Remove OriginalTimingAllowOrigin from ResourceTimingInfo

The OriginalTimingAllowOrigin attribute was added in
https://codereview.chromium.org/271083002 to ensure TAO headers are
preserved on cached resources (304 responses). This CL removes it
because it seems that it is no longer needed. It also moves the
corresponding test to WPT.

Bug: 929453
Change-Id: I41e0c84b04a94acc27c22e375f55398d9fc411e5
Reviewed-on: https://chromium-review.googlesource.com/c/1459333
Commit-Queue: Nicolás Peña Moreno <npm@chromium.org>
Reviewed-by: Yoav Weiss <yoavweiss@chromium.org>
Cr-Commit-Position: refs/heads/master@{#630441}

third_party/blink/renderer/core/paint/image_element_timing.cc

@@ -65,7 +65,7 @@ void ImageElementTiming::NotifyImagePainted(const HTMLImageElement* element,
   DCHECK(layout_image->GetDocument().GetSecurityOrigin());
   if (!Performance::PassesTimingAllowCheck(
           layout_image->CachedImage()->GetResponse(),
-          *layout_image->GetDocument().GetSecurityOrigin(), AtomicString(),
+          *layout_image->GetDocument().GetSecurityOrigin(),
           &layout_image->GetDocument()))
     return;
 

third_party/blink/renderer/core/timing/performance.cc

@@ -405,7 +405,6 @@ void Performance::setResourceTimingBufferSize(unsigned size) {
 bool Performance::PassesTimingAllowCheck(
     const ResourceResponse& response,
     const SecurityOrigin& initiator_security_origin,
-    const AtomicString& original_timing_allow_origin,
     ExecutionContext* context) {
   const KURL& response_url = response.ResponseUrl();
   scoped_refptr<const SecurityOrigin> resource_origin =
@@ -414,9 +413,7 @@ bool Performance::PassesTimingAllowCheck(
     return true;
 
   const AtomicString& timing_allow_origin_string =
-      original_timing_allow_origin.IsEmpty()
-          ? response.HttpHeaderField(http_names::kTimingAllowOrigin)
-          : original_timing_allow_origin;
+      response.HttpHeaderField(http_names::kTimingAllowOrigin);
   if (timing_allow_origin_string.IsEmpty() ||
       EqualIgnoringASCIICase(timing_allow_origin_string, "null"))
     return false;
@@ -455,12 +452,11 @@ bool Performance::AllowsTimingRedirect(
     const SecurityOrigin& initiator_security_origin,
     ExecutionContext* context) {
   if (!PassesTimingAllowCheck(final_response, initiator_security_origin,
-                              AtomicString(), context))
+                              context))
     return false;
 
   for (const ResourceResponse& response : redirect_chain) {
-    if (!PassesTimingAllowCheck(response, initiator_security_origin,
-                                AtomicString(), context))
+    if (!PassesTimingAllowCheck(response, initiator_security_origin, context))
       return false;
   }
 
@@ -495,8 +491,7 @@ WebResourceTimingInfo Performance::GenerateResourceTiming(
   result.finish_time = info.LoadFinishTime();
 
   result.allow_timing_details = PassesTimingAllowCheck(
-      final_response, destination_origin, info.OriginalTimingAllowOrigin(),
-      &context_for_use_counter);
+      final_response, destination_origin, &context_for_use_counter);
 
   const Vector<ResourceResponse>& redirect_chain = info.RedirectChain();
   if (!redirect_chain.IsEmpty()) {

third_party/blink/renderer/core/timing/performance.h

@@ -253,7 +253,6 @@ class CORE_EXPORT Performance : public EventTargetWithInlineData {
   // TODO(npm): is the AtomicString parameter here actually needed?
   static bool PassesTimingAllowCheck(const ResourceResponse&,
                                      const SecurityOrigin&,
-                                     const AtomicString&,
                                      ExecutionContext*);
 
   static bool AllowsTimingRedirect(const Vector<ResourceResponse>&,

third_party/blink/renderer/platform/loader/fetch/resource_fetcher.cc

@@ -1142,13 +1142,6 @@ void ResourceFetcher::StorePerformanceTimingInitiatorInformation(
   scoped_refptr<ResourceTimingInfo> info =
       ResourceTimingInfo::Create(fetch_initiator, CurrentTimeTicks());
 
