Rename anonymous iframe.

This addresses:
WICG/anonymous-iframe#5

This renames:
- <iframe anonymous> into <iframe credentialless>
- window.anonymouslyFramed into window.credentialless

Before merging this patch, I will make sure to give
sufficient prior notice to Google Display Ads who are
doing some large scale experiment with the OT, which
this change might affect.

Change-Id: Idb53cfc059f2e0232903a10409f4d349e85498f8
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4016836
Commit-Queue: Mike West <[email protected]>
Reviewed-by: Mohamed Amir Yosef <[email protected]>
Reviewed-by: Mike West <[email protected]>
Auto-Submit: Arthur Sonzogni <[email protected]>
Cr-Commit-Position: refs/heads/main@{#1074551}

html/anonymous-iframe/anonymous-iframe-popup.tentative.https.window.js

@@ -6,7 +6,7 @@
 
 const {ORIGIN, REMOTE_ORIGIN} = get_host_info();
 const control_iframe = document.createElement('iframe');
-const anonymous_iframe = document.createElement('iframe');
+const iframe_credentialless = document.createElement('iframe');
 
 promise_setup(async t => {
   const createControlIframe = new Promise(async resolve => {
@@ -15,18 +15,18 @@ promise_setup(async t => {
     document.body.append(control_iframe);
   });
 
-  const createAnonymousIframe = new Promise(async resolve => {
-    anonymous_iframe.onload = resolve;
-    anonymous_iframe.src = ORIGIN + `/common/blank.html`;
-    anonymous_iframe.anonymous = true;
-    document.body.append(anonymous_iframe);
+  const createIframeCredentialless = new Promise(async resolve => {
+    iframe_credentialless.onload = resolve;
+    iframe_credentialless.src = ORIGIN + `/common/blank.html`;
+    iframe_credentialless.credentialless = true;
+    document.body.append(iframe_credentialless);
   });
 
-  await Promise.all([createControlIframe, createAnonymousIframe]);
+  await Promise.all([createControlIframe, createIframeCredentialless]);
 });
 
 // Create cross-origin popup from iframes. The opener should be blocked for
-// anonymous iframe and work for normal iframe.
+// credentialless iframe and work for normal iframe.
 promise_test(async t => {
   const control_token = token();
   const control_src = REMOTE_ORIGIN + executor_path + `&uuid=${control_token}`;
@@ -36,17 +36,18 @@ promise_test(async t => {
     control_popup.opener, control_iframe.contentWindow,
     "Opener from normal iframe should be available.");
 
-  const anonymous_token = token();
-  const anonymous_src =
-    REMOTE_ORIGIN + executor_path + `&uuid=${anonymous_token}`;
-  const anonymous_popup = anonymous_iframe.contentWindow.open(anonymous_src);
-  add_completion_callback(() => send(anonymous_token, "close();"));
-  assert_equals(
-    anonymous_popup, null, "Opener from anonymous iframe should be blocked.");
-}, 'Cross-origin popup from normal/anonymous iframes.');
+  const credentialless_token = token();
+  const credentialless_src =
+    REMOTE_ORIGIN + executor_path + `&uuid=${credentialless_token}`;
+  const credentialless_popup =
+    iframe_credentialless.contentWindow.open(credentialless_src);
+  add_completion_callback(() => send(credentialless_token, "close();"));
+  assert_equals(credentialless_popup, null,
+    "Opener from credentialless iframe should be blocked.");
+}, 'Cross-origin popup from normal/credentiallessiframes.');
 
 // Create a same-origin popup from iframes. The opener should be blocked for
-// anonymous iframe and work for normal iframe.
+// credentialless iframe and work for normal iframe.
 promise_test(async t => {
   const control_token = token();
   const control_src = ORIGIN + executor_path + `&uuid=${control_token}`;
@@ -56,11 +57,11 @@ promise_test(async t => {
     control_popup.opener, control_iframe.contentWindow,
     "Opener from normal iframe should be available.");
 
