Add initial support for 'Cross-Origin-Opener-Policy' HTTP header

https://bugs.webkit.org/show_bug.cgi?id=192193 <rdar://problem/42013525> Reviewed by Geoff Garen. LayoutTests/imported/w3c: Rebaseline WPT tests now that most tests are passing. * web-platform-tests/IndexedDB/serialize-sharedarraybuffer-throws.https-expected.txt: * web-platform-tests/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/blob-popup.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/coep-blob-popup.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/coep-navigate-popup.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/coep-redirect.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/coep.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/coop-coep-sandbox.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/coop-csp-sandbox-navigate.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/coop-csp-sandbox.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/coop-navigated-history-popup.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/coop-navigated-popup.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/coop-sandbox.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/header-parsing.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/historical/coep-navigate-popup-unsafe-inherit.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/historical/popup-same-origin-unsafe-allow-outgoing-with-cross-origin.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/historical/popup-same-origin-unsafe-allow-outgoing-with-same-origin.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/historical/popup-same-origin-unsafe-allow-outgoing-with-same-site.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/historical/popup-same-site-unsafe-allow-outgoing-with-cross-origin.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/historical/popup-same-site-unsafe-allow-outgoing-with-same-origin.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/historical/popup-same-site-unsafe-allow-outgoing-with-same-site.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/historical/popup-same-site-with-cross-origin.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/historical/popup-same-site-with-same-origin.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/historical/popup-same-site-with-same-site.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/iframe-popup-same-origin-allow-popups-to-same-origin-allow-popups.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/iframe-popup-same-origin-allow-popups-to-same-origin.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/iframe-popup-same-origin-to-same-origin.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/iframe-popup-same-origin-to-unsafe-none.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/iframe-popup-unsafe-none-to-same-origin.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/javascript-url.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/navigate-to-aboutblank.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/no-https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/popup-coop-by-sw-from-coop.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/popup-coop-by-sw.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/popup-redirect-cache.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/popup-redirect-same-origin-allow-popups.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/popup-same-origin-allow-popups-with-cross-origin.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/popup-same-origin-allow-popups-with-same-origin.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/popup-same-origin-allow-popups-with-same-site.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/popup-same-origin-with-cross-origin.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/popup-same-origin-with-same-origin.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/popup-same-origin-with-same-site.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/popup-unsafe-none-with-cross-origin.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/popup-unsafe-none-with-same-origin.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/popup-unsafe-none-with-same-site.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/popup-unspecified-with-cross-origin.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/popup-unspecified-with-same-origin.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/popup-unspecified-with-same-site.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/popup-with-structured-header.