Add WebDriver BiDi CSP bypass checks

index.bs

@@ -169,6 +169,10 @@ spec: WebRTC; urlPrefix: https://www.w3.org/TR/webrtc/
   type:dfn
     text: administratively-prohibited; url: #dfn-administratively-prohibited
 
+spec: WEBDRIVER-BIDI; urlPrefix: https://w3c.github.io/webdriver-bidi/
+  type:dfn
+    text: webdriver bidi csp bypass is enabled
+
 spec:SRI; urlPrefix: https://w3c.github.io/webappsec-subresource-integrity
   type:dfn;
     text:applying algorithm to bytes; url: #apply-algorithm-to-response
@@ -1050,11 +1054,13 @@ spec:SRI; urlPrefix: https://w3c.github.io/webappsec-subresource-integrity
   reports violations based on |request|'s [=request/policy container=]'s
   [=policy container/CSP list=].
 
-  1.  Let |CSP list| be |request|'s [=request/policy container=]'s [=policy container/CSP list=].
+  1.  Let |navigable| be the result of [[#obtain-navigable-for-request]] given |request|.
+
+  2.  Let |CSP list| be |request|'s [=request/policy container=]'s [=policy container/CSP list=].
 
-  2.  Let |result| be "`Allowed`".
+  3.  Let |result| be "`Allowed`".
 
-  3.  <a for=list>For each</a> |policy| of |CSP list|'s [=CSP list/policies=]:
+  4.  <a for=list>For each</a> |policy| of the result of [[#get-effective-csp-list]] given |CSP list| and |navigable|:
 
       1.  If |policy|'s <a for="policy">disposition</a> is "`report`",
           then skip to the next |policy|.
@@ -1070,7 +1076,7 @@ spec:SRI; urlPrefix: https://w3c.github.io/webappsec-subresource-integrity
 
           2.  Set |result| to "`Blocked`".
 
-  4.  Return |result|.
+  5.  Return |result|.
 
   <h4 id="should-block-response" algorithm dfn export>
     Should |response| to |request| be blocked by Content Security Policy?
@@ -1080,11 +1086,13 @@ spec:SRI; urlPrefix: https://w3c.github.io/webappsec-subresource-integrity
   returns `Blocked` or `Allowed`, and reports violations based on |request|'s
   [=request/policy container=]'s [=policy container/CSP list=].
 
-  1.  Let |CSP list| be |request|'s [=request/policy container=]'s [=policy container/CSP list=].
+  1.  Let |navigable| be the result of [[#obtain-navigable-for-request]] given |request|.
+
+  2.  Let |CSP list| be |request|'s [=request/policy container=]'s [=policy container/CSP list=].
 
-  2.  Let |result| be "`Allowed`".
+  3.  Let |result| be "`Allowed`".
 
-  3.  <a for=list>For each</a> |policy| of |CSP list|'s [=CSP list/policies=]:
+  4.  <a for=list>For each</a> |policy| of the result of [[#get-effective-csp-list]] given |CSP list| and |navigable|:
 
       1.  <a for=set>For each</a> |directive| of |policy|:
 
@@ -1103,7 +1111,7 @@ spec:SRI; urlPrefix: https://w3c.github.io/webappsec-subresource-integrity
       response. That is, that a Service Worker hasn't substituted a file which
       would violate the page's CSP.
 
-  4.  Return |result|.
+  5.  Return |result|.
 
   <h4 id="potentially-report-hash" algorithm dfn export>Potentially report hash</h4>
 
@@ -1205,8 +1213,9 @@ spec:SRI; urlPrefix: https://w3c.github.io/webappsec-subresource-integrity
   Given a {{Document}} |document|, the user agent performs the following
   steps in order to initialize CSP for |document|:
 
-  1. <a for=list>For each</a> |policy| of |document|'s [=Document/policy container=]'s
-     [=policy container/CSP list=]:
+  1.  Let |CSP list| be |document|'s [=Document/policy container=]'s [=policy container/CSP list=].
+
+  2. <a for=list>For each</a> |policy| of the result of [[#get-effective-csp-list]] given |CSP list| and |document|'s [=/node navigable=]:
 
       1.  <a for=set>For each</a> |directive| of |policy|:
 
@@ -1246,8 +1255,9 @@ spec:SRI; urlPrefix: https://w3c.github.io/webappsec-subresource-integrity
 
