Resync html/semantics/embedded-content/the-iframe-element from upstre…

…am WPT

https://bugs.webkit.org/show_bug.cgi?id=259215

Reviewed by Tim Nguyen.

Resync html/semantics/embedded-content/the-iframe-element from upstream WPT @c2d7bf00e841e28234f10.

* LayoutTests/TestExpectations:
* LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/*: Updated.

Canonical link: https://commits.webkit.org/266081@main

LayoutTests/TestExpectations

@@ -490,6 +490,7 @@ imported/w3c/web-platform-tests/html/infrastructure/urls/resolving-urls/query-en
 imported/w3c/web-platform-tests/html/semantics/embedded-content/media-elements/autoplay-allowed-by-feature-policy-attribute.https.sub.html [ DumpJSConsoleLogInStdErr ]
 imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe-network-error.sub.html [ DumpJSConsoleLogInStdErr ]
 imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_anchor_download_allow_downloads.tentative.html [ DumpJSConsoleLogInStdErr ]
+imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/sandbox-top-navigation-escalate-privileges.tentative.sub.window.html [ DumpJSConsoleLogInStdErr ]
 imported/w3c/web-platform-tests/html/canvas/element/manual/imagebitmap/createImageBitmap-invalid-args.html [ DumpJSConsoleLogInStdErr ]
 imported/w3c/web-platform-tests/html/user-activation/no-activation-thru-escape-key.html [ DumpJSConsoleLogInStdErr ]
 imported/w3c/web-platform-tests/html/webappapis/scripting/processing-model-2/unhandled-promise-rejections/promise-rejection-event-during-parse.html [ DumpJSConsoleLogInStdErr ]
@@ -6539,6 +6540,12 @@ imported/w3c/web-platform-tests/css/css-overflow/scrollable-overflow-padding.htm
 imported/w3c/web-platform-tests/css/css-overflow/webkit-line-clamp-029.html [ Skip ]
 imported/w3c/web-platform-tests/css/css-overflow/webkit-line-clamp-block-in-inline-001.html [ Skip ]
 
+# These tests have been flaky since their import.
+imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/sandbox-top-navigation-child-special-cases.tentative.sub.window.html [ DumpJSConsoleLogInStdErr Pass Failure ]
+imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/sandbox-top-navigation-child.tentative.sub.window.html [ DumpJSConsoleLogInStdErr Pass Failure ]
+imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/sandbox-top-navigation-grandchild.tentative.sub.window.html [ DumpJSConsoleLogInStdErr Pass Failure ]
+
+
 # Skipping scrollbar-gutter tests until the feature gets implemented. webkit.org/b/167335
 imported/w3c/web-platform-tests/css/css-overflow/overflow-auto-scrollbar-gutter-intrinsic-001.html [ Skip ]
 imported/w3c/web-platform-tests/css/css-overflow/overflow-auto-scrollbar-gutter-intrinsic-002.html [ Skip ]

LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/resources/sandbox-top-navigation-helper.js