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/resource-popup.https-expected.txt: * web-platform-tests/html/cross-origin-opener-policy/resources/resource-popup.html: * web-platform-tests/html/dom/idlharness.worker-expected.txt: Source/WebCore: Add initial support for 'Cross-Origin-Opener-Policy' HTTP header: - https://html.spec.whatwg.org/multipage/origin.html#cross-origin-opener-policy-value Support is complete enough to pass most WPT tests with the exception of: - The ones involving blob. Support for Blob does not seem trivial so I will address separately (whatwg/html#5198). - The ones that requires reporting COOP enforcement as this is not supported yet. This is a fairly large task so I'll handle separately. - The ones that involve Cross-Origin-Embedder-Policy (COEP) and this is not yet supported. I tried to stay as close as possible to the HTML specification as possible in terms of structuring and naming. I also have code comments to link to the relevant HTML spec sections. Note that as it stands, we do not currently swap process based on COOP header. We merely do isolation of the new browsing context at JS level for now. At some point, we'll want to actually process-swap, once we support COEP and we want to re-enable some Web APIs such as SharedArrayBuffer. No new tests, covered by web-plaform-tests/html/cross-origin-opener-policy. * Headers.cmake: * Sources.txt: * WebCore.xcodeproj/project.pbxproj: * bindings/js/WebCoreBuiltinNames.h: * dom/Document.cpp: (WebCore::Document::initSecurityContext): (WebCore::Document::shouldForceNoOpenerBasedOnCOOP const): (WebCore::Document::crossOriginOpenerPolicy const): (WebCore::Document::setCrossOriginOpenerPolicy): * dom/Document.h: (WebCore::Document::isSameOriginAsTopDocument const): * dom/SecurityContext.cpp: (WebCore::SecurityContext::enforceSandboxFlags): * dom/SecurityContext.h: (WebCore::SecurityContext::creationSandboxFlags const): * inspector/InspectorFrontendClientLocal.cpp: (WebCore::InspectorFrontendClientLocal::openURLExternally): * loader/CrossOriginEmbedderPolicy.cpp: Copied from Source/WebCore/page/AbstractFrame.cpp. (WebCore::obtainCrossOriginEmbedderPolicy): * loader/CrossOriginEmbedderPolicy.h: Copied from Source/WebCore/page/AbstractFrame.cpp. * loader/CrossOriginOpenerPolicy.cpp: Added. (WebCore::obtainCrossOriginOpenerPolicy): * loader/CrossOriginOpenerPolicy.h: Copied from Source/WebCore/page/AbstractFrame.h. * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::willSendRequest): (WebCore::checkIfCOOPValuesRequireBrowsingContextGroupSwitch): (WebCore::computeResponseOriginAndCOOP): (WebCore::DocumentLoader::doCrossOriginOpenerHandlingOfResponse): (WebCore::DocumentLoader::enforceResponseCrossOriginOpenerPolicy): (WebCore::DocumentLoader::responseReceived): (WebCore::DocumentLoader::maybeLoadEmpty): * loader/DocumentLoader.h: (WebCore::DocumentLoader::crossOriginOpenerPolicy const): * loader/DocumentWriter.cpp: (WebCore::DocumentWriter::begin): * loader/FrameLoader.cpp: (WebCore::FrameLoader::didBeginDocument): (WebCore::FrameLoader::setOpener): (WebCore::FrameLoader::loadURL): (WebCore::FrameLoader::loadPostRequest): (WebCore::createWindow): (WebCore::FrameLoader::switchBrowsingContextsGroup): * loader/FrameLoader.h: * loader/NavigationAction.cpp: * loader/NavigationAction.h: (WebCore::NavigationAction::Requester::securityOrigin const): (WebCore::NavigationAction::Requester::topOrigin const): (WebCore::NavigationAction::Requester::crossOriginOpenerPolicy const): * page/AbstractFrame.cpp: (WebCore::AbstractFrame::resetWindowProxy): * page/AbstractFrame.h: * page/DOMWindow.cpp: (WebCore::DOMWindow::crossOriginIsolated const): (WebCore::DOMWindow::createWindow): * page/DOMWindow.h: * page/Frame.cpp: (WebCore::Frame::resetScript): * page/Frame.h: * page/Page.h: (WebCore::Page::setOpenedByDOMWithOpener): * page/WindowOrWorkerGlobalScope.idl: * page/csp/ContentSecurityPolicy.cpp: (WebCore::ContentSecurityPolicy::applyPolicyToScriptExecutionContext): * platform/network/HTTPHeaderNames.in: * platform/network/HTTPParsers.cpp: (WebCore::parseStructuredFieldValue): * platform/network/HTTPParsers.h: * platform/network/ResourceResponseBase.cpp: (WebCore::isSafeRedirectionResponseHeader): * workers/WorkerGlobalScope.cpp: (WebCore::WorkerGlobalScope::crossOriginIsolated const): * workers/WorkerGlobalScope.h: Source/WTF: Add experimental feature flag for 'Cross-Origin-Opener-Policy' HTTP header support. * Scripts/Preferences/WebPreferencesExperimental.yaml: LayoutTests: Update test expectations. * TestExpectations: * platform/ios-wk2/imported/w3c/web-platform-tests/html/dom/idlharness.https-expected.txt: * platform/mac-wk1/imported/w3c/web-platform-tests/html/dom/idlharness.https-expected.txt: * platform/mac-wk2/TestExpectations: * platform/mac-wk2/imported/w3c/web-platform-tests/html/dom/idlharness.https-expected.txt: * platform/mac/TestExpectations: git-svn-id: http://svn.webkit.org/repository/webkit/trunk@280504 268f45cc-cd09-0410-ab3c-d52691b4dbfc
philn · Jul 31, 2021 · fbf1697 · fbf1697
1 parent dc3ecee
commit fbf1697
Show file tree

