[Clear-Site-Data] Ensure Clear-Site-Data overwrites Accept-CH and Cri…

…tical-CH headers

Per the spec:
w3c/webappsec-clear-site-data#74
We must not store new client hints if we are already clearing them.

Bug: 1458394
Change-Id: Ie82e60175784de52b6a3ac7756af31949c89df0c

client-hints/clear-site-data/resources/check-client-hints.py

@@ -1,5 +1,6 @@
 """
 Step 2/6 (/client-hints/clear-site-data/clear-site-data-{}.https.html)
+Step 3/4 (/client-hints/clear-site-data/set-client-hints-{}-clear-{}.https.html)
 """
 def main(request, response):
     if b"sec-ch-device-memory" in request.headers:

client-hints/clear-site-data/set-client-hints-after-clear-all.https.html

@@ -0,0 +1,24 @@
+<!DOCTYPE html>
+<body>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script>
+// Here's the set-up for this test:
+// Step 1 (first window) Set client hints in the same header that clears them.
+// Step 2 (first window) Open second window.
+// Step 3 (second window) Message first window about client hints sent.
+// Step 4 (first window) Asserts client hints not sent.
+async_test(t => {
+    // Step 4
+    window.addEventListener("message", t.step_func(e => {
+        assert_equals(e.data, "MissingDeviceMemory");
+        t.done();
+    }), {once: true});
+
+    // Step 2
+    new_window = window.open("/client-hints/clear-site-data/resources/check-client-hints.py");
+    t.add_cleanup(new_window.close);
+}, "Setting client hints after Clear-Site-Data for all shouldn't allow the client hints to take.");
+</script>
+</body>
+</html>

client-hints/clear-site-data/set-client-hints-after-clear-all.https.html.headers

@@ -0,0 +1,2 @@
+Clear-Site-Data: "*"
+Accept-CH: Sec-CH-Device-Memory

client-hints/clear-site-data/set-client-hints-after-clear-cache.https.html

@@ -0,0 +1,24 @@
+<!DOCTYPE html>
+<body>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script>
+// Here's the set-up for this test:
+// Step 1 (first window) Set client hints in the same header that clears them.
+// Step 2 (first window) Open second window.
+// Step 3 (second window) Message first window about client hints sent.
+// Step 4 (first window) Asserts client hints not sent.
+async_test(t => {
+    // Step 4
+    window.addEventListener("message", t.step_func(e => {
+        assert_equals(e.data, "MissingDeviceMemory");
+        t.done();
+    }), {once: true});
+
+    // Step 2
+    new_window = window.open("/client-hints/clear-site-data/resources/check-client-hints.py");
+    t.add_cleanup(new_window.close);
+}, "Setting client hints after Clear-Site-Data for cache shouldn't allow the client hints to take.");
+</script>
+</body>
+</html>

client-hints/clear-site-data/set-client-hints-after-clear-cache.https.html.headers

@@ -0,0 +1,2 @@
+Clear-Site-Data: "cache"
+Accept-CH: Sec-CH-Device-Memory

client-hints/clear-site-data/set-client-hints-after-clear-client-hints.https.html

@@ -0,0 +1,24 @@
+<!DOCTYPE html>
+<body>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script>
+// Here's the set-up for this test:
+// Step 1 (first window) Set client hints in the same header that clears them.
+// Step 2 (first window) Open second window.
+// Step 3 (second window) Message first window about client hints sent.
+// Step 4 (first window) Asserts client hints not sent.
+async_test(t => {
+    // Step 4
+    window.addEventListener("message", t.step_func(e => {
+        assert_equals(e.data, "MissingDeviceMemory");
+        t.done();
+    }), {once: true});
+
+    // Step 2
+    new_window = window.open("/client-hints/clear-site-data/resources/check-client-hints.py");
+    t.add_cleanup(new_window.close);
+}, "Setting client hints after Clear-Site-Data for client hints shouldn't allow the client hints to take.");
+</script>
+</body>
+</html>

client-hints/clear-site-data/set-client-hints-after-clear-client-hints.https.html.headers