-  if (resource->IsCacheValidator()) {
-    const AtomicString& timing_allow_origin =
-        resource->GetResponse().HttpHeaderField(http_names::kTimingAllowOrigin);
-    if (!timing_allow_origin.IsEmpty())
-      info->SetOriginalTimingAllowOrigin(timing_allow_origin);
-  }
-
   resource_timing_info_map_.insert(resource, std::move(info));
 }
 

third_party/blink/renderer/platform/loader/fetch/resource_timing_info.h

@@ -56,14 +56,6 @@ class PLATFORM_EXPORT ResourceTimingInfo
 
   const AtomicString& InitiatorType() const { return type_; }
 
-  void SetOriginalTimingAllowOrigin(
-      const AtomicString& original_timing_allow_origin) {
-    original_timing_allow_origin_ = original_timing_allow_origin;
-  }
-  const AtomicString& OriginalTimingAllowOrigin() const {
-    return original_timing_allow_origin_;
-  }
-
   void SetLoadFinishTime(TimeTicks time) { load_finish_time_ = time; }
   TimeTicks LoadFinishTime() const { return load_finish_time_; }
 
@@ -102,7 +94,6 @@ class PLATFORM_EXPORT ResourceTimingInfo
       : type_(type), initial_time_(time) {}
 
   AtomicString type_;
-  AtomicString original_timing_allow_origin_;
   TimeTicks initial_time_;
   TimeTicks load_finish_time_;
   KURL initial_url_;

third_party/blink/web_tests/external/wpt/resource-timing/resource-reload-TAO.sub.html

+<!doctype html>
+<html>
+<head>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+</head>
+<body>
+<iframe src="resources/iframe-reload-TAO.sub.html"></iframe>
+<script>
+async_test(t => {
+    window.onmessage = t.step_func(e => {
+        const data = e.data;
+        assert_greater_than(data.domainLookupStart, 0,
+            "domainLookupStart should be greater than 0.");
+        assert_greater_than(data.domainLookupEnd, 0,
+            "domainLookupEnd should be greater than 0.");
+        assert_greater_than(data.connectStart, 0,
+            "connectStart should be greater than 0.");
+        assert_greater_than(data.connectEnd, 0,
+            "connectEnd should be greater than 0.");
+        t.done();
+    });
+}, "Test that TAO headers are reused on reloads.");
+</script>
+</body>

third_party/blink/web_tests/external/wpt/resource-timing/resources/cors-ahem.py

+import os.path
+
+def main(request, response):
+    etag = "123abc"
+    if etag == request.headers.get("If-None-Match", None):
+        response.headers.set("X-HTTP-STATUS", 304)
+        response.status = (304, "Not Modified")
+        return ""
+
+    response.headers.set("Cache-Control", "public, max-age=86400")
+    response.headers.set("Content-Type", "font/truetype")
+    response.headers.set("Access-Control-Allow-Origin", "*")
+    response.headers.set("Timing-Allow-Origin", "*")
+    response.headers.set("ETag", etag)
+    font = "../../fonts/Ahem.ttf"
+    path = os.path.join(os.path.dirname(__file__), font)
+    response.content = open(path, "rb").read()

third_party/blink/web_tests/external/wpt/resource-timing/resources/iframe-reload-TAO.sub.html

+<style>
+@font-face {
+    font-family: ahem;
+    src: url(http://{{domains[www]}}:{{ports[http][1]}}/resource-timing/resources/cors-ahem.py);
+}
+</style>
+<div style="font-family: ahem;">This fetches ahem font.</div>
+<script>
+  if (location.hash === '#check') {
+      document.fonts.ready.then(()=> {
+        const entries = performance.getEntriesByName('http://{{domains[www]}}:{{ports[http][1]}}/resource-timing/resources/cors-ahem.py');
+        if (entries.length != 1)
+          return;
+        const entry = entries[0];
+        window.parent.postMessage({
+            "domainLookupStart": entry.domainLookupStart,
+            "domainLookupEnd": entry.domainLookupEnd,
+            "connectStart": entry.connectStart,
+            "connectEnd": entry.connectEnd
+          }, "*");
+      });
+  } else {
+      document.fonts.ready.then(() => {
+        location.hash = 'check';
+        location.reload();
+      });
+  }
+</script>

third_party/blink/web_tests/http/tests/css/resource-timing-details-for-revalidation.html

-<!DOCTYPE html>
-<script src="/js-test-resources/js-test.js"></script>
-<style>
-@font-face {
-    font-family: ahem;
-    src: url(http://localhost:8080/css/resources/cors-ahem.php);
-}
-</style>
-
-<div style="font-family: ahem;">This fetches ahem font.<div>
-
-<script>
-if (window.testRunner)
-    testRunner.waitUntilDone();
-
-var entry;
-if (location.hash == '#check') {
-    document.fonts.ready.then(function() {
-        setTimeout(function() {
-            entry = performance.getEntriesByName('http://localhost:8080/css/resources/cors-ahem.php')[0];
-            shouldBeTrue('entry.domainLookupStart > 0');
-            if (window.testRunner)
-                testRunner.notifyDone();
-        }, 10);
-    });
-} else {
-    document.fonts.ready.then(function() {
-        setTimeout(function() {
-            location.hash = 'check';
-            location.reload();
-        }, 10);
-    });
-}
-</script>