From c507b3c5d098620f8dc732a4e510a915cbc4efe8 Mon Sep 17 00:00:00 2001
From: Kunihiko Sakamoto <ksakamoto@chromium.org>
Date: Mon, 4 Apr 2022 20:21:20 -0700
Subject: [PATCH] Remove urn:uuid: URL support in Subresource WebBundles

We are removing old APIs of Subresource Loading with WebBundles. This
patch removes "urn:uuid:" URL support for WebBundles.

Bug: 1257045,1309383
Change-Id: Iadb8f43331ef885fc4a333b27358672293274144
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3560841
Reviewed-by: Hayato Ito <hayato@chromium.org>
Reviewed-by: Takashi Toyoshima <toyoshim@chromium.org>
Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org>
Commit-Queue: Kunihiko Sakamoto <ksakamoto@chromium.org>
Cr-Commit-Position: refs/heads/main@{#988825}
---
 web-bundle/resources/corp.har                 |   6 +--
 web-bundle/resources/generate-test-wbns.sh    |  11 -----
 web-bundle/resources/urn-uuid.har             |  44 -----------------
 web-bundle/resources/wbn/cors/corp.wbn        | Bin 1470 -> 1491 bytes
 web-bundle/resources/wbn/urn-uuid-b1.wbn      | Bin 432 -> 0 bytes
 web-bundle/resources/wbn/urn-uuid.wbn         | Bin 383 -> 0 bytes
 .../link-csp-allowed.https.tentative.html     |  32 -------------
 .../link-csp-blocked.https.tentative.html     |  24 +++-------
 .../script-coep.https.tentative.html          |  18 +++----
 .../script-corp.https.tentative.html          |  14 +++---
 ...cript-resource-timing.https.tentative.html |  10 ++--
 ...ice-worker-controlled.https.tentative.html |  16 +++----
 ...frame-from-web-bundle.https.tentative.html |  36 +-------------
 ...-subresource-load.https.tentative.sub.html |  45 ------------------
 14 files changed, 40 insertions(+), 216 deletions(-)
 delete mode 100644 web-bundle/resources/urn-uuid.har
 delete mode 100644 web-bundle/resources/wbn/urn-uuid-b1.wbn
 delete mode 100644 web-bundle/resources/wbn/urn-uuid.wbn

diff --git a/web-bundle/resources/corp.har b/web-bundle/resources/corp.har
index 59b20da3b0af27..e1b039395780ef 100644
--- a/web-bundle/resources/corp.har
+++ b/web-bundle/resources/corp.har
@@ -69,7 +69,7 @@
       {
         "request": {
           "method": "GET",
-          "url": "urn:uuid:5eafff38-e0a0-4661-bde0-434255aa9d93",
+          "url": "uuid-in-package:5eafff38-e0a0-4661-bde0-434255aa9d93",
           "headers": []
         },
         "response": {
@@ -88,7 +88,7 @@
       {
         "request": {
           "method": "GET",
-          "url": "urn:uuid:7e13b47a-8b91-4a0e-997c-993a5e2f3a34",
+          "url": "uuid-in-package:7e13b47a-8b91-4a0e-997c-993a5e2f3a34",
           "headers": []
         },
         "response": {
@@ -111,7 +111,7 @@
       {
         "request": {
           "method": "GET",
-          "url": "urn:uuid:86d5b696-8867-4454-8b07-51239a0817f7",
+          "url": "uuid-in-package:86d5b696-8867-4454-8b07-51239a0817f7",
           "headers": []
         },
         "response": {
diff --git a/web-bundle/resources/generate-test-wbns.sh b/web-bundle/resources/generate-test-wbns.sh
index f80a26559393c9..529b3cccfb8ba8 100755
--- a/web-bundle/resources/generate-test-wbns.sh
+++ b/web-bundle/resources/generate-test-wbns.sh
@@ -65,12 +65,6 @@ gen-bundle \
   -dir nested/ \
   -o wbn/nested-main.wbn
 