@@ -0,0 +1,2 @@
+Clear-Site-Data: "clientHints"
+Accept-CH: Sec-CH-Device-Memory

client-hints/clear-site-data/set-client-hints-after-clear-cookies.https.html

@@ -0,0 +1,24 @@
+<!DOCTYPE html>
+<body>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script>
+// Here's the set-up for this test:
+// Step 1 (first window) Set client hints in the same header that clears them.
+// Step 2 (first window) Open second window.
+// Step 3 (second window) Message first window about client hints sent.
+// Step 4 (first window) Asserts client hints not sent.
+async_test(t => {
+    // Step 4
+    window.addEventListener("message", t.step_func(e => {
+        assert_equals(e.data, "MissingDeviceMemory");
+        t.done();
+    }), {once: true});
+
+    // Step 2
+    new_window = window.open("/client-hints/clear-site-data/resources/check-client-hints.py");
+    t.add_cleanup(new_window.close);
+}, "Setting client hints after Clear-Site-Data for cookies shouldn't allow the client hints to take.");
+</script>
+</body>
+</html>

client-hints/clear-site-data/set-client-hints-after-clear-cookies.https.html.headers

@@ -0,0 +1,2 @@
+Clear-Site-Data: "cookies"
+Accept-CH: Sec-CH-Device-Memory

client-hints/clear-site-data/set-client-hints-after-clear-storage.https.html

@@ -0,0 +1,24 @@
+<!DOCTYPE html>
+<body>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script>
+// Here's the set-up for this test:
+// Step 1 (first window) Set client hints in the same header that clears them.
+// Step 2 (first window) Open second window.
+// Step 3 (second window) Message first window about client hints sent.
+// Step 4 (first window) Asserts client hints sent.
+async_test(t => {
+    // Step 4
+    window.addEventListener("message", t.step_func(e => {
+        assert_equals(e.data, "HadDeviceMemory");
+        t.done();
+    }), {once: true});
+
+    // Step 2
+    new_window = window.open("/client-hints/clear-site-data/resources/check-client-hints.py");
+    t.add_cleanup(new_window.close);
+}, "Setting client hints after Clear-Site-Data for storage should allow the client hints to take.");
+</script>
+</body>
+</html>

client-hints/clear-site-data/set-client-hints-after-clear-storage.https.html.headers

@@ -0,0 +1,2 @@
+Clear-Site-Data: "storage"
+Accept-CH: Sec-CH-Device-Memory

client-hints/clear-site-data/set-critical-client-hints-after-clear-all.https.html

@@ -0,0 +1,24 @@
+<!DOCTYPE html>
+<body>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script>
+// Here's the set-up for this test:
+// Step 1 (first window) Set client hints in the same header that clears them.
+// Step 2 (first window) Open second window.
+// Step 3 (second window) Message first window about client hints sent.
+// Step 4 (first window) Asserts client hints not sent.
+async_test(t => {
+    // Step 4
+    window.addEventListener("message", t.step_func(e => {
+        assert_equals(e.data, "MissingDeviceMemory");
+        t.done();
+    }), {once: true});
+
+    // Step 2
+    new_window = window.open("/client-hints/clear-site-data/resources/check-client-hints.py");
+    t.add_cleanup(new_window.close);
+}, "Setting critical client hints after Clear-Site-Data for all shouldn't allow the client hints to take.");
+</script>
+</body>
+</html>

client-hints/clear-site-data/set-critical-client-hints-after-clear-all.https.html.headers

@@ -0,0 +1,3 @@
+Clear-Site-Data: "*"
+Accept-CH: Sec-CH-Device-Memory
+Critical-CH: Sec-CH-Device-Memory

client-hints/clear-site-data/set-critical-client-hints-after-clear-cache.https.html

@@ -0,0 +1,24 @@
+<!DOCTYPE html>
+<body>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script>
+// Here's the set-up for this test:
+// Step 1 (first window) Set client hints in the same header that clears them.
+// Step 2 (first window) Open second window.
+// Step 3 (second window) Message first window about client hints sent.
+// Step 4 (first window) Asserts client hints not sent.
+async_test(t => {
+    // Step 4
+    window.addEventListener("message", t.step_func(e => {
+        assert_equals(e.data, "MissingDeviceMemory");
+        t.done();
+    }), {once: true});
+
+    // Step 2
+    new_window = window.open("/client-hints/clear-site-data/resources/check-client-hints.py");
+    t.add_cleanup(new_window.close);
+}, "Setting critical client hints after Clear-Site-Data for cache shouldn't allow the client hints to take.");
+</script>
+</body>
+</html>

client-hints/clear-site-data/set-critical-client-hints-after-clear-cache.https.html.headers

