commit 74a7fb2fa4307c69812945586b39018ae4f231b2
author kinuko <kinuko@chromium.org> Fri Jun 09 03:50:22 2017
committer Commit Bot <commit-bot@chromium.org> Fri Jun 09 03:50:22 2017
tree 45e6184f328d53c465752009b60003a79774b9e8
parent 74db9eb407f16d82c478a2adfe293f861725ba5b

Remove dup'ed code for RequestorOrigin and FirstPartyCookie

- Remove RequestorOrigin and FirstPartyCookie code in RenderFrameImpl
  (except for PlzNavigate's main frame resource case)
- Most of the code now lives in FrameFetchContext
- Also fix TODO to initialize ResourceRequest::RequestorOrigin with null

Some implementation notes:

Before this change, the logic was like:
1. When ResourceFetcher populates an initial resource request
   FetchContext::SetFirstPartyCookieAndRequestorOrigin was called in
   PopulateResourceRequest, and this used to do:

  if (!GetDocument())
    return;

  if (request.FirstPartyForCookies().IsNull()) {
    request.SetFirstPartyForCookies(
        GetDocument() ? GetDocument()->FirstPartyForCookies()  // [A]
                      : SecurityOrigin::UrlWithUniqueSecurityOrigin());  // [B]
  }

  if (request.GetFrameType() == WebURLRequest::kFrameTypeNone &&
      request.RequestorOrigin()->IsUnique()) {
    request.SetRequestorOrigin(GetDocument()->IsSandboxed(kSandboxOrigin)
                                   ? SecurityOrigin::Create(document_->Url()) // [a]
                                   : document_->GetSecurityOrigin()); // [b]
  }

2. After that, FrameFetchContext::WillSendRequest does:

  if (request.FirstPartyForCookies().IsEmpty()) {
    if (request.GetFrameType() == blink::WebURLRequest::kFrameTypeTopLevel)
      request.SetFirstPartyForCookies(request.Url());  // [C]
    else
      request.SetFirstPartyForCookies(
          frame_->GetDocument().FirstPartyForCookies());  // [D]
  }

  WebDocument frame_document = frame_->GetDocument();
  if (request.RequestorOrigin().IsUnique() &&
      !frame_document.GetSecurityOrigin().IsUnique()) {
    request.SetRequestorOrigin(frame_document.GetSecurityOrigin()); // [c]
  }

  This logic is also called on redirects.

  Note that:
  - [B] case is invalid as we return null-document case
  - [C],[D],[c] happens only if document is null, and for initial
    top-level frame request case this is always the case
  - Therefore: [A][C][D] are the valid cases for first-party-cookie,
    and [a][b][c] are for requestor-origin

After this change, FrameFetchContext::WillSendRequest does:

  if (request.FirstPartyForCookies().IsNull()) {
    if (request.GetFrameType() == WebURLRequest::kFrameTypeTopLevel) {
      request.SetFirstPartyForCookies(request.Url());  // == [C] (document is null)
    } else {
      Document* document =
          GetDocument() ? GetDocument() : GetFrame()->GetDocument();
      request.SetFirstPartyForCookies(document->FirstPartyForCookies()); // == [A][D]
    }
  }

  if (!request.RequestorOrigin()) {
    if (request.GetFrameType() == WebURLRequest::kFrameTypeNone) {
      Document* document = GetDocument();
      request.SetRequestorOrigin(document->IsSandboxed(kSandboxOrigin)
                                     ? SecurityOrigin::Create(document->Url()) // [a]
                                     : document->GetSecurityOrigin());  // [b]
    } else {
      request.SetRequestorOrigin(
          GetFrame()->GetDocument()->GetSecurityOrigin()); // [c]
    }
  }

BUG=671533, 625969

Review-Url: https://codereview.chromium.org/2918653004
Cr-Commit-Position: refs/heads/master@{#478191}