From 9a30fa388c7554c51a42eba8774c3209526b93ce Mon Sep 17 00:00:00 2001
From: Ben Kelly <wanderview@chromium.org>
Date: Thu, 28 Oct 2021 17:10:46 -0700
Subject: [PATCH] Reland "Fetch: Plumb request initiator through passthrough
 service workers."
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This is a reland of da0a6501cf321579bd46a27ff9fba1bb8ea910bb

This CL also includes a change to mark the two WPT tests as requiring
long timeout durations.  On my fast build machine with an opt build
they take ~5 seconds each to complete and the default timeout is 10
seconds.  On slower bots with debug builds its highly likely that these
tests would be marked as timing out.  This change gives them a 60 second
timeout instead.

Original change's description:
> Fetch: Plumb request initiator through passthrough service workers.
>
> This CL contains essentially two changes:
>
> 1. The request initiator origin is plumbed through service workers
>    that do `fetch(evt.request)`.  In addition to plumbing, this
>    requires changes to how we validate navigation requests in the
>    CorsURLLoaderFactory.
> 2. Tracks the original destination of a request passed through a
>    service worker.  This is then used in the network service to force
>    SameSite=Lax cookies to treat the request as a main frame navigation
>    where appropriate.
>
> For more detailed information about these changes please see the
> internal design doc at:
>
> https://docs.google.com/document/d/1KZscujuV7bCFEnzJW-0DaCPU-I40RJimQKoCcI0umTQ/edit?usp=sharing
>
> In addition, there is some discussion of these features in the following
> spec issues:
>
> https://github.com/whatwg/fetch/issues/1321
> https://github.com/whatwg/fetch/issues/1327
>
> The test includes WPT tests that verify navigation headers and SameSite
> cookies.  Note, chrome has a couple expected failures in the SameSite
> cookie tests because of the "lax-allowing-unsafe" intervention that is
> currently enabled.  See:
>
> https://source.chromium.org/chromium/chromium/src/+/main:third_party/blink/web_tests/TestExpectations;l=4635;drc=e8133cbf2469adb99c6610483ab78bcfb8cc4c76
>
> Bug: 1115847,1241188
> Change-Id: I7e236fa20aeabb705aef40fcf8d5c36da6d2798c
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3115917
> Reviewed-by: Matt Menke <mmenke@chromium.org>
> Reviewed-by: Yutaka Hirano <yhirano@chromium.org>
> Reviewed-by: Nasko Oskov <nasko@chromium.org>
> Reviewed-by: Łukasz Anforowicz <lukasza@chromium.org>
> Commit-Queue: Ben Kelly <wanderview@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#936029}

Bug: 1115847,1241188
Change-Id: Ia26acbdd0d7ce6583d9a44f83ed086708657b8bd
---
 .../navigation-headers.https.html             | 559 ++++++++++++++++++
 .../resources/fetch-rewrite-worker.js         |   6 +-
 .../resources/fetch-rewrite-worker.js.headers |   2 +
 .../service-worker/resources/form-poster.html |  12 +
 .../resources/location-setter.html            |  10 +
 .../resources/navigation-headers-server.py    |  19 +
 .../resources/same-site-cookies-register.html |  22 +
 .../same-site-cookies-unregister.html         |  11 +
 .../same-site-cookies.https.html              | 216 +++++++
 9 files changed, 856 insertions(+), 1 deletion(-)
 create mode 100644 service-workers/service-worker/navigation-headers.https.html
 create mode 100644 service-workers/service-worker/resources/fetch-rewrite-worker.js.headers
 create mode 100644 service-workers/service-worker/resources/form-poster.html
 create mode 100644 service-workers/service-worker/resources/location-setter.html
 create mode 100644 service-workers/service-worker/resources/navigation-headers-server.py
 create mode 100644 service-workers/service-worker/resources/same-site-cookies-register.html
 create mode 100644 service-workers/service-worker/resources/same-site-cookies-unregister.html
 create mode 100644 service-workers/service-worker/same-site-cookies.https.html

diff --git a/service-workers/service-worker/navigation-headers.https.html b/service-workers/service-worker/navigation-headers.https.html
new file mode 100644
index 00000000000000..b2c6b7ac379644
--- /dev/null
+++ b/service-workers/service-worker/navigation-headers.https.html
@@ -0,0 +1,559 @@
+<!DOCTYPE html>
+<meta charset="utf-8"/>
+<meta name="timeout" content="long">
+<title>Service Worker: Navigation Post Request Origin Header</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="/service-workers/service-worker/resources/test-helpers.sub.js"></script>
+<body>
+<script>
+'use strict';
+
+const script = new URL('./resources/fetch-rewrite-worker.js', self.location);
+const base = './resources/navigation-headers-server.py';
+const scope = base + '?with-sw';
+let registration;
+
+async function post_and_get_headers(t, form_host, method, swaction) {
+  if (swaction === 'navpreload') {
+    assert_true('navigationPreload' in registration,
+                'navigation preload must be supported');
+  }
+  let target_string;
+  if (swaction === 'no-sw') {
+    target_string = base + '?no-sw';
+  } else if (swaction === 'fallback') {
+    target_string = `${scope}&ignore`;
+  } else {
+    target_string = `${scope}&${swaction}`;
+  }
+  const target = new URL(target_string, self.location);
+
+  let popup_url_path;
+  if (method === 'GET') {
+    popup_url_path = './resources/location-setter.html';
+  } else if (method === 'POST') {
+    popup_url_path = './resources/form-poster.html';
+  }
+
+  const popup_url = new URL(popup_url_path, self.location);
+  const tmp_params = new URLSearchParams();
+  tmp_params.set('target', encodeURIComponent(target));
+  popup_url.hostname = form_host;
+  popup_url.search = tmp_params.toString();
+
+  const message_promise = new Promise(resolve => {
+    self.addEventListener('message', evt => {
+      resolve(evt.data);
+    });
+  });
+
+  const frame = await with_iframe(popup_url);
+  t.add_cleanup(() => frame.remove());
+
+  return await message_promise;
+}
+
+const SAME_ORIGIN = new URL(self.location.origin);
+const SAME_SITE = new URL(get_host_info().HTTPS_REMOTE_ORIGIN);
+const CROSS_SITE = new URL(get_host_info().HTTPS_NOTSAMESITE_ORIGIN);
+
+promise_test(async t => {
+  registration = await service_worker_unregister_and_register(t, script, scope);
+  await wait_for_state(t, registration.installing, 'activated');
+  if (registration.navigationPreload)
