[resource-timing] nextHopProtocol on iframes should be TAO protected

Implements https://github.com/w3c/resource-timing/pull/224 Bug: 1049510 Change-Id: Id8fc4b3a4de72b6a51c820a2352d88bea65c935f Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2047023 Auto-Submit: Yoav Weiss <yoavweiss@chromium.org> Commit-Queue: Yoav Weiss <yoavweiss@chromium.org> Reviewed-by: Matt Falkenhagen <falken@chromium.org> Reviewed-by: Ben Kelly <wanderview@chromium.org> Reviewed-by: Annie Sullivan <sullivan@chromium.org> Cr-Commit-Position: refs/heads/master@{#740624}

[resource-timing] nextHopProtocol on iframes should be TAO protected
Implements https://github.com/w3c/resource-timing/pull/224 Bug: 1049510 Change-Id: Id8fc4b3a4de72b6a51c820a2352d88bea65c935f Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2047023 Auto-Submit: Yoav Weiss <yoavweiss@chromium.org> Commit-Queue: Yoav Weiss <yoavweiss@chromium.org> Reviewed-by: Matt Falkenhagen <falken@chromium.org> Reviewed-by: Ben Kelly <wanderview@chromium.org> Reviewed-by: Annie Sullivan <sullivan@chromium.org> Cr-Commit-Position: refs/heads/master@{#740624}
cf3e88c3 · Yoav Weiss · Commit Bot · 7a5e1d48 · cf3e88c3 · cf3e88c3
Commit cf3e88c3 authored Feb 12, 2020 by Yoav Weiss Committed by Commit Bot Feb 12, 2020
4 changed files
--- a/third_party/blink/renderer/core/timing/performance_resource_timing.cc
+++ b/third_party/blink/renderer/core/timing/performance_resource_timing.cc
@@ -146,16 +146,31 @@ AtomicString PerformanceResourceTiming::ConnectionInfo() const {
  return connection_info_;
 }
+namespace {
+bool IsDocumentDestination(mojom::blink::RequestContextType context_type) {
+  return context_type == mojom::blink::RequestContextType::IFRAME ||
+         context_type == mojom::blink::RequestContextType::FRAME ||
+         context_type == mojom::blink::RequestContextType::FORM ||
+         context_type == mojom::blink::RequestContextType::HYPERLINK;
+}
+}  // namespace
 AtomicString PerformanceResourceTiming::GetNextHopProtocol(
    const AtomicString& alpn_negotiated_protocol,
-    const AtomicString& connection_info) {
+    const AtomicString& connection_info) const {
  // Fallback to connection_info when alpn_negotiated_protocol is unknown.
  AtomicString returnedProtocol = (alpn_negotiated_protocol == "unknown")
                                      ? connection_info
                                      : alpn_negotiated_protocol;
-  // If connection_info is also unknown, return empty string.
+  // If connection_info is unknown, or if this is a `document` destination and
-  // (https://github.com/w3c/navigation-timing/issues/71)
+  // TAO didn't pass, return the empty string.
-  returnedProtocol = (returnedProtocol == "unknown") ? "" : returnedProtocol;
+  // https://github.com/w3c/navigation-timing/issues/71
+  // https://github.com/w3c/resource-timing/pull/224
+  if (returnedProtocol == "unknown" ||
+      (!AllowTimingDetails() && IsDocumentDestination(context_type_))) {
+    returnedProtocol = "";
+  }
  return returnedProtocol;
 }
@@ -165,16 +180,6 @@ AtomicString PerformanceResourceTiming::nextHopProtocol() const {
                                                       ConnectionInfo());
 }
-namespace {
-bool IsDocumentDestination(mojom::RequestContextType context_type) {
-  return context_type == mojom::RequestContextType::IFRAME ||
-         context_type == mojom::RequestContextType::FRAME ||
-         context_type == mojom::RequestContextType::FORM ||
-         context_type == mojom::RequestContextType::HYPERLINK;
-}
-}  // namespace
 DOMHighResTimeStamp PerformanceResourceTiming::workerStart() const {
  ResourceLoadTiming* timing = GetResourceLoadTiming();
  if (!timing || timing->WorkerStart().is_null() ||

