https://bugs.webkit.org/show_bug.cgi?id=94559

Reviewed by Adam Barth.

Source/WebCore:

Shared workers can fundamentally leak information between pages in
different contexts if the workers can be accessed from a third-party
context. Thus, if third-party storage blocking is enabled, shared
workers should be disallowed in third-party contexts.

Tests: http/tests/security/cross-origin-shared-worker-allowed.html
       http/tests/security/cross-origin-shared-worker.html

* page/SecurityOrigin.h: Add canAccessSharedWorkers function
(WebCore::SecurityOrigin::canAccessSharedWorkers):
* workers/SharedWorker.cpp:
(WebCore::SharedWorker::create): Ensure that we can access shared workers before creating the worker.

LayoutTests:

Created tests for accessing shared workers from a third party and first party when third-party blocking is on and off.

* http/tests/security/cross-origin-shared-worker-allowed-expected.txt: Added.
* http/tests/security/cross-origin-shared-worker-allowed.html: Added.
* http/tests/security/cross-origin-shared-worker-expected.txt: Added.
* http/tests/security/cross-origin-shared-worker.html: Added.
* http/tests/security/resources/cross-origin-iframe-for-shared-worker.html: Added.
* http/tests/security/resources/shared-worker.js: Added.
(self.addEventListener):
* platform/chromium/TestExpectations: Shared workers are not supported in chromium DRT

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@126912 268f45cc-cd09-0410-ab3c-d52691b4dbfc