@@ -0,0 +1,78 @@
+// To use this file, use the following imports:
+// // META: script=/common/dispatcher/dispatcher.js
+// // META: script=/common/get-host-info.sub.js
+// // META: script=/common/utils.js
+// // META: script=/resources/testdriver.js
+// // META: script=/resources/testdriver-vendor.js
+// // META: script=/resources/testharness.js
+// // META: script=/resources/testharnessreport.js
+// // META: script=/html/browsers/browsing-the-web/remote-context-helper/resources/remote-context-helper.js
+// // META: script=./resources/sandbox-top-navigation-helper.js
+
+// Helper file that provides various functions to test top-level navigation
+// with various frame and sandbox flag configurations.
+
+async function createNestedIframe(parent, origin, frame_sandbox, header_sandbox)
+{
+  let headers = [];
+  if (header_sandbox) {
+    headers.push([
+      "Content-Security-Policy",
+      "sandbox allow-scripts " + header_sandbox
+    ]);
+  }
+  let iframe_attributes = {};
+  if (frame_sandbox) {
+    iframe_attributes.sandbox = "allow-scripts " + frame_sandbox;
+  }
+  return parent.addIframe({
+    origin: origin,
+    scripts: [
+      '/resources/testdriver.js',
+      '/resources/testdriver-driver.js',
+      '/resources/testdriver-vendor.js'
+    ],
+    headers: headers,
+  }, iframe_attributes);
+}
+
+async function attemptTopNavigation(iframe, should_succeed) {
+  let did_succeed;
+  try {
+    await iframe.executeScript(() => {
+      window.top.location.href = "https://google.com";
+    });
+    did_succeed = true;
+  } catch (e) {
+    did_succeed = false;
+  }
+
+  assert_equals(did_succeed, should_succeed,
+      should_succeed ?
+          "The navigation should succeed." :
+          "The navigation should fail.");
+}
+
+async function setupTest() {
+  const rcHelper = new RemoteContextHelper();
+  return rcHelper.addWindow(/*config=*/ null, /*options=*/ {});
+}
+
+async function activate(iframe) {
+  return iframe.executeScript(async () => {
+    let b = document.createElement("button");
+    document.body.appendChild(b);
+
+    // Since test_driver.bless() does not play nicely with the remote context
+    // helper, this is a workaround to trigger user activation in the iframe.
+    // This adds a button to the iframe and then simulates hitting the 'tab' key
+    // twice. Once to focus on the button, and once to trigger user activation
+    // in the iframe (user activation is given to the frame that has focus when
+    // the tab key is pressed, not the frame that ends up getting focus). Note
+    // that this will result in both the parent and this frame getting user
+    // activation. Note that this currently only works for iframes nested 1
+    // level deep.
+    test_driver.set_test_context(window.top);
+    return test_driver.send_keys(document.body, "\uE004\uE004");
+  });
+}

LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/resources/w3c-import.log

@@ -18,5 +18,6 @@ List of files:
 /LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/resources/hello-world.html
 /LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/resources/iframe-loading-lazy-in-viewport.html
 /LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/resources/post-origin-to-opener.html
+/LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/resources/sandbox-top-navigation-helper.js
 /LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/resources/subframe.html
 /LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/resources/unload-reporter.html

LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/sandbox-top-navigation-child-special-cases.tentative.sub.window-expected.txt

@@ -0,0 +1,8 @@
+Blocked access to external URL https://google.com/
+Blocked access to external URL https://google.com/
+
+FAIL Allow top with user activation + user activation assert_equals: The navigation should succeed. expected true but got false
+PASS allow-top-navigation-by-user-activation set but no sticky activation
+PASS A cross-origin frame with frame sandbox flags can navigate top
+FAIL A cross-origin frame with delivered sandbox flags can not navigate top assert_equals: The navigation should fail. expected false but got true
+

LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/sandbox-top-navigation-child-special-cases.tentative.sub.window.html

@@ -0,0 +1 @@
+<!-- This file is required for WebKit test infrastructure to run the templated test -->

LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/sandbox-top-navigation-child-special-cases.tentative.sub.window.js

