Spec cross-origin reportEvent() support

[blu25]

Reporting beacons can now be sent with window.fence.reportEvent() from documents that are cross origin to a fenced frame config's mapped URL. To do this, there must be opt-in from both the document created with the FencedFrameConfig as well as the cross-origin document that wants to send the beacon. The document created with the FencedFrameConfig opts in with a new "Allow-Cross-Origin-Event-Reporting=true" response header. The cross-origin document opts in by calling reportEvent() with the crossOriginExposed=true parameter.

This PR updates the spec to match that behavior. More specifically:

• Updates the FenceEvent IDL to match the current .idl file on the codebase.
• Adds a way to store a new "Allow-Cross-Origin-Event-Reporting" opt-in header in the fenced frame config. This header is set in the document whose browsing context houses the fenced frame config. It makes most sense to store this in the fenced frame config directly, since it will be consulting that when calling reportEvent() anyway, and cross-origin iframes still have access to the fenced frame config instance object.
• Modifies reportEvent() to support being called from a document that is cross-origin to the fenced frame config's mapped URL.
  • The private aggregation path has no changes, as it still doesn't have cross-origin support.
  • The destination enum/URL path adds a carve-out that allows it to continue if it's cross-origin but also has both header opt-in for the document that owns the fenced frame config + crossOriginExposed=true opt-in from the document that's sending the beacon.

---

Preview | Diff

[domfarolino]

window.fence.reportEvent() will now support being sent from documents

Methods cannot be sent. Do you mean exposed? Or am I missing something?

[domfarolino]

The same-origin document opts in with a new "Allow-Cross-Origin-Event-Reporting=true" response header. The cross-origin document opts in by calling reportEvent() with the crossOriginExposed=true parameter.

~Can you link to the rationale for why these are different?~

Edit: I think I misunderstood. Is "the same-origin document" just the fenced frame document? That is, the document created by the FencedFrameConfig, i.e., the top-level document in a <fencedframe> element?

[blu25]

window.fence.reportEvent() will now support being sent from documents

Methods cannot be sent. Do you mean exposed? Or am I missing something?

I mean exposed. The wording should be "Beacons can be sent with window.fence.reportEvent() from documents that are cross-origin..."

The same-origin document opts in with a new "Allow-Cross-Origin-Event-Reporting=true" response header. The cross-origin document opts in by calling reportEvent() with the crossOriginExposed=true parameter.

~Can you link to the rationale for why these are different?~

Edit: I think I misunderstood. Is "the same-origin document" just the fenced frame document? That is, the document created by the FencedFrameConfig, i.e., the top-level document in a <fencedframe> element?

Yes. Same-origin iframes embedded in fenced frames have no control over the opt-in process. I'll update the wording to match that.