| OLD | NEW |
|---|
| (Empty) |
| 1 if (self.importScripts) { | |
| 2 importScripts('../resources/fetch-test-helpers.js'); | |
| 3 importScripts('../resources/fetch-access-control-util.js'); | |
| 4 } | |
| 5 | |
| 6 // This test assumes TEST_TARGETS are executed in order and sequentially. | |
| 7 var TEST_TARGETS = []; | |
| 8 | |
| 9 // cookieCheckX checks the cookies sent in the request. | |
| 10 // SetCookie=cookieX indicates to set cookies in the response. | |
| 11 // So a SetCookie=cookieX indication may affect the next cookieCheckX, | |
| 12 // but not the cookieCheckX in the same request. | |
| 13 | |
| 14 // Test same-origin requests. | |
| 15 // The same set of requests are also in fetch-access-control-cookie-no-cors.js, | |
| 16 // with different mode (no-cors). | |
| 17 ['same-origin', 'cors'].forEach(function(mode) { | |
| 18 // At first, cookie is cookie=cookie1. | |
| 19 TEST_TARGETS.push( | |
| 20 // Set cookie=cookieA by credentials=same-origin. | |
| 21 [BASE_URL + 'mode=' + mode + '&credentials=same-origin&SetCookie=cookieA', | |
| 22 [fetchResolved, hasBody], [cookieCheck1]], | |
| 23 | |
| 24 // Set cookie=cookieB by credentials=include. | |
| 25 [BASE_URL + 'mode=' + mode + '&credentials=include&SetCookie=cookieB', | |
| 26 [fetchResolved, hasBody], [cookieCheckA]], | |
| 27 // Check cookie. | |
| 28 [BASE_URL + 'mode=' + mode + '&credentials=same-origin', | |
| 29 [fetchResolved, hasBody], [cookieCheckB]], | |
| 30 | |
| 31 // Try to set cookie=cookieC by credentials=omit, but | |
| 32 // cookie is not sent/updated if credentials flag is unset. | |
| 33 [BASE_URL + 'mode=' + mode + '&credentials=omit&SetCookie=cookieC', | |
| 34 [fetchResolved, hasBody], [cookieCheckNone]], | |
| 35 | |
| 36 // Set-Cookie2 header is ignored. | |
| 37 [BASE_URL + 'mode=' + mode + | |
| 38 '&credentials=same-origin&SetCookie2=cookieC', | |
| 39 [fetchResolved, hasBody], [cookieCheckB]], | |
| 40 | |
| 41 // Reset cookie to cookie1. | |
| 42 [BASE_URL + 'mode=' + mode + '&credentials=same-origin&SetCookie=cookie1', | |
| 43 [fetchResolved, hasBody], [cookieCheckB]]); | |
| 44 }); | |
| 45 | |
| 46 // Test cross-origin requests. | |
| 47 | |
| 48 // URL to check current cookie. | |
| 49 var OTHER_CHECK_URL = | |
| 50 OTHER_BASE_URL + | |
| 51 'mode=cors&credentials=include&method=POST&ACAOrigin=' + BASE_ORIGIN + | |
| 52 '&ACACredentials=true&label='; | |
| 53 | |
| 54 TEST_TARGETS.push( | |
| 55 // At first, cookie is cookie=cookie2. | |
| 56 | |
| 57 // Tests for mode=cors. | |
| 58 | |
| 59 // Set cookieA by a successful CORS. | |
| 60 [OTHER_BASE_URL + 'mode=cors&credentials=include&ACAOrigin=' + BASE_ORIGIN + | |
| 61 '&ACACredentials=true&SetCookie=cookieA', | |
| 62 [fetchResolved, hasBody, typeCors], [cookieCheck2]], | |
| 63 // Check that cookie is set. | |
| 64 [OTHER_CHECK_URL + 'otherCheck1', [fetchResolved], [cookieCheckA]], | |
| 65 | |
| 66 // Set cookieB by a rejected CORS. Fetch is rejected, but cookie is set. | |
| 67 // Spec: https://fetch.spec.whatwg.org/ | |
| 68 // Cookie is set in Step 13 of HTTP network or cache fetch | |
| 69 // (called from Step 3.5 of HTTP fetch), | |
| 70 // which is before CORS check in Step 3.6 of HTTP fetch. | |
| 71 [OTHER_BASE_URL + 'mode=cors&credentials=include&ACAOrigin=*&SetCookie=cookieB
', | |
| 72 [fetchRejected]], | |
| 73 [OTHER_CHECK_URL + 'otherCheck2', [fetchResolved], [cookieCheckB]], | |
| 74 | |
| 75 // Set cookieC by a rejected CORS. Fetch is rejected, but cookie is set. | |
| 76 [OTHER_BASE_URL + 'mode=cors&credentials=include&ACAOrigin=' + BASE_ORIGIN + | |
| 77 '&SetCookie=cookieC', | |
| 78 [fetchRejected]], | |
| 79 [OTHER_CHECK_URL + 'otherCheck3', [fetchResolved], [cookieCheckC]], | |
| 80 | |
| 81 // Set cookieA by a rejected CORS. Fetch is rejected, but cookie is set. | |
| 82 [OTHER_BASE_URL + 'mode=cors&credentials=include&ACAOrigin=*&ACACredentials=tr
ue&SetCookie=cookieA', | |
| 83 [fetchRejected]], | |