+    await registration.navigationPreload.enable();
+}, 'Setup service worker');
+
+//
+// Origin and referer headers
+//
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_ORIGIN.hostname, 'GET',
+                                            'no-sw');
+  assert_equals(result.origin, 'not set', 'origin header');
+  assert_equals(result.referer, SAME_ORIGIN.href, 'referer header');
+}, 'GET Navigation, same-origin with no service worker sets correct ' +
+   'origin and referer headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_ORIGIN.hostname, 'POST',
+                                            'no-sw');
+  assert_equals(result.origin, SAME_ORIGIN.origin, 'origin header');
+  assert_equals(result.referer, SAME_ORIGIN.href, 'referer header');
+}, 'POST Navigation, same-origin with no service worker sets correct ' +
+   'origin and referer headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_ORIGIN.hostname, 'GET',
+                                            'passthrough');
+  assert_equals(result.origin, 'not set', 'origin header');
+  assert_equals(result.referer, SAME_ORIGIN.href, 'referer header');
+}, 'GET Navigation, same-origin with passthrough service worker sets correct ' +
+   'origin and referer headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_ORIGIN.hostname, 'POST',
+                                            'passthrough');
+  assert_equals(result.origin, SAME_ORIGIN.origin, 'origin header');
+  assert_equals(result.referer, SAME_ORIGIN.href, 'referer header');
+}, 'POST Navigation, same-origin with passthrough service worker sets correct ' +
+   'origin and referer headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_ORIGIN.hostname, 'GET',
+                                            'fallback');
+  assert_equals(result.origin, 'not set', 'origin header');
+  assert_equals(result.referer, SAME_ORIGIN.href, 'referer header');
+}, 'GET Navigation, same-origin with fallback service worker sets correct ' +
+   'origin and referer headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_ORIGIN.hostname, 'POST',
+                                            'fallback');
+  assert_equals(result.origin, SAME_ORIGIN.origin, 'origin header');
+  assert_equals(result.referer, SAME_ORIGIN.href, 'referer header');
+}, 'POST Navigation, same-origin with fallback service worker sets correct ' +
+   'origin and referer headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_ORIGIN.hostname, 'GET',
+                                            'navpreload');
+  assert_equals(result.origin, 'not set', 'origin header');
+  assert_equals(result.referer, SAME_ORIGIN.href, 'referer header');
+}, 'GET Navigation, same-origin with navpreload service worker sets correct ' +
+   'origin and referer headers.');
+
+// There is no POST test for navpreload since the feature only supports GET
+// requests.
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_ORIGIN.hostname, 'GET',
+                                            'change-request');
+  assert_equals(result.origin, 'not set', 'origin header');
+  assert_equals(result.referer, script.href, 'referer header');
+}, 'GET Navigation, same-origin with service worker that changes the ' +
+   'request sets correct origin and referer headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_ORIGIN.hostname, 'POST',
+                                            'change-request');
+  assert_equals(result.origin, SAME_ORIGIN.origin, 'origin header');
+  assert_equals(result.referer, script.href, 'referer header');
+}, 'POST Navigation, same-origin with service worker that changes the ' +
+   'request sets correct origin and referer headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_SITE.hostname, 'GET',
+                                            'no-sw');
+  assert_equals(result.origin, 'not set', 'origin header');
+  assert_equals(result.referer, SAME_SITE.href, 'referer header');
+}, 'GET Navigation, same-site with no service worker sets correct ' +
+   'origin and referer headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_SITE.hostname, 'POST',
+                                            'no-sw');
+  assert_equals(result.origin, SAME_SITE.origin, 'origin header');
+  assert_equals(result.referer, SAME_SITE.href, 'referer header');
+}, 'POST Navigation, same-site with no service worker sets correct ' +
+   'origin and referer headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_SITE.hostname, 'GET',
+                                            'passthrough');
+  assert_equals(result.origin, 'not set', 'origin header');
+  assert_equals(result.referer, SAME_SITE.href, 'referer header');
+}, 'GET Navigation, same-site with passthrough service worker sets correct ' +
+   'origin and referer headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_SITE.hostname, 'POST',
+                                            'passthrough');
+  assert_equals(result.origin, SAME_SITE.origin, 'origin header');
+  assert_equals(result.referer, SAME_SITE.href, 'referer header');
+}, 'POST Navigation, same-site with passthrough service worker sets correct ' +
+   'origin and referer headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_SITE.hostname, 'GET',
+                                            'fallback');
+  assert_equals(result.origin, 'not set', 'origin header');
+  assert_equals(result.referer, SAME_SITE.href, 'referer header');
+}, 'GET Navigation, same-site with fallback service worker sets correct ' +
+   'origin and referer headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_SITE.hostname, 'POST',
+                                            'fallback');
+  assert_equals(result.origin, SAME_SITE.origin, 'origin header');
+  assert_equals(result.referer, SAME_SITE.href, 'referer header');
+}, 'POST Navigation, same-site with fallback service worker sets correct ' +
+   'origin and referer headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_SITE.hostname, 'GET',
+                                            'navpreload');
+  assert_equals(result.origin, 'not set', 'origin header');
+  assert_equals(result.referer, SAME_SITE.href, 'referer header');
+}, 'GET Navigation, same-site with navpreload service worker sets correct ' +
+   'origin and referer headers.');
+
+// There is no POST test for navpreload since the feature only supports GET
+// requests.