-gen-bundle \
-  -version b1 \
-  -har urn-uuid.har \
-  -primaryURL urn:uuid:020111b3-437a-4c5c-ae07-adb6bbffb720 \
-  -o wbn/urn-uuid-b1.wbn
-
 gen-bundle \
   -version b1 \
   -har cross-origin.har \
@@ -137,11 +131,6 @@ gen-bundle \
   -dir path-restriction/ \
   -o wbn/path-restriction.wbn
 
-gen-bundle \
-  -version b2 \
-  -har urn-uuid.har \
-  -o wbn/urn-uuid.wbn
-
 gen-bundle \
   -version b2 \
   -har cross-origin.har \
diff --git a/web-bundle/resources/urn-uuid.har b/web-bundle/resources/urn-uuid.har
deleted file mode 100644
index 1708a8917b6c0c..00000000000000
--- a/web-bundle/resources/urn-uuid.har
+++ /dev/null
@@ -1,44 +0,0 @@
-{
-  "log": {
-    "entries": [
-      {
-        "request": {
-          "method": "GET",
-          "url": "urn:uuid:020111b3-437a-4c5c-ae07-adb6bbffb720",
-          "headers": []
-        },
-        "response": {
-          "status": 200,
-          "headers": [
-            {
-              "name": "Content-type",
-              "value": "application/javascript"
-            }
-          ],
-          "content": {
-            "text": "window.report_result('OK');"
-          }
-        }
-      },
-      {
-        "request": {
-          "method": "GET",
-          "url": "urn:uuid:429fcc4e-0696-4bad-b099-ee9175f023ae",
-          "headers": []
-        },
-        "response": {
-          "status": 200,
-          "headers": [
-            {
-              "name": "Content-type",
-              "value": "text/html"
-            }
-          ],
-          "content": {
-            "text": "<script>\nwindow.addEventListener('message', (e) =>{e.source.postMessage(eval(e.data), e.origin);});\n</script>"
-          }
-        }
-      }
-    ]
-  }
-}
diff --git a/web-bundle/resources/wbn/cors/corp.wbn b/web-bundle/resources/wbn/cors/corp.wbn
index 6679b0bf5c72fe07fd33f48131d580a0228f3582..08ee4bc80a1ef5f7da9c1dd078e6ec017fc35b5e 100644
GIT binary patch
delta 74
ycmdnTeVKcL6yt%3(ozB@rKOoEx|w;p1&PVoiRq~m?Q}53iZR7Dt`KEqybJ)x;Tkgl

delta 53
rcmcc2y^ni>6yxfN(o&qdrA2vGrKOoE6J2$XIE_f0jeA8|8TSDI@O=`$

diff --git a/web-bundle/resources/wbn/urn-uuid-b1.wbn b/web-bundle/resources/wbn/urn-uuid-b1.wbn
deleted file mode 100644
index 3255787c1c578b901f1311014271540beadc291a..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 432
zcmb7;F-yZh9L3wUpCI7UK}Z6<^pd6xX=^E{Sg|4sN;bJm{;5~mT)4Zm6>&+$$w3fY
z3mu&OSdRS&2HU~K!M8r%@BN+!o7KzfX7%=QMD0>(fijV_vy4S;>|oorX#=?pk03W}
zhKK<65Q%7u(m1A`gRh@}B@ryNF%uwDo=A||SHAuyX4x-mm%lcy<Hup>0>Ul7g<MJ^
zM6vH90N?hSF?JdRmVNC?d(ZR0UZ1q3A}W)I4#vZfCkhgU)O`v!BuytQB#QB*J|;6F
zL%~uN?9B^nKDPv<T&UYZJ)0;)zc|y)P9E(44Lnt_Q1v@CodnbF7S^lmU?hr;XT|f7
z$wB~xp-(|dG6KC;HNdPM^d7*HJQE>UDVOSe+Zr$<69cS>C}P&CU~$1lEHOKeW~b7v
M?@k7#pOinp0aVJ9J^%m!

