From 317f36168c015ed369007d0cf814583beceb8e82 Mon Sep 17 00:00:00 2001
From: Lily Chen <chlily@chromium.org>
Date: Mon, 26 Jul 2021 10:08:19 -0700
Subject: [PATCH] Remove legacy-samesite Web Platform Tests

SameSite-Lax-by-default and SameSite=None-requires-Secure have been
standardized ([1], [2]) and launched in Chromium [3] as well as
Firefox [4]. The WPTs testing "legacy" behavior are no longer needed,
and they are also failing on wpt.fyi [5].

This change removes the legacy-samesite virtual test suite, as well as
the ?legacy-samesite variant of the tests in wpt/cookie/samesite/. The
test for SameSite=None-requires-Secure also loses its "tentative"
designation.

Chromium will soon no longer support the configuration used in the
virtual test suite, so there would be no way to run these tests anyway.

[1] https://github.com/httpwg/http-extensions/pull/1325
[2] https://github.com/httpwg/http-extensions/pull/1323
[3] https://crrev.com/c/2231445
[4] https://hacks.mozilla.org/2020/08/changes-to-samesite-cookie-behavior/
[5] https://wpt.fyi/results/cookies/samesite?run_id=5099687737556992&run_id=5641857632567296&run_id=5678463840157696&run_id=5638004375814144

Bug: 961439, 1211388
Change-Id: Idb3c835908bcd61dde3593b4fb4f9349e738031f
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3047679
Reviewed-by: Steven Bingler <bingler@chromium.org>
Commit-Queue: Lily Chen <chlily@chromium.org>
Cr-Commit-Position: refs/heads/master@{#905289}
---
 cookies/resources/cookie-helper.sub.js        | 64 ++-----------------
 ...ithout-samesite-must-be-secure.https.html} |  0
 cookies/samesite/fetch.https.html             |  4 +-
 .../samesite/form-get-blank-reload.https.html |  4 +-
 cookies/samesite/form-get-blank.https.html    |  4 +-
 .../form-post-blank-reload.https.html         |  4 +-
 cookies/samesite/form-post-blank.https.html   |  4 +-
 cookies/samesite/iframe-reload.https.html     |  4 +-
 cookies/samesite/iframe.https.html            |  4 +-
 cookies/samesite/img.https.html               | 13 +---
 .../multiple-samesite-attributes.https.html   | 37 ++++-------
 cookies/samesite/setcookie-lax.https.html     |  4 +-
 .../samesite/setcookie-navigation.https.html  |  5 +-
 .../samesite/window-open-reload.https.html    |  4 +-
 cookies/samesite/window-open.https.html       |  4 +-
 15 files changed, 32 insertions(+), 127 deletions(-)
 rename cookies/samesite-none-secure/{cookies-without-samesite-must-be-secure.https.tentative.html => cookies-without-samesite-must-be-secure.https.html} (100%)

diff --git a/cookies/resources/cookie-helper.sub.js b/cookies/resources/cookie-helper.sub.js
index 789d38d1eb4062..1420779e0d5a13 100644
--- a/cookies/resources/cookie-helper.sub.js
+++ b/cookies/resources/cookie-helper.sub.js
@@ -167,32 +167,9 @@ async function resetSameSiteCookies(origin, value) {
   }
 }
 
