From 6116305fb201fa1653471e463e44b2195934afa0 Mon Sep 17 00:00:00 2001
From: Jonathan Hao <phao@chromium.org>
Date: Mon, 3 Apr 2023 03:08:53 -0700
Subject: [PATCH] Fix isSecureContext for workers created from data urls in
 secure contexts

Worker created from data urls in secure contexts should be considered
as in secure contexts as well.
Spec: https://html.spec.whatwg.org/multipage/webappapis.html#secure-contexts
Discussions: https://github.com/w3c/webappsec-secure-contexts/issues/69

Alternatives considered:
- Make ExecutionContext::IsSecureContext virtual
and provide a specialized WorkerGlobalScope. The problem is that it
bypasses the UseCounter logging in [1]
- Call security_origin.SetOpaqueOriginIsPotentiallyTrustworthy(true) at
[2]. This makes IsPotentiallyTrustworthy() true for this specific
security_origin. However, other places call IsPotentiallyTrustworthy()
too so I am not sure whether this breaks other intended behaviors.

[1] https://source.chromium.org/chromium/chromium/src/+/main:third_party/blink/renderer/core/execution_context/security_context.cc;l=124-126
[2] https://source.chromium.org/chromium/chromium/src/+/main:third_party/blink/renderer/core/workers/worker_global_scope.cc;l=137;bpv=1;bpt=1

Bug: 1325494
Change-Id: Id5c7c3bc61b320426249bde0e346bd1f5f0b33d7
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4377256
Commit-Queue: Jonathan Hao <phao@chromium.org>
Reviewed-by: Nate Chapin <japhet@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1125248}
---
 secure-contexts/basic-dedicated-worker.html |  9 +++++++++
 secure-contexts/basic-shared-worker.html    | 15 +++++++++++++++
 2 files changed, 24 insertions(+)

diff --git a/secure-contexts/basic-dedicated-worker.html b/secure-contexts/basic-dedicated-worker.html
index ecd6138ac25d57..043b5b8dd64a41 100644
--- a/secure-contexts/basic-dedicated-worker.html
+++ b/secure-contexts/basic-dedicated-worker.html
@@ -16,6 +16,7 @@
       var t4 = async_test("HTTPS nested worker");
       var t5 = async_test("HTTP worker from HTTPS subframe");
       var t6 = async_test("HTTPS worker from HTTPS subframe");
+      var t7 = async_test("Worker from data URL");
 
       var w1 = new Worker(http_dir + "support/dedicated-worker-script.js");
       w1.onmessage = t1.step_func_done(function(e) {
@@ -89,6 +90,14 @@
       var ifr = document.createElement("iframe");
       ifr.src = https_dir + "support/https-subframe-dedicated.html";
       document.body.appendChild(ifr);
+
+      var w7 = new Worker("data:text/javascript,postMessage(isSecureContext);");
+      w7.onmessage = t7.step_func_done(function(e) {
+        assert_false(e.data);
+      });
+      w7.onerror = t7.step_func_done(function(e) {
+        assert_unreached("isSecureContext should be supported");
+      });
     </script>
   </body>
 </html>
diff --git a/secure-contexts/basic-shared-worker.html b/secure-contexts/basic-shared-worker.html
index 76c28a36e4f47f..7f421b0523ba78 100644
--- a/secure-contexts/basic-shared-worker.html
+++ b/secure-contexts/basic-shared-worker.html
@@ -14,6 +14,7 @@
       var t2 = async_test("Nested worker in shared worker");
       var t3 = async_test("Shared worker from https subframe");
       var t4 = async_test("Nested worker from shared worker from https subframe");
+      var t5 = async_test("Shared worker from data URL");
       // Tests for SharedWorkers used from other workers (not supported right
       // now) would go here.
 
@@ -64,6 +65,20 @@
       var ifr = document.createElement("iframe");
       ifr.src = https_dir2 + "support/https-subframe-shared.html";
       document.body.appendChild(ifr);
+
+      t5.step(function() {
+        var w = new SharedWorker(
+          `data:text/javascript,addEventListener("connect", function (e) {
+             var port = e.ports[0];
+             port.start();
+             port.postMessage(isSecureContext);
+          });`
+        );
+        w.port.onmessage = t5.step_func_done(function(e) {
+          assert_false(e.data);
+        });
+        w.port.start();
+      });
     </script>
   </body>
 </html>