Hide file tree

Showing 100 changed files with 1,162 additions and 377 deletions.
diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog
@@ -1,3 +1,20 @@
+2021-07-30  Chris Dumez  <[email protected]>
+
+        Add initial support for 'Cross-Origin-Opener-Policy' HTTP header
+        https://bugs.webkit.org/show_bug.cgi?id=192193
+        <rdar://problem/42013525>
+
+        Reviewed by Geoff Garen.
+
+        Update test expectations.
+
+        * TestExpectations:
+        * platform/ios-wk2/imported/w3c/web-platform-tests/html/dom/idlharness.https-expected.txt:
+        * platform/mac-wk1/imported/w3c/web-platform-tests/html/dom/idlharness.https-expected.txt:
+        * platform/mac-wk2/TestExpectations:
+        * platform/mac-wk2/imported/w3c/web-platform-tests/html/dom/idlharness.https-expected.txt:
+        * platform/mac/TestExpectations:
+
 2021-07-30  Ayumi Kojima  <[email protected]>
 
         [ iOS ] http/wpt/service-workers/navigation-redirect-main-frame.https.html is a flaky timeout.

diff --git a/LayoutTests/TestExpectations b/LayoutTests/TestExpectations
@@ -399,7 +399,6 @@ imported/w3c/web-platform-tests/html/browsers/origin/cross-origin-objects/cross-
 imported/w3c/web-platform-tests/html/browsers/sandboxing/sandbox-disallow-popups.html [ DumpJSConsoleLogInStdErr ]
 imported/w3c/web-platform-tests/html/cross-origin-opener-policy/navigate-to-aboutblank.https.html [ DumpJSConsoleLogInStdErr ]
 imported/w3c/web-platform-tests/html/cross-origin-opener-policy/navigate-top-to-aboutblank.https.html [ DumpJSConsoleLogInStdErr ]
-imported/w3c/web-platform-tests/html/cross-origin-opener-policy/resource-popup.https.html [ DumpJSConsoleLogInStdErr ]
 imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe-network-error.sub.html [ DumpJSConsoleLogInStdErr ]
 imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/css-module/integrity.html [ DumpJSConsoleLogInStdErr ]
 imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/css-module/import-css-module-basic.html [ DumpJSConsoleLogInStdErr ]
@@ -715,13 +714,14 @@ imported/w3c/web-platform-tests/html/rendering/non-replaced-elements/phrasing-co
 # Cross-Origin Opener Policy reporting is not supported and it is causing those tests to time out.
 imported/w3c/web-platform-tests/html/cross-origin-opener-policy/reporting [ Skip ]
 
-# This test is timing out because the location.href setter's relative URL resolution seems incorrect.
-imported/w3c/web-platform-tests/html/cross-origin-opener-policy/coop-navigated-popup.https.html [ Skip ]
+# This test is timing out locally but passing on wpt.live. The issue is that we run the WPT tests over localhost and they
+# are thus marked as secure contexts even when served over HTTP. The test assumes the context is non-secure because the
+# test is served over HTTP.
+imported/w3c/web-platform-tests/html/cross-origin-opener-policy/no-https.html [ Skip ]
 
 # COOP tests that are failing and keep printing a different uuid in the error output.
 imported/w3c/web-platform-tests/html/cross-origin-opener-policy/blob-popup.https.html [ Failure Pass ]
 imported/w3c/web-platform-tests/html/cross-origin-opener-policy/coep-blob-popup.https.html [ Failure Pass ]
-imported/w3c/web-platform-tests/html/cross-origin-opener-policy/javascript-url.https.html [ Failure Pass ]
 