-  const anonymous_token = token();
-  const anonymous_src =
-    ORIGIN + executor_path + `&uuid=${anonymous_token}`;
-  const anonymous_popup = anonymous_iframe.contentWindow.open(anonymous_src);
-  add_completion_callback(() => send(anonymous_token, "close();"));
-  assert_equals(
-    anonymous_popup, null, "Opener from anonymous iframe should be blocked.");
-}, 'Same-origin popup from normal/anonymous iframes.');
+  const credentialless_token = token();
+  const credentialless_src =
+    ORIGIN + executor_path + `&uuid=${credentialless_token}`;
+  const credentialless_popup = iframe_credentialless.contentWindow.open(credentialless_src);
+  add_completion_callback(() => send(credentialless_token, "close();"));
+  assert_equals(credentialless_popup, null,
+    "Opener from credentialless iframe should be blocked.");
+}, 'Same-origin popup from normal/credentialless iframes.');

html/anonymous-iframe/anonymous-window.tentative.https.window.js

@@ -7,44 +7,44 @@ const {ORIGIN} = get_host_info();
 promise_test_parallel(async t => {
   const iframe = document.createElement("iframe");
   iframe.src = ORIGIN + "/common/blank.html?pipe=status(204)";
-  iframe.anonymous = false;
+  iframe.credentialless = false;
   document.body.appendChild(iframe);
-  iframe.anonymous = true;
+  iframe.credentialless = true;
   iframe.contentWindow.modified = true;
   iframe.src = ORIGIN + "/common/blank.html";
   // Wait for navigation to complete.
   await new Promise(resolve => iframe.onload = resolve);
-  assert_true(iframe.anonymous);
-  assert_true(iframe.contentWindow.anonymouslyFramed);
+  assert_true(iframe.credentialless);
+  assert_true(iframe.contentWindow.credentialless);
   assert_equals(undefined, iframe.contentWindow.modified);
-}, "Anonymous (false => true) => window not reused.");
+}, "Credentialless (false => true) => window not reused.");
 
 promise_test_parallel(async t => {
   const iframe = document.createElement("iframe");
   iframe.src = ORIGIN + "/common/blank.html?pipe=status(204)";
-  iframe.anonymous = true;
+  iframe.credentialless = true;
   document.body.appendChild(iframe);
-  iframe.anonymous = false;
+  iframe.credentialless = false;
   iframe.contentWindow.modified = true;
   iframe.src = ORIGIN + "/common/blank.html";
   // Wait for navigation to complete.
   await new Promise(resolve => iframe.onload = resolve);
-  assert_false(iframe.anonymous);
-  assert_false(iframe.contentWindow.anonymouslyFramed);
+  assert_false(iframe.credentialless);
+  assert_false(iframe.contentWindow.credentialless);
   assert_equals(undefined, iframe.contentWindow.modified);
-}, "Anonymous (true => false) => window not reused.");
+}, "Credentialless (true => false) => window not reused.");
 
 promise_test_parallel(async t => {
   const iframe = document.createElement("iframe");
-  iframe.anonymous = true;
+  iframe.credentialless = true;
   iframe.src = ORIGIN + "/common/blank.html?pipe=status(204)";
   document.body.appendChild(iframe);
-  iframe.anonymous = true;
+  iframe.credentialless = true;
   iframe.contentWindow.modified = true;
   iframe.src = ORIGIN + "/common/blank.html";
   // Wait for navigation to complete.
   await new Promise(resolve => iframe.onload = resolve);
-  assert_true(iframe.anonymous);
-  assert_true(iframe.contentWindow.anonymouslyFramed);
+  assert_true(iframe.credentialless);
+  assert_true(iframe.contentWindow.credentialless);
   assert_true(iframe.contentWindow.modified);
-}, "Anonymous (true => true) => window reused.");
+}, "Credentialless (true => true) => window reused.");

html/anonymous-iframe/cache-storage.tentative.https.window.js

@@ -33,27 +33,27 @@ promise_test(async test => {
   const key_1 = token();
   const key_2 = token();
 
-  // 2 actors: An anonymous iframe and a normal one.
-  const iframe_anonymous = newAnonymousIframe(origin);
+  // 2 actors: A credentialless iframe and a normal one.
+  const iframe_credentialless = newIframeCredentialless(origin);
   const iframe_normal = newIframe(origin);
   const response_queue_1 = token();
   const response_queue_2 = token();
 
   // 1. Each of them store a value in CacheStorage with different keys.
-  send(iframe_anonymous , store_script(key_1, "value_1", response_queue_1));
+  send(iframe_credentialless , store_script(key_1, "value_1", response_queue_1));
   send(iframe_normal, store_script(key_2, "value_2", response_queue_2));
   assert_equals(await receive(response_queue_1), "stored");
   assert_equals(await receive(response_queue_2), "stored");
 
