LibWeb/Fetch: Implement the "set the Sec-Fetch-User header" AO

Userland/Libraries/LibWeb/Fetch/Fetching/Fetching.cpp

@@ -2078,4 +2078,29 @@ void set_sec_fetch_site_header(Infrastructure::Request& request)
     request.header_list()->append(move(header));
 }
 
+// https://w3c.github.io/webappsec-fetch-metadata/#abstract-opdef-set-user
+void set_sec_fetch_user_header(Infrastructure::Request& request)
+{
+    // 1. Assert: r’s url is a potentially trustworthy URL.
+    VERIFY(SecureContexts::is_url_potentially_trustworthy(request.url()) == SecureContexts::Trustworthiness::PotentiallyTrustworthy);
+
+    // 2. If r is not a navigation request, or if r’s user-activation is false, return.
+    if (!request.is_navigation_request() || !request.user_activation())
+        return;
+
+    // 3. Let header be a Structured Header whose value is a token.
+    // FIXME: This is handled below, as Serenity doesn't have APIs for RFC 8941.
+
+    // 4. Set header’s value to true.
+    // NOTE: See https://datatracker.ietf.org/doc/html/rfc8941#name-booleans for boolean format in RFC 8941.
+    auto header_value = MUST(ByteBuffer::copy("?1"sv.bytes()));
+
+    // 5. Set a structured field value `Sec-Fetch-User`/header in r’s header list.
+    auto header = Infrastructure::Header {
+        .name = MUST(ByteBuffer::copy("Sec-Fetch-User"sv.bytes())),
+        .value = move(header_value),
+    };
+    request.header_list()->append(move(header));
+}
+
 }