Remove unused WebSecurityPolicy::RemoveOriginAccessWhitelistEntry

Though the interface is plumbed, only one layout test calls it for testing itself and there is no real user today. This interface was introduced in WebKit era, and chromium use of this interface was completely replaced by RemoveAllOriginAccessWhitelistEntriesForOrigin in https://chromium-review.googlesource.com/c/chromium/src/+/1105287. This is a trivial preparation for implementing origin whitelising for the Network Service. Bug: 870172 Change-Id: I4ff5a91d95dbb65fa30c471e77d44b7e2ad3a92a Reviewed-on: https://chromium-review.googlesource.com/1175581Reviewed-by: Kent Tamura <tkent@chromium.org> Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Cr-Commit-Position: refs/heads/master@{#583203}

Remove unused WebSecurityPolicy::RemoveOriginAccessWhitelistEntry
Though the interface is plumbed, only one layout test calls it for testing itself and there is no real user today. This interface was introduced in WebKit era, and chromium use of this interface was completely replaced by RemoveAllOriginAccessWhitelistEntriesForOrigin in https://chromium-review.googlesource.com/c/chromium/src/+/1105287. This is a trivial preparation for implementing origin whitelising for the Network Service. Bug: 870172 Change-Id: I4ff5a91d95dbb65fa30c471e77d44b7e2ad3a92a Reviewed-on: https://chromium-review.googlesource.com/1175581Reviewed-by: Kent Tamura <tkent@chromium.org> Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Cr-Commit-Position: refs/heads/master@{#583203}
f22c055e · Takashi Toyoshima · Commit Bot · c1b6d6a2 · f22c055e · f22c055e
Commit f22c055e authored Aug 15, 2018 by Takashi Toyoshima Committed by Commit Bot Aug 15, 2018
6 changed files
--- a/content/shell/test_runner/test_runner.cc
+++ b/content/shell/test_runner/test_runner.cc
@@ -216,10 +216,6 @@ class TestRunnerBindings : public gin::Wrappable<TestRunnerBindings> {
  void QueueLoadingScript(const std::string& script);
  void QueueNonLoadingScript(const std::string& script);
  void QueueReload();
-  void RemoveOriginAccessWhitelistEntry(const std::string& source_origin,
-                                        const std::string& destination_protocol,
-                                        const std::string& destination_host,
-                                        bool allow_destination_subdomains);
  void RemoveSpellCheckResolvedCallback();
  void RemoveWebPageOverlay();
  void ResetTestHelperControllers();
@@ -514,8 +510,6 @@ gin::ObjectTemplateBuilder TestRunnerBindings::GetObjectTemplateBuilder(
      .SetMethod("queueNonLoadingScript",
                 &TestRunnerBindings::QueueNonLoadingScript)
      .SetMethod("queueReload", &TestRunnerBindings::QueueReload)
-      .SetMethod("removeOriginAccessWhitelistEntry",
-                 &TestRunnerBindings::RemoveOriginAccessWhitelistEntry)
      .SetMethod("removeSpellCheckResolvedCallback",
                 &TestRunnerBindings::RemoveSpellCheckResolvedCallback)
      .SetMethod("removeWebPageOverlay",
@@ -859,18 +853,6 @@ void TestRunnerBindings::AddOriginAccessWhitelistEntry(
  }
 }
-void TestRunnerBindings::RemoveOriginAccessWhitelistEntry(
-    const std::string& source_origin,
-    const std::string& destination_protocol,
-    const std::string& destination_host,
-    bool allow_destination_subdomains) {
-  if (runner_) {
-    runner_->RemoveOriginAccessWhitelistEntry(
-        source_origin, destination_protocol, destination_host,
-        allow_destination_subdomains);
-  }
-}
 bool TestRunnerBindings::HasCustomPageSizeStyle(int page_index) {
  if (view_runner_)
    return view_runner_->HasCustomPageSizeStyle(page_index);
@@ -2109,20 +2091,6 @@ void TestRunner::AddOriginAccessWhitelistEntry(
      WebString::FromUTF8(destination_host), allow_destination_subdomains);
 }
-void TestRunner::RemoveOriginAccessWhitelistEntry(
-    const std::string& source_origin,
-    const std::string& destination_protocol,
-    const std::string& destination_host,
-    bool allow_destination_subdomains) {
-  WebURL url((GURL(source_origin)));
-  if (!url.IsValid())
-    return;
-  WebSecurityPolicy::RemoveOriginAccessWhitelistEntry(
-      url, WebString::FromUTF8(destination_protocol),
-      WebString::FromUTF8(destination_host), allow_destination_subdomains);
-}
 void TestRunner::SetTextSubpixelPositioning(bool value) {
 #if defined(OS_LINUX) || defined(OS_ANDROID) || defined(OS_FUCHSIA)
  // Since FontConfig doesn't provide a variable to control subpixel

--- a/third_party/WebKit/LayoutTests/TestExpectations
+++ b/third_party/WebKit/LayoutTests/TestExpectations
@@ -1693,7 +1693,6 @@ crbug.com/736308 virtual/outofblink-cors/external/wpt/xhr/send-redirect-to-cors.