   // 2. Each of them tries to retrieve the value from opposite side, without
   //    success.
-  send(iframe_anonymous , load_script(key_2, response_queue_1));
+  send(iframe_credentialless , load_script(key_2, response_queue_1));
   send(iframe_normal, load_script(key_1, response_queue_2));
   assert_equals(await receive(response_queue_1), "not found");
   assert_equals(await receive(response_queue_2), "not found");
 
   // 3. Each of them tries to retrieve the value from their side, with success:
-  send(iframe_anonymous , load_script(key_1, response_queue_1));
+  send(iframe_credentialless , load_script(key_1, response_queue_1));
   send(iframe_normal, load_script(key_2, response_queue_2));
   assert_equals(await receive(response_queue_1), "value_1");
   assert_equals(await receive(response_queue_2), "value_2");

html/anonymous-iframe/cookie-store.tentative.https.window.js

@@ -5,18 +5,18 @@
 // META: script=/html/cross-origin-embedder-policy/credentialless/resources/common.js
 // META: script=./resources/common.js
 
-// A set of tests, checking cookies defined from within an anonymous iframe
+// A set of tests, checking cookies defined from within a credentialless iframe
 // continue to work.
 
 const same_origin = get_host_info().HTTPS_ORIGIN;
 const cross_origin = get_host_info().HTTPS_REMOTE_ORIGIN;
 const cookie_key = token()
 
-const anonymous_iframe = newAnonymousIframe(cross_origin);
+const credentialless_iframe = newIframeCredentialless(cross_origin);
 
 // Install some helper functions in the child to observe Cookies:
 promise_setup(async () => {
-  await send(anonymous_iframe, `
+  await send(credentialless_iframe, `
     window.getMyCookie = () => {
       const value = "; " + document.cookie;
       const parts = value.split("; ${cookie_key}=");
@@ -44,7 +44,7 @@ promise_setup(async () => {
 
 promise_test(async test => {
   const this_token = token();
-  send(anonymous_iframe, `
+  send(credentialless_iframe, `
     document.cookie = "${cookie_key}=cookie_value_1";
     send("${this_token}", getMyCookie());
   `);
@@ -54,7 +54,7 @@ promise_test(async test => {
 
 promise_test(async test => {
   const resource_token = token();
-  send(anonymous_iframe, `
+  send(credentialless_iframe, `
     fetch("${showRequestHeaders(cross_origin, resource_token)}");
   `);
 
@@ -68,7 +68,7 @@ promise_test(async test => {
   const resource_url = cross_origin + "/common/blank.html?pipe=" +
     `|header(Set-Cookie,${cookie_key}=cookie_value_2;Path=/common/dispatcher)`;
   const this_token = token();
-  send(anonymous_iframe, `
+  send(credentialless_iframe, `
     const next_cookie_value = nextCookieValue();
     fetch("${resource_url}");
     send("${this_token}", await next_cookie_value);
@@ -82,7 +82,7 @@ promise_test(async test => {
   const resource_url = cross_origin + "/common/blank.html?pipe=" +
     `|header(Set-Cookie,${cookie_key}=cookie_value_3;Path=/common/dispatcher)`;
   const this_token = token();
-  send(anonymous_iframe, `
+  send(credentialless_iframe, `
     const next_cookie_value = nextCookieValue();
     const iframe = document.createElement("iframe");
     iframe.src = "${resource_url}";

html/anonymous-iframe/cookie.tentative.https.window.js

@@ -6,7 +6,7 @@
 
 const same_origin = get_host_info().HTTPS_ORIGIN;
 const cross_origin = get_host_info().HTTPS_REMOTE_ORIGIN;
-const cookie_key = "anonymous_iframe_load_cookie";
+const cookie_key = "credentialless_iframe_load_cookie";
 const cookie_same_origin = "same_origin";
 const cookie_cross_origin = "cross_origin";
 
@@ -15,12 +15,12 @@ const cookieFromResource = async resource_token => {
   return parseCookies(headers)[cookie_key];
 };
 
