SXG + reporting: Make WPT tests work with NetworkIsolationKeys.

NetworkIsolationKeys include top frame origin and frame origin.
The WPT SXG reporting tests load an SXG in a cross-site iframe, but
learn reporting information in the top-level browsing context, so it
had a different NIK.

This CL fixes those tests to learn reporting information in an iframe,
so they have the same NetworkIsolationKey as the signed exchange. With
this CL, all SXG WPT tests should now pass with reporting data
partitioned by NetworkIsolationKey.

Bug: 1156951
Change-Id: I0f8aa3bc51a276a71c28e92a056e709721bffb04
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2580587
Commit-Queue: Matt Menke <mmenke@chromium.org>
Reviewed-by: Kunihiko Sakamoto <ksakamoto@chromium.org>
Cr-Commit-Position: refs/heads/master@{#835642}

third_party/blink/web_tests/external/wpt/network-error-logging/support/nel.sub.js

@@ -24,6 +24,15 @@ function nel_test(callback, name, properties) {
   }, name, properties);
 }
 
+function nel_iframe_test(callback, name, properties) {
+  promise_test(async t => {
+    await obtainNELLock();
+    await clearReportingAndNELConfigurationsInIframe();
+    await callback(t);
+    await releaseNELLock();
+  }, name, properties);
+}
+
 /*
  * Helper functions for constructing domain names that contain NEL policies.
  */
@@ -68,6 +77,37 @@ function fetchResourceWithZeroSuccessFractionPolicy(subdomain) {
   return fetch(url, {mode: "no-cors"});
 }
 
+/*
+ * Similar to the above methods, but fetch resources in an iframe. Allows matching
+ * full context of reports sent from an iframe that's same-site relative to the domains
+ * a policy set.
+ */
+
+ function loadResourceWithBasicPolicyInIframe(subdomain) {
+  return loadResourceWithPolicyInIframe(
+      getURLForResourceWithBasicPolicy(subdomain));
+}
+
+function loadResourceWithZeroSuccessFractionPolicyInIframe(subdomain) {
+  return loadResourceWithPolicyInIframe(
+      _getNELResourceURL(subdomain, "pass.png?id="+reportID+"&success_fraction=0.0"));
+}
+
+function clearResourceWithBasicPolicyInIframe(subdomain) {
+  return loadResourceWithPolicyInIframe(
+      getURLForClearingConfiguration(subdomain));
+}
+
+function loadResourceWithPolicyInIframe(url) {
+  return new Promise((resolve, reject) => {
+    const frame = document.createElement('iframe');
+    frame.src = url;
+    frame.onload = () => resolve(frame);
+    frame.onerror = () => reject('failed to load ' + url);
+    document.body.appendChild(frame);
+  });
+}
+
 /*
  * Fetches a resource whose headers define an include_subdomains NEL policy.
  */
@@ -170,6 +210,16 @@ async function clearReportingAndNELConfigurations(subdomain) {
   return;
 }
 
+async function clearReportingAndNELConfigurationsInIframe(subdomain) {
+  await Promise.all([
+    clearResourceWithBasicPolicyInIframe(""),
+    clearResourceWithBasicPolicyInIframe("www"),
+    clearResourceWithBasicPolicyInIframe("www1"),
+    clearResourceWithBasicPolicyInIframe("www2"),
+  ]);
+  return;
+}
+
 /*
  * Returns whether all of the fields in obj1 also exist in obj2 with the same
  * values.  (Put another way, returns whether obj1 and obj2 are equal, ignoring

third_party/blink/web_tests/external/wpt/signed-exchange/reporting/sxg-reporting-navigation-cert_fetch_error-downgraded.tentative.html

@@ -10,8 +10,8 @@
 const alt_origin = get_host_info().HTTPS_NOTSAMESITE_ORIGIN;
 const test_origin = get_host_info().HTTPS_ORIGIN;
 
-nel_test(async t => {
-  await fetchResourceWithBasicPolicy();
+nel_iframe_test(async t => {
+  await loadResourceWithBasicPolicyInIframe();
   const sxg_url =
       alt_origin + '/signed-exchange/resources/sxg/sxg-cert-not-found.sxg?navigation';
   const cert_url = test_origin + '/signed-exchange/resources/not_found_certfile.cbor';

third_party/blink/web_tests/external/wpt/signed-exchange/reporting/sxg-reporting-navigation-cert_fetch_error.tentative.html

@@ -9,8 +9,8 @@
 <script>
 const alt_origin = get_host_info().HTTPS_NOTSAMESITE_ORIGIN;
 
-nel_test(async t => {
-  await fetchResourceWithBasicPolicy();
+nel_iframe_test(async t => {
+  await loadResourceWithBasicPolicyInIframe();
   const sxg_url =
       alt_origin +
       '/signed-exchange/resources/sxg/sxg-cert-not-found-on-alt-origin.sxg?navigation';

third_party/blink/web_tests/external/wpt/signed-exchange/reporting/sxg-reporting-navigation-cert_parse_error-downgraded.tentative.html

