From f19917fc73bd54823eded982d7b8adbb8d2b94bf Mon Sep 17 00:00:00 2001
From: Yutaka Hirano <yhirano@chromium.org>
Date: Thu, 5 Mar 2020 21:35:13 +0000
Subject: [PATCH] Bug 1618527 [wpt PR 22005] - Introduce COEP reporting for
 CORP (3/3), a=testonly

Automatic update from web-platform-tests
Introduce COEP reporting for CORP (3/3)

1: https://crrev.com/c/2074177
2: https://crrev.com/c/2075002
3: [this]

This series of CLs implements https://github.com/mikewest/corpp/pull/9.
We introduce network::mojom::CrossOriginEmbedderPolicyReporter and
its implementation content::CrossOriginEmbedderPolicyReporter, implement
the reporting logic in content::CrossOriginEmbedderPolicyReporter and
the CORP check, and plumb the mojo interface.

This CL creates CrossOriginEmbedderPolicyReport during the frame
navigation and dedicated worker initialization, and give it to the
network service so that (possibly potential) CORP blocks are reported.

Bug: 1052764
Change-Id: Ia39ff8277eb23d96025f5e6fba4e5a4fa6ffde70
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2076223
Commit-Queue: Yutaka Hirano <yhirano@chromium.org>
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Cr-Commit-Position: refs/heads/master@{#747176}

--

wpt-commits: 0d183bf3945eda537d23f8d37afbde1dad982544
wpt-pr: 22005
---
 .../report-only-require-corp.https.html       | 86 +++++++++++++++++++
 ...eport-only-require-corp.https.html.headers |  1 +
 .../reporting.https.html                      | 68 +++++++++++++++
 .../resources/report.py                       | 19 ++++
 .../resources/stash-take.py                   |  9 ++
 .../resources/subresource-corp.html           | 35 ++++++++
 .../subresource-corp.html.sub.headers         |  4 +
 7 files changed, 222 insertions(+)
 create mode 100644 testing/web-platform/tests/html/cross-origin-embedder-policy/report-only-require-corp.https.html
 create mode 100644 testing/web-platform/tests/html/cross-origin-embedder-policy/report-only-require-corp.https.html.headers
 create mode 100644 testing/web-platform/tests/html/cross-origin-embedder-policy/reporting.https.html
 create mode 100644 testing/web-platform/tests/html/cross-origin-embedder-policy/resources/report.py
 create mode 100644 testing/web-platform/tests/html/cross-origin-embedder-policy/resources/stash-take.py
 create mode 100644 testing/web-platform/tests/html/cross-origin-embedder-policy/resources/subresource-corp.html
 create mode 100644 testing/web-platform/tests/html/cross-origin-embedder-policy/resources/subresource-corp.html.sub.headers