 # Newly imported WPT tests that are crashing.
 imported/w3c/web-platform-tests/html/semantics/embedded-content/the-embed-element/embed-represent-nothing-04.html [ ImageOnlyFailure Crash ]

diff --git a/LayoutTests/imported/w3c/ChangeLog b/LayoutTests/imported/w3c/ChangeLog
@@ -1,3 +1,66 @@
+2021-07-30  Chris Dumez  <[email protected]>
+
+        Add initial support for 'Cross-Origin-Opener-Policy' HTTP header
+        https://bugs.webkit.org/show_bug.cgi?id=192193
+        <rdar://problem/42013525>
+
+        Reviewed by Geoff Garen.
+
+        Rebaseline WPT tests now that most tests are passing.
+
+        * web-platform-tests/IndexedDB/serialize-sharedarraybuffer-throws.https-expected.txt:
+        * web-platform-tests/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/blob-popup.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/coep-blob-popup.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/coep-navigate-popup.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/coep-redirect.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/coep.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/coop-coep-sandbox.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/coop-csp-sandbox-navigate.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/coop-csp-sandbox.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/coop-navigated-history-popup.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/coop-navigated-popup.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/coop-sandbox.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/header-parsing.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/historical/coep-navigate-popup-unsafe-inherit.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/historical/popup-same-origin-unsafe-allow-outgoing-with-cross-origin.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/historical/popup-same-origin-unsafe-allow-outgoing-with-same-origin.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/historical/popup-same-origin-unsafe-allow-outgoing-with-same-site.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/historical/popup-same-site-unsafe-allow-outgoing-with-cross-origin.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/historical/popup-same-site-unsafe-allow-outgoing-with-same-origin.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/historical/popup-same-site-unsafe-allow-outgoing-with-same-site.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/historical/popup-same-site-with-cross-origin.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/historical/popup-same-site-with-same-origin.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/historical/popup-same-site-with-same-site.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/iframe-popup-same-origin-allow-popups-to-same-origin-allow-popups.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/iframe-popup-same-origin-allow-popups-to-same-origin.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/iframe-popup-same-origin-to-same-origin.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/iframe-popup-same-origin-to-unsafe-none.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/iframe-popup-unsafe-none-to-same-origin.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/javascript-url.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/navigate-to-aboutblank.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/no-https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/popup-coop-by-sw-from-coop.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/popup-coop-by-sw.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/popup-redirect-cache.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/popup-redirect-same-origin-allow-popups.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/popup-same-origin-allow-popups-with-cross-origin.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/popup-same-origin-allow-popups-with-same-origin.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/popup-same-origin-allow-popups-with-same-site.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/popup-same-origin-with-cross-origin.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/popup-same-origin-with-same-origin.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/popup-same-origin-with-same-site.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/popup-unsafe-none-with-cross-origin.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/popup-unsafe-none-with-same-origin.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/popup-unsafe-none-with-same-site.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/popup-unspecified-with-cross-origin.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/popup-unspecified-with-same-origin.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/popup-unspecified-with-same-site.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/popup-with-structured-header.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/resource-popup.https-expected.txt:
+        * web-platform-tests/html/cross-origin-opener-policy/resources/resource-popup.html:
+        * web-platform-tests/html/dom/idlharness.worker-expected.txt:
+
 2021-07-30  Chris Dumez  <[email protected]>
 
         Unreviewed, reverting r280482.

diff --git a/...ed/w3c/web-platform-tests/IndexedDB/serialize-sharedarraybuffer-throws.https-expected.txt b/...ed/w3c/web-platform-tests/IndexedDB/serialize-sharedarraybuffer-throws.https-expected.txt
@@ -1,3 +1,3 @@
 
-FAIL IndexedDB: Attempting to serialize a SharedArrayBuffer should throw assert_true: The page is served with COOP and COEP, it should be cross-origin-isolated. expected true got undefined
+FAIL IndexedDB: Attempting to serialize a SharedArrayBuffer should throw assert_true: The page is served with COOP and COEP, it should be cross-origin-isolated. expected true got false
 
diff --git a/...sts/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https-expected.txt b/...sts/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https-expected.txt
@@ -1,24 +1,24 @@
 
