Support the Clear-Site-Data header on resource requests

content/test/data/browsing_data/worker.js

Index: content/test/data/browsing_data/worker.js
diff --git a/content/test/data/browsing_data/worker.js b/content/test/data/browsing_data/worker.js
new file mode 100644
index 0000000000000000000000000000000000000000..24848e98e1952acda51c47ff51ae8f7ee58f7251
--- /dev/null
+++ b/content/test/data/browsing_data/worker.js
@@ -0,0 +1,54 @@
+// Copyright 2016 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Service worker used in ClearSiteDataThrottleBrowserTest.
+
+// Handle all resource requests.
+self.addEventListener('fetch', function(event) {
+  var url = new URL(event.request.url);
+
+  var other_origin_param_regex = /other_origin=([^&=?]+)/;
+  var other_origin = decodeURIComponent(
+    url.search.match(other_origin_param_regex)[1]);
+
+  // If this is a request for 'resource_from_sw', serve that resource
+  // with a Clear-Site-Data header.
+  var resource_request_regex = /resource_from_sw/;
+  var resource_request = !!url.search.match(resource_request_regex);
+
+  if (resource_request) {
+    event.respondWith(new Response(
+        'Response content is not important, only the header is.', {
+            'headers': { 'Clear-Site-Data': '{ "types" : [ "cookies" ] }' }
+        }));

[mmenke, 2016/10/13 17:16:31]

Should we instead / additionally get a network response from origin1 and confirm
that data for origin1 is cleared, but origin2 is not?

[msramek, 2016/10/17 14:28:31]

Done. Yes, that makes more sense actually.

I rewrote the test to request several resources, some handled by the service
worker, some sent through. This means that the one request sent before the
service worker was installed that I had here is no longer needed.

Hopefully the JS code is now also more readable.

I also discovered that my check for ServiceWorkerResponseInfo in the throttle
was not sufficient; requests that go to the service worker but are not handled
there (but restarted and re-sent to network instead) still have
ServiceWorkerResponseInfo attached. However,
ResourceResponseInfo::was_fetched_via_service_worker is false, which
distinguishes those cases.

+    return;
+  }
+
+  // Otherwise, serve the default response - a simple HTML page that embeds
+  // that resource two times.
+  var header = encodeURIComponent('{ "types": [ "cookies" ] }');
+  event.respondWith(new Response(
+    '<html><head></head><body>' +
+    '<img id="res1">' +
+    '<img id="res2">' +
+
+    '<script>' +
+      // When the loading of both resources finishes, we will inform the
+      // C++ side. There, we will verify that Clear-Site-Data was not called.
+      'function done() { window.location.hash = "service-worker-active"; };' +
+      'var res1 = document.getElementById("res1");' +
+      'var res2 = document.getElementById("res2");' +
+      'res1.onload = res2.onload = res1.onerror = res2.onerror = done();' +
+
+      // Load the resource once on this origin and once on a different origin.
+      // In both cases, the Clear-Site-Data header should be ignored.
+      'res1.src = "resource_from_sw&header=' + header + '";' +
+      'res2.src = "' +
+          other_origin + 'resource_from_sw&header=' + header + '";' +
+
+    '</script>' +
+    '</body></html>',
+    { 'headers': { 'Content-Type': 'text/html' } }
+  ));
+});