Gate `Sec-Fetch-Dest` on an additional feature flag.

We're aiming to ship most of Fetch Metadata before we've resolved `Sec-Fetch-Dest` completely. This patch adds another feature flag and RuntimeEnabledFeature to allow that. Bug: 843478 Change-Id: I392e20b0bb5a5ab117a720e5d3800258fd3e6e9b Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1554662Reviewed-by: Jochen Eisinger <jochen@chromium.org> Reviewed-by: Mike West <mkwst@chromium.org> Reviewed-by: Scott Violet <sky@chromium.org> Reviewed-by: Łukasz Anforowicz <lukasza@chromium.org> Commit-Queue: Mike West <mkwst@chromium.org> Auto-Submit: Mike West <mkwst@chromium.org> Cr-Commit-Position: refs/heads/master@{#649840}

Gate `Sec-Fetch-Dest` on an additional feature flag.
We're aiming to ship most of Fetch Metadata before we've resolved `Sec-Fetch-Dest` completely. This patch adds another feature flag and RuntimeEnabledFeature to allow that. Bug: 843478 Change-Id: I392e20b0bb5a5ab117a720e5d3800258fd3e6e9b Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1554662Reviewed-by: Jochen Eisinger <jochen@chromium.org> Reviewed-by: Mike West <mkwst@chromium.org> Reviewed-by: Scott Violet <sky@chromium.org> Reviewed-by: Łukasz Anforowicz <lukasza@chromium.org> Commit-Queue: Mike West <mkwst@chromium.org> Auto-Submit: Mike West <mkwst@chromium.org> Cr-Commit-Position: refs/heads/master@{#649840}
fabe9c51 · Mike West · Commit Bot · 7c502920 · fabe9c51 · fabe9c51
Commit fabe9c51 authored Apr 11, 2019 by Mike West Committed by Commit Bot Apr 11, 2019
11 changed files
--- a/chrome/browser/ui/views/bookmarks/bookmark_bar_view_browsertest.cc
+++ b/chrome/browser/ui/views/bookmarks/bookmark_bar_view_browsertest.cc
@@ -50,7 +50,10 @@ class BookmarkBarNavigationTest : public InProcessBrowserTest {
      : https_test_server_(net::EmbeddedTestServer::TYPE_HTTPS) {}

  void SetUp() override {
-    scoped_feature_list_.InitAndEnableFeature(network::features::kSecMetadata);
+    scoped_feature_list_.InitWithFeatures(
+        {network::features::kFetchMetadata,
+         network::features::kFetchMetadataDestination},
+        {});
    InProcessBrowserTest::SetUp();
  }


--- a/content/browser/frame_host/navigation_request.cc
+++ b/content/browser/frame_host/navigation_request.cc
@@ -139,8 +139,15 @@ bool IsSecureFrame(FrameTreeNode* frame) {
  return true;
 }

-bool IsSecMetadataEnabled() {
-  return base::FeatureList::IsEnabled(network::features::kSecMetadata) ||
+bool IsFetchMetadataEnabled() {
+  return base::FeatureList::IsEnabled(network::features::kFetchMetadata) ||
+         base::CommandLine::ForCurrentProcess()->HasSwitch(
+             switches::kEnableExperimentalWebPlatformFeatures);
+}
+
+bool IsFetchMetadataDestinationEnabled() {
+  return base::FeatureList::IsEnabled(
+             network::features::kFetchMetadataDestination) ||
         base::CommandLine::ForCurrentProcess()->HasSwitch(
             switches::kEnableExperimentalWebPlatformFeatures);
 }
@@ -207,7 +214,7 @@ void AddAdditionalRequestHeaders(net::HttpRequestHeaders* headers,

  // TODO(mkwst): Extract this logic out somewhere that can be shared between
  // Blink and //content.
-  if (IsSecMetadataEnabled() && IsOriginSecure(url)) {
+  if (IsFetchMetadataEnabled() && IsOriginSecure(url)) {
    std::string site_value = "cross-site";
    std::string user_value = has_user_gesture ? "?1" : std::string();

@@ -251,7 +258,10 @@ void AddAdditionalRequestHeaders(net::HttpRequestHeaders* headers,
        destination = "nested-document";
        mode = "nested-navigate";
    }
+
+    if (IsFetchMetadataDestinationEnabled()) {
      headers->SetHeaderIfMissing("Sec-Fetch-Dest", destination.c_str());
+    }
    headers->SetHeaderIfMissing("Sec-Fetch-Mode", mode.c_str());
    headers->SetHeaderIfMissing("Sec-Fetch-Site", site_value.c_str());
    if (!user_value.empty())

--- a/content/browser/frame_host/sec_fetch_browsertest.cc
+++ b/content/browser/frame_host/sec_fetch_browsertest.cc
@@ -37,7 +37,10 @@ class SecFetchBrowserTest : public ContentBrowserTest {
    https_test_server_.SetSSLConfig(net::EmbeddedTestServer::CERT_OK);
    ASSERT_TRUE(https_test_server_.Start());

