Consolidate iframe & object resource timing code paths

So far several of the decision making in resource timing for subframe navigations (iframe/object/embed) was duplicated, e.g. both in blink and in content. This has led to race conditions, inconsistencies and sometimes XSS leaks. This patch attempts to improve the situation by consolidating the code paths: - CorsUrlLoader registers redirect end time, and whether subframe navigations should be considered as "cross-origin" for resource timing (both defined in the fetch spec). - NavigationRequest saves is_container_initiated, which ensures only container-initiated navigations are reported to the parent, as specified in the HTML spec (https://html.spec.whatwg.org/#create-navigation-params-by-fetching, #8) - Both object fallbacks and cancelled navigations (204/205) report to the parent via RenderFrameImpl, and blink converts that to a ResourceTimingInfo object. This allows us to remove the duplicated resource timing creation code in //content. - We report fallback resource timing also for plugin error events and not only for load events. Change-Id: Id37d23cd02eee9e38f812e6f3da99caedafdee3d
web-platform-tests · Feb 4, 2023 · 4562482 · 4562482
1 parent e021431
commit 4562482
Show file tree

Hide file tree

Showing 3 changed files with 47 additions and 0 deletions.
diff --git a/resource-timing/entries-for-object-frame-options-deny.html b/resource-timing/entries-for-object-frame-options-deny.html
@@ -0,0 +1,35 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+<meta charset="utf-8" />
+<meta name="timeout" content="long">
+<link rel="author" title="Noam Rosenthal" href="noam@chromium.org">
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="resources/entry-invariants.js"></script>
+</head>
+<body>
+<script>
+const {REMOTE_ORIGIN} = get_host_info();
+
+promise_test(async t => {
+  const success_url = new URL("/resource-timing/resources/object-frame-options-200.asis", REMOTE_ORIGIN).href;
+  const fail_url = new URL("/resource-timing/resources/object-frame-options-403.asis", REMOTE_ORIGIN).href;
+  const load_object = async url => {
+    const object = document.createElement("object");
+    object.data = url;
+    document.body.appendChild(object);
+    t.add_cleanup(() => object.remove());
+    await new Promise(resolve => {
+      object.onload = object.onerror = resolve;
+    });
+  };
+
+  await Promise.all([success_url, fail_url].map(load_object));
+  assert_equals(performance.getEntriesByName(success_url).length, 1);
+  assert_equals(performance.getEntriesByName(fail_url).length, 1);
+})
+</script>
+</body>
+</html>
diff --git a/resource-timing/resources/object-frame-options-200.asis b/resource-timing/resources/object-frame-options-200.asis
@@ -0,0 +1,6 @@
+HTTP/1.0 200 OK
+Content-Type: text/html
+X-Frame-Options: DENY
+Content-Security-Policy: frame-ancestors 'none'
+
+Hello
diff --git a/resource-timing/resources/object-frame-options-403.asis b/resource-timing/resources/object-frame-options-403.asis
@@ -0,0 +1,6 @@
+HTTP/1.0 403 OK
+Content-Type: text/html
+X-Frame-Options: DENY
+Content-Security-Policy: frame-ancestors 'none'
+
+Hello