From 19c509880d54501158b6a1da8a72d1a7883a9af0 Mon Sep 17 00:00:00 2001
From: Yao Xiao <yaoxia@chromium.org>
Date: Thu, 15 Feb 2024 14:18:33 -0800
Subject: [PATCH] [shared storage] Support cross-origin worklet

For the sharedStorage.createWorklet() API, relax the same-origin
restriction to additionally allow cross-origin script, in which case
a cross-origin worklet will be created.

How:
- Rely on CORS for the worklet to be created/used by the embedder.
- In general, we want to mimic the subframe's process allocation
behavior (i.e. it should end up using a process as if an iframe is
created with the script URL). It first checks to see whether we can
reuse the worklet's creator frame's SiteInstance. If so, use it.
Otherwise, leverage the process allocation and management logic
from service workers and re-use SiteInstanceImpl::CreateForServiceWorker(). To keep this
CL focused, the refactoring will occur in a separate CL, as it
will involve refactoring other downstream components like
'UnmatchedServiceWorkerProcessTracker'.

Explainer: https://github.com/WICG/shared-storage/pull/130
Spec: https://github.com/WICG/shared-storage/pull/131
Design doc:
https://docs.google.com/document/d/1QTaaroCMeFVZVghI6JkUcDvmDQEacjvpyTfk6mpvQhA/edit?usp=sharing

Bug: 325302836
Change-Id: I11c1fc87bc76f4400c54d9fa809349d1d1781247
---
 ...edentials-include.tentative.https.sub.html | 39 +++++++++++++++++++
 ...-credentials-omit.tentative.https.sub.html | 38 ++++++++++++++++++
 ...tials-same-origin.tentative.https.sub.html | 38 ++++++++++++++++++
 ...allow-credentials.tentative.https.sub.html | 29 ++++++++++++++
 ...trol-allow-origin.tentative.https.sub.html | 28 +++++++++++++
 .../resources/credentials-test-helper.py      |  6 +++
 6 files changed, 178 insertions(+)
 create mode 100644 shared-storage/cross-origin-create-worklet-credentials-include.tentative.https.sub.html
 create mode 100644 shared-storage/cross-origin-create-worklet-credentials-omit.tentative.https.sub.html
 create mode 100644 shared-storage/cross-origin-create-worklet-credentials-same-origin.tentative.https.sub.html
 create mode 100644 shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-credentials.tentative.https.sub.html
 create mode 100644 shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-origin.tentative.https.sub.html