--- a/third_party/blink/renderer/core/timing/performance_resource_timing.h
+++ b/third_party/blink/renderer/core/timing/performance_resource_timing.h
@@ -107,9 +107,8 @@ class CORE_EXPORT PerformanceResourceTiming
  base::TimeTicks TimeOrigin() const { return time_origin_; }
 private:
-  static AtomicString GetNextHopProtocol(
+  AtomicString GetNextHopProtocol(const AtomicString& alpn_negotiated_protocol,
-      const AtomicString& alpn_negotiated_protocol,
+                                  const AtomicString& connection_info) const;
-      const AtomicString& connection_info);
  double WorkerReady() const;

--- a/third_party/blink/renderer/core/timing/performance_resource_timing_test.cc
+++ b/third_party/blink/renderer/core/timing/performance_resource_timing_test.cc
@@ -12,8 +12,12 @@ class PerformanceResourceTimingTest : public testing::Test {
 protected:
  AtomicString GetNextHopProtocol(const AtomicString& alpn_negotiated_protocol,
                                  const AtomicString& connection_info) {
-    return PerformanceResourceTiming::GetNextHopProtocol(
+    mojom::blink::ResourceTimingInfo info;
-        alpn_negotiated_protocol, connection_info);
+    info.allow_timing_details = true;
+    PerformanceResourceTiming timing(
+        info, base::TimeTicks(), /*initiator_type=*/"",
+        mojo::PendingReceiver<mojom::blink::WorkerTimingContainer>());
+    return timing.GetNextHopProtocol(alpn_negotiated_protocol, connection_info);
  }
 };

--- a/third_party/blink/web_tests/external/wpt/resource-timing/nextHopProtocol-tao-protected.https.html
+++ b/third_party/blink/web_tests/external/wpt/resource-timing/nextHopProtocol-tao-protected.https.html
+<!DOCTYPE html>
+<html>
+<head>
+<meta charset="utf-8" />
+<meta name=timeout content=long>
+<title>Resource Timing - Check that nextHopProtocol is TAO protected</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/get-host-info.sub.js"></script>
+</head>
+<body>
+<script>
+const addFrame = url => {
+  const iframe = document.createElement("iframe");
+  iframe.src = url;
+  document.body.appendChild(iframe);
+};
+const host_info = get_host_info();
+// Add iframe to remote origin - page without TAO
+promise_test(t => {
+  return new Promise((resolve, reject) => {
+    const observer = new PerformanceObserver(list => {
+      const entries = list.getEntries();
+      for (entry of entries) {
+        if (entry.name.includes("blank_page_green.htm")) {
+          observer.disconnect();
+          // Observe its performance entry to make sure nextHopProtocol is empty
+          if (entry.nextHopProtocol != "") {
+            reject("nextHopProtocol should be the empty string");
+          }
+          resolve();
+        }
+      }
+    });
+    observer.observe({entryTypes: ["resource"]});
+    addFrame(host_info.HTTPS_REMOTE_ORIGIN + "/resource-timing/resources/blank_page_green.htm");
+  });
+}, "Add TAO-less iframe to remote origin. Make sure nextHopProtocol is the empty string");
+// Add iframe to remote origin - page with TAO
+promise_test(t => {
+  return new Promise((resolve, reject) => {
+    const observer = new PerformanceObserver(list => {
+      const entries = list.getEntries();
+      for (entry of entries) {
+        if (entry.name.includes("blank-with-tao.html")) {
+          observer.disconnect();
+          // Observe its performance entry to make sure nextHopProtocol is empty
+          if (entry.nextHopProtocol == "") {
+            reject("nextHopProtocol should not be the empty string");
+          }
+          resolve();
+        }
+      }
+    });
+    observer.observe({entryTypes: ["resource"]});
+    addFrame(host_info.HTTPS_REMOTE_ORIGIN + "/resource-timing/resources/blank-with-tao.html");
+  });
+}, "Add TAO iframe to remote origin. Make sure nextHopProtocol is not the empty string");
+</script>
+</body>
+</html>