-    feature_list_.InitAndEnableFeature(network::features::kSecMetadata);
+    feature_list_.InitWithFeatures(
+        {network::features::kFetchMetadata,
+         network::features::kFetchMetadataDestination},
+        {});
  }

  WebContents* web_contents() { return shell()->web_contents(); }

--- a/content/browser/worker_host/worker_script_fetch_initiator.cc
+++ b/content/browser/worker_host/worker_script_fetch_initiator.cc
@@ -214,9 +214,11 @@ void WorkerScriptFetchInitiator::AddAdditionalRequestHeaders(
  }

  // Set Fetch metadata headers if necessary.
-  if ((base::FeatureList::IsEnabled(network::features::kSecMetadata) ||
+  bool experimental_features_enabled =
      base::CommandLine::ForCurrentProcess()->HasSwitch(
-           switches::kEnableExperimentalWebPlatformFeatures)) &&
+          switches::kEnableExperimentalWebPlatformFeatures);
+  if ((base::FeatureList::IsEnabled(network::features::kFetchMetadata) ||
+       experimental_features_enabled) &&
      IsOriginSecure(resource_request->url)) {
    // The worker's origin can be different from the constructor's origin, for
    // example, when the worker created from the extension.
@@ -227,13 +229,18 @@ void WorkerScriptFetchInitiator::AddAdditionalRequestHeaders(
            url::Origin::Create(resource_request->url))) {
      site_value = "same-origin";
    }
-    resource_request->headers.SetHeaderIfMissing("Sec-Fetch-Dest",
-                                                 "sharedworker");
    resource_request->headers.SetHeaderIfMissing("Sec-Fetch-Site",
                                                 site_value.c_str());
    resource_request->headers.SetHeaderIfMissing("Sec-Fetch-Mode",
                                                 "same-origin");
    // We don't set `Sec-Fetch-User` for subresource requests.
+
+    if (base::FeatureList::IsEnabled(
+            network::features::kFetchMetadataDestination) ||
+        experimental_features_enabled) {
+      resource_request->headers.SetHeaderIfMissing("Sec-Fetch-Dest",
+                                                   "sharedworker");
+    }
  }
 }


--- a/content/child/runtime_features.cc
+++ b/content/child/runtime_features.cc
@@ -201,8 +201,12 @@ void SetIndividualRuntimeFeatures(

  // TODO(yashard): Remove |enable_experimental_web_platform_features| flag
  // since the feature should have been enabled when it is set to experimental
-  WebRuntimeFeatures::EnableSecMetadata(
-      base::FeatureList::IsEnabled(network::features::kSecMetadata) ||
+  WebRuntimeFeatures::EnableFetchMetadata(
+      base::FeatureList::IsEnabled(network::features::kFetchMetadata) ||
+      enable_experimental_web_platform_features);
+  WebRuntimeFeatures::EnableFetchMetadataDestination(
+      base::FeatureList::IsEnabled(
+          network::features::kFetchMetadataDestination) ||
      enable_experimental_web_platform_features);

  WebRuntimeFeatures::EnableUserActivationPostMessageTransfer(

--- a/services/network/public/cpp/features.cc
+++ b/services/network/public/cpp/features.cc
@@ -60,9 +60,15 @@ const base::Feature kEnforceRequestInitiatorLockForCorb{
    "EnforceRequestInitiatorLockForCorb", base::FEATURE_ENABLED_BY_DEFAULT};

 // Implementation of https://mikewest.github.io/sec-metadata/
-const base::Feature kSecMetadata{"SecMetadata",
+const base::Feature kFetchMetadata{"FetchMetadata",
                                   base::FEATURE_DISABLED_BY_DEFAULT};

+// The `Sec-Fetch-Dest` header is split out from the main "FetchMetadata"
+// feature so we can ship the broader feature without this specifific bit
+// while we continue discussion.
+const base::Feature kFetchMetadataDestination{
+    "FetchMetadataDestination", base::FEATURE_DISABLED_BY_DEFAULT};
+
 bool ShouldEnableOutOfBlinkCors() {
  // OOR-CORS requires NetworkService.
  if (!base::FeatureList::IsEnabled(features::kNetworkService))

--- a/services/network/public/cpp/features.h
+++ b/services/network/public/cpp/features.h
@@ -28,7 +28,9 @@ extern const base::Feature kDelayRequestsOnMultiplexedConnections;
 COMPONENT_EXPORT(NETWORK_CPP)
 extern const base::Feature kEnforceRequestInitiatorLockForCorb;
 COMPONENT_EXPORT(NETWORK_CPP)
-extern const base::Feature kSecMetadata;
+extern const base::Feature kFetchMetadata;
+COMPONENT_EXPORT(NETWORK_CPP)
+extern const base::Feature kFetchMetadataDestination;

