}}:{{ports[https][0]}}", FORCED, {
     "site": "cross-site",
     "user": "",
-    "mode": "nested-navigate"
+    "mode": "navigate"
   });
 
   create_test("{{host}}:{{ports[https][0]}}", USER, {
     "site": "same-origin",
     "user": "?1",
-    "mode": "nested-navigate"
+    "mode": "navigate"
   });
 
   create_test("{{hosts[][www]}}:{{ports[https][0]}}", USER, {
     "site": "same-site",
     "user": "?1",
-    "mode": "nested-navigate"
+    "mode": "navigate"
   });
 
   create_test("{{hosts[alt][www]}}:{{ports[https][0]}}", USER, {
     "site": "cross-site",
     "user": "?1",
-    "mode": "nested-navigate"
+    "mode": "navigate"
   });
 </script>

third_party/blink/web_tests/external/wpt/fetch/metadata/iframe.tentative.sub.html

@@ -68,7 +68,7 @@
       assert_header_equals(e.data, {
         "site": "cross-site",
         "user": "",
-        "mode": "nested-navigate",
+        "mode": "navigate",
       });
       t.done();
     }));

third_party/blink/web_tests/external/wpt/fetch/metadata/portal.tentative.https.sub.html

@@ -27,18 +27,18 @@
   create_test("{{host}}:{{ports[https][0]}}", {
     "site": "same-origin",
     "user": "",
-    "mode": "nested-navigate"
+    "mode": "navigate"
   });
 
   create_test("{{hosts[][www]}}:{{ports[https][0]}}", {
     "site": "same-site",
     "user": "",
-    "mode": "nested-navigate"
+    "mode": "navigate"
   });
 
   create_test("{{hosts[alt][www]}}:{{ports[https][0]}}", {
     "site": "cross-site",
     "user": "",
-    "mode": "nested-navigate"
+    "mode": "navigate"
   });
 </script>

third_party/blink/web_tests/http/tests/navigation/form-targets-cross-site-frame-get-expected.txt

@@ -15,6 +15,6 @@ HTTP_CONNECTION = keep-alive
 HTTP_HOST = localhost:8080
 HTTP_REFERER = http://127.0.0.1:8000/navigation/form-targets-cross-site-frame-get.html
 HTTP_SEC_FETCH_DEST = iframe
-HTTP_SEC_FETCH_MODE = nested-navigate
+HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = cross-site
 HTTP_UPGRADE_INSECURE_REQUESTS = 1

third_party/blink/web_tests/http/tests/navigation/form-targets-cross-site-frame-no-referrer-expected.txt

@@ -16,6 +16,6 @@ HTTP_CONNECTION = keep-alive
 HTTP_HOST = localhost:8080
 HTTP_ORIGIN = null
 HTTP_SEC_FETCH_DEST = iframe
-HTTP_SEC_FETCH_MODE = nested-navigate
+HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = cross-site
 HTTP_UPGRADE_INSECURE_REQUESTS = 1

third_party/blink/web_tests/http/tests/navigation/form-targets-cross-site-frame-post-expected.txt

@@ -17,6 +17,6 @@ HTTP_HOST = localhost:8080
 HTTP_ORIGIN = http://127.0.0.1:8000
 HTTP_REFERER = http://127.0.0.1:8000/navigation/form-targets-cross-site-frame-post.html
 HTTP_SEC_FETCH_DEST = iframe
-HTTP_SEC_FETCH_MODE = nested-navigate
+HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = cross-site
 HTTP_UPGRADE_INSECURE_REQUESTS = 1

third_party/blink/web_tests/http/tests/navigation/form-with-enctype-targets-cross-site-frame-expected.txt

@@ -17,6 +17,6 @@ HTTP_HOST = localhost:8080
 HTTP_ORIGIN = http://127.0.0.1:8000
 HTTP_REFERER = http://127.0.0.1:8000/navigation/form-with-enctype-targets-cross-site-frame.html
 HTTP_SEC_FETCH_DEST = iframe
-HTTP_SEC_FETCH_MODE = nested-navigate
+HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = cross-site
 HTTP_UPGRADE_INSECURE_REQUESTS = 1

third_party/blink/web_tests/http/tests/navigation/post-frames-expected.txt

@@ -18,7 +18,7 @@ HTTP_HOST = 127.0.0.1:8000
 HTTP_ORIGIN = http://127.0.0.1:8000
 HTTP_REFERER = http://127.0.0.1:8000/navigation/resources/page-that-posts.html
 HTTP_SEC_FETCH_DEST = iframe
-HTTP_SEC_FETCH_MODE = nested-navigate
+HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = same-origin
 HTTP_UPGRADE_INSECURE_REQUESTS = 1
 

third_party/blink/web_tests/http/tests/navigation/post-frames-goback1-expected.txt