@@ -0,0 +1,3 @@
+Clear-Site-Data: "cache"
+Accept-CH: Sec-CH-Device-Memory
+Critical-CH: Sec-CH-Device-Memory

client-hints/clear-site-data/set-critical-client-hints-after-clear-client-hints.https.html

@@ -0,0 +1,24 @@
+<!DOCTYPE html>
+<body>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script>
+// Here's the set-up for this test:
+// Step 1 (first window) Set client hints in the same header that clears them.
+// Step 2 (first window) Open second window.
+// Step 3 (second window) Message first window about client hints sent.
+// Step 4 (first window) Asserts client hints not sent.
+async_test(t => {
+    // Step 4
+    window.addEventListener("message", t.step_func(e => {
+        assert_equals(e.data, "MissingDeviceMemory");
+        t.done();
+    }), {once: true});
+
+    // Step 2
+    new_window = window.open("/client-hints/clear-site-data/resources/check-client-hints.py");
+    t.add_cleanup(new_window.close);
+}, "Setting critical client hints after Clear-Site-Data for client hints shouldn't allow the client hints to take.");
+</script>
+</body>
+</html>

client-hints/clear-site-data/set-critical-client-hints-after-clear-client-hints.https.html.headers

@@ -0,0 +1,3 @@
+Clear-Site-Data: "clientHints"
+Accept-CH: Sec-CH-Device-Memory
+Critical-CH: Sec-CH-Device-Memory

client-hints/clear-site-data/set-critical-client-hints-after-clear-cookies.https.html

@@ -0,0 +1,24 @@
+<!DOCTYPE html>
+<body>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script>
+// Here's the set-up for this test:
+// Step 1 (first window) Set client hints in the same header that clears them.
+// Step 2 (first window) Open second window.
+// Step 3 (second window) Message first window about client hints sent.
+// Step 4 (first window) Asserts client hints not sent.
+async_test(t => {
+    // Step 4
+    window.addEventListener("message", t.step_func(e => {
+        assert_equals(e.data, "MissingDeviceMemory");
+        t.done();
+    }), {once: true});
+
+    // Step 2
+    new_window = window.open("/client-hints/clear-site-data/resources/check-client-hints.py");
+    t.add_cleanup(new_window.close);
+}, "Setting critical client hints after Clear-Site-Data for cookies shouldn't allow the client hints to take.");
+</script>
+</body>
+</html>

client-hints/clear-site-data/set-critical-client-hints-after-clear-cookies.https.html.headers

@@ -0,0 +1,3 @@
+Clear-Site-Data: "cookies"
+Accept-CH: Sec-CH-Device-Memory
+Critical-CH: Sec-CH-Device-Memory

client-hints/clear-site-data/set-critical-client-hints-after-clear-storage.https.html

@@ -0,0 +1,24 @@
+<!DOCTYPE html>
+<body>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script>
+// Here's the set-up for this test:
+// Step 1 (first window) Set client hints in the same header that clears them.
+// Step 2 (first window) Open second window.
+// Step 3 (second window) Message first window about client hints sent.
+// Step 4 (first window) Asserts client hints sent.
+async_test(t => {
+    // Step 4
+    window.addEventListener("message", t.step_func(e => {
+        assert_equals(e.data, "HadDeviceMemory");
+        t.done();
+    }), {once: true});
+
+    // Step 2
+    new_window = window.open("/client-hints/clear-site-data/resources/check-client-hints.py");
+    t.add_cleanup(new_window.close);
+}, "Setting critical client hints after Clear-Site-Data for storage should allow the client hints to take.");
+</script>
+</body>
+</html>

client-hints/clear-site-data/set-critical-client-hints-after-clear-storage.https.html.headers

@@ -0,0 +1,3 @@
+Clear-Site-Data: "storage"
+Accept-CH: Sec-CH-Device-Memory
+Critical-CH: Sec-CH-Device-Memory