diff --git a/testing/web-platform/tests/html/cross-origin-embedder-policy/report-only-require-corp.https.html b/testing/web-platform/tests/html/cross-origin-embedder-policy/report-only-require-corp.https.html
new file mode 100644
index 0000000000000..ff9e5b64a084e
--- /dev/null
+++ b/testing/web-platform/tests/html/cross-origin-embedder-policy/report-only-require-corp.https.html
@@ -0,0 +1,86 @@
+<!doctype html>
+<meta name="timeout" content="long">
+<title>Cross-Origin-Embedder-Policy-Report-Only header does not affect the actual behavior</title>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src=/common/utils.js></script> <!-- Use token() to allow running tests in parallel -->
+<script src="/common/get-host-info.sub.js"></script>
+<div id=log></div>
+<script>
+const HOST = get_host_info();
+const BASE = new URL("resources", location).pathname;
+
+async_test(t => {
+  const frame = document.createElement("iframe");
+  t.add_cleanup(() => frame.remove());
+  frame.onload = t.step_func_done(() => {
+    assert_not_equals(frame.contentDocument, null);
+  });
+  frame.src = "/common/blank.html";
+  document.body.append(frame);
+  assert_equals(frame.contentDocument.body.localName, "body");
+}, `"none" top-level: navigating a frame to "none" should succeed`);
+
+async_test(t => {
+  const frame = document.createElement("iframe");
+  t.add_cleanup(() => frame.remove());
+  const blank = "/common/blank.html";
+  let firstNavOk = false;
+  frame.onload = t.step_func(() => {
+    if (!firstNavOk) {
+      assert_not_equals(frame.contentDocument, null);
+      firstNavOk = true;
+    } else {
+      assert_not_equals(frame.contentDocument, null);
+      assert_equals(frame.contentWindow.location.pathname, blank);
+      t.done();
+    }
+  });
+  frame.src = `resources/navigate-require-corp.sub.html?to=${blank}`;
+  document.body.append(frame);
+  assert_equals(frame.contentDocument.body.localName, "body");
+}, `"none" top-level: navigating a frame from "require-corp" to "none" should succeed`);
+
+async_test(t => {
+  const w = window.open(`resources/navigate-none.sub.html?to=navigate-require-corp.sub.html`, "window_name");
+  t.add_cleanup(() => w.close());
+
+  w.onload = t.step_func(() => {
+    w.history.back();
+    t.step_timeout(() => {
+      assert_not_equals(w.document, null);
+      t.done();
+    }, 1500);
+  });
+}, `"none" top-level: navigating a frame back from "require-corp" should succeed`);
+
+async_test(t => {
+  let pageLoaded = false;
+  const bc = new BroadcastChannel(token());
+  let finished = false;
+  let doneCheck = _ => {
+    if (finished && pageLoaded) {
+      t.done();
+    }
+  }
+  bc.onmessage = t.step_func((event) => {
+    pageLoaded = true;
+    let payload = event.data;
+    assert_equals(payload, "loaded");
+
+    doneCheck();
+  });
+
+  const bc2 = new BroadcastChannel(token());
+  bc2.onmessage = t.step_func((event) => {
+    finished = true;
+    let payload = event.data;
+    assert_equals(payload, "loaded");
+
+    doneCheck();
+  });
+
+  const win = window.open(`resources/navigate-require-corp.sub.html?channelName=${bc.name}&to=navigate-none.sub.html?channelName=${bc2.name}`, "_blank", "noopener");
+  assert_equals(win, null);
+}, `"require-corp" top-level noopener popup: navigating to "none" should succeed`);
+</script>
diff --git a/testing/web-platform/tests/html/cross-origin-embedder-policy/report-only-require-corp.https.html.headers b/testing/web-platform/tests/html/cross-origin-embedder-policy/report-only-require-corp.https.html.headers
new file mode 100644
index 0000000000000..289659a41fdf4
--- /dev/null
+++ b/testing/web-platform/tests/html/cross-origin-embedder-policy/report-only-require-corp.https.html.headers
@@ -0,0 +1 @@
+cross-origin-embedder-policy-report-only: require-corp
diff --git a/testing/web-platform/tests/html/cross-origin-embedder-policy/reporting.https.html b/testing/web-platform/tests/html/cross-origin-embedder-policy/reporting.https.html
new file mode 100644
index 0000000000000..3a0aebe49a7ba
--- /dev/null
+++ b/testing/web-platform/tests/html/cross-origin-embedder-policy/reporting.https.html
@@ -0,0 +1,68 @@
+<!doctype html>
+<html>
+<html>
+<body>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/utils.js"></script>
+<script src="/common/get-host-info.sub.js"></script>
+<script>
+const HOST = get_host_info();
+function getIframeUrl(filename, token1, token2) {
+  let query = `template=${filename}`;
+  if (token1) {
+    query += `&coep=${token1}`
+  }
+  if (token2) {
+    query += `&coep-report-only=${token2}`
+  }
+  return `resources/reporting-iframe.py?${query}`;
+}
+
+function checkReports(reports, contextUrl) {
+  assert_not_equals(reports, null);
+  assert_equals(reports.length, 2);
+  assert_equals(reports[0].type, 'coep');
+  assert_equals(reports[0].url, contextUrl);
+  assert_equals(reports[0].body.type, 'corp');
+  assert_equals(reports[1].type, 'coep');
+  assert_equals(reports[1].url, contextUrl);
+  assert_equals(reports[1].body.type, 'corp');
+
+  // The order of the reports is non-deterministic.
+  const actualBlockedUrls = reports.map((r) => r.body['blocked-url']).sort();