@@ -10,8 +10,8 @@
 const alt_origin = get_host_info().HTTPS_NOTSAMESITE_ORIGIN;
 const test_origin = get_host_info().HTTPS_ORIGIN;
 
-nel_test(async t => {
-  await fetchResourceWithBasicPolicy();
+nel_iframe_test(async t => {
+  await loadResourceWithBasicPolicyInIframe();
   const sxg_url =
       alt_origin +
       '/signed-exchange/resources/sxg/sxg-invalid-cert-format.sxg?navigation';

third_party/blink/web_tests/external/wpt/signed-exchange/reporting/sxg-reporting-navigation-cert_parse_error.tentative.html

@@ -9,8 +9,8 @@
 <script>
 const alt_origin = get_host_info().HTTPS_NOTSAMESITE_ORIGIN;
 
-nel_test(async t => {
-  await fetchResourceWithBasicPolicy();
+nel_iframe_test(async t => {
+  await loadResourceWithBasicPolicyInIframe();
   const sxg_url =
       alt_origin +
       '/signed-exchange/resources/sxg/sxg-invalid-cert-format-on-alt-origin.sxg?navigation';

third_party/blink/web_tests/external/wpt/signed-exchange/reporting/sxg-reporting-navigation-cert_verification_error-downgraded.tentative.html

@@ -10,8 +10,8 @@
 const alt_origin = get_host_info().HTTPS_NOTSAMESITE_ORIGIN;
 const test_origin = get_host_info().HTTPS_ORIGIN;
 
-nel_test(async t => {
-  await fetchResourceWithBasicPolicy();
+nel_iframe_test(async t => {
+  await loadResourceWithBasicPolicyInIframe();
   const sxg_url =
       alt_origin +
       '/signed-exchange/resources/sxg/sxg-validity-period-too-long.sxg?navigation';

third_party/blink/web_tests/external/wpt/signed-exchange/reporting/sxg-reporting-navigation-cert_verification_error.tentative.html

@@ -9,8 +9,8 @@
 <script>
 const alt_origin = get_host_info().HTTPS_NOTSAMESITE_ORIGIN;
 
-nel_test(async t => {
-  await fetchResourceWithBasicPolicy();
+nel_iframe_test(async t => {
+  await loadResourceWithBasicPolicyInIframe();
   const sxg_url =
       alt_origin +
       '/signed-exchange/resources/sxg/sxg-validity-period-too-long-cert-on-alt-origin.sxg?navigation';

third_party/blink/web_tests/external/wpt/signed-exchange/reporting/sxg-reporting-navigation-failed-zero-success-fraction.tentative.html

@@ -10,8 +10,8 @@
 const alt_origin = get_host_info().HTTPS_NOTSAMESITE_ORIGIN;
 const test_origin = get_host_info().HTTPS_ORIGIN;
 
-nel_test(async t => {
-  await fetchResourceWithZeroSuccessFractionPolicy();
+nel_iframe_test(async t => {
+  await loadResourceWithZeroSuccessFractionPolicyInIframe();
   const sxg_url =
       alt_origin + '/signed-exchange/resources/sxg/sxg-cert-not-found.sxg?navigation';
   const cert_url = test_origin + '/signed-exchange/resources/not_found_certfile.cbor';

third_party/blink/web_tests/external/wpt/signed-exchange/reporting/sxg-reporting-navigation-invalid_integrity_header.tentative.html

@@ -10,8 +10,8 @@
 const alt_origin = get_host_info().HTTPS_NOTSAMESITE_ORIGIN;
 const test_origin = get_host_info().HTTPS_ORIGIN;
 
-nel_test(async t => {
-  await fetchResourceWithBasicPolicy();
+nel_iframe_test(async t => {
+  await loadResourceWithBasicPolicyInIframe();
   const sxg_url =
       alt_origin +
       '/signed-exchange/resources/sxg/sxg-invalid-integrity-header.sxg?navigation';

third_party/blink/web_tests/external/wpt/signed-exchange/reporting/sxg-reporting-navigation-mi_error.tentative.html

@@ -11,8 +11,8 @@
 const alt_origin = get_host_info().HTTPS_NOTSAMESITE_ORIGIN;
 const test_origin = get_host_info().HTTPS_ORIGIN;
 
-nel_test(async t => {
-  await fetchResourceWithBasicPolicy();
+nel_iframe_test(async t => {
+  await loadResourceWithBasicPolicyInIframe();
   const sxg_url =
       alt_origin +
       '/signed-exchange/resources/sxg/sxg-merkle-integrity-error.sxg?navigation';

third_party/blink/web_tests/external/wpt/signed-exchange/reporting/sxg-reporting-navigation-ok-no-referrer.tentative.html