-// Given an |expectedStatus| and |expectedValue|, assert the |cookies| contains the
-// proper set of cookie names and values, according to the legacy behavior where
-// unspecified SameSite attribute defaults to SameSite=None behavior.
-function verifySameSiteCookieStateLegacy(expectedStatus, expectedValue, cookies, domCookieStatus) {
-    assert_equals(cookies["samesite_none"], expectedValue, "SameSite=None cookies are always sent.");
-    assert_equals(cookies["samesite_unspecified"], expectedValue, "Unspecified-SameSite cookies are always sent.");
-    if (expectedStatus == SameSiteStatus.CROSS_SITE) {
-      assert_not_equals(cookies["samesite_strict"], expectedValue, "SameSite=Strict cookies are not sent with cross-site requests.");
-      assert_not_equals(cookies["samesite_lax"], expectedValue, "SameSite=Lax cookies are not sent with cross-site requests.");
-    } else if (expectedStatus == SameSiteStatus.LAX) {
-      assert_not_equals(cookies["samesite_strict"], expectedValue, "SameSite=Strict cookies are not sent with lax requests.");
-      assert_equals(cookies["samesite_lax"], expectedValue, "SameSite=Lax cookies are sent with lax requests.");
-    } else if (expectedStatus == SameSiteStatus.STRICT) {
-      assert_equals(cookies["samesite_strict"], expectedValue, "SameSite=Strict cookies are sent with strict requests.");
-      assert_equals(cookies["samesite_lax"], expectedValue, "SameSite=Lax cookies are sent with strict requests.");
-    }
-
-    if (cookies["domcookies"]) {
-      verifyDocumentCookieLegacy(domCookieStatus, expectedValue, cookies["domcookies"]);
-    }
-}
-
-// Same as above except this expects samesite_unspecified to act the same as
-// samesite_lax (which is the behavior expected when SameSiteByDefault is
-// enabled).
-function verifySameSiteCookieStateWithSameSiteByDefault(expectedStatus, expectedValue, cookies, domCookieStatus) {
+// Given an |expectedStatus| and |expectedValue|, assert the |cookies| contains
+// the proper set of cookie names and values. Expects SameSite-Lax-by-default.
+function verifySameSiteCookieState(expectedStatus, expectedValue, cookies, domCookieStatus) {
     assert_equals(cookies["samesite_none"], expectedValue, "SameSite=None cookies are always sent.");
     if (expectedStatus == SameSiteStatus.CROSS_SITE) {
       assert_not_equals(cookies["samesite_strict"], expectedValue, "SameSite=Strict cookies are not sent with cross-site requests.");
@@ -209,32 +186,11 @@ function verifySameSiteCookieStateWithSameSiteByDefault(expectedStatus, expected
     }
 
     if (cookies["domcookies"]) {
-      verifyDocumentCookieWithSameSiteByDefault(domCookieStatus, expectedValue, cookies["domcookies"]);
-    }
-}
-
-function verifyDocumentCookieLegacy(expectedStatus, expectedValue, domcookies) {
-  const cookies = domcookies.split(";")
-                            .map(cookie => cookie.trim().split("="))
-                            .reduce((obj, cookie) => {
-                              obj[cookie[0]] = cookie[1];
-                              return obj;
-                            }, {});
-
-  if (expectedStatus == DomSameSiteStatus.SAME_SITE) {
-    assert_equals(cookies["samesite_none"], expectedValue, "SameSite=None cookies are always included in document.cookie.");
-    assert_equals(cookies["samesite_unspecified"], expectedValue, "Unspecified-SameSite cookies are always included in document.cookie.");
-    assert_equals(cookies["samesite_strict"], expectedValue, "SameSite=Strict cookies are always included in document.cookie.");
-    assert_equals(cookies["samesite_lax"], expectedValue, "SameSite=Lax cookies are always included in document.cookie.");
-  } else if (expectedStatus == DomSameSiteStatus.CROSS_SITE) {
-    assert_equals(cookies["samesite_none"], expectedValue, "SameSite=None cookies are always included in document.cookie.");
-    assert_equals(cookies["samesite_unspecified"], expectedValue, "Unspecified-SameSite cookies are always included in document.cookie.");
-    assert_not_equals(cookies["samesite_strict"], expectedValue, "SameSite=Strict cookies are not included in document.cookie when cross-site.");
-    assert_not_equals(cookies["samesite_lax"], expectedValue, "SameSite=Lax cookies are not included in document.cookie when cross-site.");
+      verifyDocumentCookieSameSite(domCookieStatus, expectedValue, cookies['domcookies']);
   }
 }
 
-function verifyDocumentCookieWithSameSiteByDefault(expectedStatus, expectedValue, domcookies) {
+function verifyDocumentCookieSameSite(expectedStatus, expectedValue, domcookies) {
   const cookies = domcookies.split(";")
                             .map(cookie => cookie.trim().split("="))
                             .reduce((obj, cookie) => {
@@ -255,16 +211,6 @@ function verifyDocumentCookieWithSameSiteByDefault(expectedStatus, expectedValue
   }
 }
 