diff --git a/web-bundle/resources/wbn/urn-uuid.wbn b/web-bundle/resources/wbn/urn-uuid.wbn
deleted file mode 100644
index 643fa8a52a875a2cfbe4f6e42107b248852580e2..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 383
zcmZ{eF-yZh9L3w!PY`hFAS8iadP&oUw6%+h6)U2kWRttgKkZ4H3wM{cA|eFc90b9&
z(815<*pFba9bA0t<Ne<6b+lQ%y>C_@U&qv|)oxyZXE7{|DVLyfkttBdce!4oLT0_9
z;BgOo*mYgnMt(aW$Y&jf2;cybn06^m5*m28tQ%K<CcYOYjQN0YH|!#xk{D4Oh6o^Z
zgHD3IHi6Q(Ha^QTa@VIlrHL-ok%#e^iA+PLk$%YGmgITL8PQy1t$Q*jib<a9Xn#>T
zi-jX07gFC<;zg=0^YYxZ`(<?SKk!V$Qn#jhmPWI|7B<}5!AKmR%&X@ySCs%r%bbBy
zWCCWhVS(K^96o}hL?IbCxlsCI+gdOusRd3<G_jivaD?O&p4t5;yT3PR?M_Cu-_)Of
E0M}!Lvj6}9

diff --git a/web-bundle/subresource-loading/link-csp-allowed.https.tentative.html b/web-bundle/subresource-loading/link-csp-allowed.https.tentative.html
index d0034b22eefb19..f7c726b2b8bbb4 100644
--- a/web-bundle/subresource-loading/link-csp-allowed.https.tentative.html
+++ b/web-bundle/subresource-loading/link-csp-allowed.https.tentative.html
@@ -8,7 +8,6 @@
   http-equiv="Content-Security-Policy"
   content="
     script-src
-      https://web-platform.test:8444/web-bundle/resources/wbn/urn-uuid.wbn
       https://web-platform.test:8444/web-bundle/resources/wbn/uuid-in-package.wbn
       https://web-platform.test:8444/resources/testharness.js
       https://web-platform.test:8444/resources/testharnessreport.js
@@ -16,7 +15,6 @@
     img-src
       https://web-platform.test:8444/web-bundle/resources/wbn/pass.png;
     frame-src
-      https://web-platform.test:8444/web-bundle/resources/wbn/urn-uuid.wbn
       https://web-platform.test:8444/web-bundle/resources/wbn/uuid-in-package.wbn"
 >
 <script src="/resources/testharness.js"></script>
@@ -24,9 +22,6 @@
 <body>
 <link rel="webbundle" href="../resources/wbn/subresource.wbn"
       resources="https://web-platform.test:8444/web-bundle/resources/wbn/pass.png" />
-<link rel="webbundle" href="../resources/wbn/urn-uuid.wbn"
-      resources="urn:uuid:020111b3-437a-4c5c-ae07-adb6bbffb720
-                 urn:uuid:429fcc4e-0696-4bad-b099-ee9175f023ae" />
 <link rel="webbundle" href="../resources/wbn/uuid-in-package.wbn"
       resources="uuid-in-package:020111b3-437a-4c5c-ae07-adb6bbffb720
                  uuid-in-package:429fcc4e-0696-4bad-b099-ee9175f023ae" />
@@ -42,18 +37,6 @@
   }, 'URL matching of CSP should be done based on the subresource URL ' +
      'when the subresource URL is HTTPS URL.');
 
-  promise_test(async () => {
-    const result = await new Promise((resolve) => {
-      // This function will be called from the script.
-      window.report_result = resolve;
-      const script = document.createElement('script');
-      script.src = 'urn:uuid:020111b3-437a-4c5c-ae07-adb6bbffb720';
-      document.body.appendChild(script);
-    });
-    assert_equals(result, 'OK');
-  }, 'URL matching of script-src CSP should be done based on the bundle URL ' +
-     'when the subresource URL is urn:uuid URL.');
-
   promise_test(async () => {
     const result = await new Promise((resolve) => {
       // This function will be called from the script.
@@ -66,21 +49,6 @@
   }, 'URL matching of script-src CSP should be done based on the bundle URL ' +
      'when the subresource URL is uuid-in-package: URL.');
 
