Bug 1652840 [wpt PR 24593] - Origin isolation: initial getter updates, a=testonly

Automatic update from web-platform-tests Origin isolation: initial getter updates This makes window.originIsolationRestricted available in non-secure contexts, per the latest updates in https://github.com/whatwg/html/pull/5545. It also updates the tests to expect the values we would get from that spec. It does *not* update the web platform tests, or the implementation, for the new name; that's https://crbug.com/1103866. Bug: 1095653 Change-Id: I9ac31d36e2744a3a49eb61c6899debbe38180868 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2290782 Commit-Queue: Domenic Denicola <domenic@chromium.org> Reviewed-by: James MacLean <wjmaclean@chromium.org> Reviewed-by: Daniel Cheng <dcheng@chromium.org> Cr-Commit-Position: refs/heads/master@{#788297} -- wpt-commits: d02251699d90d93f792461a2b61baf48a0e786ec wpt-pr: 24593
2020-07-22 19:55:36 +00:00 · 2020-07-22 19:55:36 +00:00 · 3672414bf9
--- a/testing/web-platform/tests/origin-isolation/getter-special-cases/data-url.https.html
+++ b/testing/web-platform/tests/origin-isolation/getter-special-cases/data-url.https.html
@ -4,6 +4,10 @@
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>

+<!-- TODO(domenic): update this to test window.originIsolated, not
+     window.originIsolationRestricted. See
+     https://github.com/WICG/origin-isolation/pull/34. -->
+
 <div id="log"></div>

 <script type="module">
@ -29,10 +33,8 @@ promise_setup(() => {
  return waitPromise;
 });

-// The data: URL iframe has an opaque origin, so it definitely should return
-// false. It's pretty unlikely that it would return true anyway, since we can't
-// set the header on the iframe, but we should test it to make sure there isn't
-// some strange main page -> data: URL iframe inheritance going on.
+// The data: URL iframe has an opaque origin, so it should return true, since
+// for them site === origin so they are always "origin-isolated".

-testOriginIsolationRestricted(0, false);
+testOriginIsolationRestricted(0, true);
 </script>
--- a/testing/web-platform/tests/origin-isolation/getter-special-cases/removed-iframe.sub.https.html
+++ b/testing/web-platform/tests/origin-isolation/getter-special-cases/removed-iframe.sub.https.html
@ -4,6 +4,10 @@
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>

+<!-- TODO(domenic): update this to test window.originIsolated, not
+     window.originIsolationRestricted. See
+     https://github.com/WICG/origin-isolation/pull/34. -->
+
 <div id="log"></div>

 <script type="module">
--- a/testing/web-platform/tests/origin-isolation/getter-special-cases/sandboxed-iframe.sub.https.html
+++ b/testing/web-platform/tests/origin-isolation/getter-special-cases/sandboxed-iframe.sub.https.html
@ -4,6 +4,10 @@
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>

+<!-- TODO(domenic): update this to test window.originIsolated, not
+     window.originIsolationRestricted. See
+     https://github.com/WICG/origin-isolation/pull/34. -->
+
 <div id="log"></div>

 <script type="module">
@ -22,9 +26,7 @@ promise_setup(() => {
  return navigatePromise;
 });

-// Because sandboxed iframes have an opaque origin, their agent cluster key is
-// always an origin, so there are no additional restrictions imposed by origin
-// isolation. Thus the getter returns false.
-
-testOriginIsolationRestricted(0, false);
+// Sandboxed iframes have an opaque origin, so it should return true, since
+// for them site === origin so they are always "origin-isolated".
+testOriginIsolationRestricted(0, true);
 </script>
--- a/testing/web-platform/tests/origin-isolation/insecure-http.sub.html
+++ b/testing/web-platform/tests/origin-isolation/insecure-http.sub.html
@ -7,7 +7,11 @@
 <div id="log"></div>

 <script type="module">
-import { insertIframe, testSameAgentCluster } from "./resources/helpers.mjs";
+import {
+  insertIframe,
+  testSameAgentCluster,
+  testOriginIsolationRestricted
+} from "./resources/helpers.mjs";

 promise_setup(async () => {
  await insertIframe("{{hosts[][www]}}", "?1");
@ -17,8 +21,6 @@ promise_setup(async () => {
 // So both end up in the site-keyed agent cluster.
 testSameAgentCluster([self, 0]);

-// Has to be promise_test because we used promise_setup().
-promise_test(async () => {
-  assert_false("originIsolationRestricted" in window);
-}, "The getter must not exist");
+testOriginIsolationRestricted(self, false, "parent");
+testOriginIsolationRestricted(0, false, "child");
 </script>