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_SITE.hostname, 'GET',
+                                            'change-request');
+  assert_equals(result.origin, 'not set', 'origin header');
+  assert_equals(result.referer, script.href, 'referer header');
+}, 'GET Navigation, same-site with service worker that changes the ' +
+   'request sets correct origin and referer headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_SITE.hostname, 'POST',
+                                            'change-request');
+  assert_equals(result.origin, SAME_ORIGIN.origin, 'origin header');
+  assert_equals(result.referer, script.href, 'referer header');
+}, 'POST Navigation, same-site with service worker that changes the ' +
+   'request sets correct origin and referer headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, CROSS_SITE.hostname, 'GET',
+                                            'no-sw');
+  assert_equals(result.origin, 'not set', 'origin header');
+  assert_equals(result.referer, CROSS_SITE.href, 'referer header');
+}, 'GET Navigation, cross-site with no service worker sets correct ' +
+   'origin and referer headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, CROSS_SITE.hostname, 'POST',
+                                            'no-sw');
+  assert_equals(result.origin, CROSS_SITE.origin, 'origin header');
+  assert_equals(result.referer, CROSS_SITE.href, 'referer header');
+}, 'POST Navigation, cross-site with no service worker sets correct ' +
+   'origin and referer headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, CROSS_SITE.hostname, 'GET',
+                                            'passthrough');
+  assert_equals(result.origin, 'not set', 'origin header');
+  assert_equals(result.referer, CROSS_SITE.href, 'referer header');
+}, 'GET Navigation, cross-site with passthrough service worker sets correct ' +
+   'origin and referer headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, CROSS_SITE.hostname, 'POST',
+                                            'passthrough');
+  assert_equals(result.origin, CROSS_SITE.origin, 'origin header');
+  assert_equals(result.referer, CROSS_SITE.href, 'referer header');
+}, 'POST Navigation, cross-site with passthrough service worker sets correct ' +
+   'origin and referer headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, CROSS_SITE.hostname, 'GET',
+                                            'fallback');
+  assert_equals(result.origin, 'not set', 'origin header');
+  assert_equals(result.referer, CROSS_SITE.href, 'referer header');
+}, 'GET Navigation, cross-site with fallback service worker sets correct ' +
+   'origin and referer headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, CROSS_SITE.hostname, 'POST',
+                                            'fallback');
+  assert_equals(result.origin, CROSS_SITE.origin, 'origin header');
+  assert_equals(result.referer, CROSS_SITE.href, 'referer header');
+}, 'POST Navigation, cross-site with fallback service worker sets correct ' +
+   'origin and referer headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, CROSS_SITE.hostname, 'GET',
+                                            'navpreload');
+  assert_equals(result.origin, 'not set', 'origin header');
+  assert_equals(result.referer, CROSS_SITE.href, 'referer header');
+}, 'GET Navigation, cross-site with navpreload service worker sets correct ' +
+   'origin and referer headers.');
+
+// There is no POST test for navpreload since the feature only supports GET
+// requests.