-// Load an anonymous iframe, return the HTTP request cookies.
-const cookieFromAnonymousIframeRequest = async (iframe_origin) => {
+// Load a credentialless iframe, return the HTTP request cookies.
+const cookieFromCredentiallessIframeRequest = async (iframe_origin) => {
   const resource_token = token();
   let iframe = document.createElement("iframe");
   iframe.src = `${showRequestHeaders(iframe_origin, resource_token)}`;
-  iframe.anonymous = true;
+  iframe.credentialless = true;
   document.body.appendChild(iframe);
   return await cookieFromResource(resource_token);
 };
@@ -46,56 +46,56 @@ promise_test_parallel(async test => {
 
   promise_test_parallel(async test => {
     assert_equals(
-      await cookieFromAnonymousIframeRequest(same_origin),
+      await cookieFromCredentiallessIframeRequest(same_origin),
       undefined
     );
-  }, "Anonymous same-origin iframe is loaded without credentials");
+  }, "Credentialless same-origin iframe is loaded without credentials");
 
   promise_test_parallel(async test => {
     assert_equals(
-      await cookieFromAnonymousIframeRequest(cross_origin),
+      await cookieFromCredentiallessIframeRequest(cross_origin),
       undefined
     );
-  }, "Anonymous cross-origin iframe is loaded without credentials");
+  }, "Credentialless cross-origin iframe is loaded without credentials");
 
-  let iframe_same_origin = newAnonymousIframe(same_origin);
-  let iframe_cross_origin = newAnonymousIframe(cross_origin);
+  const iframe_same_origin = newIframeCredentialless(same_origin);
+  const iframe_cross_origin = newIframeCredentialless(cross_origin);
 
   promise_test_parallel(async test => {
     assert_equals(
       await cookieFromResourceInIframe(iframe_same_origin, same_origin),
       undefined
     );
-  }, "same_origin anonymous iframe can't send same_origin credentials");
+  }, "same_origin credentialless iframe can't send same_origin credentials");
 
   promise_test_parallel(async test => {
     assert_equals(
       await cookieFromResourceInIframe(iframe_same_origin, cross_origin),
       undefined
     );
-  }, "same_origin anonymous iframe can't send cross_origin credentials");
+  }, "same_origin credentialless iframe can't send cross_origin credentials");
 
   promise_test_parallel(async test => {
     assert_equals(
       await cookieFromResourceInIframe(iframe_cross_origin, cross_origin),
       undefined
     );
-  }, "cross_origin anonymous iframe can't send cross_origin credentials");
+  }, "cross_origin credentialless iframe can't send cross_origin credentials");
 
   promise_test_parallel(async test => {
     assert_equals(
       await cookieFromResourceInIframe(iframe_cross_origin, same_origin),
       undefined
     );
-  }, "cross_origin anonymous iframe can't send same_origin credentials");
+  }, "cross_origin credentialless iframe can't send same_origin credentials");
 
   promise_test_parallel(async test => {
     assert_equals(
       await cookieFromResourceInIframe(iframe_same_origin, same_origin,
                                        "iframe"),
       undefined
     );
-  }, "same_origin anonymous iframe can't send same_origin credentials "
+  }, "same_origin credentialless iframe can't send same_origin credentials "
                         + "on child iframe");
 
   promise_test_parallel(async test => {
@@ -104,25 +104,25 @@ promise_test_parallel(async test => {
                                        "iframe"),
       undefined
     );
-  }, "same_origin anonymous iframe can't send cross_origin credentials "
-                        + "on child iframe");
+  }, "same_origin credentialless iframe can't send cross_origin credentials "
+    + "on child iframe");
 
   promise_test_parallel(async test => {
     assert_equals(
       await cookieFromResourceInIframe(iframe_cross_origin, cross_origin,
                                        "iframe"),
       undefined
     );
-  }, "cross_origin anonymous iframe can't send cross_origin credentials "
-                        + "on child iframe");
+  }, "cross_origin credentialless iframe can't send cross_origin credentials "
+    + "on child iframe");
 
   promise_test_parallel(async test => {
     assert_equals(
       await cookieFromResourceInIframe(iframe_cross_origin, same_origin,
                                        "iframe"),
       undefined
     );
-  }, "cross_origin anonymous iframe can't send same_origin credentials "
-                        + "on child iframe");
+  }, "cross_origin credentialless iframe can't send same_origin credentials "
+    + "on child iframe");
 
 }, "Setup")