 crbug.com/736308 virtual/outofblink-cors/http/tests/fetch/chromium/error-messages.html [ Failure ]
 crbug.com/736308 virtual/outofblink-cors/http/tests/xmlhttprequest/origin-whitelisting-all.html [ Failure ]
 crbug.com/736308 virtual/outofblink-cors/http/tests/xmlhttprequest/origin-whitelisting-exact-match.html [ Failure ]
-crbug.com/736308 virtual/outofblink-cors/http/tests/xmlhttprequest/origin-whitelisting-removal.html [ Failure ]
 crbug.com/736308 virtual/outofblink-cors/http/tests/xmlhttprequest/origin-whitelisting-subdomains.html [ Failure ]
 crbug.com/736308 virtual/outofblink-cors/http/tests/xmlhttprequest/origin-whitelisting-ip-addresses.html [ Failure ]
 crbug.com/867834 virtual/outofblink-cors-ns/external/wpt/fetch/api/cors/sandboxed-iframe.html [ Failure ]
@@ -1707,7 +1706,6 @@ crbug.com/736308 virtual/outofblink-cors-ns/external/wpt/xhr/send-redirect-to-co
 crbug.com/736308 virtual/outofblink-cors-ns/http/tests/fetch/chromium/error-messages.html [ Failure ]
 crbug.com/736308 virtual/outofblink-cors-ns/http/tests/xmlhttprequest/origin-whitelisting-all.html [ Failure ]
 crbug.com/736308 virtual/outofblink-cors-ns/http/tests/xmlhttprequest/origin-whitelisting-exact-match.html [ Failure ]
-crbug.com/736308 virtual/outofblink-cors-ns/http/tests/xmlhttprequest/origin-whitelisting-removal.html [ Failure ]
 crbug.com/736308 virtual/outofblink-cors-ns/http/tests/xmlhttprequest/origin-whitelisting-subdomains.html [ Failure ]
 crbug.com/736308 virtual/outofblink-cors-ns/http/tests/xmlhttprequest/origin-whitelisting-ip-addresses.html [ Failure ]

--- a/third_party/WebKit/LayoutTests/http/tests/xmlhttprequest/origin-whitelisting-removal-expected.txt
+++ b/third_party/WebKit/LayoutTests/http/tests/xmlhttprequest/origin-whitelisting-removal-expected.txt
-CONSOLE WARNING: line 17: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
-CONSOLE ERROR: line 19: Access to XMLHttpRequest at 'http://localhost:8000/xmlhttprequest/resources/get.txt' from origin 'http://127.0.0.1:8000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
-CONSOLE ERROR: line 19: Access to XMLHttpRequest at 'http://localhost:8000/xmlhttprequest/resources/get.txt' from origin 'http://127.0.0.1:8000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
-CONSOLE ERROR: line 19: Access to XMLHttpRequest at 'http://localhost:8000/xmlhttprequest/resources/get.txt' from origin 'http://127.0.0.1:8000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
-CONSOLE ERROR: line 19: Access to XMLHttpRequest at 'http://localhost:8000/xmlhttprequest/resources/get.txt' from origin 'http://127.0.0.1:8000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
-CONSOLE ERROR: line 19: Access to XMLHttpRequest at 'http://localhost:8000/xmlhttprequest/resources/get.txt' from origin 'http://127.0.0.1:8000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
-CONSOLE ERROR: line 19: Access to XMLHttpRequest at 'http://localhost:8000/xmlhttprequest/resources/get.txt' from origin 'http://127.0.0.1:8000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
-CONSOLE ERROR: line 19: Access to XMLHttpRequest at 'http://localhost:8000/xmlhttprequest/resources/get.txt' from origin 'http://127.0.0.1:8000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
-CONSOLE ERROR: line 19: Access to XMLHttpRequest at 'http://localhost:8000/xmlhttprequest/resources/get.txt' from origin 'http://127.0.0.1:8000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
-Tests the behavior of whitelisting origins and removing them later.