@@ -17,7 +17,7 @@ HTTP_HOST = 127.0.0.1:8000
 HTTP_ORIGIN = http://127.0.0.1:8000
 HTTP_REFERER = http://127.0.0.1:8000/navigation/post-frames-goback1.html
 HTTP_SEC_FETCH_DEST = iframe
-HTTP_SEC_FETCH_MODE = nested-navigate
+HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = same-origin
 HTTP_UPGRADE_INSECURE_REQUESTS = 1
 

third_party/blink/web_tests/http/tests/navigation/rename-subframe-goback-expected.txt

@@ -21,6 +21,6 @@ HTTP_HOST = 127.0.0.1:8000
 HTTP_ORIGIN = http://127.0.0.1:8000
 HTTP_REFERER = http://127.0.0.1:8000/navigation/resources/page-that-posts.html
 HTTP_SEC_FETCH_DEST = iframe
-HTTP_SEC_FETCH_MODE = nested-navigate
+HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = same-origin
 HTTP_UPGRADE_INSECURE_REQUESTS = 1

third_party/blink/web_tests/virtual/stable/http/tests/navigation/form-targets-cross-site-frame-get-expected.txt

@@ -14,6 +14,6 @@ Http headers:
 HTTP_CONNECTION = keep-alive
 HTTP_HOST = localhost:8080
 HTTP_REFERER = http://127.0.0.1:8000/navigation/form-targets-cross-site-frame-get.html
-HTTP_SEC_FETCH_MODE = nested-navigate
+HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = cross-site
 HTTP_UPGRADE_INSECURE_REQUESTS = 1

third_party/blink/web_tests/virtual/stable/http/tests/navigation/form-targets-cross-site-frame-no-referrer-expected.txt

@@ -15,6 +15,6 @@ HTTP_CACHE_CONTROL = max-age=0
 HTTP_CONNECTION = keep-alive
 HTTP_HOST = localhost:8080
 HTTP_ORIGIN = null
-HTTP_SEC_FETCH_MODE = nested-navigate
+HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = cross-site
 HTTP_UPGRADE_INSECURE_REQUESTS = 1

third_party/blink/web_tests/virtual/stable/http/tests/navigation/form-targets-cross-site-frame-post-expected.txt

@@ -16,6 +16,6 @@ HTTP_CONNECTION = keep-alive
 HTTP_HOST = localhost:8080
 HTTP_ORIGIN = http://127.0.0.1:8000
 HTTP_REFERER = http://127.0.0.1:8000/navigation/form-targets-cross-site-frame-post.html
-HTTP_SEC_FETCH_MODE = nested-navigate
+HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = cross-site
 HTTP_UPGRADE_INSECURE_REQUESTS = 1

third_party/blink/web_tests/virtual/stable/http/tests/navigation/form-with-enctype-targets-cross-site-frame-expected.txt

@@ -16,6 +16,6 @@ HTTP_CONNECTION = keep-alive
 HTTP_HOST = localhost:8080
 HTTP_ORIGIN = http://127.0.0.1:8000
 HTTP_REFERER = http://127.0.0.1:8000/navigation/form-with-enctype-targets-cross-site-frame.html
-HTTP_SEC_FETCH_MODE = nested-navigate
+HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = cross-site
 HTTP_UPGRADE_INSECURE_REQUESTS = 1

third_party/blink/web_tests/virtual/stable/http/tests/navigation/post-frames-expected.txt

@@ -17,7 +17,7 @@ HTTP_CONNECTION = keep-alive
 HTTP_HOST = 127.0.0.1:8000
 HTTP_ORIGIN = http://127.0.0.1:8000
 HTTP_REFERER = http://127.0.0.1:8000/navigation/resources/page-that-posts.html
-HTTP_SEC_FETCH_MODE = nested-navigate
+HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = same-origin
 HTTP_UPGRADE_INSECURE_REQUESTS = 1
 

third_party/blink/web_tests/virtual/stable/http/tests/navigation/post-frames-goback1-expected.txt

@@ -16,7 +16,7 @@ HTTP_CONNECTION = keep-alive
 HTTP_HOST = 127.0.0.1:8000
 HTTP_ORIGIN = http://127.0.0.1:8000
 HTTP_REFERER = http://127.0.0.1:8000/navigation/post-frames-goback1.html
-HTTP_SEC_FETCH_MODE = nested-navigate
+HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = same-origin
 HTTP_UPGRADE_INSECURE_REQUESTS = 1
 

third_party/blink/web_tests/virtual/stable/http/tests/navigation/rename-subframe-goback-expected.txt

@@ -20,6 +20,6 @@ HTTP_CONNECTION = keep-alive
 HTTP_HOST = 127.0.0.1:8000
 HTTP_ORIGIN = http://127.0.0.1:8000
 HTTP_REFERER = http://127.0.0.1:8000/navigation/resources/page-that-posts.html
-HTTP_SEC_FETCH_MODE = nested-navigate
+HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = same-origin
 HTTP_UPGRADE_INSECURE_REQUESTS = 1