@@ -0,0 +1,49 @@
+// META: title=Top-level navigation tests with cross origin & user activated child frames
+// META: script=/common/dispatcher/dispatcher.js
+// META: script=/common/get-host-info.sub.js
+// META: script=/common/utils.js
+// META: script=/resources/testdriver.js
+// META: script=/resources/testdriver-vendor.js
+// META: script=/resources/testharness.js
+// META: script=/resources/testharnessreport.js
+// META: script=/html/browsers/browsing-the-web/remote-context-helper/resources/remote-context-helper.js
+// META: script=./resources/sandbox-top-navigation-helper.js
+
+'use strict';
+
+/* ------------------------- USER ACTIVATION TESTS ------------------------- */
+
+promise_test(async t => {
+  const main = await setupTest();
+  const iframe_1 = await createNestedIframe(main,
+      "HTTP_ORIGIN", "allow-top-navigation-by-user-activation", "");
+  await activate(iframe_1);
+
+  await attemptTopNavigation(iframe_1, true);
+}, "Allow top with user activation + user activation");
+
+promise_test(async t => {
+  const main = await setupTest();
+  const iframe_1 = await createNestedIframe(main,
+      "HTTP_ORIGIN", "allow-top-navigation-by-user-activation", "");
+
+  await attemptTopNavigation(iframe_1, false);
+}, "allow-top-navigation-by-user-activation set but no sticky activation");
+
+/* ---------------------- CROSS ORIGIN (A -> B) TESTS ---------------------- */
+
+promise_test(async t => {
+  const main = await setupTest();
+  const iframe_1 = await createNestedIframe(main,
+      "HTTP_REMOTE_ORIGIN", "allow-top-navigation", "");
+
+  await attemptTopNavigation(iframe_1, true);
+}, "A cross-origin frame with frame sandbox flags can navigate top");
+
+promise_test(async t => {
+  const main = await setupTest();
+  const iframe_1 = await createNestedIframe(main,
+      "HTTP_REMOTE_ORIGIN", "", "allow-top-navigation");
+
+  await attemptTopNavigation(iframe_1, false);
+}, "A cross-origin frame with delivered sandbox flags can not navigate top");

LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/sandbox-top-navigation-child.tentative.sub.window-expected.txt

@@ -0,0 +1,17 @@
+CONSOLE MESSAGE: Unhandled Promise Rejection: [object Event]
+Blocked access to external URL https://google.com/
+CONSOLE MESSAGE: Unhandled Promise Rejection: [object Event]
+Blocked access to external URL https://google.com/
+CONSOLE MESSAGE: Unhandled Promise Rejection: [object Event]
+Blocked access to external URL https://google.com/
+CONSOLE MESSAGE: Unhandled Promise Rejection: [object Event]
+Blocked access to external URL https://google.com/
+CONSOLE MESSAGE: Unhandled Promise Rejection: [object Event]
+Blocked access to external URL https://google.com/
+
+PASS A same-origin frame with delivered sandbox flags can navigate top
+PASS A same-origin frame with frame sandbox flags can navigate top
+PASS A same-origin unsandboxed frame can navigate top
+PASS A frame with both top navigation delivered sandbox flags uses the less     restrictive one
+PASS A frame with both top navigation frame sandbox flags uses the less     restrictive one
+

LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/sandbox-top-navigation-child.tentative.sub.window.html

@@ -0,0 +1 @@
+<!-- This file is required for WebKit test infrastructure to run the templated test -->

LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/sandbox-top-navigation-child.tentative.sub.window.js

@@ -0,0 +1,58 @@
+// META: title=Top-level navigation tests with child frames
+// META: script=/common/dispatcher/dispatcher.js
+// META: script=/common/get-host-info.sub.js
+// META: script=/common/utils.js
+// META: script=/resources/testdriver.js
+// META: script=/resources/testdriver-vendor.js
+// META: script=/resources/testharness.js
+// META: script=/resources/testharnessreport.js
+// META: script=/html/browsers/browsing-the-web/remote-context-helper/resources/remote-context-helper.js
+// META: script=./resources/sandbox-top-navigation-helper.js
+
+'use strict';
+
+/* ----------------------- SAME ORIGIN (A -> A) TESTS ----------------------- */
+
+promise_test(async t => {
+  const main = await setupTest();
+  const iframe_1 = await createNestedIframe(main,
+      "HTTP_ORIGIN", "", "allow-top-navigation allow-same-origin");
+
+  await attemptTopNavigation(iframe_1, true);
+}, "A same-origin frame with delivered sandbox flags can navigate top");
+
+promise_test(async t => {
+  const main = await setupTest();
+  const iframe_1 = await createNestedIframe(main,
+      "HTTP_ORIGIN", "allow-top-navigation allow-same-origin", "");
+
+  await attemptTopNavigation(iframe_1, true);
+}, "A same-origin frame with frame sandbox flags can navigate top");
+
+promise_test(async t => {
+  const main = await setupTest();
+  const iframe_1 = await createNestedIframe(main,
+      "HTTP_ORIGIN", "", "");
+
+  await attemptTopNavigation(iframe_1, true);
+}, "A same-origin unsandboxed frame can navigate top");
+
+promise_test(async t => {
+  const main = await setupTest();
+  const iframe_1 = await createNestedIframe(main,
+      "HTTP_ORIGIN", "",
+      "allow-top-navigation allow-top-navigation-by-user-activation allow-same-origin");
+
+  await attemptTopNavigation(iframe_1, true);
+}, "A frame with both top navigation delivered sandbox flags uses the less \
+    restrictive one");
+
+promise_test(async t => {
+  const main = await setupTest();
+  const iframe_1 = await createNestedIframe(main,
+      "HTTP_ORIGIN",
+      "allow-top-navigation allow-top-navigation-by-user-activation", "");
+
+  await attemptTopNavigation(iframe_1, true);
+}, "A frame with both top navigation frame sandbox flags uses the less \
+    restrictive one");

LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/sandbox-top-navigation-escalate-privileges.tentative.sub.window-expected.txt

@@ -0,0 +1,5 @@
+Blocked access to external URL http://www2.localhost:8800/html/browsers/browsing-the-web/remote-context-helper/resources/executor.html?uuid=5f56c8da-0b46-4eb9-962f-3b1a5dc32e10&pipe=&script=http%3A%2F%2Flocalhost%3A8800%2Fresources%2Ftestdriver.js&script=http%3A%2F%2Flocalhost%3A8800%2Fresources%2Ftestdriver-driver.js&script=http%3A%2F%2Flocalhost%3A8800%2Fresources%2Ftestdriver-vendor.js
+
+Harness Error (TIMEOUT), message = null
+
+

LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/sandbox-top-navigation-escalate-privileges.tentative.sub.window.html

@@ -0,0 +1 @@
+<!-- This file is required for WebKit test infrastructure to run the templated test -->

LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/sandbox-top-navigation-escalate-privileges.tentative.sub.window.js

@@ -0,0 +1,65 @@
+// META: title=Top-level navigation tests with frames that try to give themselves top-nav permission
+// META: script=/common/dispatcher/dispatcher.js
+// META: script=/common/get-host-info.sub.js
+// META: script=/common/utils.js
+// META: script=/resources/testdriver.js
+// META: script=/resources/testdriver-vendor.js
+// META: script=/resources/testharness.js
+// META: script=/resources/testharnessreport.js
+// META: script=/html/browsers/browsing-the-web/remote-context-helper/resources/remote-context-helper.js
+// META: script=./resources/sandbox-top-navigation-helper.js
+
+'use strict';
+
+promise_test(async t => {
+  const main = await setupTest();
+  const iframe_1 = await createNestedIframe(main,
+      "HTTP_REMOTE_ORIGIN", "", "");
+  const iframe_2 = await createNestedIframe(iframe_1,
+      "HTTP_REMOTE_ORIGIN", "allow-top-navigation", "");
+
+  await attemptTopNavigation(iframe_2, false);
+}, "A cross origin unsandboxed frame can't escalate privileges in a child \
+    frame");
+
+promise_test(async t => {
+  const main = await setupTest();
+  const iframe_1 = await createNestedIframe(main,
+      "HTTP_REMOTE_ORIGIN", "allow-top-navigation", "");
+  const iframe_2 = await createNestedIframe(iframe_1,
+      "OTHER_ORIGIN", "", "");
+
+  await attemptTopNavigation(iframe_2, true);
+}, "An unsandboxed grandchild inherits its parents ability to navigate top.");
+
+promise_test(async t => {
+  const main = await setupTest();
+  const iframe_1 = await createNestedIframe(main,
+      "HTTP_ORIGIN", "", "");
+  const iframe_2 = await createNestedIframe(iframe_1,
+      "HTTP_ORIGIN", "allow-top-navigation", "");
+
+  await attemptTopNavigation(iframe_2, true);
+}, "A same-origin grandchild with frame allow-top can navigate top");
+
+promise_test(async t => {
+  const main = await setupTest();
+  const iframe_1 = await createNestedIframe(main,
+      "HTTP_ORIGIN", "", "");
+  const iframe_2 = await createNestedIframe(iframe_1,
+      "HTTP_ORIGIN", "", "allow-top-navigation");
+
+  await attemptTopNavigation(iframe_2, false);
+}, "A sandboxed same-origin grandchild without allow-same-origin can't \
+    escalate its own top-nav privileges");
+
+promise_test(async t => {
+  const main = await setupTest();
+  const iframe_1 = await createNestedIframe(main,
+      "HTTP_ORIGIN", "", "");
+  const iframe_2 = await createNestedIframe(iframe_1,
+      "HTTP_ORIGIN", "", "allow-same-origin allow-top-navigation");
+
+  await attemptTopNavigation(iframe_2, true);
+}, "A sandboxed same-origin grandchild with allow-same-origin can \
+    give itself top-nav privileges");

LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/sandbox-top-navigation-grandchild.tentative.sub.window-expected.txt

@@ -0,0 +1,9 @@
+Blocked access to external URL https://google.com/
+Blocked access to external URL https://google.com/
+Blocked access to external URL https://google.com/
+
+PASS A fully sandboxed same-origin grandchild can't navigate top
+PASS An unsandboxed same-origin grandchild can navigate top
+PASS A same-origin grandchild in a cross-origin parent can navigate top
+PASS A same-origin sandboxed grandchild in a cross-origin parent can navigate top
+

LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/sandbox-top-navigation-grandchild.tentative.sub.window.html

@@ -0,0 +1 @@
+<!-- This file is required for WebKit test infrastructure to run the templated test -->

LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/sandbox-top-navigation-grandchild.tentative.sub.window.js

@@ -0,0 +1,52 @@
+// META: title=Top-level navigation tests with grandchild frames
+// META: script=/common/dispatcher/dispatcher.js
+// META: script=/common/get-host-info.sub.js
+// META: script=/common/utils.js
+// META: script=/resources/testdriver.js
+// META: script=/resources/testdriver-vendor.js
+// META: script=/resources/testharness.js
+// META: script=/resources/testharnessreport.js
+// META: script=/html/browsers/browsing-the-web/remote-context-helper/resources/remote-context-helper.js
+// META: script=./resources/sandbox-top-navigation-helper.js
+
+'use strict';
+
+promise_test(async t => {
+  const main = await setupTest();
+  const iframe_1 = await createNestedIframe(main,
+      "HTTP_ORIGIN", "", "");
+  const iframe_2 = await createNestedIframe(iframe_1,
+      "HTTP_ORIGIN", "allow-scripts", "");
+
+  await attemptTopNavigation(iframe_2, false);
+}, "A fully sandboxed same-origin grandchild can't navigate top");
+
+promise_test(async t => {
+  const main = await setupTest();
+  const iframe_1 = await createNestedIframe(main,
+      "HTTP_ORIGIN", "", "");
+  const iframe_2 = await createNestedIframe(iframe_1,
+      "HTTP_ORIGIN", "", "");
+
+  await attemptTopNavigation(iframe_2, true);
+}, "An unsandboxed same-origin grandchild can navigate top");
+
+promise_test(async t => {
+  const main = await setupTest();
+  const iframe_1 = await createNestedIframe(main,
+      "HTTP_REMOTE_ORIGIN", "", "");
+  const iframe_2 = await createNestedIframe(iframe_1,
+      "HTTP_ORIGIN", "", "");
+
+  await attemptTopNavigation(iframe_2, true);
+}, "A same-origin grandchild in a cross-origin parent can navigate top");
+
+promise_test(async t => {
+  const main = await setupTest();
+  const iframe_1 = await createNestedIframe(main,
+      "HTTP_REMOTE_ORIGIN", "", "");
+  const iframe_2 = await createNestedIframe(iframe_1,
+      "HTTP_ORIGIN", "allow-top-navigation allow-same-origin", "");
+
+  await attemptTopNavigation(iframe_2, true);
+}, "A same-origin sandboxed grandchild in a cross-origin parent can navigate top");