CORB: Remove no-longer-needed, hacky detection of same-origin requests.

After r694827 (Set |request_initiator| to the website, not to the
content script's origin), CORB can detect all same-origin requests
directly, without resorting to a hacky comparison with the
request_initiator_site_lock.  This CL reverts parts of r620866 where
this hack was introduced.

Bug: 940068
Change-Id: I69f3e6b868436f2aaa78b594da25a3c5431ab7cb
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1823597
Commit-Queue: Charlie Reis <creis@chromium.org>
Auto-Submit: Łukasz Anforowicz <lukasza@chromium.org>
Reviewed-by: Charlie Reis <creis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#700486}

fetch/corb/img-mime-types-coverage.tentative.sub.html

@@ -53,12 +53,7 @@
 
   const get_url = (mime) => {
     // www1 is cross-origin, so the HTTP response is CORB-eligible -->
-    //
-    // TODO(lukasza@chromium.org): Once https://crbug.com/888079 and
-    // https://crbug.com/891872 are fixed, we should use a cross-*origin*
-    // rather than cross-*site* URL below (e.g. s/hosts[alt]/domains/g).
-    // See also https://crbug.com/918660 for more context.
-    url = "http://{{hosts[alt][www1]}}:{{ports[http][0]}}"
+    url = "http://{{domains[www1]}}:{{ports[http][0]}}"
     url = url + "/fetch/nosniff/resources/image.py"
     if (mime != null) {
         url += "?type=" + encodeURIComponent(mime)

fetch/corb/img-png-mislabeled-as-html-nosniff.tentative.sub.html

@@ -7,11 +7,5 @@
 <meta charset="utf-8">
 <!-- Reference page uses same-origin resources, which are not CORB-eligible. -->
 <link rel="match" href="img-png-mislabeled-as-html-nosniff.tentative.sub-ref.html">
-<!-- www1 is cross-origin, so the HTTP response is CORB-eligible
-
-TODO(lukasza@chromium.org): Once https://crbug.com/888079 and
-https://crbug.com/891872 are fixed, we should use a cross-*origin*
-rather than cross-*site* URL below (e.g. s/hosts[alt]/domains/g).
-See also https://crbug.com/918660 for more context.
--->
-<img src="http://{{hosts[alt][www1]}}:{{ports[http][0]}}/fetch/corb/resources/png-mislabeled-as-html-nosniff.png">
+<!-- www1 is cross-origin, so the HTTP response is CORB-eligible -->
+<img src="http://{{domains[www1]}}:{{ports[http][0]}}/fetch/corb/resources/png-mislabeled-as-html-nosniff.png">

fetch/corb/preload-image-png-mislabeled-as-html-nosniff.tentative.sub.html

@@ -17,14 +17,8 @@
 });
 </script>
 
-<!-- www1 is cross-origin, so the HTTP response is CORB-eligible
-
-TODO(lukasza@chromium.org): Once https://crbug.com/888079 and
-https://crbug.com/891872 are fixed, we should use a cross-*origin*
-rather than cross-*site* URL below (e.g. s/hosts[alt]/domains/g).
-See also https://crbug.com/918660 for more context.
--->
+<!-- www1 is cross-origin, so the HTTP response is CORB-eligible -->
 <link rel="preload" as="image"
       onerror="window.preloadErrorEvent()"
       onload="window.preloadLoadEvent()"
-      href="http://{{hosts[alt][www1]}}:{{ports[http][0]}}/fetch/corb/resources/png-mislabeled-as-html-nosniff.png">
+      href="http://{{domains[www1]}}:{{ports[http][0]}}/fetch/corb/resources/png-mislabeled-as-html-nosniff.png">

fetch/corb/script-html-correctly-labeled.tentative.sub.html

@@ -24,12 +24,7 @@
   });
 
   // www1 is cross-origin, so the HTTP response is CORB-eligible.
-  //
-  // TODO(lukasza@chromium.org): Once https://crbug.com/888079 and
-  // https://crbug.com/891872 are fixed, we should use a cross-*origin*
-  // rather than cross-*site* URL below (e.g. s/hosts[alt]/domains/g).
-  // See also https://crbug.com/918660 for more context.
-  script.src = 'http://{{hosts[alt][www1]}}:{{ports[http][0]}}/fetch/corb/resources/html-correctly-labeled.html';
+  script.src = 'http://{{domains[www1]}}:{{ports[http][0]}}/fetch/corb/resources/html-correctly-labeled.html';
   document.body.appendChild(script)
 }, "CORB-blocked script has no syntax errors");
 </script>

fetch/corb/script-resource-with-json-parser-breaker.tentative.sub.html

@@ -68,12 +68,7 @@
     });
 
     // www1 is cross-origin, so the HTTP response is CORB-eligible.
-    //
-    // TODO(lukasza@chromium.org): Once https://crbug.com/888079 and
-    // https://crbug.com/891872 are fixed, we should use a cross-*origin*
-    // rather than cross-*site* URL below (e.g. s/hosts[alt]/domains/g).
-    // See also https://crbug.com/918660 for more context.
-    var src_prefix = "http://{{hosts[alt][www1]}}:{{ports[http][0]}}/fetch/corb/resources/sniffable-resource.py";
+    var src_prefix = "http://{{domains[www1]}}:{{ports[http][0]}}/fetch/corb/resources/sniffable-resource.py";
     script.src = src_prefix + "?type=" + mime_type + "&body=" + encodeURIComponent(body);
     document.body.appendChild(script)
   }, "CORB-blocks '" + mime_type + "' that starts with the following JSON parser breaker: " + body);

html/semantics/document-metadata/the-link-element/resources/link-style-error.js

@@ -1,13 +1,7 @@
 ["<link>", "@import"].forEach(linkType => {
   [
    ["same-origin", "resources/css.py"],
-
-   // TODO(lukasza@chromium.org): Once https://crbug.com/888079 and
-   // https://crbug.com/891872 are fixed, we should use a cross-*origin* rather
-   // than cross-*site* URL below (e.g.  s/ HTTP_NOTSAMESITE_ORIGIN /
-   // HTTP_REMOTE_ORIGIN /g).  See also https://crbug.com/918660 for more
-   // context.
-   ["cross-origin", get_host_info().HTTP_NOTSAMESITE_ORIGIN + "/html/semantics/document-metadata/the-link-element/resources/css.py"]
+   ["cross-origin", get_host_info().HTTP_REMOTE_ORIGIN + "/html/semantics/document-metadata/the-link-element/resources/css.py"]
   ].forEach(originType => {
     ["no Content-Type", "wrong Content-Type", "broken Content-Type"].forEach(contentType => {
       ["no nosniff", "nosniff"].forEach(nosniff => {