content/browser/service_worker/service_worker_browsertest.cc - Issue 1859313002: Save-Data should not be added to CORS Access-Control-Request-Headers

Unified Diff: content/browser/service_worker/service_worker_browsertest.cc

Issue 1859313002: Save-Data should not be added to CORS Access-Control-Request-Headers (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Addressed kinuko comments Created 4 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: content/browser/service_worker/service_worker_browsertest.cc

diff --git a/content/browser/service_worker/service_worker_browsertest.cc b/content/browser/service_worker/service_worker_browsertest.cc

index 560272db2991920d38aa61e0f148bd0f5f2a7a4b..b8f99a4b3b3d60997c81e7e406d2f6748feb323c 100644

--- a/content/browser/service_worker/service_worker_browsertest.cc

+++ b/content/browser/service_worker/service_worker_browsertest.cc

@@ -11,8 +11,12 @@

#include "base/callback.h"

#include "base/command_line.h"

#include "base/macros.h"

+#include "base/memory/ref_counted.h"

+#include "base/memory/scoped_ptr.h"

#include "base/run_loop.h"

#include "base/single_thread_task_runner.h"

+#include "base/strings/string16.h"

+#include "base/strings/stringprintf.h"

#include "base/strings/utf_string_conversions.h"

#include "base/thread_task_runner_handle.h"

#include "base/time/time.h"

@@ -217,6 +221,34 @@ scoped_ptr<net::test_server::HttpResponse> VerifySaveDataHeaderNotInRequest(

return make_scoped_ptr(new net::test_server::BasicHttpResponse());

}

+scoped_ptr<net::test_server::HttpResponse>

+VerifySaveDataNotInAccessControlRequestHeader(

+ const net::test_server::HttpRequest& request) {

+ // Save-Data should be present.

+ auto it = request.headers.find("Save-Data");

+ EXPECT_NE(request.headers.end(), it);

+ EXPECT_EQ("on", it->second);

+ scoped_ptr<net::test_server::BasicHttpResponse> http_response(

+ new net::test_server::BasicHttpResponse());

+ if (request.method == net::test_server::METHOD_OPTIONS) {

+ // Access-Control-Request-Headers should contain 'X-Custom-Header' and not

+ // contain 'Save-Data'.

+ auto acrh_iter = request.headers.find("Access-Control-Request-Headers");

+ EXPECT_NE(request.headers.end(), acrh_iter);

+ EXPECT_NE(std::string::npos, acrh_iter->second.find("x-custom-header"));

+ EXPECT_EQ(std::string::npos, acrh_iter->second.find("save-data"));

+ http_response->AddCustomHeader("Access-Control-Allow-Headers",

+ acrh_iter->second);

+ http_response->AddCustomHeader("Access-Control-Allow-Methods", "GET");

+ http_response->AddCustomHeader("Access-Control-Allow-Origin", "*");

+ } else {

+ http_response->AddCustomHeader("Access-Control-Allow-Origin", "*");

+ http_response->set_content("PASS");

+ }

+ return std::move(http_response);

// The ImportsBustMemcache test requires that the imported script

// would naturally be cached in blink's memcache, but the embedded

// test server doesn't produce headers that allow the blink's memcache

@@ -1116,6 +1148,52 @@ IN_PROC_BROWSER_TEST_F(ServiceWorkerBrowserTest, FetchPageWithSaveData) {

run_loop.Run();

}

+// Tests that when data saver is enabled and a cross-origin fetch by a webpage

+// is intercepted by a serviceworker, and the serviceworker does a fetch, the

+// preflight request does not have save-data in Access-Control-Request-Headers.

+IN_PROC_BROWSER_TEST_F(ServiceWorkerBrowserTest, CrossOriginFetchWithSaveData) {

+ const char kPageUrl[] = "/service_worker/fetch_cross_origin.html";

+ const char kWorkerUrl[] = "/service_worker/fetch_event_pass_through.js";

+ net::EmbeddedTestServer cross_origin_server;

+ cross_origin_server.ServeFilesFromSourceDirectory("content/test/data");

+ cross_origin_server.RegisterRequestHandler(

+ base::Bind(&VerifySaveDataNotInAccessControlRequestHeader));

+ cross_origin_server.Start();

+ MockContentBrowserClient content_browser_client;

+ content_browser_client.set_data_saver_enabled(true);

+ ContentBrowserClient* old_client =

+ SetBrowserClientForTesting(&content_browser_client);

+ shell()->web_contents()->GetRenderViewHost()->OnWebkitPreferencesChanged();

+ scoped_refptr<WorkerActivatedObserver> observer =

+ new WorkerActivatedObserver(wrapper());

+ observer->Init();

+ public_context()->RegisterServiceWorker(

+ embedded_test_server()->GetURL(kPageUrl),

+ embedded_test_server()->GetURL(kWorkerUrl),

+ base::Bind(&ExpectResultAndRun, true, base::Bind(&base::DoNothing)));

+ observer->Wait();

+ const base::string16 title = base::ASCIIToUTF16("PASS");

+ TitleWatcher title_watcher(shell()->web_contents(), title);

+ NavigateToURL(shell(),

+ embedded_test_server()->GetURL(base::StringPrintf(

+ "%s?%s", kPageUrl,

+ cross_origin_server.GetURL("/cross_origin_request.html")

+ .spec()

+ .c_str())));

+ EXPECT_EQ(title, title_watcher.WaitAndGetTitle());

+ SetBrowserClientForTesting(old_client);

+ shell()->Close();

+ base::RunLoop run_loop;

+ public_context()->UnregisterServiceWorker(

+ embedded_test_server()->GetURL(kPageUrl),

+ base::Bind(&ExpectResultAndRun, true, run_loop.QuitClosure()));

+ run_loop.Run();

IN_PROC_BROWSER_TEST_F(ServiceWorkerBrowserTest,

FetchPageWithSaveDataPassThroughOnFetch) {

const char kPageUrl[] = "/service_worker/pass_through_fetch.html";

« no previous file with comments | « no previous file | content/test/data/service_worker/fetch_cross_origin.html » ('j') | no next file with comments »