-  promise_test(async () => {
-    const frame_url = 'urn:uuid:429fcc4e-0696-4bad-b099-ee9175f023ae';
-    const iframe = document.createElement('iframe');
-    iframe.src = frame_url;
-    const load_promise = new Promise((resolve) => {
-      iframe.addEventListener('load', resolve);
-    });
-    document.body.appendChild(iframe);
-    await load_promise;
-    assert_equals(
-        await evalInIframe(iframe, 'location.href'),
-        frame_url);
-  }, 'URL matching of frame-src CSP should be done based on the bundle URL ' +
-     'when the frame URL is urn:uuid URL.');
-
   promise_test(async () => {
     const frame_url = 'uuid-in-package:429fcc4e-0696-4bad-b099-ee9175f023ae';
     const iframe = document.createElement('iframe');
diff --git a/web-bundle/subresource-loading/link-csp-blocked.https.tentative.html b/web-bundle/subresource-loading/link-csp-blocked.https.tentative.html
index 37cc4ea30e8c18..a6cb5af1cdc7cc 100644
--- a/web-bundle/subresource-loading/link-csp-blocked.https.tentative.html
+++ b/web-bundle/subresource-loading/link-csp-blocked.https.tentative.html
@@ -24,14 +24,10 @@
 <body>
 <link rel="webbundle" href="../resources/wbn/subresource.wbn"
       resources="https://web-platform.test:8444/web-bundle/resources/wbn/fail.png" />
-<link rel="webbundle" href="../resources/wbn/urn-uuid.wbn"
-      resources="urn:uuid:020111b3-437a-4c5c-ae07-adb6bbffb720
-                 urn:uuid:429fcc4e-0696-4bad-b099-ee9175f023ae" />
 <link rel="webbundle" href="../resources/wbn/uuid-in-package.wbn"
       resources="uuid-in-package:020111b3-437a-4c5c-ae07-adb6bbffb720
                  uuid-in-package:429fcc4e-0696-4bad-b099-ee9175f023ae" />
 <script>
-  const urn_bundle_url = 'https://web-platform.test:8444/web-bundle/resources/wbn/urn-uuid.wbn';
   const uuid_bundle_url = 'https://web-platform.test:8444/web-bundle/resources/wbn/uuid-in-package.wbn';
 
   function expect_violation() {
@@ -76,10 +72,6 @@
      'not on the bundle URL, when the subresource URL is HTTPS URL.');
 
   const testCases = [
-    {
-      prefix: 'urn:uuid:',
-      bundle_url: urn_bundle_url
-    },
     {
       prefix: 'uuid-in-package:',
       bundle_url: uuid_bundle_url
@@ -137,22 +129,18 @@
     const reports = await (await fetch(retrieve_report_url)).json();
     sortReportsByEffectiveDirective(reports);
 
-    assert_equals(reports.length, 5, "Report count.");
+    assert_equals(reports.length, 3, "Report count.");
 
-    assert_equals(reports[0].body.blockedURL, urn_bundle_url);
+    assert_equals(reports[0].body.blockedURL, uuid_bundle_url);
     assert_equals(reports[0].body.effectiveDirective, 'frame-src');
-    assert_equals(reports[1].body.blockedURL, uuid_bundle_url);
-    assert_equals(reports[1].body.effectiveDirective, 'frame-src');
 
     assert_equals(
-      reports[2].body.blockedURL,
+      reports[1].body.blockedURL,
       'https://web-platform.test:8444/web-bundle/resources/wbn/fail.png');
-    assert_equals(reports[2].body.effectiveDirective, 'img-src',);
+    assert_equals(reports[1].body.effectiveDirective, 'img-src',);
 
