[Security] Enforce COOP on redirects.

COOP was parsed for redirects already, but not properly enforced. This patch makes sure any redirect combination that would have led to a switch does put the final URL in a separate BrowsingInstance. Change-Id: Ia289cf661add09a8e86392c7c650219b90ac0a1b Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2132220Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org> Commit-Queue: Arthur Hemery <ahemery@chromium.org> Cr-Commit-Position: refs/heads/master@{#755944}

[Security] Enforce COOP on redirects.
COOP was parsed for redirects already, but not properly enforced. This patch makes sure any redirect combination that would have led to a switch does put the final URL in a separate BrowsingInstance. Change-Id: Ia289cf661add09a8e86392c7c650219b90ac0a1b Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2132220Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org> Commit-Queue: Arthur Hemery <ahemery@chromium.org> Cr-Commit-Position: refs/heads/master@{#755944}
bb38c354 · Arthur Hemery · Commit Bot · 7a7a80fe · bb38c354 · 7a7a80fe
Commit bb38c354 authored Apr 02, 2020 by Arthur Hemery Committed by Commit Bot Apr 02, 2020
2 changed files
--- a/content/browser/frame_host/render_frame_host_manager.cc
+++ b/content/browser/frame_host/render_frame_host_manager.cc
@@ -2446,7 +2446,8 @@ RenderFrameHostManager::GetSiteInstanceForNavigationRequest(
      request->common_params().transition,
      request->state() >= NavigationRequest::CANCELING, is_reload,
      request->GetRestoreType() != RestoreType::NONE, request->is_view_source(),
-      request->WasServerRedirect(), cross_origin_policy_swap);
+      request->WasServerRedirect(),
+      request->require_coop_browsing_instance_swap());

  // If the NavigationRequest's dest_site_instance was present but incorrect,
  // then ensure no sensitive state is kept on the request. This can happen for

--- a/third_party/blink/web_tests/external/wpt/html/cross-origin-opener-policy/coep-redirect.https-expected.txt
+++ b/third_party/blink/web_tests/external/wpt/html/cross-origin-opener-policy/coep-redirect.https-expected.txt
-This is a testharness.js-based test.
-PASS Redirect from coop/coep to coop/coep
-PASS Redirect from coop/coep to no coop/coep
-FAIL Redirect from no coop/no coep to coop/coep assert_equals: name expected "" but got "Redirect-from-no-coop/no-coep-to-coop/coep"
-FAIL Redirect from coop/no coep to coop/coep assert_equals: name expected "" but got "Redirect-from-coop/no-coep-to-coop/coep"
-FAIL Redirect from coop unsafe-none/coep to coop/coep assert_equals: name expected "" but got "Redirect-from-coop-unsafe-none/coep-to-coop/coep"
-PASS Redirect from coop unsafe-none/coep to coop unsafe-inherit/coep
-Harness: the test ran to completion.
-