Add layout test to make sure origin clean flag is preserved

third_party/WebKit/LayoutTests/http/tests/security/cross-origin-createImageBitmap-structured-clone.html

Index: third_party/WebKit/LayoutTests/http/tests/security/cross-origin-createImageBitmap-structured-clone.html
diff --git a/third_party/WebKit/LayoutTests/http/tests/security/cross-origin-createImageBitmap-structured-clone.html b/third_party/WebKit/LayoutTests/http/tests/security/cross-origin-createImageBitmap-structured-clone.html
new file mode 100644
index 0000000000000000000000000000000000000000..776fa17be86133ce9c0f9f2df3af2abc2d05d021
--- /dev/null
+++ b/third_party/WebKit/LayoutTests/http/tests/security/cross-origin-createImageBitmap-structured-clone.html
@@ -0,0 +1,47 @@
+<!DOCTYPE html>
+<html>
+<body>
+<script src="../../resources/testharness.js"></script>
+<script src="../../resources/testharnessreport.js"></script>
+<script id="myWorker" type="text/worker">
+self.onmessage = function(e) {
+    postMessage(e.data);
+};
+</script>
+<script>
+async_test(function(t) {
+    function makeWorker(script) {
+        var blob = new Blob([script]);
+        return new Worker(URL.createObjectURL(blob));
+    }
+    var worker = makeWorker(document.getElementById('myWorker').textContent);
+    var returnedBitmap;
+
+    var image = new Image();
+    image.onload = function() {
+        shouldBeTainted(image);
+        createImageBitmap(image).then(imageBitmap => {
+            worker.postMessage({data:imageBitmap}, [imageBitmap]);
+            worker.onmessage = t.step_func(onMessage);
+        });
+    }
+    image.src = 'http://localhost:8080/security/resources/abe.png';
+
+    function onMessage(e) {
+        returnedBitmap = e.data.data;
+        shouldBeTainted(returnedBitmap);
+        t.done();
+    }
+
+    function shouldBeTainted(imageBitmap) {
+        var canvas = document.createElement("canvas");
+        canvas.width = 10;
+        canvas.height = 10;
+        var context = canvas.getContext("2d");
+        context.drawImage(imageBitmap, 0, 0, 10, 10);
+        assert_throws(null, function () { context.getImageData(0, 0, 10, 10); }, 'ImageBitmap should be tainted');
+    }
+}, 'Transfer and structured-clone an ImageBitmap should preserve the originClean flag.');
+</script>
+</body>
+</html>