Update Storage Access API Logic & E2E Tests

This change updates the logic used in the Blink document for document.hasStorageAccess and document.requestStorageAccess. Gates have been added to ensure the proper restrictions such as having a non-opaque origin, sandbox token (if applicable), as well as ensuring that hasStorageAccess reflects the actual state of storage access on the page. Additionally defense in depth logic checks have been added in StorageAccessGrantPermissionContext to shortcut if we get a request for a scenario no grant would be needed. Some additional cleanup is included with this change to remove the temporary usage of CONTENT_SETTING_SESSION in StorageAccessGrantPermissionContext and to ensure all content settings updates will propagate to the network service. A follow up change will ensure this does not result in duplicate updates when we perform our initial update. Browser tests have been added to validate end to end functionality. Bug: 989663 Change-Id: I09fdc115a30a71e341961b385a2e2e05fd161536 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2194905 Reviewed-by: Maksim Orlovich <morlovich@chromium.org> Reviewed-by: Christian Dullweber <dullweber@chromium.org> Reviewed-by: Mike West <mkwst@chromium.org> Reviewed-by: Theresa <twellington@chromium.org> Reviewed-by: Balazs Engedy <engedy@chromium.org> Commit-Queue: Brandon Maslen <brandm@microsoft.com> Cr-Commit-Position: refs/heads/master@{#769847}
web-platform-tests · May 18, 2020 · 619f6fa · 619f6fa
1 parent 70abf62
commit 619f6fa
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/storage-access-api/hasStorageAccess.sub.window.js b/storage-access-api/hasStorageAccess.sub.window.js
@@ -55,13 +55,13 @@ if (topLevelDocument) {
   RunTestsInIFrame("hasStorageAccess.sub.window.html?testCase=same-origin-frame&rootdocument=false");
 
   // Create a test with a single-child cross-origin iframe.
-  RunTestsInIFrame("http://{{domains[www]}}:{{ports[http][0]}}/storage-access-api/hasStorageAccess.sub.window.html?testCase=cross-origin-frame&allowed=false&rootdocument=false");
+  RunTestsInIFrame("http://{{domains[www]}}:{{ports[http][0]}}/storage-access-api/hasStorageAccess.sub.window.html?testCase=cross-origin-frame&rootdocument=false");
 
   // Validate the nested-iframe scenario where the same-origin frame containing
   // the tests is not the first child.
   RunTestsInNestedIFrame("hasStorageAccess.sub.window.html?testCase=nested-same-origin-frame&rootdocument=false");
 
   // Validate the nested-iframe scenario where the cross-origin frame containing
   //  the tests is not the first child.
-  RunTestsInNestedIFrame("http://{{domains[www]}}:{{ports[http][0]}}/storage-access-api/hasStorageAccess.sub.window.html?testCase=nested-cross-origin-frame&allowed=false&rootdocument=false");
+  RunTestsInNestedIFrame("http://{{domains[www]}}:{{ports[http][0]}}/storage-access-api/hasStorageAccess.sub.window.html?testCase=nested-cross-origin-frame&rootdocument=false");
 }