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, CROSS_SITE.hostname, 'GET',
+                                            'change-request');
+  assert_equals(result.origin, 'not set', 'origin header');
+  assert_equals(result.referer, script.href, 'referer header');
+}, 'GET Navigation, cross-site with service worker that changes the ' +
+   'request sets correct origin and referer headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, CROSS_SITE.hostname, 'POST',
+                                            'change-request');
+  assert_equals(result.origin, SAME_ORIGIN.origin, 'origin header');
+  assert_equals(result.referer, script.href, 'referer header');
+}, 'POST Navigation, cross-site with service worker that changes the ' +
+   'request sets correct origin and referer headers.');
+
+//
+// Sec-Fetch-* Headers (separated since not all browsers implement them)
+//
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_ORIGIN.hostname, 'GET',
+                                            'no-sw');
+  assert_equals(result['sec-fetch-site'], 'same-origin', 'sec-fetch-site header');
+  assert_equals(result['sec-fetch-mode'], 'navigate', 'sec-fetch-mode header');
+  assert_equals(result['sec-fetch-dest'], 'iframe', 'sec-fetch-dest header');
+}, 'GET Navigation, same-origin with no service worker sets correct ' +
+   'sec-fetch headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_ORIGIN.hostname, 'POST',
+                                            'no-sw');
+  assert_equals(result['sec-fetch-site'], 'same-origin', 'sec-fetch-site header');
+  assert_equals(result['sec-fetch-mode'], 'navigate', 'sec-fetch-mode header');
+  assert_equals(result['sec-fetch-dest'], 'iframe', 'sec-fetch-dest header');
+}, 'POST Navigation, same-origin with no service worker sets correct ' +
+   'sec-fetch headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_ORIGIN.hostname, 'GET',
+                                            'passthrough');
+  assert_equals(result['sec-fetch-site'], 'same-origin', 'sec-fetch-site header');
+  assert_equals(result['sec-fetch-mode'], 'navigate', 'sec-fetch-mode header');
+  assert_equals(result['sec-fetch-dest'], 'empty', 'sec-fetch-dest header');
+}, 'GET Navigation, same-origin with passthrough service worker sets correct ' +
+   'sec-fetch headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_ORIGIN.hostname, 'POST',
+                                            'passthrough');
+  assert_equals(result['sec-fetch-site'], 'same-origin', 'sec-fetch-site header');
+  assert_equals(result['sec-fetch-mode'], 'navigate', 'sec-fetch-mode header');
+  assert_equals(result['sec-fetch-dest'], 'empty', 'sec-fetch-dest header');
+}, 'POST Navigation, same-origin with passthrough service worker sets correct ' +
+   'sec-fetch headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_ORIGIN.hostname, 'GET',
+                                            'fallback');
+  assert_equals(result['sec-fetch-site'], 'same-origin', 'sec-fetch-site header');
+  assert_equals(result['sec-fetch-mode'], 'navigate', 'sec-fetch-mode header');
+  assert_equals(result['sec-fetch-dest'], 'iframe', 'sec-fetch-dest header');
+}, 'GET Navigation, same-origin with fallback service worker sets correct ' +
+   'sec-fetch headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_ORIGIN.hostname, 'POST',
+                                            'fallback');
+  assert_equals(result['sec-fetch-site'], 'same-origin', 'sec-fetch-site header');
+  assert_equals(result['sec-fetch-mode'], 'navigate', 'sec-fetch-mode header');
+  assert_equals(result['sec-fetch-dest'], 'iframe', 'sec-fetch-dest header');
+}, 'POST Navigation, same-origin with fallback service worker sets correct ' +
+   'sec-fetch headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_ORIGIN.hostname, 'GET',
+                                            'navpreload');
+  assert_equals(result['sec-fetch-site'], 'same-origin', 'sec-fetch-site header');
+  assert_equals(result['sec-fetch-mode'], 'navigate', 'sec-fetch-mode header');
+  assert_equals(result['sec-fetch-dest'], 'iframe', 'sec-fetch-dest header');
+}, 'GET Navigation, same-origin with navpreload service worker sets correct ' +
+   'sec-fetch headers.');
+
+// There is no POST test for navpreload since the feature only supports GET
+// requests.
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_ORIGIN.hostname, 'GET',
+                                            'change-request');
+  assert_equals(result['sec-fetch-site'], 'same-origin', 'sec-fetch-site header');
+  assert_equals(result['sec-fetch-mode'], 'same-origin', 'sec-fetch-mode header');
+  assert_equals(result['sec-fetch-dest'], 'empty', 'sec-fetch-dest header');
+}, 'GET Navigation, same-origin with service worker that changes the ' +
+   'request sets correct sec-fetch headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_ORIGIN.hostname, 'POST',
+                                            'change-request');
+  assert_equals(result['sec-fetch-site'], 'same-origin', 'sec-fetch-site header');
+  assert_equals(result['sec-fetch-mode'], 'same-origin', 'sec-fetch-mode header');
+  assert_equals(result['sec-fetch-dest'], 'empty', 'sec-fetch-dest header');
+}, 'POST Navigation, same-origin with service worker that changes the ' +
+   'request sets correct sec-fetch headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_SITE.hostname, 'GET',
+                                            'no-sw');
+  assert_equals(result['sec-fetch-site'], 'same-site', 'sec-fetch-site header');
+  assert_equals(result['sec-fetch-mode'], 'navigate', 'sec-fetch-mode header');
+  assert_equals(result['sec-fetch-dest'], 'iframe', 'sec-fetch-dest header');
+}, 'GET Navigation, same-site with no service worker sets correct ' +
+   'sec-fetch headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_SITE.hostname, 'POST',
+                                            'no-sw');
+  assert_equals(result['sec-fetch-site'], 'same-site', 'sec-fetch-site header');
+  assert_equals(result['sec-fetch-mode'], 'navigate', 'sec-fetch-mode header');
+  assert_equals(result['sec-fetch-dest'], 'iframe', 'sec-fetch-dest header');
+}, 'POST Navigation, same-site with no service worker sets correct ' +
+   'sec-fetch headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_SITE.hostname, 'GET',
+                                            'passthrough');
+  assert_equals(result['sec-fetch-site'], 'same-site', 'sec-fetch-site header');
+  assert_equals(result['sec-fetch-mode'], 'navigate', 'sec-fetch-mode header');
+  assert_equals(result['sec-fetch-dest'], 'empty', 'sec-fetch-dest header');
+}, 'GET Navigation, same-site with passthrough service worker sets correct ' +
+   'sec-fetch headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_SITE.hostname, 'POST',
+                                            'passthrough');
+  assert_equals(result['sec-fetch-site'], 'same-site', 'sec-fetch-site header');
+  assert_equals(result['sec-fetch-mode'], 'navigate', 'sec-fetch-mode header');
+  assert_equals(result['sec-fetch-dest'], 'empty', 'sec-fetch-dest header');
+}, 'POST Navigation, same-site with passthrough service worker sets correct ' +
+   'sec-fetch headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_SITE.hostname, 'GET',
+                                            'fallback');
+  assert_equals(result['sec-fetch-site'], 'same-site', 'sec-fetch-site header');
+  assert_equals(result['sec-fetch-mode'], 'navigate', 'sec-fetch-mode header');
+  assert_equals(result['sec-fetch-dest'], 'iframe', 'sec-fetch-dest header');
+}, 'GET Navigation, same-site with fallback service worker sets correct ' +
+   'sec-fetch headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_SITE.hostname, 'POST',
+                                            'fallback');
+  assert_equals(result['sec-fetch-site'], 'same-site', 'sec-fetch-site header');
+  assert_equals(result['sec-fetch-mode'], 'navigate', 'sec-fetch-mode header');
+  assert_equals(result['sec-fetch-dest'], 'iframe', 'sec-fetch-dest header');
+}, 'POST Navigation, same-site with fallback service worker sets correct ' +
+   'sec-fetch headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_SITE.hostname, 'GET',
+                                            'navpreload');
+  assert_equals(result['sec-fetch-site'], 'same-site', 'sec-fetch-site header');
+  assert_equals(result['sec-fetch-mode'], 'navigate', 'sec-fetch-mode header');
+  assert_equals(result['sec-fetch-dest'], 'iframe', 'sec-fetch-dest header');
+}, 'GET Navigation, same-site with navpreload service worker sets correct ' +
+   'sec-fetch headers.');
+
+// There is no POST test for navpreload since the feature only supports GET
+// requests.
