[ServiceWorker] Don't check the origin equality when disable-web-security flag is set.

content/common/service_worker/service_worker_utils.h

Index: content/common/service_worker/service_worker_utils.h
diff --git a/content/common/service_worker/service_worker_utils.h b/content/common/service_worker/service_worker_utils.h
index 5be59c0aa801055cb3642838c8e0f33b798128a7..4ea403a3203ad5646f4ea1888f5b0271b91f33fe 100644
--- a/content/common/service_worker/service_worker_utils.h
+++ b/content/common/service_worker/service_worker_utils.h
@@ -5,10 +5,12 @@
 #ifndef CONTENT_COMMON_SERVICE_WORKER_SERVICE_WORKER_UTILS_H_
 #define CONTENT_COMMON_SERVICE_WORKER_SERVICE_WORKER_UTILS_H_
 
+#include "base/command_line.h"
 #include "base/macros.h"
 #include "content/common/content_export.h"
 #include "content/common/service_worker/service_worker_status_code.h"
 #include "content/common/service_worker/service_worker_types.h"
+#include "content/public/common/content_switches.h"
 #include "content/public/common/resource_type.h"
 #include "url/gurl.h"
 
@@ -44,6 +46,21 @@ class ServiceWorkerUtils {
                                        const GURL& pattern,
                                        const GURL& script_url);
 
+  // Returns true when '--disable-web-security' flag is set. Otherwise returns
+  // whether the all origins of |urls| are same as the origin of |url|.
+  template <typename... Args>
+  static bool PassOriginEqualitySecurityCheck(const GURL& url,
+                                              const Args&... urls) {
+    if (base::CommandLine::ForCurrentProcess()->HasSwitch(
+            switches::kDisableWebSecurity))
+      return true;
+    for (const GURL& u : {urls...}) {
+      if (url.GetOrigin() != u.GetOrigin())
+        return false;
+    }
+    return true;
+  }
+
   // PlzNavigate
   // Returns true if the |provider_id| was assigned by the browser process.
   static bool IsBrowserAssignedProviderId(int provider_id) {