From 2d9467219e7c9b1189e1355b1a933b937da7c2e4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C3=A2ris=20MEULEMAN?= <pmeuleman@chromium.org>
Date: Wed, 22 Jul 2020 10:16:21 +0000
Subject: [PATCH] [COOP report] Add support for report-only
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This adds the support for report-only COOP triggered Browsing context
group switches.
During navigation, besides computing whether COOP triggers a BCG switch,
this also computes if any of the report-only policies would also trigger
a switch if they were effective, the resulting values are stored in
booleans within |CrossOriginOpenerPolicyStatus|.
This booleans are then used to trigger the navigation reports, and in a
follow up to trigger access reports.

Explainer [WIP]:
https://github.com/camillelamy/explainers/blob/master/coop_reporting.md

Specification [WIP]:
https://github.com/whatwg/html/pull/5518

Bug: 1099208
Change-Id: I2cb66ec5cdcd9d5b4658c28f0608bc6b52d0da6b
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2241529
Commit-Queue: Pâris Meuleman <pmeuleman@chromium.org>
Reviewed-by: Camille Lamy <clamy@chromium.org>
Reviewed-by: Arthur Hemery <ahemery@chromium.org>
Auto-Submit: Pâris Meuleman <pmeuleman@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#790781}
Cr-Mirrored-From: https://chromium.googlesource.com/chromium/src
Cr-Mirrored-Commit: 9c2ef27118d4009c5fa8659a04b74b48aa0ca574
---
 blink/web_tests/TestExpectations                           | 2 --
 .../report-only-four-reports.https-expected.txt            | 5 -----
 .../report-only-from-unsafe-none.https-expected.txt        | 6 ------
 .../report-only-same-origin-report-to.https-expected.txt   | 7 -------
 .../report-only-same-origin.https-expected.txt             | 6 ------
 .../reporting-popup-same-origin-coep-report-to.https.html  | 5 +++--
 6 files changed, 3 insertions(+), 28 deletions(-)
 delete mode 100644 blink/web_tests/external/wpt/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-four-reports.https-expected.txt
 delete mode 100644 blink/web_tests/external/wpt/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-from-unsafe-none.https-expected.txt
 delete mode 100644 blink/web_tests/external/wpt/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-same-origin-report-to.https-expected.txt
 delete mode 100644 blink/web_tests/external/wpt/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-same-origin.https-expected.txt

diff --git a/blink/web_tests/TestExpectations b/blink/web_tests/TestExpectations
index d1ab75c93ea2..f0c3b38f8e50 100644
--- a/blink/web_tests/TestExpectations
+++ b/blink/web_tests/TestExpectations
@@ -2895,8 +2895,6 @@ crbug.com/626703 [ Linux ] external/wpt/mathml/presentation-markup/operators/mo-
 crbug.com/626703 [ Mac ] external/wpt/mathml/presentation-markup/operators/mo-lspace-rspace-dynamic.html [ Failure ]
 crbug.com/626703 [ Win ] external/wpt/mathml/presentation-markup/operators/mo-lspace-rspace-dynamic.html [ Failure ]
 crbug.com/626703 [ Retina ] external/wpt/html/cross-origin-opener-policy/popup-coop-by-sw-from-coop.https.html [ Timeout ]
-crbug.com/1099208 external/wpt/html/cross-origin-opener-policy/reporting/navigation-reporting/reporting-popup-same-origin.https.html [ Crash ]
-crbug.com/1099208 external/wpt/html/cross-origin-opener-policy/reporting/navigation-reporting/reporting-popup-same-origin-coep-report-to.https.html [ Crash ]
 crbug.com/626703 [ Mac10.14 ] external/wpt/webrtc/RTCRtpSender-replaceTrack.https.html [ Timeout ]
 crbug.com/626703 [ Win ] external/wpt/webrtc/RTCRtpSender-replaceTrack.https.html [ Timeout ]
 crbug.com/626703 [ Mac10.14 ] external/wpt/preload/onload-event.html [ Timeout ]
diff --git a/blink/web_tests/external/wpt/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-four-reports.https-expected.txt b/blink/web_tests/external/wpt/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-four-reports.https-expected.txt
deleted file mode 100644
index 3fe4df21fa4c..000000000000
--- a/blink/web_tests/external/wpt/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-four-reports.https-expected.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-This is a testharness.js-based test.