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_SITE.hostname, 'GET',
+                                            'change-request');
+  assert_equals(result['sec-fetch-site'], 'same-origin', 'sec-fetch-site header');
+  assert_equals(result['sec-fetch-mode'], 'same-origin', 'sec-fetch-mode header');
+  assert_equals(result['sec-fetch-dest'], 'empty', 'sec-fetch-dest header');
+}, 'GET Navigation, same-site with service worker that changes the ' +
+   'request sets correct sec-fetch headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, SAME_SITE.hostname, 'POST',
+                                            'change-request');
+  assert_equals(result['sec-fetch-site'], 'same-origin', 'sec-fetch-site header');
+  assert_equals(result['sec-fetch-mode'], 'same-origin', 'sec-fetch-mode header');
+  assert_equals(result['sec-fetch-dest'], 'empty', 'sec-fetch-dest header');
+}, 'POST Navigation, same-site with service worker that changes the ' +
+   'request sets correct sec-fetch headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, CROSS_SITE.hostname, 'GET',
+                                            'no-sw');
+  assert_equals(result['sec-fetch-site'], 'cross-site', 'sec-fetch-site header');
+  assert_equals(result['sec-fetch-mode'], 'navigate', 'sec-fetch-mode header');
+  assert_equals(result['sec-fetch-dest'], 'iframe', 'sec-fetch-dest header');
+}, 'GET Navigation, cross-site with no service worker sets correct ' +
+   'sec-fetch headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, CROSS_SITE.hostname, 'POST',
+                                            'no-sw');
+  assert_equals(result['sec-fetch-site'], 'cross-site', 'sec-fetch-site header');
+  assert_equals(result['sec-fetch-mode'], 'navigate', 'sec-fetch-mode header');
+  assert_equals(result['sec-fetch-dest'], 'iframe', 'sec-fetch-dest header');
+}, 'POST Navigation, cross-site with no service worker sets correct ' +
+   'sec-fetch headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, CROSS_SITE.hostname, 'GET',
+                                            'passthrough');
+  assert_equals(result['sec-fetch-site'], 'cross-site', 'sec-fetch-site header');
+  assert_equals(result['sec-fetch-mode'], 'navigate', 'sec-fetch-mode header');
+  assert_equals(result['sec-fetch-dest'], 'empty', 'sec-fetch-dest header');
+}, 'GET Navigation, cross-site with passthrough service worker sets correct ' +
+   'sec-fetch headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, CROSS_SITE.hostname, 'POST',
+                                            'passthrough');
+  assert_equals(result['sec-fetch-site'], 'cross-site', 'sec-fetch-site header');
+  assert_equals(result['sec-fetch-mode'], 'navigate', 'sec-fetch-mode header');
+  assert_equals(result['sec-fetch-dest'], 'empty', 'sec-fetch-dest header');
+}, 'POST Navigation, cross-site with passthrough service worker sets correct ' +
+   'sec-fetch headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, CROSS_SITE.hostname, 'GET',
+                                            'fallback');
+  assert_equals(result['sec-fetch-site'], 'cross-site', 'sec-fetch-site header');
+  assert_equals(result['sec-fetch-mode'], 'navigate', 'sec-fetch-mode header');
+  assert_equals(result['sec-fetch-dest'], 'iframe', 'sec-fetch-dest header');
+}, 'GET Navigation, cross-site with fallback service worker sets correct ' +
+   'sec-fetch headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, CROSS_SITE.hostname, 'POST',
+                                            'fallback');
+  assert_equals(result['sec-fetch-site'], 'cross-site', 'sec-fetch-site header');
+  assert_equals(result['sec-fetch-mode'], 'navigate', 'sec-fetch-mode header');
+  assert_equals(result['sec-fetch-dest'], 'iframe', 'sec-fetch-dest header');
+}, 'POST Navigation, cross-site with fallback service worker sets correct ' +
+   'sec-fetch headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, CROSS_SITE.hostname, 'GET',
+                                            'navpreload');
+  assert_equals(result['sec-fetch-site'], 'cross-site', 'sec-fetch-site header');
+  assert_equals(result['sec-fetch-mode'], 'navigate', 'sec-fetch-mode header');
+  assert_equals(result['sec-fetch-dest'], 'iframe', 'sec-fetch-dest header');
+}, 'GET Navigation, cross-site with navpreload service worker sets correct ' +
+   'sec-fetch headers.');
+
+// There is no POST test for navpreload since the feature only supports GET
+// requests.
