From 3c782b85030c3f9a3b003e58b55c1bbf382e1b4c Mon Sep 17 00:00:00 2001
From: Yao Xiao <yaoxia@chromium.org>
Date: Thu, 15 Feb 2024 15:11:19 -0800
Subject: [PATCH] [shared storage] Support cross-origin worklet

For the sharedStorage.createWorklet() API, relax the same-origin
restriction to additionally allow cross-origin script, in which case
a cross-origin worklet will be created.

How:
- Rely on CORS for the worklet to be created/used by the embedder.
- In general, we want to mimic the subframe's process allocation
behavior (i.e. it should end up using a process as if an iframe is
created with the script URL). It first checks to see whether we can
reuse the worklet's creator frame's SiteInstance. If so, use it.
Otherwise, leverage the process allocation and management logic
from service workers and re-use SiteInstanceImpl::CreateForServiceWorker(). To keep this
CL focused, the refactoring will occur in a separate CL, as it
will involve refactoring other downstream components like
'UnmatchedServiceWorkerProcessTracker'.

Explainer: https://github.com/WICG/shared-storage/pull/130
Spec: https://github.com/WICG/shared-storage/pull/131
Design doc:
https://docs.google.com/document/d/1QTaaroCMeFVZVghI6JkUcDvmDQEacjvpyTfk6mpvQhA/edit?usp=sharing

Bug: 325302836
Change-Id: I11c1fc87bc76f4400c54d9fa809349d1d1781247
---
 ...edentials-include.tentative.https.sub.html | 39 +++++++++++++++++++
 ...-credentials-omit.tentative.https.sub.html | 38 ++++++++++++++++++
 ...tials-same-origin.tentative.https.sub.html | 38 ++++++++++++++++++
 ...allow-credentials.tentative.https.sub.html | 29 ++++++++++++++
 ...trol-allow-origin.tentative.https.sub.html | 28 +++++++++++++
 .../resources/credentials-test-helper.py      |  6 +++
 6 files changed, 178 insertions(+)
 create mode 100644 shared-storage/cross-origin-create-worklet-credentials-include.tentative.https.sub.html
 create mode 100644 shared-storage/cross-origin-create-worklet-credentials-omit.tentative.https.sub.html
 create mode 100644 shared-storage/cross-origin-create-worklet-credentials-same-origin.tentative.https.sub.html
 create mode 100644 shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-credentials.tentative.https.sub.html
 create mode 100644 shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-origin.tentative.https.sub.html