-function isLegacySameSite() {
-  return location.search === "?legacy-samesite";
-}
-
-// Get the proper verifier based on the test's variant type.
-function getSameSiteVerifier() {
-  return isLegacySameSite() ?
-      verifySameSiteCookieStateLegacy : verifySameSiteCookieStateWithSameSiteByDefault;
-}
-
 //
 // LeaveSecureCookiesAlone-specific test helpers:
 //
diff --git a/cookies/samesite-none-secure/cookies-without-samesite-must-be-secure.https.tentative.html b/cookies/samesite-none-secure/cookies-without-samesite-must-be-secure.https.html
similarity index 100%
rename from cookies/samesite-none-secure/cookies-without-samesite-must-be-secure.https.tentative.html
rename to cookies/samesite-none-secure/cookies-without-samesite-must-be-secure.https.html
diff --git a/cookies/samesite/fetch.https.html b/cookies/samesite/fetch.https.html
index 934fc06765c484..79e49009fb8fce 100644
--- a/cookies/samesite/fetch.https.html
+++ b/cookies/samesite/fetch.https.html
@@ -1,8 +1,6 @@
 <!DOCTYPE html>
 <meta charset="utf-8"/>
 <meta name="timeout" content="long">
-<meta name="variant" content="">
-<meta name="variant" content="?legacy-samesite">
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/cookies/resources/cookie-helper.sub.js"></script>
@@ -15,7 +13,7 @@
           return credFetch(target + "/cookies/resources/list.py")
 