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, CROSS_SITE.hostname, 'GET',
+                                            'change-request');
+  assert_equals(result['sec-fetch-site'], 'same-origin', 'sec-fetch-site header');
+  assert_equals(result['sec-fetch-mode'], 'same-origin', 'sec-fetch-mode header');
+  assert_equals(result['sec-fetch-dest'], 'empty', 'sec-fetch-dest header');
+}, 'GET Navigation, cross-site with service worker that changes the ' +
+   'request sets correct sec-fetch headers.');
+
+promise_test(async t => {
+  const result = await post_and_get_headers(t, CROSS_SITE.hostname, 'POST',
+                                            'change-request');
+  assert_equals(result['sec-fetch-site'], 'same-origin', 'sec-fetch-site header');
+  assert_equals(result['sec-fetch-mode'], 'same-origin', 'sec-fetch-mode header');
+  assert_equals(result['sec-fetch-dest'], 'empty', 'sec-fetch-dest header');
+}, 'POST Navigation, cross-site with service worker that changes the ' +
+   'request sets correct sec-fetch headers.');
+
+promise_test(async t => {
+  await registration.unregister();
+}, 'Cleanup service worker');
+
+</script>
+</body>
diff --git a/service-workers/service-worker/resources/fetch-rewrite-worker.js b/service-workers/service-worker/resources/fetch-rewrite-worker.js
index 4631e83e0ceaab..20a80665270ddb 100644
--- a/service-workers/service-worker/resources/fetch-rewrite-worker.js
+++ b/service-workers/service-worker/resources/fetch-rewrite-worker.js
@@ -90,8 +90,12 @@ self.addEventListener('fetch', function(event) {
         var request = event.request;
         if (url) {
           request = new Request(url, init);
+        } else if (params['change-request']) {
+          request = new Request(request, init);
         }
-        fetch(request).then(function(response) {
+        const response_promise = params['navpreload'] ? event.preloadResponse
+                                                      : fetch(request);
+        response_promise.then(function(response) {
           var expectedType = params['expected_type'];
           if (expectedType && response.type !== expectedType) {
             // Resolve a JSON object with a failure instead of rejecting
diff --git a/service-workers/service-worker/resources/fetch-rewrite-worker.js.headers b/service-workers/service-worker/resources/fetch-rewrite-worker.js.headers
new file mode 100644
index 00000000000000..123053b38c66a0
--- /dev/null
+++ b/service-workers/service-worker/resources/fetch-rewrite-worker.js.headers
@@ -0,0 +1,2 @@
+Content-Type: text/javascript
+Service-Worker-Allowed: /
diff --git a/service-workers/service-worker/resources/form-poster.html b/service-workers/service-worker/resources/form-poster.html
new file mode 100644
index 00000000000000..5d56fde19a8e4f
--- /dev/null
+++ b/service-workers/service-worker/resources/form-poster.html
@@ -0,0 +1,12 @@
+<!DOCTYPE html>
+<meta name="referrer" content="origin">
+<form method="POST" id="form"></form>
+<script>
+function onLoad() {
+  const params = new URLSearchParams(self.location.search);
+  const form = document.getElementById('form');
+  form.action = decodeURIComponent(params.get('target'));
+  form.submit();
+}
+self.addEventListener('load', onLoad);
+</script>
diff --git a/service-workers/service-worker/resources/location-setter.html b/service-workers/service-worker/resources/location-setter.html
new file mode 100644
index 00000000000000..fae18e8066550a
--- /dev/null
+++ b/service-workers/service-worker/resources/location-setter.html
@@ -0,0 +1,10 @@
+<!DOCTYPE html>
+<meta name="referrer" content="origin">
+<script>
+function onLoad() {
+  const params = new URLSearchParams(self.location.search);
+  const target = decodeURIComponent(params.get('target'));
+  self.location = target;
+}
+self.addEventListener('load', onLoad);
+</script>
diff --git a/service-workers/service-worker/resources/navigation-headers-server.py b/service-workers/service-worker/resources/navigation-headers-server.py
new file mode 100644
index 00000000000000..5b2e044f8b52a1
--- /dev/null
+++ b/service-workers/service-worker/resources/navigation-headers-server.py
@@ -0,0 +1,19 @@
+def main(request, response):
+    response.status = (200, b"OK")
+    response.headers.set(b"Content-Type", b"text/html")
+    return b"""
+    <script>
+      self.addEventListener('load', evt => {
+        self.parent.postMessage({
+          origin: '%s',
+          referer: '%s',
+          'sec-fetch-site': '%s',
+          'sec-fetch-mode': '%s',
+          'sec-fetch-dest': '%s',
+        });
+      });
+    </script>""" % (request.headers.get(
+        b"origin", b"not set"), request.headers.get(b"referer", b"not set"),
+                    request.headers.get(b"sec-fetch-site", b"not set"),
+                    request.headers.get(b"sec-fetch-mode", b"not set"),
+                    request.headers.get(b"sec-fetch-dest", b"not set"))