-FAIL frame: origin = https://localhost:9443, value = undefined assert_equals: expected (boolean) true but got (undefined) undefined
-FAIL frame: origin = https://localhost:9443, value = * assert_equals: expected (boolean) true but got (undefined) undefined
-FAIL frame: origin = https://localhost:9443, value = self assert_equals: expected (boolean) true but got (undefined) undefined
-FAIL frame: origin = https://localhost:9443, value = (\) assert_equals: expected (boolean) false but got (undefined) undefined
-FAIL frame: origin = https://127.0.0.1:9443, value = undefined assert_equals: expected (boolean) false but got (undefined) undefined
-FAIL frame: origin = https://127.0.0.1:9443, value = * assert_equals: expected (boolean) false but got (undefined) undefined
-FAIL frame: origin = https://127.0.0.1:9443, value = self assert_equals: expected (boolean) false but got (undefined) undefined
-FAIL frame: origin = https://127.0.0.1:9443, value = (\) assert_equals: expected (boolean) false but got (undefined) undefined
-FAIL dedicated worker: scheme = https, value = undefined assert_equals: expected (boolean) true but got (undefined) undefined
-FAIL dedicated worker: scheme = https, value = * assert_equals: expected (boolean) true but got (undefined) undefined
-FAIL dedicated worker: scheme = https, value = self assert_equals: expected (boolean) true but got (undefined) undefined
-FAIL dedicated worker: scheme = https, value = (\) assert_equals: expected (boolean) false but got (undefined) undefined
-FAIL dedicated worker: scheme = data, value = undefined assert_equals: expected (boolean) false but got (undefined) undefined
-FAIL dedicated worker: scheme = data, value = * assert_equals: expected (boolean) false but got (undefined) undefined
-FAIL dedicated worker: scheme = data, value = self assert_equals: expected (boolean) false but got (undefined) undefined
-FAIL dedicated worker: scheme = data, value = (\) assert_equals: expected (boolean) false but got (undefined) undefined
-FAIL dedicated worker: scheme = blob, value = undefined assert_equals: expected (boolean) true but got (undefined) undefined
-FAIL dedicated worker: scheme = blob, value = * assert_equals: expected (boolean) true but got (undefined) undefined
-FAIL dedicated worker: scheme = blob, value = self assert_equals: expected (boolean) true but got (undefined) undefined
-FAIL dedicated worker: scheme = blob, value = (\) assert_equals: expected (boolean) false but got (undefined) undefined
+FAIL frame: origin = https://localhost:9443, value = undefined assert_equals: expected true but got false
+FAIL frame: origin = https://localhost:9443, value = * assert_equals: expected true but got false
+FAIL frame: origin = https://localhost:9443, value = self assert_equals: expected true but got false
+PASS frame: origin = https://localhost:9443, value = (\)
+PASS frame: origin = https://127.0.0.1:9443, value = undefined
+PASS frame: origin = https://127.0.0.1:9443, value = *
+PASS frame: origin = https://127.0.0.1:9443, value = self
+PASS frame: origin = https://127.0.0.1:9443, value = (\)
+FAIL dedicated worker: scheme = https, value = undefined assert_equals: expected true but got false
+FAIL dedicated worker: scheme = https, value = * assert_equals: expected true but got false
+FAIL dedicated worker: scheme = https, value = self assert_equals: expected true but got false
+PASS dedicated worker: scheme = https, value = (\)
+PASS dedicated worker: scheme = data, value = undefined
+PASS dedicated worker: scheme = data, value = *
+PASS dedicated worker: scheme = data, value = self
+PASS dedicated worker: scheme = data, value = (\)
+FAIL dedicated worker: scheme = blob, value = undefined assert_equals: expected true but got false
+FAIL dedicated worker: scheme = blob, value = * assert_equals: expected true but got false
+FAIL dedicated worker: scheme = blob, value = self assert_equals: expected true but got false
+PASS dedicated worker: scheme = blob, value = (\)
 FAIL shared worker: withCoopCoep = false Can't find variable: SharedWorker
 FAIL shared worker: withCoopCoep = true Can't find variable: SharedWorker
 FAIL service worker: withCoopCoep = false assert_equals: expected (boolean) false but got (undefined) undefined

diff --git a/...rted/w3c/web-platform-tests/html/cross-origin-opener-policy/blob-popup.https-expected.txt b/...rted/w3c/web-platform-tests/html/cross-origin-opener-policy/blob-popup.https-expected.txt
@@ -1,3 +1,4 @@
+CONSOLE MESSAGE: TypeError: null is not an object (evaluating 'window.opener.furtherPopup = w')
 
