Activation across navigation: add a WPT for cross-origin redirection

This CL adds a new WPT for user activation states after a cross-origin
redirection, using `RemoteContext` API in dispatcher.js. This behavior
is not fully defined in the spec [1], and the test was written based on
the behavior expected in a PR discussion [2].

This CL also simplifies the existing same-origin test using the same
API, and fixes the visibility of 3 private methods in utils.js.

[1]
https://html.spec.whatwg.org/multipage/browsing-the-web.html#navigation-and-session-history:~:text=Welcome%20to%20the%20dragon%27s%20maw.
[2] whatwg/html#11454

Bug: 480993679
Change-Id: I9c7e5ad836404d7b1bf8e484a89fc2824b7c0364
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7769229
Commit-Queue: Mustaq Ahmed <mustaq@chromium.org>
Reviewed-by: Vladimir Levin <vmpstr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1616504}

Author: mustaqahmed

common/utils.js

@@ -10,6 +10,13 @@
  * @returns {string}
  */
 function make_absolute_url(options) {
+    function get(obj, name, default_val) {
+        if (obj.hasOwnProperty(name)) {
+            return obj[name];
+        }
+        return default_val;
+    }
+
     var loc = window.location;
     var protocol = get(options, "protocol", loc.protocol);
     if (protocol[protocol.length - 1] != ":") {
@@ -52,47 +59,37 @@ function make_absolute_url(options) {
     return url;
 }
 
-/** @private */
-function get(obj, name, default_val) {
-    if (obj.hasOwnProperty(name)) {
-        return obj[name];
-    }
-    return default_val;
-}
-
 /**
  * Generate a new UUID.
  * @returns {string}
  */
 function token() {
+    function rand_int(bits) {
+        if (bits < 1 || bits > 53) {
+            throw new TypeError();
+        } else {
+            if (bits >= 1 && bits <= 30) {
+                return 0 | ((1 << bits) * Math.random());
+            } else {
+                var high = (0 | ((1 << (bits - 30)) * Math.random())) * (1 << 30);
+                var low = 0 | ((1 << 30) * Math.random());
+                return  high + low;
+            }
+        }
+    }
+
+    function to_hex(x, length) {
+        var rv = x.toString(16);
+        while (rv.length < length) {
+            rv = "0" + rv;
+        }
+        return rv;
+    }
+
     var uuid = [to_hex(rand_int(32), 8),
                 to_hex(rand_int(16), 4),
                 to_hex(0x4000 | rand_int(12), 4),
                 to_hex(0x8000 | rand_int(14), 4),
                 to_hex(rand_int(48), 12)].join("-")
     return uuid;
 }
-
-/** @private */
-function rand_int(bits) {
-    if (bits < 1 || bits > 53) {
-        throw new TypeError();
-    } else {
-        if (bits >= 1 && bits <= 30) {
-            return 0 | ((1 << bits) * Math.random());
-        } else {
-            var high = (0 | ((1 << (bits - 30)) * Math.random())) * (1 << 30);
-            var low = 0 | ((1 << 30) * Math.random());
-            return  high + low;
-        }
-    }
-}
-
-/** @private */
-function to_hex(x, length) {
-    var rv = x.toString(16);
-    while (rv.length < length) {
-        rv = "0" + rv;
-    }
-    return rv;
-}

html/user-activation/navigate-to-crossorigin-redirect.html

@@ -0,0 +1,94 @@
+<!DOCTYPE html>
+<title>User activation propagation across a cross-origin redirection</title>
+<script src="/common/dispatcher/dispatcher.js"></script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="/common/utils.js"></script>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/resources/testdriver.js"></script>
+<script src="/resources/testdriver-vendor.js"></script>
+<script src="/resources/testdriver-actions.js"></script>
+<script src="resources/utils.js"></script>
+
+<body>
+  <p>Non-zero-sized body to allow clicks.</p>
+</body>
+
+<script>
+  'use strict';
+
+  let uuid1 = token();
+  let uuid2 = token();
+
+  let origin = get_host_info().HTTP_ORIGIN;
+  let remote_origin = get_host_info().HTTP_REMOTE_ORIGIN;
+  let clicked_link =
+        `${remote_origin}/common/redirect.py?location=` +
+        `${origin}/common/dispatcher/remote-executor.html?uuid=${uuid2}`;
+
+  const getUserActivationState = () =>
+    [navigator.userActivation.isActive, navigator.userActivation.hasBeenActive];
+
+  function assertUserActivationState(list,
+        expected_transient_bit, expected_sticky_bit, msg) {
+    assert_equals(list[0], expected_transient_bit, "Transient bit " + msg);
+    assert_equals(list[1], expected_sticky_bit, "Sticky bit " + msg);
+  }
+
+  promise_test(async test => {
+    // Open a new window that we will navigate away and observe.
+    let w;
+    document.body.onclick = () => {
+      w = window.open(`/common/dispatcher/remote-executor.html?uuid=${uuid1}`);
+    };
+
+    await test_driver.click(document.body);
+    assert_true(!!w, "A window is opened");
+
+    // Populate the window: add two elements (a non-link and a link) to allow
+    // the following clicks.
+    {
+      const context = new RemoteContext(uuid1);
+      await context.execute_script(link => {
+        // Not sure why the first click below fails w/o this line!
+        document.body.textContent = "";
+
+        let elem1 = document.createElement("div");
+        elem1.textContent = "Dummy text to make it clickable";
+        document.body.appendChild(elem1);
+
+        let elem2 = document.createElement("a");
+        elem2.textContent = "Dummy text to make it clickable";
+        elem2.href = link;
+
+        document.body.appendChild(elem2);
+      }, [clicked_link]);
+    }
+
+    // Check that the new window does not have user activation initially.
+    {
+      const context = new RemoteContext(uuid1);
+      const result = await context.execute_script(getUserActivationState);
+      assertUserActivationState(result, false, false, "after window opened");
+    }
+
+    // Confirm that the new window gets user activation after a click.
+    await test_driver.click(w.document.body.firstElementChild);
+    {
+      const context = new RemoteContext(uuid1);
+      const result = await context.execute_script(getUserActivationState);
+      assertUserActivationState(result, true, true, "after window clicked");
+    }
+
+    // Click on the link to navigate away.
+    await test_driver.click(w.document.body.lastElementChild);
+
+    // Confirm that the new window does not have user activation.
+    {
+      const context = new RemoteContext(uuid2);
+      const result = await context.execute_script(getUserActivationState);
+      assertUserActivationState(result, false, false,
+            "after window nagivated and redirected");
+    }
+}, "User activation propagation across a same-origin navigation");
+</script>