-    assert_equals(reports[3].body.blockedURL, urn_bundle_url);
-    assert_equals(reports[3].body.effectiveDirective, 'script-src-elem');
-    assert_equals(reports[4].body.blockedURL, uuid_bundle_url);
-    assert_equals(reports[4].body.effectiveDirective, 'script-src-elem');
+    assert_equals(reports[2].body.blockedURL, uuid_bundle_url);
+    assert_equals(reports[2].body.effectiveDirective, 'script-src-elem');
   }, 'Check the CSP violation reports.');
 </script>
 </body>
diff --git a/web-bundle/subresource-loading/script-coep.https.tentative.html b/web-bundle/subresource-loading/script-coep.https.tentative.html
index 3bf61e4814b24d..4029fc6f815eb9 100644
--- a/web-bundle/subresource-loading/script-coep.https.tentative.html
+++ b/web-bundle/subresource-loading/script-coep.https.tentative.html
@@ -33,9 +33,9 @@
         "https://www1.web-platform.test:8444/web-bundle/resources/wbn/cors/no-corp.js",
         "https://www1.web-platform.test:8444/web-bundle/resources/wbn/cors/corp-same-origin.js",
         "https://www1.web-platform.test:8444/web-bundle/resources/wbn/cors/corp-cross-origin.js",
-        "urn:uuid:5eafff38-e0a0-4661-bde0-434255aa9d93",
-        "urn:uuid:7e13b47a-8b91-4a0e-997c-993a5e2f3a34",
-        "urn:uuid:86d5b696-8867-4454-8b07-51239a0817f7"
+        "uuid-in-package:5eafff38-e0a0-4661-bde0-434255aa9d93",
+        "uuid-in-package:7e13b47a-8b91-4a0e-997c-993a5e2f3a34",
+        "uuid-in-package:86d5b696-8867-4454-8b07-51239a0817f7"
       ]
     }
   </script>
@@ -64,11 +64,11 @@
 
     const prefix =
       "https://www1.web-platform.test:8444/web-bundle/resources/wbn/cors/";
-    const no_corp_url = "urn:uuid:5eafff38-e0a0-4661-bde0-434255aa9d93";
+    const no_corp_url = "uuid-in-package:5eafff38-e0a0-4661-bde0-434255aa9d93";
     const corp_same_origin_url =
-      "urn:uuid:7e13b47a-8b91-4a0e-997c-993a5e2f3a34";
+      "uuid-in-package:7e13b47a-8b91-4a0e-997c-993a5e2f3a34";
     const corp_cross_origin_url =
-      "urn:uuid:86d5b696-8867-4454-8b07-51239a0817f7";
+      "uuid-in-package:86d5b696-8867-4454-8b07-51239a0817f7";
 
     promise_test(async () => {
       const report = await expectCOEPReport(async () => {
@@ -99,7 +99,7 @@
       assert_equals(report.body.type, "corp");
       assert_equals(report.body.disposition, "enforce");
       assert_equals(report.body.destination, "iframe");
-    }, "Urn:uuid iframe without Cross-Origin-Resource-Policy: header should be blocked and generate a report.");
+    }, "uuid-in-package iframe without Cross-Origin-Resource-Policy: header should be blocked and generate a report.");
 
     promise_test(async () => {
       const report = await expectCOEPReport(async () => {
@@ -112,7 +112,7 @@
       assert_equals(report.body.type, "corp");
       assert_equals(report.body.disposition, "enforce");
       assert_equals(report.body.destination, "iframe");
-    }, "Urn:uuid iframe with Cross-Origin-Resource-Policy: same-origin should be blocked and generate a report.");
+    }, "uuid-in-package iframe with Cross-Origin-Resource-Policy: same-origin should be blocked and generate a report.");
 
     promise_test(async () => {
       const iframe = document.createElement("iframe");
@@ -122,6 +122,6 @@
         await evalInIframe(iframe, "location.href"),
         corp_cross_origin_url
       );
-    }, "Urn:uuid iframe with Cross-Origin-Resource-Policy: cross-origin should not be blocked.");
+    }, "uuid-in-package iframe with Cross-Origin-Resource-Policy: cross-origin should not be blocked.");
   </script>
 </body>
diff --git a/web-bundle/subresource-loading/script-corp.https.tentative.html b/web-bundle/subresource-loading/script-corp.https.tentative.html
index 594be9aa43fb5d..ce18544b0bd8ee 100644
--- a/web-bundle/subresource-loading/script-corp.https.tentative.html
+++ b/web-bundle/subresource-loading/script-corp.https.tentative.html
@@ -33,9 +33,9 @@
         "https://www1.web-platform.test:8444/web-bundle/resources/wbn/cors/no-corp.js",
         "https://www1.web-platform.test:8444/web-bundle/resources/wbn/cors/corp-same-origin.js",
         "https://www1.web-platform.test:8444/web-bundle/resources/wbn/cors/corp-cross-origin.js",
-        "urn:uuid:5eafff38-e0a0-4661-bde0-434255aa9d93",
-        "urn:uuid:7e13b47a-8b91-4a0e-997c-993a5e2f3a34",
-        "urn:uuid:86d5b696-8867-4454-8b07-51239a0817f7"
+        "uuid-in-package:5eafff38-e0a0-4661-bde0-434255aa9d93",
+        "uuid-in-package:7e13b47a-8b91-4a0e-997c-993a5e2f3a34",
+        "uuid-in-package:86d5b696-8867-4454-8b07-51239a0817f7"
       ]
     }
   </script>
@@ -53,15 +53,15 @@
     }, "Subresource loading from WebBundles should respect Cross-Origin-Resource-Policy header.");
 