             .then(r => r.json())
-            .then(cookies => getSameSiteVerifier()(expectedStatus, value, cookies, DomSameSiteStatus.SAME_SITE));
+            .then(cookies => verifySameSiteCookieState(expectedStatus, value, cookies, DomSameSiteStatus.SAME_SITE));
         });
     }, title);
   }
diff --git a/cookies/samesite/form-get-blank-reload.https.html b/cookies/samesite/form-get-blank-reload.https.html
index 611255f7374dae..ff39899f04338b 100644
--- a/cookies/samesite/form-get-blank-reload.https.html
+++ b/cookies/samesite/form-get-blank-reload.https.html
@@ -1,7 +1,5 @@
 <!DOCTYPE html>
 <meta charset="utf-8"/>
-<meta name="variant" content="">
-<meta name="variant" content="?legacy-samesite">
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/cookies/resources/cookie-helper.sub.js"></script>
@@ -30,7 +28,7 @@
             var reloaded = false;
             var msgHandler = e => {
               try {
-                getSameSiteVerifier()(expectedStatus, value, e.data, DomSameSiteStatus.SAME_SITE);
+                verifySameSiteCookieState(expectedStatus, value, e.data, DomSameSiteStatus.SAME_SITE);
               } catch (e) {
                 reject(e);
               }
diff --git a/cookies/samesite/form-get-blank.https.html b/cookies/samesite/form-get-blank.https.html
index 3b059174d0b9e7..e0f6799e99f38c 100644
--- a/cookies/samesite/form-get-blank.https.html
+++ b/cookies/samesite/form-get-blank.https.html
@@ -1,8 +1,6 @@
 <!DOCTYPE html>
 <meta charset="utf-8"/>
 <meta name="timeout" content="long">
-<meta name="variant" content="">
-<meta name="variant" content="?legacy-samesite">
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/cookies/resources/cookie-helper.sub.js"></script>
@@ -33,7 +31,7 @@
               window.removeEventListener("message", msgHandler);
               e.source.close();
               try {
-                getSameSiteVerifier()(expectedStatus, value, e.data, DomSameSiteStatus.SAME_SITE);
+                verifySameSiteCookieState(expectedStatus, value, e.data, DomSameSiteStatus.SAME_SITE);
                 resolve("Popup received the cookie.");
               } catch (e) {
                 reject(e);
diff --git a/cookies/samesite/form-post-blank-reload.https.html b/cookies/samesite/form-post-blank-reload.https.html
index fedb0a03c5a9a6..9d1ef2ea47d9b5 100644
--- a/cookies/samesite/form-post-blank-reload.https.html
+++ b/cookies/samesite/form-post-blank-reload.https.html
@@ -1,7 +1,5 @@
 <!DOCTYPE html>
 <meta charset="utf-8"/>
-<meta name="variant" content="">
-<meta name="variant" content="?legacy-samesite">
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/cookies/resources/cookie-helper.sub.js"></script>
@@ -20,7 +18,7 @@
             var reloaded = false;
             var msgHandler = e => {
               try {
-                getSameSiteVerifier()(expectedStatus, value, e.data, DomSameSiteStatus.SAME_SITE);
+                verifySameSiteCookieState(expectedStatus, value, e.data, DomSameSiteStatus.SAME_SITE);
               } catch (e) {
                 reject(e);
               }
diff --git a/cookies/samesite/form-post-blank.https.html b/cookies/samesite/form-post-blank.https.html
index cc37f08dd1fa53..9c795b18bc60fa 100644
--- a/cookies/samesite/form-post-blank.https.html
+++ b/cookies/samesite/form-post-blank.https.html
@@ -1,8 +1,6 @@
 <!DOCTYPE html>
 <meta charset="utf-8"/>
 <meta name="timeout" content="long">
-<meta name="variant" content="">
-<meta name="variant" content="?legacy-samesite">
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/cookies/resources/cookie-helper.sub.js"></script>
@@ -22,7 +20,7 @@
               window.removeEventListener("message", msgHandler);
               e.source.close();
               try {
-                getSameSiteVerifier()(expectedStatus, value, e.data, DomSameSiteStatus.SAME_SITE);
+                verifySameSiteCookieState(expectedStatus, value, e.data, DomSameSiteStatus.SAME_SITE);
                 resolve("Popup received the cookie.");
               } catch (e) {
                 reject(e);
diff --git a/cookies/samesite/iframe-reload.https.html b/cookies/samesite/iframe-reload.https.html
index a33c4dd4eb2ac9..ab572f8ba1e699 100644
--- a/cookies/samesite/iframe-reload.https.html
+++ b/cookies/samesite/iframe-reload.https.html
@@ -1,8 +1,6 @@
 <!DOCTYPE html>
 <meta charset="utf-8"/>
 <meta name="timeout" content="long">
-<meta name="variant" content="">
-<meta name="variant" content="?legacy-samesite">
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/cookies/resources/cookie-helper.sub.js"></script>
@@ -21,7 +19,7 @@
             var reloaded = false;
             var msgHandler = e => {
               try {
-                getSameSiteVerifier()(expectedStatus, value, e.data, expectedDomStatus);
+                verifySameSiteCookieState(expectedStatus, value, e.data, expectedDomStatus);
               } catch (e) {
                 reject(e);
               }
diff --git a/cookies/samesite/iframe.https.html b/cookies/samesite/iframe.https.html