| 84 [OTHER_CHECK_URL + 'otherCheck4', [fetchResolved], [cookieCheckA]], | |
| 85 | |
| 86 // Try to set cookieB, but | |
| 87 // cookie is not sent/updated because credentials flag is not set. | |
| 88 [OTHER_BASE_URL + 'mode=cors&credentials=omit&ACAOrigin=' + BASE_ORIGIN + | |
| 89 '&ACACredentials=true&SetCookie=cookieB', | |
| 90 [fetchResolved, hasBody, typeCors], [cookieCheckNone]], | |
| 91 [OTHER_CHECK_URL + 'otherCheck5', [fetchResolved], [cookieCheckA]], | |
| 92 | |
| 93 // Try to set cookieB, but | |
| 94 // cookie is not sent/updated because credentials flag is not set. | |
| 95 [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&ACAOrigin=' + | |
| 96 BASE_ORIGIN + '&ACACredentials=true&SetCookie=cookieB', | |
| 97 [fetchResolved, hasBody, typeCors], [cookieCheckNone]], | |
| 98 [OTHER_CHECK_URL + 'otherCheck6', [fetchResolved], [cookieCheckA]], | |
| 99 | |
| 100 // Tests for CORS preflight. | |
| 101 | |
| 102 // Set cookieB by a successful CORS with CORS preflight. | |
| 103 [OTHER_BASE_URL + 'mode=cors&credentials=include&ACAOrigin=' + BASE_ORIGIN + | |
| 104 '&PACAOrigin=' + BASE_ORIGIN + | |
| 105 '&ACACredentials=true&PACACredentials=true&method=PUT&PACAMethods=PUT&SetCook
ie=cookieB&PreflightTest=200', | |
| 106 [fetchResolved, hasBody, typeCors], [cookieCheckA]], | |
| 107 [OTHER_CHECK_URL + 'otherCheck7', [fetchResolved], [cookieCheckB]], | |
| 108 // Set-Cookie2 should be ignored for CORS. | |
| 109 [OTHER_BASE_URL + 'mode=cors&credentials=include&ACAOrigin=' + BASE_ORIGIN + | |
| 110 '&PACAOrigin=' + BASE_ORIGIN + | |
| 111 '&ACACredentials=true&PACACredentials=true&method=PUT&PACAMethods=PUT&SetCook
ie2=cookieC&PreflightTest=200', | |
| 112 [fetchResolved, hasBody, typeCors], [cookieCheckB]], | |
| 113 [OTHER_CHECK_URL + 'otherCheck8', [fetchResolved], [cookieCheckB]], | |
| 114 | |
| 115 // Test that no Cookie header is sent in CORS preflight. | |
| 116 // Test that Set-Cookie in CORS preflight is ignored. | |
| 117 | |
| 118 // Set-Cookie=cookieC is sent in CORS preflight, but this should be ignored. | |
| 119 [OTHER_BASE_URL + 'mode=cors&credentials=include&ACAOrigin=' + BASE_ORIGIN + | |
| 120 '&PACAOrigin=' + BASE_ORIGIN + | |
| 121 '&ACACredentials=true&PACACredentials=true&method=PUT&PACAMethods=PUT&PSetCoo
kie=cookieC&PreflightTest=200', | |
| 122 [fetchResolved, hasBody, typeCors], [cookieCheckB]], | |
| 123 [OTHER_CHECK_URL + 'otherCheck9', [fetchResolved], [cookieCheckB]], | |
| 124 | |
| 125 // Set-Cookie2=cookieC is sent in CORS preflight, but this should be ignored. | |
| 126 [OTHER_BASE_URL + 'mode=cors&credentials=include&ACAOrigin=' + BASE_ORIGIN + | |
| 127 '&PACAOrigin=' + BASE_ORIGIN + | |
| 128 '&ACACredentials=true&PACACredentials=true&method=PUT&PACAMethods=PUT&PSetCoo
kie2=cookieC&PreflightTest=200', | |
| 129 [fetchResolved, hasBody, typeCors], [cookieCheckB]], | |
| 130 [OTHER_CHECK_URL + 'otherCheck10', [fetchResolved], [cookieCheckB]], | |
| 131 | |
| 132 // Tests for mode=same-origin. | |
| 133 // Rejected as Network Error before entering basic fetch or HTTP fetch, | |
| 134 // so no cookies are set. | |
| 135 | |
| 136 // Try to set cookieC. | |
| 137 [OTHER_BASE_URL + 'mode=same-origin&credentials=omit&SetCookie=cookieC', | |
| 138 [fetchRejected]], | |
| 139 [OTHER_CHECK_URL + 'otherCheck11', [fetchResolved], [cookieCheckB]], | |
| 140 | |
| 141 // Try to set cookieC. | |
| 142 [OTHER_BASE_URL + 'mode=same-origin&credentials=include&SetCookie=cookieC', | |
| 143 [fetchRejected]], | |
| 144 [OTHER_CHECK_URL + 'otherCheck12', [fetchResolved], [cookieCheckB]], | |
| 145 | |
| 146 // Try to set cookieC. | |
| 147 [OTHER_BASE_URL + | |
| 148 'mode=same-origin&credentials=same-origin&SetCookie=cookieC', | |
| 149 [fetchRejected]], | |
| 150 [OTHER_CHECK_URL + 'otherCheck13', [fetchResolved], [cookieCheckB]] | |
| 151 ); | |
| 152 | |
| 153 if (self.importScripts) { | |
| 154 executeTests(TEST_TARGETS); | |
| 155 done(); | |
| 156 } | |
| OLD | NEW |
|---|
Chromium Code Reviews