     promise_test(async () => {
-      const no_corp_url = "urn:uuid:5eafff38-e0a0-4661-bde0-434255aa9d93";
+      const no_corp_url = "uuid-in-package:5eafff38-e0a0-4661-bde0-434255aa9d93";
       const corp_same_origin_url =
-        "urn:uuid:7e13b47a-8b91-4a0e-997c-993a5e2f3a34";
+        "uuid-in-package:7e13b47a-8b91-4a0e-997c-993a5e2f3a34";
       const corp_cross_origin_url =
-        "urn:uuid:86d5b696-8867-4454-8b07-51239a0817f7";
+        "uuid-in-package:86d5b696-8867-4454-8b07-51239a0817f7";
       await iframeLocationTest(no_corp_url);
       await iframeLocationTest(corp_same_origin_url);
       await iframeLocationTest(corp_cross_origin_url);
-    }, "Urn:uuid iframes should not be blocked regardless of the Cross-Origin-Resource-Policy header, if Cross-Origin-Embedder-Policy is not set.");
+    }, "uuid-in-package iframes should not be blocked regardless of the Cross-Origin-Resource-Policy header, if Cross-Origin-Embedder-Policy is not set.");
 
     async function iframeLocationTest(url) {
       const iframe = document.createElement("iframe");
diff --git a/web-bundle/subresource-loading/script-resource-timing.https.tentative.html b/web-bundle/subresource-loading/script-resource-timing.https.tentative.html
index 101444a6f427f3..a2fe38de0f6206 100644
--- a/web-bundle/subresource-loading/script-resource-timing.https.tentative.html
+++ b/web-bundle/subresource-loading/script-resource-timing.https.tentative.html
@@ -1,6 +1,6 @@
 <!DOCTYPE html>
 <meta charset="utf-8" />
-<title>Resource timing entries present for urn:uuid resources</title>
+<title>Resource timing entries present for uuid-in-package resources</title>
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="../resources/test-helpers.js"></script>
@@ -11,10 +11,10 @@
     });
 
     promise_test(async (t) => {
-      const frame_id = "urn:uuid:429fcc4e-0696-4bad-b099-ee9175f023ae";
-      const script_id = "urn:uuid:020111b3-437a-4c5c-ae07-adb6bbffb720";
+      const frame_id = "uuid-in-package:429fcc4e-0696-4bad-b099-ee9175f023ae";
+      const script_id = "uuid-in-package:020111b3-437a-4c5c-ae07-adb6bbffb720";
       const element = createWebBundleElement(
-        "../resources/wbn/urn-uuid.wbn",
+        "../resources/wbn/uuid-in-package.wbn",
         /*resources=*/ [frame_id, script_id]
       );
       document.body.appendChild(element);
@@ -50,6 +50,6 @@
       script.src = script_id;
       document.body.appendChild(script);
       return promise;
-    }, "Each urn:uuid resource should have exactly 1 ResourceTiming entry.");
+    }, "Each uuid-in-package resource should have exactly 1 ResourceTiming entry.");
   </script>
 </body>
diff --git a/web-bundle/subresource-loading/script-service-worker-controlled.https.tentative.html b/web-bundle/subresource-loading/script-service-worker-controlled.https.tentative.html
index 56901a8beac02a..d5c2a06837163d 100644
--- a/web-bundle/subresource-loading/script-service-worker-controlled.https.tentative.html
+++ b/web-bundle/subresource-loading/script-service-worker-controlled.https.tentative.html
@@ -73,11 +73,11 @@
       assert_array_equals(await getRequestedUrls(worker), [iframe_url]);
 