 COMPONENT_EXPORT(NETWORK_CPP) bool ShouldEnableOutOfBlinkCors();


--- a/third_party/blink/public/platform/web_runtime_features.h
+++ b/third_party/blink/public/platform/web_runtime_features.h
@@ -171,7 +171,8 @@ class WebRuntimeFeatures {
  BLINK_PLATFORM_EXPORT static void EnableScriptedSpeechRecognition(bool);
  BLINK_PLATFORM_EXPORT static void EnableScriptedSpeechSynthesis(bool);
  BLINK_PLATFORM_EXPORT static void EnableScrollAnchorSerialization(bool);
-  BLINK_PLATFORM_EXPORT static void EnableSecMetadata(bool);
+  BLINK_PLATFORM_EXPORT static void EnableFetchMetadata(bool);
+  BLINK_PLATFORM_EXPORT static void EnableFetchMetadataDestination(bool);
  BLINK_PLATFORM_EXPORT static void EnableSharedArrayBuffer(bool);
  BLINK_PLATFORM_EXPORT static void EnableSharedWorker(bool);
  BLINK_PLATFORM_EXPORT static void EnableTextFragmentAnchor(bool);

--- a/third_party/blink/renderer/core/loader/base_fetch_context.cc
+++ b/third_party/blink/renderer/core/loader/base_fetch_context.cc
@@ -144,7 +144,7 @@ void BaseFetchContext::AddAdditionalRequestHeaders(ResourceRequest& request) {

  scoped_refptr<SecurityOrigin> url_origin =
      SecurityOrigin::Create(request.Url());
-  if (blink::RuntimeEnabledFeatures::SecMetadataEnabled() &&
+  if (blink::RuntimeEnabledFeatures::FetchMetadataEnabled() &&
      url_origin->IsPotentiallyTrustworthy()) {
    const char* destination_value =
        GetDestinationFromContext(request.GetRequestContext());
@@ -154,7 +154,7 @@ void BaseFetchContext::AddAdditionalRequestHeaders(ResourceRequest& request) {
    if (strlen(destination_value) == 0)
      destination_value = "empty";

-    // We'll handle adding the header to navigations outside of Blink.
+    // We'll handle adding these headers to navigations outside of Blink.
    if (strncmp(destination_value, "document", 8) != 0 &&
        request.GetRequestContext() != mojom::RequestContextType::INTERNAL) {
      const char* site_value = "cross-site";
@@ -173,7 +173,10 @@ void BaseFetchContext::AddAdditionalRequestHeaders(ResourceRequest& request) {
        }
      }

+      if (blink::RuntimeEnabledFeatures::FetchMetadataDestinationEnabled()) {
        request.SetHttpHeaderField("Sec-Fetch-Dest", destination_value);
+      }
+
      request.SetHttpHeaderField(
          "Sec-Fetch-Mode",
          FetchRequestModeToString(request.GetFetchRequestMode()));

--- a/third_party/blink/renderer/platform/exported/web_runtime_features.cc
+++ b/third_party/blink/renderer/platform/exported/web_runtime_features.cc
@@ -519,8 +519,12 @@ void WebRuntimeFeatures::EnableScrollAnchorSerialization(bool enable) {
  RuntimeEnabledFeatures::SetScrollAnchorSerializationEnabled(enable);
 }

-void WebRuntimeFeatures::EnableSecMetadata(bool enable) {
-  RuntimeEnabledFeatures::SetSecMetadataEnabled(enable);
+void WebRuntimeFeatures::EnableFetchMetadata(bool enable) {
+  RuntimeEnabledFeatures::SetFetchMetadataEnabled(enable);
+}
+
+void WebRuntimeFeatures::EnableFetchMetadataDestination(bool enable) {
+  RuntimeEnabledFeatures::SetFetchMetadataDestinationEnabled(enable);
 }

 void WebRuntimeFeatures::EnableTimerThrottlingForBackgroundTabs(bool enable) {

--- a/third_party/blink/renderer/platform/runtime_enabled_features.json5
+++ b/third_party/blink/renderer/platform/runtime_enabled_features.json5
@@ -549,6 +549,14 @@
    {
      name: "FeaturePolicyVibrateFeature"
    },
+    {
+      name: "FetchMetadata",
+      status: "experimental"
+    },
+    {
+      name: "FetchMetadataDestination",
+      status: "experimental"
+    },
    {
      name: "FileSystem",
      status: "stable",
@@ -1268,10 +1276,6 @@
      name: "ScrollTopLeftInterop",
      status: "stable",
    },
-    {
-      name: "SecMetadata",
-      status: "experimental"
-    },
    {
      name: "SendBeaconThrowForBlobWithNonSimpleType",
      status: "stable",