third_party/WebKit/LayoutTests/http/tests/credentialmanager/passwordcredential-fetch.html - Issue 1868253002: Fetch: 'password' credentials mode should include credentials.

Unified Diff: third_party/WebKit/LayoutTests/http/tests/credentialmanager/passwordcredential-fetch.html

Issue 1868253002: Fetch: 'password' credentials mode should include credentials. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 4 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « no previous file | third_party/WebKit/LayoutTests/http/tests/credentialmanager/resources/echo-cookies.php » ('j') | third_party/WebKit/Source/modules/fetch/FetchManager.cpp » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: third_party/WebKit/LayoutTests/http/tests/credentialmanager/passwordcredential-fetch.html

diff --git a/third_party/WebKit/LayoutTests/http/tests/credentialmanager/passwordcredential-fetch.html b/third_party/WebKit/LayoutTests/http/tests/credentialmanager/passwordcredential-fetch.html

index 5fe86f908e0702c5dcb683888fe8202b690421dc..21bd7aa30ac6bbd32a0c41457dde52e98a4c4292 100644

--- a/third_party/WebKit/LayoutTests/http/tests/credentialmanager/passwordcredential-fetch.html

+++ b/third_party/WebKit/LayoutTests/http/tests/credentialmanager/passwordcredential-fetch.html

@@ -3,6 +3,8 @@

+<body>

+<input type=hidden id=thing value=sekrit>

var c = new PasswordCredential({

id: 'id',

@@ -51,6 +53,21 @@ promise_test(function() {

}, "Simple Fetch");

promise_test(function() {

+ document.cookie = "a=1";

+ document.cookie = "b=2";

+ return fetch("./resources/echo-cookies.php", { credentials: c, method: "POST" })

+ .then(resp => resp.json())

+ .then(j => {

+ assert_equals(j.a, '1');

+ assert_equals(j.b, '2');

+ })

+ .then(_ => {

+ document.cookie = "a=1; max-age=0";

+ document.cookie = "b=2; max-age=0";

+ });

+}, "Simple Fetch");

Mike West 2016/04/08 18:49:25 This is the only test that has anything to do with

+promise_test(function() {

var r1 = new Request('./resources/echo-post.php', { credentials: c, method: "POST" });

var r2 = r1.clone();

return fetch(r1)

@@ -178,6 +195,30 @@ promise_test(function() {

iconURL: 'https://example.com/icon.png'

});

+ credential.additionalData = new FormData();

+ credential.additionalData.append("excitingData", "exciting value");

+ credential.additionalData.append("csrf", "[randomness]");

+ return fetch("./resources/echo-post.php", { credentials: credential, method: "POST" })

+ .then(function (r) {

+ return r.json();

+ })

+ .then(function (j) {

+ assert_equals(j.username, 'id');

+ assert_equals(j.password, 'pencil');

+ assert_equals(j.excitingData, 'exciting value');

+ assert_equals(j.csrf, '[randomness]');

+ });

+}, "'additionalData': FormData properties are properly injected after assignment.");

Mike West 2016/04/08 18:49:25 This is from when I thought that adding the `FormD

+promise_test(function() {

+ var credential = new PasswordCredential({

+ id: 'id',

+ password: 'pencil',

+ name: 'name',

+ iconURL: 'https://example.com/icon.png'

+ });

var fd = new FormData();

fd.append("username", "foo");

fd.append("password", "bar");

@@ -291,4 +332,75 @@ promise_test(function() {

assert_equals(t, 'a=1&a=2&a=3&username=id&password=pencil');

});

}, "'additionalData': URLSearchParams properties are properly injected (ordering matters).");

+promise_test(_ => {

+ var id = "id";

+ var name = "name";

+ var icon = "http://example.com/";

+ var password = "pencil";

+ if (window.testRunner)

+ testRunner.addMockCredentialManagerResponse(id, name, icon, password);

+ return navigator.credentials.get({ password: true })

+ .then(c => {

+ return fetch("./resources/echo-post.php", { credentials: c, method: "POST" })

+ .then(resp => resp.json())

+ .then(j => {

+ assert_equals(j.username, 'id');

+ assert_equals(j.password, 'pencil')

+ });

+}, 'fetch() after get()');

Mike West 2016/04/08 18:49:25 And this is when I managed to convince myself that

+promise_test(_ => {

+ var id = "id";

+ var name = "name";

+ var icon = "http://example.com/";

+ var password = "pencil";

+ if (window.testRunner)

+ testRunner.addMockCredentialManagerResponse(id, name, icon, password);

+ return navigator.credentials.get({ password: true })

+ .then(c => {

+ var fd = new FormData();

+ fd.append('csrf_token', 'sekrit');

+ c.additionalData = fd;

+ return fetch("./resources/echo-post.php", { credentials: c, method: "POST" })

+ .then(resp => resp.json())

+ .then(j => {

+ assert_equals(j.username, 'id');

+ assert_equals(j.password, 'pencil')

+ assert_equals(j.csrf_token, 'sekrit')

+ });

+}, 'fetch() after get() with additionalData');

Mike West 2016/04/08 18:49:25 Maybe it was `get()` with a `FormData`?

+promise_test(_ => {

+ var id = "id";

+ var name = "name";

+ var icon = "http://example.com/";

+ var password = "pencil";

+ if (window.testRunner)

+ testRunner.addMockCredentialManagerResponse(id, name, icon, password);

+ return navigator.credentials.get({ password: true })

+ .then(c => {

+ var fd = new FormData();

+ fd.append('csrf_token', document.querySelector('#thing').value);

+ c.additionalData = fd;

+ return fetch("./resources/echo-post.php", { credentials: c, method: "POST" })

+ .then(resp => resp.json())

+ .then(j => {

+ assert_equals(j.username, 'id');

+ assert_equals(j.password, 'pencil')

+ assert_equals(j.csrf_token, 'sekrit')

+ });

+}, 'fetch() after get() with additionalData from DOM');

Mike West 2016/04/08 18:49:25 Maybe pulling data from the DOM is somehow broken?

</script>

Mike West 2016/04/08 18:49:25 There were lots more. All of them equally worthles

estark 2016/04/08 20:03:36 Aw, but on the bright side, you improved test cove