     2.  Let |result| be "`Allowed`".
 
-    3.  <a for=list>For each</a> |policy| of |element|'s {{Document}}'s <a for="/">global object</a>'s
-        <a for="global object">CSP list</a>'s [=CSP list/policies=]:
+    3.  Let |CSP list| be |element|'s {{Document}}'s [=Document/policy container=]'s [=policy container/CSP list=].
+
+    4.  <a for=list>For each</a> |policy| of the result of [[#get-effective-csp-list]] given |CSP list| and |element|'s [=/node navigable=]:
 
         1.  <a for=set>For each</a> |directive| of |policy|'s <a for="policy">directive set</a>:
 
@@ -1277,7 +1287,7 @@ spec:SRI; urlPrefix: https://w3c.github.io/webappsec-subresource-integrity
             8.  If |policy|'s <a for="policy">disposition</a> is "`enforce`", then
                 set |result| to "`Blocked`".
 
-    4.  Return |result|.
+    5.  Return |result|.
   </ol>
 
   <h4 id="should-block-navigation-request" algorithm dfn export>
@@ -1290,13 +1300,13 @@ spec:SRI; urlPrefix: https://w3c.github.io/webappsec-subresource-integrity
   the navigation, and "`Allowed`" otherwise:
 
   <ol class="algorithm">
-    1.  Let |result| be "`Allowed`".
+    1.  Let |navigable| be the result of [[#obtain-navigable-for-request]] given |navigation request|.
+
+    2.  Let |CSP list| be |navigation request|'s <a for="request">policy container</a>'s [=policy container/CSP list=].
 
-    1.  Let |CSP list| be |navigation request|'s <a for="request">policy
-        container</a>'s <a for="policy container">CSP list</a>'s [=CSP
-        list/policies=].
+    3.  Let |result| be "`Allowed`".
 
-    2.  <a for=list>For each</a> |policy| of |CSP list|'s [=CSP list/policies=]:
+    4.  <a for=list>For each</a> |policy| of the result of [[#get-effective-csp-list]] given |CSP list| and |navigable|:
 
         1.  <a for=set>For each</a> |directive| of |policy|:
 
@@ -1318,12 +1328,10 @@ spec:SRI; urlPrefix: https://w3c.github.io/webappsec-subresource-integrity
             5.  If |policy|'s <a for="policy">disposition</a> is "`enforce`", then
                 set |result| to "`Blocked`".
 
-    3.  If |result| is "`Allowed`", and if |navigation request|'s
+    5.  If |result| is "`Allowed`", and if |navigation request|'s
         <a for="request">current URL</a>'s <a for="url">scheme</a> is `javascript`:
 
-        1.  <a for=list>For each</a> |policy| of |navigation request|'s
-            <a for="request">policy container</a>'s
-            <a for="policy container">CSP list</a>'s [=CSP list/policies=]:
+        1.  <a for=list>For each</a> |policy| of the result of [[#get-effective-csp-list]] given |CSP list| and |navigable|:
 
             1.  <a for=set>For each</a> |directive| of |policy|:
 
@@ -1347,7 +1355,7 @@ spec:SRI; urlPrefix: https://w3c.github.io/webappsec-subresource-integrity
                 6.  If |policy|'s <a for="policy">disposition</a> is "`enforce`", then
                     set |result| to "`Blocked`".
 
-    4.  Return |result|.
+    6.  Return |result|.
   </ol>
 
   <h4 id="should-block-navigation-response" algorithm dfn export>
@@ -1364,7 +1372,7 @@ spec:SRI; urlPrefix: https://w3c.github.io/webappsec-subresource-integrity
   <ol class="algorithm">
     1.  Let |result| be "`Allowed`".
 
-    2.  <a for=list>For each</a> |policy| of |response CSP list|'s [=CSP list/policies=]:
+    2.  <a for=list>For each</a> |policy| of the result of [[#get-effective-csp-list]] given |response CSP list| and |target|:
 
         Note: Some directives (like <a>frame-ancestors</a>) allow a |response|'s
         <a>Content Security Policy</a> to act on the navigation.
@@ -1392,8 +1400,9 @@ spec:SRI; urlPrefix: https://w3c.github.io/webappsec-subresource-integrity
             5.  If |policy|'s <a for="policy">disposition</a> is "`enforce`", then
                 set |result| to "`Blocked`".
 
