[Credentialless]: WPT vs CacheStorage.

Add tentative WPT tests about COEP and CacheStorage.

Issues:
- COEP:require-corp: w3c/ServiceWorker#1490
- COEP:credentialless: w3c/ServiceWorker#1592

Bug: 1175099
Change-Id: I857adbd134443b17b9689c314307bb1e3888235b
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2876191
Commit-Queue: Arthur Sonzogni <[email protected]>
Reviewed-by: Antonio Sartori <[email protected]>
Reviewed-by: Camille Lamy <[email protected]>
Cr-Commit-Position: refs/heads/master@{#880447}

html/cross-origin-embedder-policy/credentialless/cache-storage.tentative.https.html

@@ -0,0 +1,86 @@
+<meta name="timeout" content="long">
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="/common/utils.js"></script>
+<script src="./resources/common.js"></script>
+<script src="./resources/dispatcher.js"></script>
+<script>
+
+// Fetch a resource and store it into CacheStorage from |storer| context. Then
+// check if it can be retrieved via CacheStorage.match from |retriever| context.
+const cacheStorageTest = (
+  description,
+  storer,
+  retriever,
+  resource_headers,
+  expectation
+) => {
+  promise_test_parallel(async test => {
+    const cross_origin = get_host_info().HTTPS_REMOTE_ORIGIN;
+    const url = cross_origin + "/common/square.png?pipe=" + resource_headers +
+      `&${token()}`;
+    const this_token = token();
+
+    // Fetch a request from |stored|. Store the opaque response into
+    // CacheStorage.
+    send(storer, `
+      const cache = await caches.open("v1");
+      const fetch_request = new Request("${url}", {mode: 'no-cors'});
+      const fetch_response = await fetch(fetch_request);
+      await cache.put(fetch_request, fetch_response);
+      send("${this_token}", "stored");
+    `);
+    assert_equals(await receive(this_token), "stored");
+
+    // Retrieved it from |retriever|.
+    send(retriever, `
+      const cache = await caches.open("v1");
+      try {
+        const response = await cache.match("${url}");
+        send("${this_token}", "retrieved");
+      } catch (error) {
+        send("${this_token}", "error");
+      }
+    `);
+    assert_equals(await receive(this_token), expectation);
+  }, description);
+};
+
+// Execute the same set of tests for every type of execution contexts:
+// Documents, DedicatedWorkers, SharedWorkers, and ServiceWorkers. The results
+// should be independent of the context.
+Object.entries(environments).forEach(([name, constructor]) => {
+  const context_none = constructor(coep_none);
+  const context_credentialless = constructor(coep_credentialless);
+  const context_require_corp = constructor(coep_require_corp);
+
+  cacheStorageTest(`[${name}] unsafe-none => unsafe-none`,
+    context_none, context_none, "", "retrieved");
+  cacheStorageTest(`[${name}] unsafe-none => credentialless`,
+    context_none, context_credentialless, "", "error");
+  cacheStorageTest(`[${name}] unsafe-none => credentialless + CORP`,
+    context_none, context_credentialless, corp_cross_origin, "retrieved");
+  cacheStorageTest(`[${name}] unsafe-none => require-corp`,
+    context_none, context_require_corp, "", "error");
+  cacheStorageTest(`[${name}] unsafe-none => require-corp + CORP`,
+    context_none, context_require_corp, corp_cross_origin, "retrieved");
+
+  cacheStorageTest(`[${name}] credentialless => unsafe-none`,
+    context_credentialless, context_none, "", "retrieved");
+  cacheStorageTest(`[${name}] credentialless => credentialless`,
+    context_credentialless, context_credentialless, "", "retrieved");
+  cacheStorageTest(`[${name}] credentialless => require-corp`,
+    context_credentialless, context_require_corp, "", "error");
+  cacheStorageTest(`[${name}] credentialless => require-corp + CORP`,
+    context_credentialless, context_require_corp, corp_cross_origin, "retrieved");
+
+  cacheStorageTest(`[${name}] require_corp => unsafe-none`,
+    context_require_corp, context_none, corp_cross_origin, "retrieved");
+  cacheStorageTest(`[${name}] require_corp => credentialless`,
+    context_require_corp, context_credentialless, corp_cross_origin, "retrieved");
+  cacheStorageTest(`[${name}] require_corp => require-corp`,
+    context_require_corp, context_require_corp, corp_cross_origin, "retrieved");
+})
+
+</script>

html/cross-origin-embedder-policy/credentialless/resources/common.js

@@ -70,7 +70,7 @@ const newCredentiallessWindow = (origin) => {
   const main_document_token = token();
   const url = origin + executor_path + coep_credentialless +
     `&uuid=${main_document_token}`;
-  const w = window.open(url);
+  const context = window.open(url);
   add_completion_callback(() => w.close());
   return main_document_token;
 };
@@ -89,3 +89,39 @@ const newCredentiallessIframe = (parent_token, child_origin) => {
   return sub_document_token;
 };
 
+const environments = {
+  document: headers => {
+    const tok = token();
+    const url = window.origin + executor_path + headers + `&uuid=${tok}`;
+    const context = window.open(url);
+    add_completion_callback(() => context.close());
+    return tok;
+  },
+
+  dedicated_worker: headers => {
+    const tok = token();
+    const url = window.origin + executor_js_path + headers + `&uuid=${tok}`;
+    const context = new Worker(url);
+    return tok;
+  },
+
+  shared_worker: headers => {
+    const tok = token();
+    const url = window.origin + executor_js_path + headers + `&uuid=${tok}`;
+    const context = new SharedWorker(url);
+    return tok;
+  },
+
+  service_worker: headers => {
+    const tok = token();
+    const url = window.origin + executor_js_path + headers + `&uuid=${tok}`;
+    const scope = url; // Generate a one-time scope for service worker.
+    navigator.serviceWorker.register(url, {scope: scope})
+    .then(registration => {
+      add_completion_callback(() => registration.unregister());
+    });
+    return tok;
+  },
+};
+
+