Fenced frame: network revocation applies to Attribution Reporting. (#46792)
The Attribution Reporting API allows for conversion reports to be sent
after a 'source' and 'trigger' are registered. The report is sent from
the browser, but the source and trigger are registered in the web
platform itself. Registering a source or trigger requires a request and
response to be sent to and from an attribution server. This request is
sent from the renderer process, so the previous partition nonce work
will also gate these kinds of requests.
Information cannot be added to sources or triggers after they are
registered, so this is enough to prevent sensitive information from
leaking out of a fenced frame post-network revocation. In other words,
event-level and aggregate events that are registered or trigger from
inside a fenced frame post-network revocation will not be sent out.
This CL adds WPTs to verify that no new sources or triggers can be
registered from within a fenced frame after network cutoff.
This CL also updates a few remote context helper scripts to escape the
"," character when adding headers, on top of the existing "(" and ")"
characters.
Change-Id: I40bd9ac91585bc31443f13a05e43e1e1289132c5
Bug: 41488151
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5636870
Reviewed-by: Mason Freed masonf@chromium.org
Reviewed-by: Andrew Verge averge@chromium.org
Commit-Queue: Liam Brady lbrady@google.com
Cr-Commit-Position: refs/heads/main@{#1317469}
Co-authored-by: Liam Brady lbrady@google.com