diff --git a/service-workers/service-worker/resources/same-site-cookies-register.html b/service-workers/service-worker/resources/same-site-cookies-register.html
new file mode 100644
index 00000000000000..084f0a08a8e64c
--- /dev/null
+++ b/service-workers/service-worker/resources/same-site-cookies-register.html
@@ -0,0 +1,22 @@
+<!DOCTYPE html>
+<meta charset="utf-8"/>
+<script>
+async function onLoad() {
+  const scope = self.origin + '/cookies/resources/postToParent.py?with-sw';
+  const script = './fetch-rewrite-worker.js';
+  const reg = await navigator.serviceWorker.register(script, { scope: scope });
+  await new Promise(resolve => {
+    const worker = reg.installing;
+    worker.addEventListener('statechange', evt => {
+      if (worker.state === 'activated') {
+        resolve();
+      }
+    });
+  });
+  if (reg.navigationPreload) {
+    await reg.navigationPreload.enable();
+  }
+  window.opener.postMessage({ type: 'SW-REGISTERED' }, '*');
+}
+self.addEventListener('load', onLoad);
+</script>
diff --git a/service-workers/service-worker/resources/same-site-cookies-unregister.html b/service-workers/service-worker/resources/same-site-cookies-unregister.html
new file mode 100644
index 00000000000000..cca3620b61e73c
--- /dev/null
+++ b/service-workers/service-worker/resources/same-site-cookies-unregister.html
@@ -0,0 +1,11 @@
+<!DOCTYPE html>
+<meta charset="utf-8"/>
+<script>
+async function onLoad() {
+  const scope = self.origin + '/cookies/resources/postToParent.py?with-sw';
+  const reg = await navigator.serviceWorker.getRegistration(scope);
+  await reg.unregister();
+  window.opener.postMessage({ type: 'SW-UNREGISTERED' }, '*');
+}
+self.addEventListener('load', onLoad);
+</script>
diff --git a/service-workers/service-worker/same-site-cookies.https.html b/service-workers/service-worker/same-site-cookies.https.html
new file mode 100644
index 00000000000000..7003903408f8f7
--- /dev/null
+++ b/service-workers/service-worker/same-site-cookies.https.html
@@ -0,0 +1,216 @@
+<!DOCTYPE html>
+<meta charset="utf-8"/>
+<meta name="timeout" content="long">
+<title>Service Worker: Same-site cookie behavior</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="/service-workers/service-worker/resources/test-helpers.sub.js"></script>
+<script src="/cookies/resources/cookie-helper.sub.js"></script>
+<body>
+<script>
+'use strict';
+async function unregister_service_worker(origin) {
+  const w = window.open(origin +
+      '/service-workers/service-worker/resources/same-site-cookies-unregister.html');
+  try {
+    await wait_for_message('SW-UNREGISTERED');
+  } finally {
+    w.close();
+  }
+}
+
+async function register_service_worker(origin) {
+  const w = window.open(origin +
+      '/service-workers/service-worker/resources/same-site-cookies-register.html');
+  try {
+    await wait_for_message('SW-REGISTERED');
+  } finally {
+    w.close();
+  }
+}
+
+async function run_test(t, origin, navaction, swaction, expected) {
+  const value = 'COOKIE_VALUE';
+  await resetSameSiteCookies(origin, value);
+  if (swaction === 'navpreload') {
+    assert_true('navigationPreload' in ServiceWorkerRegistration.prototype,
+                'navigation preload must be supported');
+  }
+  const sw_param = swaction === 'no-sw' ? 'no-sw' : 'with-sw';
+  let action_param = '';
+  if (swaction === 'fallback') {
+    action_param = '&ignore';
+  } else if (swaction !== 'no-sw') {
+    action_param = '&' + swaction;
+  }
+  const navpreload_param = swaction === 'navpreload' ? '&navpreload' : '';
+  const change_request_param = swaction === 'change-request' ? '&change-request' : '';
+  const target_string = origin + `/cookies/resources/postToParent.py?` +
+                                 `${sw_param}${action_param}`
+  const target_url = new URL(target_string);
+  if (navaction === 'window.open') {
+    const w = window.open(target_url);
+    t.add_cleanup(() => w.close());
+  } else if (navaction === 'form post') {
+    const poster_url =
+        `./resources/form-poster.html?target=${encodeURIComponent(target_url)}`;
+    const w = window.open(poster_url);
+    t.add_cleanup(() => w.close());
+  }
+  const result = await wait_for_message('COOKIES');
+  verifySameSiteCookieState(expected, value, result.data,
+                            DomSameSiteStatus.SAME_SITE);
+}
+
+promise_test(async t => {
+  await register_service_worker(self.origin);
+  await register_service_worker(SECURE_SUBDOMAIN_ORIGIN);
+  await register_service_worker(SECURE_CROSS_SITE_ORIGIN);
+}, 'Setup service workers');
+
+promise_test(t => {
+  return run_test(t, self.origin, 'window.open', 'no-sw',
+                  SameSiteStatus.STRICT);
+}, 'same-origin, window.open with no service worker');
+
+promise_test(t => {
+  return run_test(t, self.origin, 'window.open', 'fallback',
+                  SameSiteStatus.STRICT);
+}, 'same-origin, window.open with fallback');
+