index 3c7b638810e2f7..cad523c4a60bd5 100644
--- a/cookies/samesite/iframe.https.html
+++ b/cookies/samesite/iframe.https.html
@@ -1,8 +1,6 @@
 <!DOCTYPE html>
 <meta charset="utf-8"/>
 <meta name="timeout" content="long">
-<meta name="variant" content="">
-<meta name="variant" content="?legacy-samesite">
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/cookies/resources/cookie-helper.sub.js"></script>
@@ -24,7 +22,7 @@
                 document.body.removeChild(iframe);
                 window.removeEventListener("message", msgHandler);
                 try {
-                  getSameSiteVerifier()(expectedStatus, value, e.data, expectedDomStatus);
+                  verifySameSiteCookieState(expectedStatus, value, e.data, expectedDomStatus);
                   resolve();
                 } catch(e) {
                   reject(e);
diff --git a/cookies/samesite/img.https.html b/cookies/samesite/img.https.html
index 68603fd39d9c80..1ddc8d99adfa52 100644
--- a/cookies/samesite/img.https.html
+++ b/cookies/samesite/img.https.html
@@ -1,8 +1,6 @@
 <!DOCTYPE html>
 <meta charset="utf-8"/>
 <meta name="timeout" content="long">
-<meta name="variant" content="">
-<meta name="variant" content="?legacy-samesite">
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/cookies/resources/cookie-helper.sub.js"></script>
@@ -46,15 +44,10 @@
                            assert_cookie_absent(target, "samesite_strict", value),
                          expectedStatus == SameSiteStatus.CROSS_SITE ?
                            assert_cookie_absent(target, "samesite_lax", value) :
-                           assert_cookie_present(target, "samesite_lax", value)];
-          if (isLegacySameSite()) {
-            // Legacy behavior: unspecified SameSite acts like SameSite=None.
-            asserts.push(assert_cookie_present(target, "samesite_unspecified", value));
-          } else {
-            asserts.push(expectedStatus == SameSiteStatus.CROSS_SITE ?
+                           assert_cookie_present(target, "samesite_lax", value),
+                         expectedStatus == SameSiteStatus.CROSS_SITE ?
                            assert_cookie_absent(target, "samesite_unspecified", value) :
-                           assert_cookie_present(target, "samesite_unspecified", value));
-          }
+                           assert_cookie_present(target, "samesite_unspecified", value)];
           return Promise.all(asserts);
         });
     }, title);
diff --git a/cookies/samesite/multiple-samesite-attributes.https.html b/cookies/samesite/multiple-samesite-attributes.https.html
index f1e52a3aea3b8f..d32a39639d1689 100644
--- a/cookies/samesite/multiple-samesite-attributes.https.html
+++ b/cookies/samesite/multiple-samesite-attributes.https.html
@@ -1,8 +1,6 @@
 <!DOCTYPE html>
 <meta charset="utf-8"/>
 <meta name="timeout" content="long">
-<meta name="variant" content="">
-<meta name="variant" content="?legacy-samesite">
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/cookies/resources/cookie-helper.sub.js"></script>
@@ -54,28 +52,19 @@
               assert_cookie_present(target, "samesite_unsupported_lax", value),
             expectedStatus == SameSiteStatus.CROSS_SITE ?
               assert_cookie_absent(target, "samesite_strict_lax", value) :
-              assert_cookie_present(target, "samesite_strict_lax", value)
-          ];
-          if (isLegacySameSite()) {
-            // Legacy behavior: unsupported SameSite value acts like SameSite=None.
-            asserts.push(assert_cookie_present(target, "samesite_none_unsupported", value));
-            asserts.push(assert_cookie_present(target, "samesite_lax_unsupported", value));
-            asserts.push(assert_cookie_present(target, "samesite_strict_unsupported", value));
-            asserts.push(assert_cookie_present(target, "samesite_unsupported", value));
-          } else {
-            asserts.push(expectedStatus == SameSiteStatus.CROSS_SITE ?
-                           assert_cookie_absent(target, "samesite_none_unsupported", value) :
-                           assert_cookie_present(target, "samesite_none_unsupported", value));
-            asserts.push(expectedStatus == SameSiteStatus.CROSS_SITE ?
-                           assert_cookie_absent(target, "samesite_lax_unsupported", value) :
-                           assert_cookie_present(target, "samesite_lax_unsupported", value));
-            asserts.push(expectedStatus == SameSiteStatus.CROSS_SITE ?
-                           assert_cookie_absent(target, "samesite_strict_unsupported", value) :
-                           assert_cookie_present(target, "samesite_strict_unsupported", value));
-            asserts.push(expectedStatus == SameSiteStatus.CROSS_SITE ?
-                           assert_cookie_absent(target, "samesite_unsupported", value) :
-                           assert_cookie_present(target, "samesite_unsupported", value));
-          }
