LibWeb/DOM: Set Document's origin in JS constructor

We were missing this spec step, which meant that the created
document had no origin, causing a crash when accessed for same-origin
checks.

Libraries/LibWeb/DOM/Document.cpp

@@ -424,9 +424,13 @@ WebIDL::ExceptionOr<GC::Ref<Document>> Document::create_and_initialize(Type type
     return document;
 }
 
-WebIDL::ExceptionOr<GC::Ref<Document>> Document::construct_impl(JS::Realm& realm)
+// https://dom.spec.whatwg.org/#dom-document-document
+GC::Ref<Document> Document::construct_impl(JS::Realm& realm)
 {
-    return Document::create(realm);
+    // The new Document() constructor steps are to set this’s origin to the origin of current global object’s associated Document. [HTML]
+    auto document = Document::create(realm);
+    document->set_origin(as<HTML::Window>(HTML::current_principal_global_object()).associated_document().origin());
+    return document;
 }
 
 GC::Ref<Document> Document::create(JS::Realm& realm, URL::URL const& url)

Libraries/LibWeb/DOM/Document.h

@@ -178,7 +178,7 @@ public:
 
     [[nodiscard]] static GC::Ref<Document> create(JS::Realm&, URL::URL const& url = URL::about_blank());
     [[nodiscard]] static GC::Ref<Document> create_for_fragment_parsing(JS::Realm&);
-    static WebIDL::ExceptionOr<GC::Ref<Document>> construct_impl(JS::Realm&);
+    static GC::Ref<Document> construct_impl(JS::Realm&);
     virtual ~Document() override;
 
     // AD-HOC: This number increments whenever a node is added or removed from the document, or an element attribute changes.

Tests/LibWeb/Crash/DOM/document-constructor-no-origin.html

@@ -0,0 +1,4 @@
+<!DOCTYPE html>
+<script>
+    let d = new Document().domain;
+</script>