+  const expectedBlockedUrls = [
+    `${HOST.REMOTE_ORIGIN}/common/text-plain.txt`,
+    `${HOST.ORIGIN}/common/redirect.py?location=${HOST.REMOTE_ORIGIN}/common/text-plain.txt`,
+  ];
+  assert_array_equals(actualBlockedUrls.sort(), expectedBlockedUrls.sort());
+}
+
+async_test(async (t) => {
+  try {
+    const iframe = document.createElement('iframe');
+    t.add_cleanup(() => iframe.remove());
+    const token1 = token();
+    const token2 = token();
+
+    iframe.src = `resources/subresource-corp.html?token1=${token1}&token2=${token2}`;
+    document.body.appendChild(iframe);
+
+    await new Promise(resolve => t.step_timeout(resolve, 3000));
+
+    const res1 = await fetch(`resources/stash-take.py?key=${token1}`);
+    const res2 = await fetch(`resources/stash-take.py?key=${token2}`);
+
+    const reports = JSON.parse(await res1.text());
+    const reportsForReportOnly = JSON.parse(await res2.text());
+
+    checkReports(reports, iframe.src);
+    checkReports(reportsForReportOnly, iframe.src);
+
+    t.done();
+  } catch (e) {
+    t.step(() => { throw e });
+  };
+}, 'report-to parameter for COEP and COEP-report-only');
+
+</script>
diff --git a/testing/web-platform/tests/html/cross-origin-embedder-policy/resources/report.py b/testing/web-platform/tests/html/cross-origin-embedder-policy/resources/report.py
new file mode 100644
index 0000000000000..8adf3009d08e2
--- /dev/null
+++ b/testing/web-platform/tests/html/cross-origin-embedder-policy/resources/report.py
@@ -0,0 +1,19 @@
+import json
+
+
+def main(request, response):
+    if request.method == 'OPTIONS':
+        # CORS preflight
+        response.headers.set('Access-Control-Allow-Origin', '*')
+        response.headers.set('Access-Control-Allow-Methods', 'POST')
+        response.headers.set('Access-Control-Allow-Headers', 'content-type')
+        return ''
+
+    url_dir = '/'.join(request.url_parts.path.split('/')[:-1]) + '/'
+    key = request.GET.first('key')
+    reports = request.server.stash.take(key, url_dir) or []
+    for report in json.loads(request.body):
+        reports.append(report)
+    request.server.stash.put(key, reports, url_dir)
+    response.headers.set('Access-Control-Allow-Origin', '*')
+    return 'done'
diff --git a/testing/web-platform/tests/html/cross-origin-embedder-policy/resources/stash-take.py b/testing/web-platform/tests/html/cross-origin-embedder-policy/resources/stash-take.py
new file mode 100644
index 0000000000000..73e0def86caed
--- /dev/null
+++ b/testing/web-platform/tests/html/cross-origin-embedder-policy/resources/stash-take.py
@@ -0,0 +1,9 @@
+from wptserve.handlers import json_handler
+
+
+@json_handler
+def main(request, response):
+    path = '/'.join(request.url_parts.path.split('/')[:-1]) + '/'
+    key = request.GET.first('key')
+    response.headers.set('Access-Control-Allow-Origin', '*')
+    return request.server.stash.take(key, path)
diff --git a/testing/web-platform/tests/html/cross-origin-embedder-policy/resources/subresource-corp.html b/testing/web-platform/tests/html/cross-origin-embedder-policy/resources/subresource-corp.html
new file mode 100644
index 0000000000000..4b029700e0e9a
--- /dev/null
+++ b/testing/web-platform/tests/html/cross-origin-embedder-policy/resources/subresource-corp.html
@@ -0,0 +1,35 @@
+<!doctype html>
+<html>
+<script src="/common/get-host-info.sub.js"></script>
+<script>
+const HOST = get_host_info();
+const current = new URL(window.location.href);
+const token = current.searchParams.get("token");
+
+const cache = 'no-store';
+const mode = 'no-cors';
+
+async function run() {
+  const init = { mode, cache };
+  // This is not blocked.
+  await fetch('/common/text-plain.txt', init);
+  // This is blocked but not due to COEP.
+  try {
+    await fetch('nothing-same-origin-corp.txt', init);
+  } catch (e) {
+  }
+
+  try {
+    await fetch(`${HOST.REMOTE_ORIGIN}/common/text-plain.txt`, init);
+  } catch (e) {
+  }
+  try {
+    await fetch(`/common/redirect.py?location=${HOST.REMOTE_ORIGIN}/common/text-plain.txt`, init);
+  } catch (e) {
+  }
+}
+
+run();
+
+</script>
+</html>
diff --git a/testing/web-platform/tests/html/cross-origin-embedder-policy/resources/subresource-corp.html.sub.headers b/testing/web-platform/tests/html/cross-origin-embedder-policy/resources/subresource-corp.html.sub.headers
new file mode 100644
index 0000000000000..00609991031ea
--- /dev/null
+++ b/testing/web-platform/tests/html/cross-origin-embedder-policy/resources/subresource-corp.html.sub.headers
@@ -0,0 +1,4 @@
+cache-control: no-store, no-cache
+report-to: { "group": "endpoint", "max_age": 3600, "endpoints": [{ "url": "https://{{hosts[][www]}}:{{ports[https][0]}}/html/cross-origin-embedder-policy/resources/report.py?key={{GET[token1]}}" }] }, { "group": "report-only-endpoint", "max_age": 3600, "endpoints": [{ "url": "https://{{hosts[][www]}}:{{ports[https][0]}}/html/cross-origin-embedder-policy/resources/report.py?key={{GET[token2]}}" }] }
+cross-origin-embedder-policy: require-corp; report-to="endpoint"
+cross-origin-embedder-policy-report-only: require-corp; report-to="report-only-endpoint"