+              assert_cookie_present(target, "samesite_strict_lax", value),
+            expectedStatus == SameSiteStatus.CROSS_SITE ?
+              assert_cookie_absent(target, "samesite_none_unsupported", value) :
+              assert_cookie_present(target, "samesite_none_unsupported", value),
+            expectedStatus == SameSiteStatus.CROSS_SITE ?
+              assert_cookie_absent(target, "samesite_lax_unsupported", value) :
+              assert_cookie_present(target, "samesite_lax_unsupported", value),
+            expectedStatus == SameSiteStatus.CROSS_SITE ?
+              assert_cookie_absent(target, "samesite_strict_unsupported", value) :
+              assert_cookie_present(target, "samesite_strict_unsupported", value),
+            expectedStatus == SameSiteStatus.CROSS_SITE ?
+              assert_cookie_absent(target, "samesite_unsupported", value) :
+              assert_cookie_present(target, "samesite_unsupported", value)];
           return Promise.all(asserts);
         });
     }, title);
diff --git a/cookies/samesite/setcookie-lax.https.html b/cookies/samesite/setcookie-lax.https.html
index 0c09577373fd9c..f2094af693d649 100644
--- a/cookies/samesite/setcookie-lax.https.html
+++ b/cookies/samesite/setcookie-lax.https.html
@@ -1,7 +1,5 @@
 <!DOCTYPE html>
 <meta charset="utf-8"/>
-<meta name="variant" content="">
-<meta name="variant" content="?legacy-samesite">
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/cookies/resources/cookie-helper.sub.js"></script>
@@ -28,7 +26,7 @@
     assert_dom_cookie("samesite_strict", e.data.value, false);
     assert_dom_cookie("samesite_lax", e.data.value, false);
     assert_dom_cookie("samesite_none", e.data.value, true);
-    assert_dom_cookie("samesite_unspecified", e.data.value, isLegacySameSite());
+    assert_dom_cookie("samesite_unspecified", e.data.value, false);
     w.close();
   }, "Cross-site window shouldn't be able to set `SameSite=Lax` or `SameSite=Strict` cookies.");
 </script>
diff --git a/cookies/samesite/setcookie-navigation.https.html b/cookies/samesite/setcookie-navigation.https.html
index 06f9a73a7b4da5..2dbc5526bccae9 100644
--- a/cookies/samesite/setcookie-navigation.https.html
+++ b/cookies/samesite/setcookie-navigation.https.html
@@ -1,8 +1,6 @@
 <!DOCTYPE html>
 <meta charset="utf-8">
 <meta name="timeout" content="long">
-<meta name="variant" content="">
-<meta name="variant" content="?legacy-samesite">
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/cookies/resources/cookie-helper.sub.js"></script>
@@ -64,8 +62,7 @@
       let message = await wait_for_message('FRAME_COOKIES_SET', SECURE_ORIGIN);
       // Check for the proper cookies.
       let samesite_none_cookies = ['samesite_none'];
-      let samesite_cookies = ['samesite_strict', 'samesite_lax'];
-      (isLegacySameSite() ? samesite_none_cookies : samesite_cookies).push('samesite_unspecified');
+      let samesite_cookies = ['samesite_strict', 'samesite_lax', 'samesite_unspecified'];
       assert_cookies_present(message.data.cookies, value, samesite_none_cookies, true);
       assert_cookies_present(message.data.cookies, value, samesite_cookies, !cross_site);
       w.close();
diff --git a/cookies/samesite/window-open-reload.https.html b/cookies/samesite/window-open-reload.https.html
index f21b6a77de5c5b..dc800f853bdba3 100644
--- a/cookies/samesite/window-open-reload.https.html
+++ b/cookies/samesite/window-open-reload.https.html
@@ -1,7 +1,5 @@
 <!DOCTYPE html>
 <meta charset="utf-8"/>
-<meta name="variant" content="">
-<meta name="variant" content="?legacy-samesite">
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/cookies/resources/cookie-helper.sub.js"></script>
@@ -17,7 +15,7 @@
             var reloaded = false;
             var msgHandler = e => {
               try {
-                getSameSiteVerifier()(expectedStatus, value, e.data, DomSameSiteStatus.SAME_SITE);
+                verifySameSiteCookieState(expectedStatus, value, e.data, DomSameSiteStatus.SAME_SITE);
               } catch (e) {
                 reject(e);
               }
diff --git a/cookies/samesite/window-open.https.html b/cookies/samesite/window-open.https.html
index 7ee3ef43abea9b..b460e1a597b2f7 100644
--- a/cookies/samesite/window-open.https.html
+++ b/cookies/samesite/window-open.https.html
@@ -1,8 +1,6 @@
 <!DOCTYPE html>
 <meta charset="utf-8"/>
 <meta name="timeout" content="long">
-<meta name="variant" content="">
-<meta name="variant" content="?legacy-samesite">
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/cookies/resources/cookie-helper.sub.js"></script>
@@ -19,7 +17,7 @@
               window.removeEventListener("message", msgHandler);
               w.close();
               try {
-                getSameSiteVerifier()(expectedStatus, value, e.data, DomSameSiteStatus.SAME_SITE);
+                verifySameSiteCookieState(expectedStatus, value, e.data, DomSameSiteStatus.SAME_SITE);
                 resolve("Popup received the cookie.");
               } catch (e) {
                 reject(e);