diff --git a/shared-storage/cross-origin-create-worklet-credentials-include.tentative.https.sub.html b/shared-storage/cross-origin-create-worklet-credentials-include.tentative.https.sub.html
new file mode 100644
index 000000000000000..9c44d2a29f8d332
--- /dev/null
+++ b/shared-storage/cross-origin-create-worklet-credentials-include.tentative.https.sub.html
@@ -0,0 +1,39 @@
+<!doctype html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/utils.js"></script>
+<script src="/shared-storage/resources/util.js"></script>
+<script src="/fenced-frame/resources/utils.js"></script>
+
+<body>
+<script>
+'use strict';
+
+promise_test(async () => {
+  const ancestor_key = token();
+  const crossOrigin = 'https://{{domains[www]}}:{{ports[https][0]}}';
+  const set_cookie_url = crossOrigin + `/cookies/resources/set-cookie.py` +
+                         `?name=key0` +
+                         `&path=/shared-storage/`;
+  const helper_url = crossOrigin +
+                     `/shared-storage/resources/credentials-test-helper.py` +
+                     `?access_control_allow_origin_header=${window.origin}` +
+                     `&access_control_allow_credentials_header=true` +
+                     `&token=${ancestor_key}`;
+
+  await fetch(set_cookie_url, { mode: 'no-cors', credentials: 'include' });
+
+  const worklet = await sharedStorage.createWorklet(
+    helper_url + `&action=store-cookie`,
+    { credentials: "include" });
+
+  const request_cookie_fetch_response =
+    await fetch(helper_url + `&action=get-cookie`);
+
+  const request_cookie_text = await request_cookie_fetch_response.text();
+
+  assert_equals(request_cookie_text, "key0=1");
+}, 'createWorklet() with cross-origin module script and credentials "include"');
+
+</script>
+</body>
diff --git a/shared-storage/cross-origin-create-worklet-credentials-omit.tentative.https.sub.html b/shared-storage/cross-origin-create-worklet-credentials-omit.tentative.https.sub.html
new file mode 100644
index 000000000000000..ddda1809f2ca959
--- /dev/null
+++ b/shared-storage/cross-origin-create-worklet-credentials-omit.tentative.https.sub.html
@@ -0,0 +1,38 @@
+<!doctype html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/utils.js"></script>
+<script src="/shared-storage/resources/util.js"></script>
+<script src="/fenced-frame/resources/utils.js"></script>
+
+<body>
+<script>
+'use strict';
+
+promise_test(async () => {
+  const ancestor_key = token();
+  const crossOrigin = 'https://{{domains[www]}}:{{ports[https][0]}}';
+  const set_cookie_url = crossOrigin + `/cookies/resources/set-cookie.py` +
+                         `?name=key0` +
+                         `&path=/shared-storage/`;
+  const helper_url = crossOrigin +
+                     `/shared-storage/resources/credentials-test-helper.py` +
+                     `?access_control_allow_origin_header=${window.origin}` +
+                     `&token=${ancestor_key}`;
+
+  await fetch(set_cookie_url, { mode: 'no-cors', credentials: 'include' });
+
+  const worklet = await sharedStorage.createWorklet(
+    helper_url + `&action=store-cookie`,
+    { credentials: "omit" });
+
+  const request_cookie_fetch_response =
+    await fetch(helper_url + `&action=get-cookie`);
+
+  const request_cookie_text = await request_cookie_fetch_response.text();
+
+  assert_equals(request_cookie_text, "NO_COOKIE_HEADER");
+}, 'createWorklet() with cross-origin module script and credentials "omit"');
+
+</script>
+</body>
diff --git a/shared-storage/cross-origin-create-worklet-credentials-same-origin.tentative.https.sub.html b/shared-storage/cross-origin-create-worklet-credentials-same-origin.tentative.https.sub.html
new file mode 100644
index 000000000000000..99701d2b7d40a12
--- /dev/null
+++ b/shared-storage/cross-origin-create-worklet-credentials-same-origin.tentative.https.sub.html
@@ -0,0 +1,38 @@
+<!doctype html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/utils.js"></script>
+<script src="/shared-storage/resources/util.js"></script>
+<script src="/fenced-frame/resources/utils.js"></script>
+
+<body>
+<script>
+'use strict';
+
+promise_test(async () => {
+  const ancestor_key = token();
+  const crossOrigin = 'https://{{domains[www]}}:{{ports[https][0]}}';
+  const set_cookie_url = crossOrigin + `/cookies/resources/set-cookie.py` +
+                         `?name=key0` +
+                         `&path=/shared-storage/`;
+  const helper_url = crossOrigin +
+                     `/shared-storage/resources/credentials-test-helper.py` +
+                     `?access_control_allow_origin_header=${window.origin}` +
+                     `&token=${ancestor_key}`;
+
+  await fetch(set_cookie_url, { mode: 'no-cors', credentials: 'include' });
+
+  const worklet = await sharedStorage.createWorklet(
+    helper_url + `&action=store-cookie`,
+    { credentials: "same-origin" });
+
+  const request_cookie_fetch_response =
+    await fetch(helper_url + `&action=get-cookie`);
+
+  const request_cookie_text = await request_cookie_fetch_response.text();
+
+  assert_equals(request_cookie_text, "NO_COOKIE_HEADER");
+}, 'createWorklet() with cross-origin module script and credentials "same-origin"');
+
+</script>
+</body>
diff --git a/shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-credentials.tentative.https.sub.html b/shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-credentials.tentative.https.sub.html
new file mode 100644
index 000000000000000..598fd8f405abdc8
--- /dev/null
+++ b/shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-credentials.tentative.https.sub.html
@@ -0,0 +1,29 @@
+<!doctype html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/utils.js"></script>
+<script src="/shared-storage/resources/util.js"></script>
+<script src="/fenced-frame/resources/utils.js"></script>
+
+<body>
+<script>
+'use strict';
+
+promise_test(async t => {
+  const ancestor_key = token();
+  const crossOrigin = 'https://{{domains[www]}}:{{ports[https][0]}}';
+  const helper_url = crossOrigin +
+                     `/shared-storage/resources/credentials-test-helper.py` +
+                     `?access_control_allow_origin_header=${window.origin}` +
+                     `&token=${ancestor_key}`;
+
+  return promise_rejects_dom(t, "OperationError",
+    sharedStorage.createWorklet(
+      helper_url + `&action=store-cookie`,
+      { credentials: "include" }));
+}, 'createWorklet() with cross-origin module script and credentials ' +
+   '"include", and without the Access-Control-Allow-Credentials response ' +
+   'header');
+
+</script>
+</body>
diff --git a/shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-origin.tentative.https.sub.html b/shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-origin.tentative.https.sub.html
new file mode 100644
index 000000000000000..4195d09fc06c46d
--- /dev/null
+++ b/shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-origin.tentative.https.sub.html
@@ -0,0 +1,28 @@
+<!doctype html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/utils.js"></script>
+<script src="/shared-storage/resources/util.js"></script>
+<script src="/fenced-frame/resources/utils.js"></script>
+
+<body>
+<script>
+'use strict';
+
+promise_test(async t => {
+  const ancestor_key = token();
+  const crossOrigin = 'https://{{domains[www]}}:{{ports[https][0]}}';
+  const helper_url = crossOrigin +
+                     `/shared-storage/resources/credentials-test-helper.py` +
+                     `&access_control_allow_credentials_header=true` +
+                     `&token=${ancestor_key}`;
+
+  return promise_rejects_dom(t, "OperationError",
+    sharedStorage.createWorklet(
+      helper_url + `&action=store-cookie`,
+      { credentials: "include" }));
+}, 'createWorklet() with cross-origin module script and credentials ' +
+   '"include", and without the Access-Control-Allow-Origin response header');
+
+</script>
+</body>
diff --git a/shared-storage/resources/credentials-test-helper.py b/shared-storage/resources/credentials-test-helper.py
index 81a988e3581f056..46fc0ea6fb2a998 100644
--- a/shared-storage/resources/credentials-test-helper.py
+++ b/shared-storage/resources/credentials-test-helper.py
@@ -13,6 +13,12 @@ def main(request, response):
     response.status = 200
     response.headers.append(b"Content-Type", b"text/javascript")
 
+    if b"access_control_allow_credentials_header" in request.GET:
+      response.headers.append(b"Access-Control-Allow-Credentials", request.GET[b"access_control_allow_credentials_header"])
+
+    if b"access_control_allow_origin_header" in request.GET:
+      response.headers.append(b"Access-Control-Allow-Origin", request.GET[b"access_control_allow_origin_header"])
+
     if action == b"store-cookie":
       cookie = request.headers.get(b"Cookie", b"NO_COOKIE_HEADER")
       request.server.stash.put(token, cookie)