-Testing: source origin: http://127.0.0.1:8000 destination origin: http:localhost 
-Loading: http://localhost:8000/xmlhttprequest/resources/get.txt (expecting NETWORK_ERR)
-PASS: NetworkError: Failed to execute 'send' on 'XMLHttpRequest': Failed to load 'http://localhost:8000/xmlhttprequest/resources/get.txt'.
-Loading: http://localhost:8000/xmlhttprequest/resources/get.txt (expecting PASS)
-PASS: PASS
-Loading: http://localhost:8000/xmlhttprequest/resources/get.txt (expecting NETWORK_ERR)
-PASS: NetworkError: Failed to execute 'send' on 'XMLHttpRequest': Failed to load 'http://localhost:8000/xmlhttprequest/resources/get.txt'.
-Testing: source origin: http://127.0.0.1:8000 destination origin: http:localhost allowing subdomains
-Loading: http://localhost:8000/xmlhttprequest/resources/get.txt (expecting NETWORK_ERR)
-PASS: NetworkError: Failed to execute 'send' on 'XMLHttpRequest': Failed to load 'http://localhost:8000/xmlhttprequest/resources/get.txt'.
-Loading: http://localhost:8000/xmlhttprequest/resources/get.txt (expecting PASS)
-PASS: PASS
-Loading: http://localhost:8000/xmlhttprequest/resources/get.txt (expecting NETWORK_ERR)
-PASS: NetworkError: Failed to execute 'send' on 'XMLHttpRequest': Failed to load 'http://localhost:8000/xmlhttprequest/resources/get.txt'.
-Testing: source origin: http://127.0.0.1:8000 destination origin: hTtP:LoCaLhOsT allowing subdomains
-Loading: http://localhost:8000/xmlhttprequest/resources/get.txt (expecting NETWORK_ERR)
-PASS: NetworkError: Failed to execute 'send' on 'XMLHttpRequest': Failed to load 'http://localhost:8000/xmlhttprequest/resources/get.txt'.
-Loading: http://localhost:8000/xmlhttprequest/resources/get.txt (expecting PASS)
-PASS: PASS
-Loading: http://localhost:8000/xmlhttprequest/resources/get.txt (expecting NETWORK_ERR)
-PASS: NetworkError: Failed to execute 'send' on 'XMLHttpRequest': Failed to load 'http://localhost:8000/xmlhttprequest/resources/get.txt'.
-Testing: source origin: http://127.0.0.1:8000 destination origin: http: allowing subdomains
-Loading: http://localhost:8000/xmlhttprequest/resources/get.txt (expecting NETWORK_ERR)
-PASS: NetworkError: Failed to execute 'send' on 'XMLHttpRequest': Failed to load 'http://localhost:8000/xmlhttprequest/resources/get.txt'.
-Loading: http://localhost:8000/xmlhttprequest/resources/get.txt (expecting PASS)
-PASS: PASS
-Loading: http://localhost:8000/xmlhttprequest/resources/get.txt (expecting NETWORK_ERR)
-PASS: NetworkError: Failed to execute 'send' on 'XMLHttpRequest': Failed to load 'http://localhost:8000/xmlhttprequest/resources/get.txt'.
