service worker: Prepare sandboxed-iframe-navigator-serviceworker.html for upstreaming

To help reviewing this patch first changes the test and another one will
move it to external/wpt.

The subject matter seems fine for WPT although the final promise_test was
intended as just a crash test and Chromium's behavior is not totally
matching the spec. I wrote the expectation according to my interpretation
of the spec and nhiroki's TODO.

Bug: 688116, 532855, 486308
Change-Id: Ia6b9b178c21691a1abca3c60c7fc38ee86ea0989
Reviewed-on: https://chromium-review.googlesource.com/761270
Commit-Queue: Matt Falkenhagen <falken@chromium.org>
Reviewed-by: Hiroki Nakagawa <nhiroki@chromium.org>
Reviewed-by: Tsuyoshi Horo <horo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#515878}

third_party/WebKit/LayoutTests/http/tests/serviceworker/chromium/resources/sandboxed-iframe-navigator-serviceworker-iframe.html

 <script>
-window.onmessage = function (e) {
-  var id = e.data['id'];
+window.onmessage = function(e) {
+  const id = e.data['id'];
   try {
     var sw = window.navigator.serviceWorker;
   } catch (e) {
-    window.top.postMessage({id: id, result:e.toString()}, '*');
+    window.top.postMessage({
+        id: id,
+        result: 'navigator.serviceWorker failed: ' + e.name
+      }, '*');
     return;
   }
 
@@ -13,7 +16,10 @@ window.onmessage = function (e) {
         window.top.postMessage({id: id, result:'ok'}, '*');
       })
     .catch(function(e) {
-        window.top.postMessage({id: id, result:e.toString()}, '*');
-      });
+        window.top.postMessage({
+            id: id,
+            result: 'getRegistration() failed: ' + e.name
+          }, '*');
+        });
 };
 </script>

third_party/WebKit/LayoutTests/http/tests/serviceworker/chromium/sandboxed-iframe-navigator-serviceworker-expected.txt

+This is a testharness.js-based test.
+PASS Accessing navigator.serviceWorker in normal iframe should not throw.
+PASS Accessing navigator.serviceWorker in sandboxed iframe should throw.
+PASS Accessing navigator.serviceWorker in sandboxed iframe with allow-same-origin flag should not throw.
+FAIL Switching iframe sandbox attribute while loading the iframe assert_equals: expected "navigator.serviceWorker failed: SecurityError" but got "getRegistration() failed: InvalidStateError"
+Harness: the test ran to completion.
+

third_party/WebKit/LayoutTests/http/tests/serviceworker/chromium/sandboxed-iframe-navigator-serviceworker.html

@@ -15,12 +15,12 @@ function postMessageAndWaitResult(frame) {
   });
 }
 
-window.onmessage = function (e) {
+window.onmessage = function(e) {
   message = e.data;
   var id = message['id'];
-  var calback = callbacks[id];
+  var callback = callbacks[id];
   delete callbacks[id];
-  calback(message['result']);
+  callback(message.result);
 };
 
 promise_test(function(t) {
@@ -29,12 +29,11 @@ promise_test(function(t) {
     return with_iframe(url)
       .then(function(f) {
           frame = f;
+          add_result_callback(() => { frame.remove(); });
           return postMessageAndWaitResult(f);
         })
       .then(function(result) {
-          frame.remove();
           assert_equals(result, 'ok');
-          t.done();
         });
   }, 'Accessing navigator.serviceWorker in normal iframe should not throw.');
 
@@ -44,14 +43,13 @@ promise_test(function(t) {
     return with_sandboxed_iframe(url, 'allow-scripts')
       .then(function(f) {
           frame = f;
+          add_result_callback(() => { frame.remove(); });
           return postMessageAndWaitResult(f);
         })
       .then(function(result) {
-          frame.remove();
           assert_equals(
               result,
-              'SecurityError: Failed to read the \'serviceWorker\' property from \'Navigator\': Service worker is disabled because the context is sandboxed and lacks the \'allow-same-origin\' flag.');
-          t.done();
+              'navigator.serviceWorker failed: SecurityError');
         });
   }, 'Accessing navigator.serviceWorker in sandboxed iframe should throw.');
 
@@ -61,12 +59,11 @@ promise_test(function(t) {
     return with_sandboxed_iframe(url, 'allow-scripts allow-same-origin')
       .then(function(f) {
           frame = f;
+          add_result_callback(() => { frame.remove(); });
           return postMessageAndWaitResult(f);
         })
       .then(function(result) {
-          frame.remove();
           assert_equals(result, 'ok');
-          t.done();
         });
   },
   'Accessing navigator.serviceWorker in sandboxed iframe with ' +
@@ -77,32 +74,42 @@ promise_test(function(t) {
     var frame;
     return new Promise(function(resolve) {
           frame = document.createElement('iframe');
+          add_result_callback(() => { frame.remove(); });
           frame.sandbox = '';
           frame.src = url;
           frame.onload = resolve;
           document.body.appendChild(frame);
-          // Switching the sandbox attribute during loading the iframe.
+          // Switch the sandbox attribute while loading the iframe.
           frame.sandbox = 'allow-scripts allow-same-origin';
         })
       .then(function() {
           return postMessageAndWaitResult(frame)
         })
       .then(function(result) {
-          frame.remove();
-          // TODO(nhiroki): According to the HTML5 spec, dynamically changing
-          // the sandbox attribute does not have to immediately affect the
-          // restriction, so in this case, the frame would be expected to act as
-          // if it still doesn't have 'allow-scripts allow-same-origin' and to
-          // raise a security exception when 'serviceWorker' attribute is
-          // accessed.
+          // The HTML spec seems to say that changing the sandbox attribute
+          // after the iframe is inserted into its parent document does not
+          // affect the sandboxing. If that's true, the frame should still
+          // act as if it still doesn't have
+          // 'allow-scripts allow-same-origin' set and throw a SecurityError.
+          //
+          // 1) From Section 4.8.5 "The iframe element":
+          // "When an iframe element is inserted into a document that has a
+          // browsing context, the user agent must create a new browsing
+          // context..."
+          // 2) "Create a new browsing context" expands to Section 7.1
+          // "Browsing contexts", which includes creating a Document and
+          // "Implement the sandboxing for document."
+          // 3) "Implement the sandboxing" expands to Section 7.6 "Sandboxing",
+          // which includes "populate document's active sandboxing flag set".
+          //
+          // It's not clear whether navigation subsequently creates a new
+          // Document, but I'm assuming it wouldn't.
           // https://html.spec.whatwg.org/multipage/embedded-content.html#attr-iframe-sandbox
           assert_equals(
               result,
-              'InvalidStateError: Failed to get a ServiceWorkerRegistration: The document is in an invalid state.');
-          t.done();
+              'navigator.serviceWorker failed: SecurityError');
         });
-  }, 'Switching iframe sandbox attribute during loading the iframe should ' +
-     'not crash (http://crbug.com/532855)');
+  }, 'Switching iframe sandbox attribute while loading the iframe');
 
 </script>
 </body>