+promise_test(t => {
+  return run_test(t, self.origin, 'window.open', 'passthrough',
+                  SameSiteStatus.STRICT);
+}, 'same-origin, window.open with passthrough');
+
+promise_test(t => {
+  return run_test(t, self.origin, 'window.open', 'change-request',
+                  SameSiteStatus.STRICT);
+}, 'same-origin, window.open with change-request');
+
+promise_test(t => {
+  return run_test(t, self.origin, 'window.open', 'navpreload',
+                  SameSiteStatus.STRICT);
+}, 'same-origin, window.open with navpreload');
+
+promise_test(t => {
+  return run_test(t, SECURE_SUBDOMAIN_ORIGIN, 'window.open', 'no-sw',
+                  SameSiteStatus.STRICT);
+}, 'same-site, window.open with no service worker');
+
+promise_test(t => {
+  return run_test(t, SECURE_SUBDOMAIN_ORIGIN, 'window.open', 'fallback',
+                  SameSiteStatus.STRICT);
+}, 'same-site, window.open with fallback');
+
+promise_test(t => {
+  return run_test(t, SECURE_SUBDOMAIN_ORIGIN, 'window.open', 'passthrough',
+                  SameSiteStatus.STRICT);
+}, 'same-site, window.open with passthrough');
+
+promise_test(t => {
+  return run_test(t, SECURE_SUBDOMAIN_ORIGIN, 'window.open', 'change-request',
+                  SameSiteStatus.STRICT);
+}, 'same-site, window.open with change-request');
+
+promise_test(t => {
+  return run_test(t, SECURE_SUBDOMAIN_ORIGIN, 'window.open', 'navpreload',
+                  SameSiteStatus.STRICT);
+}, 'same-site, window.open with navpreload');
+
+promise_test(t => {
+  return run_test(t, SECURE_CROSS_SITE_ORIGIN, 'window.open', 'no-sw',
+                  SameSiteStatus.LAX);
+}, 'cross-site, window.open with no service worker');
+
+promise_test(t => {
+  return run_test(t, SECURE_CROSS_SITE_ORIGIN, 'window.open', 'fallback',
+                  SameSiteStatus.LAX);
+}, 'cross-site, window.open with fallback');
+
+promise_test(t => {
+  return run_test(t, SECURE_CROSS_SITE_ORIGIN, 'window.open', 'passthrough',
+                  SameSiteStatus.LAX);
+}, 'cross-site, window.open with passthrough');
+
+promise_test(t => {
+  return run_test(t, SECURE_CROSS_SITE_ORIGIN, 'window.open', 'change-request',
+                  SameSiteStatus.STRICT);
+}, 'cross-site, window.open with change-request');
+
+promise_test(t => {
+  return run_test(t, SECURE_CROSS_SITE_ORIGIN, 'window.open', 'navpreload',
+                  SameSiteStatus.LAX);
+}, 'cross-site, window.open with navpreload');
+
+//
+// Form POST tests
+//
+promise_test(t => {
+  return run_test(t, self.origin, 'form post', 'no-sw', SameSiteStatus.STRICT);
+}, 'same-origin, form post with no service worker');
+
+promise_test(t => {
+  return run_test(t, self.origin, 'form post', 'fallback',
+                  SameSiteStatus.STRICT);
+}, 'same-origin, form post with fallback');
+
+promise_test(t => {
+  return run_test(t, self.origin, 'form post', 'passthrough',
+                  SameSiteStatus.STRICT);
+}, 'same-origin, form post with passthrough');
+
+promise_test(t => {
+  return run_test(t, self.origin, 'form post', 'change-request',
+                  SameSiteStatus.STRICT);
+}, 'same-origin, form post with change-request');
+
+promise_test(t => {
+  return run_test(t, SECURE_SUBDOMAIN_ORIGIN, 'form post', 'no-sw',
+                  SameSiteStatus.STRICT);
+}, 'same-site, form post with no service worker');
+
+promise_test(t => {
+  return run_test(t, SECURE_SUBDOMAIN_ORIGIN, 'form post', 'fallback',
+                  SameSiteStatus.STRICT);
+}, 'same-site, form post with fallback');
+
+promise_test(t => {
+  return run_test(t, SECURE_SUBDOMAIN_ORIGIN, 'form post', 'passthrough',
+                  SameSiteStatus.STRICT);
+}, 'same-site, form post with passthrough');
+
+promise_test(t => {
+  return run_test(t, SECURE_SUBDOMAIN_ORIGIN, 'form post', 'change-request',
+                  SameSiteStatus.STRICT);
+}, 'same-site, form post with change-request');
+
+promise_test(t => {
+  return run_test(t, SECURE_CROSS_SITE_ORIGIN, 'form post', 'no-sw',
+                  SameSiteStatus.CROSS_SITE);
+}, 'cross-site, form post with no service worker');
+
+promise_test(t => {
+  return run_test(t, SECURE_CROSS_SITE_ORIGIN, 'form post', 'fallback',
+                  SameSiteStatus.CROSS_SITE);
+}, 'cross-site, form post with fallback');
+
+promise_test(t => {
+  return run_test(t, SECURE_CROSS_SITE_ORIGIN, 'form post', 'passthrough',
+                  SameSiteStatus.CROSS_SITE);
+}, 'cross-site, form post with passthrough');
+
+promise_test(t => {
+  return run_test(t, SECURE_CROSS_SITE_ORIGIN, 'form post', 'change-request',
+                  SameSiteStatus.STRICT);
+}, 'cross-site, form post with change-request');
+
+promise_test(async t => {
+  await unregister_service_worker(self.origin);
+  await unregister_service_worker(SECURE_SUBDOMAIN_ORIGIN);
+  await unregister_service_worker(SECURE_CROSS_SITE_ORIGIN);
+}, 'Cleanup service workers');
+
+</script>
+</body>