@@ -10,8 +10,8 @@
 const alt_origin = get_host_info().HTTPS_NOTSAMESITE_ORIGIN;
 const test_origin = get_host_info().HTTPS_ORIGIN;
 
-nel_test(async t => {
-  await fetchResourceWithBasicPolicy();
+nel_iframe_test(async t => {
+  await loadResourceWithBasicPolicyInIframe();
   const sxg_url = alt_origin + '/signed-exchange/resources/sxg/sxg-location.sxg?navigation';
   const cert_url = test_origin + '/signed-exchange/resources/127.0.0.1.sxg.pem.cbor';
   const message = await openSXGInIframeAndWaitForMessage(t, sxg_url, 'no-referrer');

third_party/blink/web_tests/external/wpt/signed-exchange/reporting/sxg-reporting-navigation-ok-origin-referrer.tentative.html

@@ -10,8 +10,8 @@
 const alt_origin = get_host_info().HTTPS_NOTSAMESITE_ORIGIN;
 const test_origin = get_host_info().HTTPS_ORIGIN;
 
-nel_test(async t => {
-  await fetchResourceWithBasicPolicy();
+nel_iframe_test(async t => {
+  await loadResourceWithBasicPolicyInIframe();
   const sxg_url = alt_origin + '/signed-exchange/resources/sxg/sxg-location.sxg?navigation';
   const cert_url = test_origin + '/signed-exchange/resources/127.0.0.1.sxg.pem.cbor';
   const message = await openSXGInIframeAndWaitForMessage(t, sxg_url, 'origin');

third_party/blink/web_tests/external/wpt/signed-exchange/reporting/sxg-reporting-navigation-ok.tentative.html

@@ -10,8 +10,8 @@
 const alt_origin = get_host_info().HTTPS_NOTSAMESITE_ORIGIN;
 const test_origin = get_host_info().HTTPS_ORIGIN;
 
-nel_test(async t => {
-  await fetchResourceWithBasicPolicy();
+nel_iframe_test(async t => {
+  await loadResourceWithBasicPolicyInIframe();
   const sxg_url = alt_origin + '/signed-exchange/resources/sxg/sxg-location.sxg?navigation';
   const cert_url = test_origin + '/signed-exchange/resources/127.0.0.1.sxg.pem.cbor';
   const message = await openSXGInIframeAndWaitForMessage(t, sxg_url);

third_party/blink/web_tests/external/wpt/signed-exchange/reporting/sxg-reporting-navigation-parse_error.tentative.html

@@ -10,8 +10,8 @@
 <script>
 const alt_origin = get_host_info().HTTPS_NOTSAMESITE_ORIGIN;
 
-nel_test(async t => {
-  await fetchResourceWithBasicPolicy();
+nel_iframe_test(async t => {
+  await loadResourceWithBasicPolicyInIframe();
   const sxg_url =
       alt_origin +
       '/signed-exchange/resources/sxg/sxg-invalid-format.sxg?navigation';

third_party/blink/web_tests/external/wpt/signed-exchange/reporting/sxg-reporting-navigation-signature_verification_error-downgraded.tentative.html

@@ -10,8 +10,8 @@
 const alt_origin = get_host_info().HTTPS_NOTSAMESITE_ORIGIN;
 const test_origin = get_host_info().HTTPS_ORIGIN;
 
-nel_test(async t => {
-  await fetchResourceWithBasicPolicy();
+nel_iframe_test(async t => {
+  await loadResourceWithBasicPolicyInIframe();
   const sxg_url =
       alt_origin +
       '/signed-exchange/resources/sxg/sxg-invalid-cert-sha256.sxg?navigation';

third_party/blink/web_tests/external/wpt/signed-exchange/reporting/sxg-reporting-navigation-signature_verification_error.tentative.html

@@ -9,8 +9,8 @@
 <script>
 const alt_origin = get_host_info().HTTPS_NOTSAMESITE_ORIGIN;
 
-nel_test(async t => {
-  await fetchResourceWithBasicPolicy();
+nel_iframe_test(async t => {
+  await loadResourceWithBasicPolicyInIframe();
   const sxg_url =
       alt_origin +
       '/signed-exchange/resources/sxg/sxg-invalid-cert-sha256-cert-on-alt-origin.sxg?navigation';

third_party/blink/web_tests/external/wpt/signed-exchange/subresource/sxg-subresource-header-integrity-mismatch.tentative.html

@@ -7,10 +7,10 @@
 <script src="../resources/sxg-util.js"></script>
 <body>
 <script>
-nel_test(async t => {
+nel_iframe_test(async t => {
   const alt_origin = get_host_info().HTTPS_NOTSAMESITE_ORIGIN;
   const test_origin = get_host_info().HTTPS_ORIGIN;
-  await fetchResourceWithBasicPolicy();
+  await loadResourceWithBasicPolicyInIframe();
   const iframe_path =
       alt_origin +
       '/signed-exchange/resources/sxg-subresource-mismatch-iframe.html';