       // Add a web bundle element in the service worker controlled iframe.
-      const frame_id = "urn:uuid:429fcc4e-0696-4bad-b099-ee9175f023ae";
-      const script_id = "urn:uuid:020111b3-437a-4c5c-ae07-adb6bbffb720";
+      const frame_id = "uuid-in-package:429fcc4e-0696-4bad-b099-ee9175f023ae";
+      const script_id = "uuid-in-package:020111b3-437a-4c5c-ae07-adb6bbffb720";
 
       const element = createWebBundleElement(
-        "../../resources/wbn/urn-uuid.wbn",
+        "../../resources/wbn/uuid-in-package.wbn",
         /*resources=*/ [frame_id, script_id]
       );
 
@@ -91,8 +91,8 @@
       // The web bundle request should not be intercepted by the service worker.
       assert_array_equals(await getRequestedUrls(worker), []);
 
-      // Add an urn uuid URL script element in the service worker controlled
-      // iframe.
+      // Add a uuid-in-package URL script element in the service worker
+      // controlled iframe.
       const result_promise = new Promise((resolve) => {
         // window.report_result() method will be called by the injected script.
         iframe.contentWindow.report_result = resolve;
@@ -105,7 +105,7 @@
       // service worker.
       assert_array_equals(await getRequestedUrls(worker), []);
 
-      // Add an urn uuid URL iframe element in the service worker controlled
+      // Add a uuid-in-package URL iframe element in the service worker controlled
       // iframe.
       const inner_iframe = iframe.contentDocument.createElement("iframe");
       inner_iframe.src = frame_id;
@@ -120,7 +120,7 @@
       // worker.
       assert_array_equals(await getRequestedUrls(worker), []);
 
-      // Check if the urn uuid URL iframe element is loaded correctly.
+      // Check if the uuid-in-package URL iframe element is loaded correctly.
       const message_promise = new Promise((resolve) => {
         window.addEventListener(
           "message",
@@ -130,7 +130,7 @@
           { once: true }
         );
       });
-      // location.href is evaluated in the urn uuid URL iframe element.
+      // location.href is evaluated in the uuid-in-package URL iframe element.
       inner_iframe.contentWindow.postMessage("location.href", "*");
       assert_equals(await message_promise, frame_id);
     }, "Both Web Bundle request and Subresource fetch requests inside the Web " + "Bundle should skip the service worker.");
diff --git a/web-bundle/subresource-loading/script-subframe-from-web-bundle.https.tentative.html b/web-bundle/subresource-loading/script-subframe-from-web-bundle.https.tentative.html
index 36242f44f5f4d1..9e08ccdd29c43a 100644
--- a/web-bundle/subresource-loading/script-subframe-from-web-bundle.https.tentative.html
+++ b/web-bundle/subresource-loading/script-subframe-from-web-bundle.https.tentative.html
@@ -13,21 +13,6 @@
       assert_true(HTMLScriptElement.supports("webbundle"));
     });
 
-    promise_test(async (t) => {
-      const bundle_url = "../resources/wbn/urn-uuid.wbn";
-      const frame_url = "urn:uuid:429fcc4e-0696-4bad-b099-ee9175f023ae";
-      const iframe = await createWebBundleElementAndIframe(
-        t,
-        bundle_url,
-        frame_url
-      );
-      // The iframe is cross-origin. So accessing iframe.contentWindow.location
-      // should throw a SecurityError.
-      assert_throws_dom("SecurityError", () => {
-        iframe.contentWindow.location.href;
-      });
-    }, "The urn:uuid URL iframe must be cross-origin.");
-
     promise_test(async (t) => {
       const bundle_url = "../resources/wbn/uuid-in-package.wbn";
       const frame_url = "uuid-in-package:429fcc4e-0696-4bad-b099-ee9175f023ae";
@@ -45,10 +30,7 @@
 
     uuid_iframe_test(
       "location.href",
-      [
-        "urn:uuid:429fcc4e-0696-4bad-b099-ee9175f023ae",
-        "uuid-in-package:429fcc4e-0696-4bad-b099-ee9175f023ae",
-      ],
+      "uuid-in-package:429fcc4e-0696-4bad-b099-ee9175f023ae",
       "location.href in opaque-origin iframe."
     );
 