diff --git a/shared-storage/cross-origin-create-worklet-credentials-include.tentative.https.sub.html b/shared-storage/cross-origin-create-worklet-credentials-include.tentative.https.sub.html
new file mode 100644
index 00000000000000..9c44d2a29f8d33
--- /dev/null
+++ b/shared-storage/cross-origin-create-worklet-credentials-include.tentative.https.sub.html
@@ -0,0 +1,39 @@
+<!doctype html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/utils.js"></script>
+<script src="/shared-storage/resources/util.js"></script>
+<script src="/fenced-frame/resources/utils.js"></script>
+
+<body>
+<script>
+'use strict';
+
+promise_test(async () => {
+  const ancestor_key = token();
+  const crossOrigin = 'https://{{domains[www]}}:{{ports[https][0]}}';
+  const set_cookie_url = crossOrigin + `/cookies/resources/set-cookie.py` +
+                         `?name=key0` +
+                         `&path=/shared-storage/`;
+  const helper_url = crossOrigin +
+                     `/shared-storage/resources/credentials-test-helper.py` +
+                     `?access_control_allow_origin_header=${window.origin}` +
+                     `&access_control_allow_credentials_header=true` +
+                     `&token=${ancestor_key}`;
+
+  await fetch(set_cookie_url, { mode: 'no-cors', credentials: 'include' });
+
+  const worklet = await sharedStorage.createWorklet(
+    helper_url + `&action=store-cookie`,
+    { credentials: "include" });
+
+  const request_cookie_fetch_response =
+    await fetch(helper_url + `&action=get-cookie`);
+
+  const request_cookie_text = await request_cookie_fetch_response.text();
+
+  assert_equals(request_cookie_text, "key0=1");
+}, 'createWorklet() with cross-origin module script and credentials "include"');
+
+</script>
+</body>
diff --git a/shared-storage/cross-origin-create-worklet-credentials-omit.tentative.https.sub.html b/shared-storage/cross-origin-create-worklet-credentials-omit.tentative.https.sub.html
new file mode 100644
index 00000000000000..ddda1809f2ca95
--- /dev/null
+++ b/shared-storage/cross-origin-create-worklet-credentials-omit.tentative.https.sub.html
@@ -0,0 +1,38 @@
+<!doctype html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/utils.js"></script>
+<script src="/shared-storage/resources/util.js"></script>
+<script src="/fenced-frame/resources/utils.js"></script>
+
+<body>
+<script>
+'use strict';
+
+promise_test(async () => {
+  const ancestor_key = token();
+  const crossOrigin = 'https://{{domains[www]}}:{{ports[https][0]}}';
+  const set_cookie_url = crossOrigin + `/cookies/resources/set-cookie.py` +
+                         `?name=key0` +
+                         `&path=/shared-storage/`;
+  const helper_url = crossOrigin +
+                     `/shared-storage/resources/credentials-test-helper.py` +
+                     `?access_control_allow_origin_header=${window.origin}` +
+                     `&token=${ancestor_key}`;
+
+  await fetch(set_cookie_url, { mode: 'no-cors', credentials: 'include' });
+
+  const worklet = await sharedStorage.createWorklet(
+    helper_url + `&action=store-cookie`,
+    { credentials: "omit" });
+
+  const request_cookie_fetch_response =
+    await fetch(helper_url + `&action=get-cookie`);
+
+  const request_cookie_text = await request_cookie_fetch_response.text();
+
+  assert_equals(request_cookie_text, "NO_COOKIE_HEADER");
+}, 'createWorklet() with cross-origin module script and credentials "omit"');
+
+</script>
+</body>
diff --git a/shared-storage/cross-origin-create-worklet-credentials-same-origin.tentative.https.sub.html b/shared-storage/cross-origin-create-worklet-credentials-same-origin.tentative.https.sub.html
new file mode 100644
index 00000000000000..99701d2b7d40a1
--- /dev/null
+++ b/shared-storage/cross-origin-create-worklet-credentials-same-origin.tentative.https.sub.html
@@ -0,0 +1,38 @@
+<!doctype html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/utils.js"></script>
+<script src="/shared-storage/resources/util.js"></script>
+<script src="/fenced-frame/resources/utils.js"></script>
+
+<body>
+<script>
+'use strict';
+
+promise_test(async () => {
+  const ancestor_key = token();
+  const crossOrigin = 'https://{{domains[www]}}:{{ports[https][0]}}';
+  const set_cookie_url = crossOrigin + `/cookies/resources/set-cookie.py` +
+                         `?name=key0` +
+                         `&path=/shared-storage/`;
+  const helper_url = crossOrigin +
+                     `/shared-storage/resources/credentials-test-helper.py` +
+                     `?access_control_allow_origin_header=${window.origin}` +
+                     `&token=${ancestor_key}`;
+
+  await fetch(set_cookie_url, { mode: 'no-cors', credentials: 'include' });
+
+  const worklet = await sharedStorage.createWorklet(
+    helper_url + `&action=store-cookie`,
+    { credentials: "same-origin" });
+
+  const request_cookie_fetch_response =
+    await fetch(helper_url + `&action=get-cookie`);
+
+  const request_cookie_text = await request_cookie_fetch_response.text();
+
+  assert_equals(request_cookie_text, "NO_COOKIE_HEADER");
+}, 'createWorklet() with cross-origin module script and credentials "same-origin"');
+
+</script>
+</body>
diff --git a/shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-credentials.tentative.https.sub.html b/shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-credentials.tentative.https.sub.html
new file mode 100644
index 00000000000000..598fd8f405abdc
--- /dev/null
+++ b/shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-credentials.tentative.https.sub.html
@@ -0,0 +1,29 @@
+<!doctype html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/utils.js"></script>
+<script src="/shared-storage/resources/util.js"></script>
+<script src="/fenced-frame/resources/utils.js"></script>
+
+<body>
+<script>
+'use strict';
+
+promise_test(async t => {
+  const ancestor_key = token();
+  const crossOrigin = 'https://{{domains[www]}}:{{ports[https][0]}}';
+  const helper_url = crossOrigin +
+                     `/shared-storage/resources/credentials-test-helper.py` +
+                     `?access_control_allow_origin_header=${window.origin}` +
+                     `&token=${ancestor_key}`;
+
+  return promise_rejects_dom(t, "OperationError",
+    sharedStorage.createWorklet(
+      helper_url + `&action=store-cookie`,
+      { credentials: "include" }));
+}, 'createWorklet() with cross-origin module script and credentials ' +
+   '"include", and without the Access-Control-Allow-Credentials response ' +
+   'header');
+
+</script>
+</body>
diff --git a/shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-origin.tentative.https.sub.html b/shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-origin.tentative.https.sub.html
new file mode 100644
index 00000000000000..4195d09fc06c46
--- /dev/null
+++ b/shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-origin.tentative.https.sub.html
@@ -0,0 +1,28 @@
+<!doctype html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/utils.js"></script>
+<script src="/shared-storage/resources/util.js"></script>
+<script src="/fenced-frame/resources/utils.js"></script>
+
+<body>
+<script>
+'use strict';
+
+promise_test(async t => {
+  const ancestor_key = token();
+  const crossOrigin = 'https://{{domains[www]}}:{{ports[https][0]}}';
+  const helper_url = crossOrigin +
+                     `/shared-storage/resources/credentials-test-helper.py` +
+                     `&access_control_allow_credentials_header=true` +
+                     `&token=${ancestor_key}`;
+
+  return promise_rejects_dom(t, "OperationError",
+    sharedStorage.createWorklet(
+      helper_url + `&action=store-cookie`,
+      { credentials: "include" }));
+}, 'createWorklet() with cross-origin module script and credentials ' +
+   '"include", and without the Access-Control-Allow-Origin response header');
+
+</script>
+</body>
diff --git a/shared-storage/resources/credentials-test-helper.py b/shared-storage/resources/credentials-test-helper.py
index 81a988e3581f05..46fc0ea6fb2a99 100644
--- a/shared-storage/resources/credentials-test-helper.py
+++ b/shared-storage/resources/credentials-test-helper.py
@@ -13,6 +13,12 @@ def main(request, response):
     response.status = 200
     response.headers.append(b"Content-Type", b"text/javascript")
 
+    if b"access_control_allow_credentials_header" in request.GET:
+      response.headers.append(b"Access-Control-Allow-Credentials", request.GET[b"access_control_allow_credentials_header"])
+
+    if b"access_control_allow_origin_header" in request.GET:
+      response.headers.append(b"Access-Control-Allow-Origin", request.GET[b"access_control_allow_origin_header"])
+
     if action == b"store-cookie":
       cookie = request.headers.get(b"Cookie", b"NO_COOKIE_HEADER")
       request.server.stash.put(token, cookie)