-FAIL coop reporting test A test with both COOP and COOP report only setup to CROSS_ORIGIN with same-origin-allow-popups; report-to="coop-popup-report-endpoint", require-corp, same-origin; report-to="coop-popup-report-only-endpoint", require-corp promise_test: Unhandled rejection with value: "No report matched the expected report for endpoint: coop-report-only-endpoint, expected report: {\"body\":{\"disposition\":\"reporting\",\"document-uri\":\"https://web-platform.test:8444/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-four-reports.https.html\",\"effective-policy\":\"same-origin-plus-coep\",\"navigation-uri\":\"/uuid=(uuid)$/\",\"violation-type\":\"navigation-from-document\"},\"url\":\"https://web-platform.test:8444/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-four-reports.https.html\",\"type\":\"coop\"}, within available reports: []"
-PASS verify remaining reports
-Harness: the test ran to completion.
-
diff --git a/blink/web_tests/external/wpt/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-from-unsafe-none.https-expected.txt b/blink/web_tests/external/wpt/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-from-unsafe-none.https-expected.txt
deleted file mode 100644
index 93d2c990a28f..000000000000
--- a/blink/web_tests/external/wpt/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-from-unsafe-none.https-expected.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-This is a testharness.js-based test.
-FAIL coop reporting test Report only tests for an opener without any COOP/COOP report only set to SAME_ORIGIN with , , same-origin; report-to="coop-popup-report-only-endpoint",  promise_test: Unhandled rejection with value: "No report matched the expected report for endpoint: coop-popup-report-only-endpoint, expected report: {\"body\":{\"disposition\":\"reporting\",\"document-uri\":\"/uuid=(uuid)$/\",\"effective-policy\":\"same-origin\",\"navigation-uri\":\"https://web-platform.test:8444/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-from-unsafe-none.https.html\",\"violation-type\":\"navigation-to-document\"},\"url\":\"/uuid=(uuid)$/\",\"type\":\"coop\"}, within available reports: []"
-FAIL coop reporting test Report only tests for an opener without any COOP/COOP report only set to CROSS_ORIGIN with , , same-origin; report-to="coop-popup-report-only-endpoint",  promise_test: Unhandled rejection with value: "No report matched the expected report for endpoint: coop-popup-report-only-endpoint, expected report: {\"body\":{\"disposition\":\"reporting\",\"document-uri\":\"/uuid=(uuid)$/\",\"effective-policy\":\"same-origin\",\"navigation-uri\":\"https://web-platform.test:8444/\",\"violation-type\":\"navigation-to-document\"},\"url\":\"/uuid=(uuid)$/\",\"type\":\"coop\"}, within available reports: []"
-PASS verify remaining reports
-Harness: the test ran to completion.
-
diff --git a/blink/web_tests/external/wpt/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-same-origin-report-to.https-expected.txt b/blink/web_tests/external/wpt/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-same-origin-report-to.https-expected.txt
deleted file mode 100644
index 3ac7e8429b59..000000000000
--- a/blink/web_tests/external/wpt/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-same-origin-report-to.https-expected.txt
+++ /dev/null
@@ -1,7 +0,0 @@
-This is a testharness.js-based test.