@@ -119,20 +101,6 @@
     );
 
     function uuid_iframe_test(code, expected, name) {
-      if (!Array.isArray(expected)) {
-        expected = [expected, expected];
-      }
-      promise_test(async (t) => {
-        const bundle_url = "../resources/wbn/urn-uuid.wbn";
-        const frame_url = "urn:uuid:429fcc4e-0696-4bad-b099-ee9175f023ae";
-        const iframe = await createWebBundleElementAndIframe(
-          t,
-          bundle_url,
-          frame_url
-        );
-        assert_equals(await evalInIframe(iframe, code), expected[0]);
-      }, name + "(urn:uuid)");
-
       promise_test(async (t) => {
         const bundle_url = "../resources/wbn/uuid-in-package.wbn";
         const frame_url =
@@ -142,7 +110,7 @@
           bundle_url,
           frame_url
         );
-        assert_equals(await evalInIframe(iframe, code), expected[1]);
+        assert_equals(await evalInIframe(iframe, code), expected);
       }, name + "uuid-in-package");
     }
 
diff --git a/web-bundle/subresource-loading/script-subresource-load.https.tentative.sub.html b/web-bundle/subresource-loading/script-subresource-load.https.tentative.sub.html
index 5093905420d099..b00ff1194c272c 100644
--- a/web-bundle/subresource-loading/script-subresource-load.https.tentative.sub.html
+++ b/web-bundle/subresource-loading/script-subresource-load.https.tentative.sub.html
@@ -305,51 +305,6 @@
       assert_equals(module.result, "resource1 from network");
     }, "Subresource URL must be same-origin with bundle URL (for 'b1' bundles too)");
 
-    promise_test(async () => {
-      const url = "urn:uuid:020111b3-437a-4c5c-ae07-adb6bbffb720";
-      const element = createWebBundleElement("../resources/wbn/urn-uuid.wbn", [
-        url,
-      ]);
-      document.body.appendChild(element);
-      assert_equals(await loadScriptAndWaitReport(url), "OK");
-      document.body.removeChild(element);
-    }, "Subresource loading with urn:uuid: URL with resources attribute");
-
-    promise_test(async () => {
-      const url = "urn:uuid:020111b3-437a-4c5c-ae07-adb6bbffb720";
-      const element = createWebBundleElement(
-        "../resources/wbn/urn-uuid.wbn",
-        [],
-        { scopes: ["urn:uuid:"] }
-      );
-      document.body.appendChild(element);
-      assert_equals(await loadScriptAndWaitReport(url), "OK");
-      document.body.removeChild(element);
-    }, "Subresource loading with urn:uuid: URL with scopes attribute");
-
-    promise_test(async () => {
-      const url = "urn:uuid:020111b3-437a-4c5c-ae07-adb6bbffb720";
-      const element = createWebBundleElement(
-        "../resources/wbn/urn-uuid-b1.wbn",
-        [url]
-      );
-      document.body.appendChild(element);
-      assert_equals(await loadScriptAndWaitReport(url), "OK");
-      document.body.removeChild(element);
-    }, "Subresource loading with urn:uuid: URL of a 'b1' bundle with resources attribute");
-
-    promise_test(async () => {
-      const url = "urn:uuid:020111b3-437a-4c5c-ae07-adb6bbffb720";
-      const element = createWebBundleElement(
-        "../resources/wbn/urn-uuid-b1.wbn",
-        [],
-        { scopes: ["urn:uuid:"] }
-      );
-      document.body.appendChild(element);
-      assert_equals(await loadScriptAndWaitReport(url), "OK");
-      document.body.removeChild(element);
-    }, "Subresource loading with urn:uuid: URL of a 'b1' bundle with scopes attribute");
-
     promise_test(async () => {
       const url = "uuid-in-package:020111b3-437a-4c5c-ae07-adb6bbffb720";
       const element = createWebBundleElement(