Bug 311286

In http/tests/security/block-top-level-navigations-by-sandboxed-iframe-with-propagated-user-gesture.html, with site isolation enabled the console message logging "Unsafe JavaScript attempt to initiate navigation" will not contain the full URL (including resource path) of RemoteFrames. This is the diff: ``` @@ -1,4 +1,4 @@ -CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate navigation for frame with URL 'http://127.0.0.1:8000/security/block-top-level-navigations-by-sandboxed-iframe-with-propagated-user-gesture.html' from frame with URL 'http://localhost:8000/security/resources/navigate-top-level-frame-to-failure-page-via-message-handler.html'. The frame attempting navigation of the top-level window is sandboxed, but the 'allow-top-navigation' flag is not set. +CONSOLE MESSAGE: Unsafe JavaScript attempt to initiate navigation for frame with URL 'http://127.0.0.1:8000/' from frame with URL 'http://localhost:8000/security/resources/navigate-top-level-frame-to-failure-page-via-message-handler.html'. The frame attempting navigation of the top-level window is sandboxed, but the 'allow-top-navigation' flag is not set. CONSOLE MESSAGE: SecurityError: The operation is insecure. Test blocking of top-level navigations by an iframe with `sandbox=allow-top-navigation-by-user-activation` when the user gesture is propagated from another context. ``` This difference is thanks to https://commits.webkit.org/310093@main where we decided to prevent frames from fetching the full URL path of remote frames in different processes. http/tests/security/block-top-level-navigations-by-sandboxed-iframe-with-propagated-user-gesture.html also has the same inconsistency in behavior with site isolation enabled vs disabled.