[DIP] Add DocumentIsolationPolicy to PolicyContainer

This CL adds DocumentIsolationPolicy to the PolicyContainer.
DocumentIsolationPolicy is set when received from a network response. If
the navigation did not have a network response, it should be inherited
from the navigation initiator normally through the PolicyContainer.

Bug: 332883907
Change-Id: Ifb89d523167a4d9b5b0b7ec616805df035b71a91
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5428418
Commit-Queue: Camille Lamy <[email protected]>
Reviewed-by: Joe DeBlasio <[email protected]>
Cr-Commit-Position: refs/heads/main@{#1288046}
diff --git a/content/browser/renderer_host/policy_container_host.cc b/content/browser/renderer_host/policy_container_host.cc
index f58b03f..626edca 100644
--- a/content/browser/renderer_host/policy_container_host.cc
+++ b/content/browser/renderer_host/policy_container_host.cc
@@ -39,6 +39,7 @@
                              rhs.content_security_policies) &&
          lhs.cross_origin_opener_policy == rhs.cross_origin_opener_policy &&
          lhs.cross_origin_embedder_policy == rhs.cross_origin_embedder_policy &&
+         lhs.document_isolation_policy == rhs.document_isolation_policy &&
          lhs.sandbox_flags == rhs.sandbox_flags &&
          lhs.is_credentialless == rhs.is_credentialless &&
          lhs.can_navigate_top_without_user_gesture ==
@@ -98,6 +99,17 @@
              .value_or("<null>")
       << " }";
 
+  out << ", document_isolation_policy: " << "{ value: "
+      << policies.document_isolation_policy.value << ", reporting_endpoint: "
+      << policies.document_isolation_policy.reporting_endpoint.value_or(
+             "<null>")
+      << ", report_only_value: "
+      << policies.document_isolation_policy.report_only_value
+      << ", report_only_reporting_endpoint: "
+      << policies.document_isolation_policy.report_only_reporting_endpoint
+             .value_or("<null>")
+      << " }";
+
   out << ", sandbox_flags: " << policies.sandbox_flags;
   out << ", is_credentialless: " << policies.is_credentialless;
   out << ", can_navigate_top_without_user_gesture: "
@@ -118,6 +130,7 @@
         content_security_policies,
     const network::CrossOriginOpenerPolicy& cross_origin_opener_policy,
     const network::CrossOriginEmbedderPolicy& cross_origin_embedder_policy,
+    const network::DocumentIsolationPolicy& document_isolation_policy,
     network::mojom::WebSandboxFlags sandbox_flags,
     bool is_credentialless,
     bool can_navigate_top_without_user_gesture,
@@ -128,6 +141,7 @@
       content_security_policies(std::move(content_security_policies)),
       cross_origin_opener_policy(cross_origin_opener_policy),
       cross_origin_embedder_policy(cross_origin_embedder_policy),
+      document_isolation_policy(document_isolation_policy),
       sandbox_flags(sandbox_flags),
       is_credentialless(is_credentialless),
       can_navigate_top_without_user_gesture(
@@ -158,6 +172,7 @@
           mojo::Clone(response_head->parsed_headers->content_security_policy),
           response_head->parsed_headers->cross_origin_opener_policy,
           response_head->parsed_headers->cross_origin_embedder_policy,
+          response_head->parsed_headers->document_isolation_policy,
           network::mojom::WebSandboxFlags::kNone,
           /*is_credentialless=*/false,
           /*can_navigate_top_without_user_gesture=*/true,
@@ -181,8 +196,9 @@
   return PolicyContainerPolicies(
       referrer_policy, ip_address_space, is_web_secure_context,
       mojo::Clone(content_security_policies), cross_origin_opener_policy,
-      cross_origin_embedder_policy, sandbox_flags, is_credentialless,
-      can_navigate_top_without_user_gesture, allow_cross_origin_isolation);
+      cross_origin_embedder_policy, mojo::Clone(document_isolation_policy),
+      sandbox_flags, is_credentialless, can_navigate_top_without_user_gesture,
+      allow_cross_origin_isolation);
 }
 
 std::unique_ptr<PolicyContainerPolicies> PolicyContainerPolicies::ClonePtr()