Prevent brave wallet providers from being generated in third party iframe

[darkdh]

Resolves brave/brave-browser#22686

1. window.ethereum and window.solana will be unavailable in 3rd party iframe
2. Some browser test cleanup

Submitter Checklist:

• I confirm that no security/privacy review is needed, or that I have requested one
• There is a ticket for my issue
• Used Github auto-closing keywords in the PR description above
• Wrote a good PR/commit description
• Squashed any review feedback or "fixup" commits before merge, so that history is a record of what happened in the repo, not your PR
• Added appropriate labels (QA/Yes or QA/No; release-notes/include or release-notes/exclude; OS/...) to the associated issue
• Checked the PR locally: npm run test -- brave_browser_tests, npm run test -- brave_unit_tests, npm run lint, npm run gn_check, npm run tslint
• Ran git rebase master (if needed)

Reviewer Checklist:

• A security review is not needed, or a link to one is included in the PR description
• New files have MPL-2.0 license header
• Adequate test coverage exists to prevent regressions
• Major classes, functions and non-trivial code blocks are well-commented
• Changes in component dependencies are properly reflected in gn
• Code follows the style guide
• Test plan is specified in PR before merging

After-merge Checklist:

• The associated issue milestone is set to the smallest version that the
  changes has landed on
• All relevant documentation has been updated, for instance:
  • https://github.com/brave/brave-browser/wiki/Deviations-from-Chromium-(features-we-disable-or-remove)
  • https://github.com/brave/brave-browser/wiki/Proxy-redirected-URLs
  • https://github.com/brave/brave-browser/wiki/Fingerprinting-Protections
  • https://github.com/brave/brave-browser/wiki/Brave%E2%80%99s-Use-of-Referral-Codes
  • https://github.com/brave/brave-browser/wiki/Custom-Headers
  • https://github.com/brave/brave-browser/wiki/Web-Compatibility-Exceptions-in-Brave
  • https://github.com/brave/brave-browser/wiki/QA-Guide
  • https://github.com/brave/brave-browser/wiki/P3A

Test Plan:

Same party test

1. Navigate to https://www.w3schools.com/tags/tryit.asp?filename=tryhtml_iframe
2. Add id="test" to iframe element and click Run
3. Open console and inspect any element at the right panel
4. Select iframe result in console like this

5. Type these in console

  let iframe = document.getElementById('test')
  console.log(iframe.contentWindow.ethereum)

6. It should not be undefined

Third party test

1. Navigate to https://www.w3schools.com/tags/tryit.asp?filename=tryhtml_iframe
2. Add id="test" to iframe element and change src to https://metamask.github.io/test-dapp/ and click Run
3. Open console and inspect any element at the right panel
4. Select iframe result in console like this

5. Type these in console

  let iframe = document.getElementById('test')
  console.log(iframe.contentWindow.ethereum)

6. It should be undefined

[yrliou]

Probably better to use render_frame()->GetWebFrame()->IsCrossOriginToMainFrame() to check if it's 3rd party iframe.

[darkdh]

That sounds better, fixed and force-pushed

[yrliou]

LGTM

[diracdeltas]

thx for doing this

[srirambv]

Verification passed on

Brave	1.40.44 Chromium: 101.0.4951.54 (Official Build) nightly (64-bit)
Revision	67da1aeb32cedd27634ca6634fb79cbd85d3f0ab-refs/branch-heads/4951@{#1126}
OS	Windows 11 Version 22H2 (Build 22616.1)

• Verified test plan from PR

Same party test	Third party test
13268-First.Party.iFrame.mov	13268-THird.Party.iFrame.mov