html/user-activation/navigate-to-sameorigin.html

@@ -1,5 +1,7 @@
 <!DOCTYPE html>
 <title>User activation propagation across a same-origin navigation</title>
+<script src="/common/dispatcher/dispatcher.js"></script>
+<script src="/common/utils.js"></script>
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/resources/testdriver.js"></script>
@@ -8,51 +10,77 @@
 <script src="resources/utils.js"></script>
 
 <body>
-  <p>Placeholder</p>
+  <p>Non-zero-sized body to allow clicks.</p>
 </body>
 
 <script>
   'use strict';
 
-  let w;
-  document.body.onclick = () => {
-    w = window.open("resources/opened-window.html");
-  };
+  let uuid1 = token();
+  let uuid2 = token();
+  let clicked_link = `/common/dispatcher/remote-executor.html?uuid=${uuid2}`
+
+  const getUserActivationState = () =>
+    [navigator.userActivation.isActive, navigator.userActivation.hasBeenActive];
+
+  function assertUserActivationState(list,
+        expected_transient_bit, expected_sticky_bit, msg) {
+    assert_equals(list[0], expected_transient_bit, "Transient bit " + msg);
+    assert_equals(list[1], expected_sticky_bit, "Sticky bit " + msg);
+  }
 
   promise_test(async test => {
-    let window_opened_msg_promise = receiveMessage("window-opened");
+    // Open a new window that we will navigate away and observe.
+    let w;
+    document.body.onclick = () => {
+      w = window.open(`/common/dispatcher/remote-executor.html?uuid=${uuid1}`);
+    };
 
     await test_driver.click(document.body);
     assert_true(!!w, "A window is opened");
 
+    // Populate the window: add two elements (a non-link and a link) to allow
+    // the following clicks.
     {
-      let window_opened_data = await window_opened_msg_promise;
-      assert_false(window_opened_data.isActive,
-          "Transient activation after window opened");
-      assert_false(window_opened_data.hasBeenActive,
-          "Sticky activation after window opened");
-    }
+      const context = new RemoteContext(uuid1);
+      await context.execute_script(link => {
+        // Not sure why the first click below fails w/o this line!
+        document.body.textContent = "";
+
+        let elem1 = document.createElement("div");
+        elem1.textContent = "Dummy text to make it clickable";
+        document.body.appendChild(elem1);
 
-    let link_clicked_msg_promise = receiveMessage("link-clicked");
-    let window_navigated_msg_promise = receiveMessage("window-navigated");
+        let elem2 = document.createElement("a");
+        elem2.textContent = "Dummy text to make it clickable";
+        elem2.href = link;
+        document.body.appendChild(elem2);
+      }, [clicked_link]);
+    }
 
-    const link = w.document.getElementById("link");
-    await test_driver.click(link);
+    // Check that the new window does not have user activation initially.
+    {
+      const context = new RemoteContext(uuid1);
+      const result = await context.execute_script(getUserActivationState);
+      assertUserActivationState(result, false, false, "after window opened");
+    }
 
+    // Confirm that the new window gets user activation after a click.
+    await test_driver.click(w.document.body.firstElementChild);
     {
-      let link_clicked_data = await link_clicked_msg_promise;
-      assert_true(link_clicked_data.isActive,
-          "Transient activation after link clicked");
-      assert_true(link_clicked_data.hasBeenActive,
-          "Sticky activation after link clicked");
+      const context = new RemoteContext(uuid1);
+      const result = await context.execute_script(getUserActivationState);
+      assertUserActivationState(result, true, true, "after window clicked");
     }
 
+    // Click on the link to navigate away.
+    await test_driver.click(w.document.body.lastElementChild);
+
+    // Confirm that the new window does not have user activation.
     {
-      let window_navigated_data = await window_navigated_msg_promise;
-      assert_false(window_navigated_data.isActive,
-          "Transient activation after window navigated");
-      assert_true(window_navigated_data.hasBeenActive,
-          "Sticky activation after window navigated");
+      const context = new RemoteContext(uuid2);
+      const result = await context.execute_script(getUserActivationState);
+      assertUserActivationState(result, false, true, "after window redirected");
     }
-  }, "User activation propagation across a same-origin navigation");
+}, "User activation propagation across a same-origin navigation");
 </script>