--- a/third_party/WebKit/LayoutTests/http/tests/xmlhttprequest/origin-whitelisting-removal.html
+++ b/third_party/WebKit/LayoutTests/http/tests/xmlhttprequest/origin-whitelisting-removal.html
-<p>Tests the behavior of whitelisting origins and removing them later.</p>
-<pre id="console"></pre>
-<script>
-testRunner.dumpAsText();
-function log(message)
-{
-    document.getElementById("console").appendChild(document.createTextNode(message + "\n"));
-}
-function loadURL(url, expectSuccess)
-{
-    log("Loading: " + url + " " + (expectSuccess ? "(expecting PASS)" : "(expecting NETWORK_ERR)"));
-    var req = new XMLHttpRequest();
-    req.open("GET", url, false);
-    try {
-        req.send(null);
-        log((expectSuccess ? "PASS: " : "FAIL: ") + req.responseText);
-    } catch (e) {
-        log((expectSuccess ? "FAIL: " : "PASS: ") + e);
-    }
-}
-function test(origin, protocol, host, subdomains, url)
-{
-    log("Testing: source origin: " + origin + " destination origin: " + protocol + ":" + host + " " + (subdomains ? "allowing subdomains" : ""));
-    loadURL(url, false);
-    testRunner.addOriginAccessWhitelistEntry(origin, protocol.toLowerCase(), host.toLowerCase(), subdomains);
-    loadURL(url, true);
-    testRunner.removeOriginAccessWhitelistEntry(origin, protocol, host, subdomains);
-    loadURL(url, false);
-    log("\n");
-}
-var tests = [
-    ["http://127.0.0.1:8000", "http", "localhost", false, "http://localhost:8000/xmlhttprequest/resources/get.txt"],
-    ["http://127.0.0.1:8000", "http", "localhost", true, "http://localhost:8000/xmlhttprequest/resources/get.txt"],
-    ["http://127.0.0.1:8000", "hTtP", "LoCaLhOsT", true, "http://localhost:8000/xmlhttprequest/resources/get.txt"],
-    ["http://127.0.0.1:8000", "http", "", true, "http://localhost:8000/xmlhttprequest/resources/get.txt"]
-];
-tests.forEach(function(testEntry) { test.apply(null, testEntry) });
-</script>
--- a/third_party/blink/public/web/web_security_policy.h
+++ b/third_party/blink/public/web/web_security_policy.h
@@ -70,11 +70,6 @@ class WebSecurityPolicy {
      const WebString& destination_protocol,
      const WebString& destination_host,
      bool allow_destination_subdomains);
-  BLINK_EXPORT static void RemoveOriginAccessWhitelistEntry(
-      const WebURL& source_origin,
-      const WebString& destination_protocol,
-      const WebString& destination_host,
-      bool allow_destination_subdomains);
  BLINK_EXPORT static void RemoveAllOriginAccessWhitelistEntriesForOrigin(
      const WebURL& source_origin);
  BLINK_EXPORT static void ResetOriginAccessWhitelists();

--- a/third_party/blink/renderer/core/exported/web_security_policy.cc
+++ b/third_party/blink/renderer/core/exported/web_security_policy.cc
@@ -75,16 +75,6 @@ void WebSecurityPolicy::AddOriginAccessWhitelistEntry(
      destination_host, allow_destination_subdomains);
 }
-void WebSecurityPolicy::RemoveOriginAccessWhitelistEntry(
-    const WebURL& source_origin,
-    const WebString& destination_protocol,
-    const WebString& destination_host,
-    bool allow_destination_subdomains) {
-  SecurityPolicy::RemoveOriginAccessWhitelistEntry(
-      *SecurityOrigin::Create(source_origin), destination_protocol,
-      destination_host, allow_destination_subdomains);
-}
 void WebSecurityPolicy::RemoveAllOriginAccessWhitelistEntriesForOrigin(
    const WebURL& source_origin) {
  SecurityPolicy::RemoveAllOriginAccessWhitelistEntriesForOrigin(