-FAIL coop reporting test reporting same origin with report-to to CROSS_ORIGIN with , , ,  promise_test: Unhandled rejection with value: "No report matched the expected report for endpoint: coop-report-only-endpoint, expected report: {\"body\":{\"disposition\":\"reporting\",\"document-uri\":\"https://web-platform.test:8444/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-same-origin-report-to.https.html\",\"effective-policy\":\"same-origin\",\"navigation-uri\":\"/uuid=(uuid)$/\",\"violation-type\":\"navigation-from-document\"},\"url\":\"https://web-platform.test:8444/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-same-origin-report-to.https.html\",\"type\":\"coop\"}, within available reports: []"
-FAIL coop reporting test reporting same origin with report-to to CROSS_ORIGIN with , , same-origin; report-to="coop-popup-report-only-endpoint",  promise_test: Unhandled rejection with value: "No report matched the expected report for endpoint: coop-report-only-endpoint, expected report: {\"body\":{\"disposition\":\"reporting\",\"document-uri\":\"https://web-platform.test:8444/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-same-origin-report-to.https.html\",\"effective-policy\":\"same-origin\",\"navigation-uri\":\"/uuid=(uuid)$/\",\"violation-type\":\"navigation-from-document\"},\"url\":\"https://web-platform.test:8444/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-same-origin-report-to.https.html\",\"type\":\"coop\"}, within available reports: []"
-PASS coop reporting test reporting same origin with report-to to SAME_ORIGIN with , , same-origin; report-to="coop-popup-report-only-endpoint", 
-PASS verify remaining reports
-Harness: the test ran to completion.
-
diff --git a/blink/web_tests/external/wpt/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-same-origin.https-expected.txt b/blink/web_tests/external/wpt/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-same-origin.https-expected.txt
deleted file mode 100644
index f922a11eaa43..000000000000
--- a/blink/web_tests/external/wpt/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-same-origin.https-expected.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-This is a testharness.js-based test.
-FAIL coop reporting test reporting same origin with report-to to SAME_ORIGIN with , require-corp, same-origin; report-to="coop-popup-report-only-endpoint",  promise_test: Unhandled rejection with value: "No report matched the expected report for endpoint: coop-popup-report-only-endpoint, expected report: {\"body\":{\"disposition\":\"reporting\",\"document-uri\":\"/uuid=(uuid)$/\",\"effective-policy\":\"same-origin-plus-coep\",\"navigation-uri\":\"https://web-platform.test:8444/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-same-origin.https.html\",\"violation-type\":\"navigation-to-document\"},\"url\":\"/uuid=(uuid)$/\",\"type\":\"coop\"}, within available reports: []"
-FAIL coop reporting test reporting same origin with report-to to SAME_ORIGIN with , , same-origin; report-to="coop-popup-report-only-endpoint", require-corp promise_test: Unhandled rejection with value: "No report matched the expected report for endpoint: coop-popup-report-only-endpoint, expected report: {\"body\":{\"disposition\":\"reporting\",\"document-uri\":\"/uuid=(uuid)$/\",\"effective-policy\":\"same-origin-plus-coep\",\"navigation-uri\":\"https://web-platform.test:8444/html/cross-origin-opener-policy/reporting/navigation-reporting/report-only-same-origin.https.html\",\"violation-type\":\"navigation-to-document\"},\"url\":\"/uuid=(uuid)$/\",\"type\":\"coop\"}, within available reports: []"
-PASS verify remaining reports
-Harness: the test ran to completion.
-
diff --git a/blink/web_tests/external/wpt/html/cross-origin-opener-policy/reporting/navigation-reporting/reporting-popup-same-origin-coep-report-to.https.html b/blink/web_tests/external/wpt/html/cross-origin-opener-policy/reporting/navigation-reporting/reporting-popup-same-origin-coep-report-to.https.html
index 494c9df67b9d..f056bc54b93d 100644
--- a/blink/web_tests/external/wpt/html/cross-origin-opener-policy/reporting/navigation-reporting/reporting-popup-same-origin-coep-report-to.https.html
+++ b/blink/web_tests/external/wpt/html/cross-origin-opener-policy/reporting/navigation-reporting/reporting-popup-same-origin-coep-report-to.https.html
@@ -111,7 +111,7 @@
     SAME_ORIGIN,
     "",
     "",
-    `same-origin; report-to="${popupReportEndpoint.name}"`,
+    `same-origin; report-to="${popupReportOnlyEndpoint.name}"`,
     "require-corp",
     [
       {
@@ -127,7 +127,8 @@
           "url": `${location.href}`,
           "type": "coop"
         }
-      },]
+      }
+    ]
   ],
   // Open a cross-origin popup with a same-origin COOP report only. A report is
   // sent to both this page's endpoint and the popup's.