-FAIL Cross-Origin-Opener-Policy and a blob URL popup assert_equals: expected "blob:https://localhost:9443/f3a32c4f-d84f-4bb0-be11-ef1d389533b3" but got "blob:https://localhost:9443/c25cf73f-1128-4431-a76d-a9a79ff038e2"
+FAIL Cross-Origin-Opener-Policy and a blob URL popup assert_equals: expected 0 but got 36
 
diff --git a/...w3c/web-platform-tests/html/cross-origin-opener-policy/coep-blob-popup.https-expected.txt b/...w3c/web-platform-tests/html/cross-origin-opener-policy/coep-blob-popup.https-expected.txt
@@ -1,5 +1,5 @@
 
-FAIL COOP+COEP blob URL popup: window.open() assert_equals: expected "blob:https://localhost:9443/8d894a2a-25d1-417c-accf-77e1048a7b07" but got "blob:https://localhost:9443/e036f361-8969-4214-a30c-f4df7aba4bf9"
+FAIL COOP+COEP blob URL popup: window.open() assert_true: Cross-origin without CORP did not fail expected true got false
 FAIL COOP+COEP blob URL popup: <a> assert_true: Cross-origin without CORP did not fail expected true got false
 FAIL COOP+COEP blob URL popup: <a rel=noopener> assert_true: Cross-origin without CORP did not fail expected true got false
 
diff --git a/...web-platform-tests/html/cross-origin-opener-policy/coep-navigate-popup.https-expected.txt b/...web-platform-tests/html/cross-origin-opener-policy/coep-navigate-popup.https-expected.txt
@@ -1,14 +1,14 @@
 
 PASS Popup navigating to same-origin with coop/coep
-FAIL Popup navigating to same-site with coop/coep assert_equals: name expected "" but got "Popup-navigating-to-same-site-with-coop/coep"
-FAIL Popup navigating to same-origin with no coop/coep assert_equals: name expected "" but got "Popup-navigating-to-same-origin-with-no-coop/coep"
-FAIL Popup navigating to same-site with no coop/coep assert_equals: name expected "" but got "Popup-navigating-to-same-site-with-no-coop/coep"
-FAIL Popup navigating to same-origin with coop/no coep assert_equals: name expected "" but got "Popup-navigating-to-same-origin-with-coop/no-coep"
-FAIL Popup navigating to same-site with coop/no coep assert_equals: name expected "" but got "Popup-navigating-to-same-site-with-coop/no-coep"
-FAIL Popup navigating to same-origin with no coop/no coep assert_equals: name expected "" but got "Popup-navigating-to-same-origin-with-no-coop/no-coep"
-FAIL Popup navigating to same-site with no coop/no coep assert_equals: name expected "" but got "Popup-navigating-to-same-site-with-no-coop/no-coep"
-FAIL Popup navigating to same-origin with coop unsafe-none/coep assert_equals: name expected "" but got "Popup-navigating-to-same-origin-with-coop-unsafe-none/coep"
-FAIL Popup navigating to same-site with coop unsafe-none/coep assert_equals: name expected "" but got "Popup-navigating-to-same-site-with-coop-unsafe-none/coep"
-FAIL Popup navigating to same-origin with coop unsafe-none/no coep assert_equals: name expected "" but got "Popup-navigating-to-same-origin-with-coop-unsafe-none/no-coep"
-FAIL Popup navigating to same-site with coop unsafe-none/no coep assert_equals: name expected "" but got "Popup-navigating-to-same-site-with-coop-unsafe-none/no-coep"
+PASS Popup navigating to same-site with coop/coep
+PASS Popup navigating to same-origin with no coop/coep
+PASS Popup navigating to same-site with no coop/coep
+PASS Popup navigating to same-origin with coop/no coep
+PASS Popup navigating to same-site with coop/no coep
+PASS Popup navigating to same-origin with no coop/no coep
+PASS Popup navigating to same-site with no coop/no coep
+PASS Popup navigating to same-origin with coop unsafe-none/coep
+PASS Popup navigating to same-site with coop unsafe-none/coep
+PASS Popup navigating to same-origin with coop unsafe-none/no coep
+PASS Popup navigating to same-site with coop unsafe-none/no coep
 
diff --git a/...d/w3c/web-platform-tests/html/cross-origin-opener-policy/coep-redirect.https-expected.txt b/...d/w3c/web-platform-tests/html/cross-origin-opener-policy/coep-redirect.https-expected.txt
@@ -1,8 +1,8 @@
 