-    3.  <a for=list>For each</a> |policy| of |navigation request|'s <a for="request">policy container</a>'s
-        <a for="policy container">CSP list</a>'s [=CSP list/policies=]:
+    3.  Let |request CSP list| be |navigation request|'s <a for="request">policy container</a>'s [=policy container/CSP list=].
+
+    4.  <a for=list>For each</a> |policy| of the result of [[#get-effective-csp-list]] given |request CSP list| and |target|:
 
         Note: Some directives in the |navigation request|'s context (like <a>frame-ancestors</a>)
         need the |response| before acting on the navigation.
@@ -1403,7 +1412,7 @@ spec:SRI; urlPrefix: https://w3c.github.io/webappsec-subresource-integrity
             1.  If |directive|'s <a for="directive">navigation response check</a>
                 returns "`Allowed`" when executed upon |navigation request|, |type|,
                 |navigation response|, |target|, "`source`", |policy|, and
-                |response CSP list|'s [=CSP list/self-origin=],
+                |request CSP list|'s [=CSP list/self-origin=],
                 skip to the next |directive|.
 
             2.  Otherwise, let |violation| be the result of executing
@@ -1419,7 +1428,7 @@ spec:SRI; urlPrefix: https://w3c.github.io/webappsec-subresource-integrity
             5.  If |policy|'s <a for="policy">disposition</a> is "`enforce`", then
                 set |result| to "`Blocked`".
 
-    4.  Return |result|.
+    5.  Return |result|.
   </ol>
 
   <h4 id="run-global-object-csp-initialization" algorithm dfn export>
@@ -1627,6 +1636,45 @@ this algorithm returns normally if compilation is allowed, and throws a
 
 4.  If |result| is "`Blocked`", throw a {{WebAssembly.CompileError}} exception.
 
+  <h3 id="webdriver-bidi-integration">
+    Integration with WebDriver BiDi
+  </h3>
+
+  <dfn export>WebDriver BiDi CSP bypass is enabled</dfn> is an algorithm defined
+  by [[WEBDRIVER-BIDI]] that takes a <a>navigable</a> as input and returns a boolean.
+  When this algorithm returns true for a given navigable, Content Security Policy
+  enforcement is disabled for that navigable's active document and its nested
+  navigables.
+
+  Note: This integration point allows WebDriver BiDi clients to optionally
+  disable CSP enforcement during automated testing, but this is not the default
+  behavior.
+
+  <h4 id="obtain-navigable-for-request" algorithm dfn>
+    Obtain the navigable for a request
+  </h4>
+
+  Given a <a for="/">request</a> |request|, this algorithm returns a <a>navigable</a> or null.
+
+  1.  If |request|'s [=request/client=] is an [=environment settings object=]:
+
+      1.  Let |environment settings| be |request|'s [=request/client=].
+
+      2.  If there is a [=navigable=] whose [=navigable/active window=] is |environment settings|'s [=environment settings object/global object=], return that [=navigable=].
+
+  2.  Return null.
+
+  <h4 id="get-effective-csp-list" algorithm dfn>
+    Get the effective CSP list policies from |CSP list| given |navigable|
+  </h4>
+
+  Given a [=/CSP list=] |CSP list| and a [=navigable=] or null |navigable|,
+  this algorithm returns a [=list=] of [=/policies=].
+
+  1.  If |navigable| is not null and [=WebDriver BiDi CSP bypass is enabled=] given |navigable| is true, return an empty [=list=].
+
+  2.  Return |CSP list|'s [=CSP list/policies=].
+
 </section>
 
 <!-- Big Text: Reporting -->
@@ -3905,9 +3953,8 @@ Content-Type: application/reports+json
   <a>directive</a> if the request violates the policy, and "`Does Not Violate`"
   otherwise.
 
-  1.  If |request|'s [=request/initiator=] is "`prefetch`", then return the
-      result of executing [[#does-resource-hint-violate-policy]] on |request|,
-      |policy|, and |self-origin|.
+  1.  If |request|'s [=request/initiator=] is "`prefetch`", then return the result of executing
+      [[#does-resource-hint-violate-policy]] on |request| and |policy|.
 
   2.  Let |violates| be "`Does Not Violate`".