 PASS Redirect from coop/coep to coop/coep
-FAIL Redirect from coop/coep to no coop/coep assert_equals: name expected "" but got "Redirect-from-coop/coep-to-no-coop/coep"
-FAIL Redirect from no coop/no coep to coop/coep assert_equals: name expected "" but got "Redirect-from-no-coop/no-coep-to-coop/coep"
-FAIL Redirect from coop/no coep to coop/coep assert_equals: name expected "" but got "Redirect-from-coop/no-coep-to-coop/coep"
-FAIL Redirect from coop unsafe-none/coep to coop/coep assert_equals: name expected "" but got "Redirect-from-coop-unsafe-none/coep-to-coop/coep"
-FAIL Redirect from coop unsafe-none/coep to coop unsafe-inherit/coep assert_equals: name expected "" but got "Redirect-from-coop-unsafe-none/coep-to-coop-unsafe-inherit/coep"
+PASS Redirect from coop/coep to no coop/coep
+PASS Redirect from no coop/no coep to coop/coep
+PASS Redirect from coop/no coep to coop/coep
+PASS Redirect from coop unsafe-none/coep to coop/coep
+PASS Redirect from coop unsafe-none/coep to coop unsafe-inherit/coep
 
diff --git a/...s/imported/w3c/web-platform-tests/html/cross-origin-opener-policy/coep.https-expected.txt b/...s/imported/w3c/web-platform-tests/html/cross-origin-opener-policy/coep.https-expected.txt
@@ -1,11 +1,11 @@
 
 PASS Same-origin popup with coop/coep
-FAIL historical: "same-site" popup with coop/coep assert_equals: name expected "" but got "same-site-popup-with-coop/coep"
-FAIL Same-origin popup with coop unsafe-none/coep assert_equals: name expected "" but got "popup-with-coop-unsafe-none/coep"
-FAIL historical: "same-site" popup with coop unsafe-none/coep assert_equals: name expected "" but got "same-site-popup-with-coop-unsafe-none/coep"
-FAIL Same-origin popup with coop unsafe-none without coep assert_equals: name expected "" but got "popup-with-coop-unsafe-none-without-coep"
-FAIL historical: "same-site" popup with coop unsafe-none without coep assert_equals: name expected "" but got "same-site-popup-with-coop-unsafe-none-without-coep"
-FAIL Same-origin popup without coep assert_equals: name expected "" but got "popup-without-coep"
-FAIL historical: "same-site" popup without coep assert_equals: name expected "" but got "same-site-popup-without-coep"
-FAIL Bonus: window.crossOriginIsolated assert_true: expected true got undefined
+PASS historical: "same-site" popup with coop/coep
+PASS Same-origin popup with coop unsafe-none/coep
+PASS historical: "same-site" popup with coop unsafe-none/coep
+PASS Same-origin popup with coop unsafe-none without coep
+PASS historical: "same-site" popup with coop unsafe-none without coep
+PASS Same-origin popup without coep
+PASS historical: "same-site" popup without coep
+FAIL Bonus: window.crossOriginIsolated assert_true: expected true got false
Original file line number	Diff line number	Diff line change
		@@ -1,3 +1,3 @@

		FAIL IndexedDB: Attempting to serialize a SharedArrayBuffer should throw assert_true: The page is served with COOP and COEP, it should be cross-origin-isolated. expected true got undefined
		FAIL IndexedDB: Attempting to serialize a SharedArrayBuffer should throw assert_true: The page is served with COOP and COEP, it should be cross-origin-isolated. expected true got false