Index: third_party/WebKit/LayoutTests/external/wpt/service-workers/service-worker/fetch-response-taint.https.html |
diff --git a/third_party/WebKit/LayoutTests/http/tests/serviceworker/fetch-response-taint.html b/third_party/WebKit/LayoutTests/external/wpt/service-workers/service-worker/fetch-response-taint.https.html |
similarity index 63% |
rename from third_party/WebKit/LayoutTests/http/tests/serviceworker/fetch-response-taint.html |
rename to third_party/WebKit/LayoutTests/external/wpt/service-workers/service-worker/fetch-response-taint.https.html |
index de93c03ba9ebd7bfc2bd5c51615a94620439f713..ad0e366855b0018984768795d737f14c2cf95968 100644 |
--- a/third_party/WebKit/LayoutTests/http/tests/serviceworker/fetch-response-taint.html |
+++ b/third_party/WebKit/LayoutTests/external/wpt/service-workers/service-worker/fetch-response-taint.https.html |
@@ -1,38 +1,53 @@ |
<!DOCTYPE html> |
<title>Service Worker: Tainting of responses fetched via SW.</title> |
-<script src="../resources/testharness.js"></script> |
-<script src="../resources/testharnessreport.js"></script> |
-<script src="../resources/get-host-info.js?pipe=sub"></script> |
-<script src="resources/test-helpers.js"></script> |
+<script src="/resources/testharness.js"></script> |
+<script src="/resources/testharnessreport.js"></script> |
+<script src="/common/get-host-info.sub.js?pipe=sub"></script> |
Marijn Kruisselbrink
2017/05/03 17:23:58
nit:
I believe you don't need the "?pipe=sub" whe
mike3
2017/05/03 18:44:03
You are correct:
|
+<script src="resources/test-helpers.sub.js"></script> |
<body> |
<script> |
var host_info = get_host_info(); |
-var BASE_ORIGIN = host_info.HTTP_ORIGIN; |
-var OTHER_ORIGIN = host_info.HTTP_REMOTE_ORIGIN; |
+var BASE_ORIGIN = host_info.HTTPS_ORIGIN; |
+var OTHER_ORIGIN = host_info.HTTPS_REMOTE_ORIGIN; |
var BASE_URL = BASE_ORIGIN + base_path() + |
- 'resources/fetch-access-control.php?'; |
+ 'resources/fetch-access-control.py?'; |
var OTHER_BASE_URL = OTHER_ORIGIN + base_path() + |
- 'resources/fetch-access-control.php?'; |
+ 'resources/fetch-access-control.py?'; |
function frame_fetch(frame, url, mode, credentials) { |
- return frame.contentWindow.fetch( |
- new Request(url, {mode: mode, credentials: credentials})); |
+ var foreignPromise = frame.contentWindow.fetch( |
+ new Request(url, {mode: mode, credentials: credentials})) |
+ |
+ // Event loops should be shared between contexts of similar origin, not all |
+ // browsers adhere to this expectation at the time of this writing. Incorrect |
+ // behavior in this regard can interfere with test execution when the |
+ // provided iframe is removed from the document. |
+ // |
+ // WPT maintains a test dedicated the expected treatment of event loops, so |
+ // the following workaround is acceptable in this context. |
+ return Promise.resolve(foreignPromise); |
} |
function ng_test(frame, url, mode, credentials) { |
- return frame_fetch(frame, url, mode, credentials).then( |
+ var prms = frame_fetch(frame, url, mode, credentials).then( |
function() { |
- throw new Error('fetching url:\"' + url + '\" mode:\"' + mode + |
- '\" credentials:\"' + credentials + '\" should fail.'); |
+ throw new Error('Expected request to fail, but it succeeded.'); |
}, |
function() {}); |
+ |
+ promise_test(function() { |
+ return prms; |
+ }, 'url:\"' + url + '\" mode:\"' + mode + |
+ '\" credentials:\"' + credentials + '\" should fail.'); |
+ |
+ return prms; |
} |
function ok_test(frame, url, mode, credentials, expected_type, |
expected_username) { |
- return frame_fetch(frame, url, mode, credentials) |
+ var prms = frame_fetch(frame, url, mode, credentials) |
.then(function(res) { |
- assert_equals(res.type, expected_type); |
+ assert_equals(res.type, expected_type, 'response type'); |
return res.text(); |
}) |
.then(function(text) { |
@@ -48,12 +63,15 @@ function ok_test(frame, url, mode, credentials, expected_type, |
assert_equals(result.username, expected_username); |
}); |
} |
- }) |
- .catch(function(reason) { |
- throw new Error('fetching url:\"' + url + '\" mode:\"' + mode + |
- '\" credentials:\"' + credentials + '\" should ' + |
- 'success. - ' + reason.message); |
}); |
+ |
+ promise_test(function() { |
+ return prms; |
+ }, 'fetching url:\"' + url + '\" mode:\"' + mode + |
+ '\" credentials:\"' + credentials + '\" should ' + |
+ 'succeed.'); |
+ |
+ return prms; |
} |
function build_rewrite_url(origin, url, mode, credentials) { |
@@ -71,12 +89,20 @@ function for_each_origin_mode_credentials(callback) { |
}); |
} |
+// Create a Promise that is fulfilled when all the provided Promises have |
+// settled. This is necessary to correctly defer test clean up until all sub |
+// tests have completed (regardless of their passing or failing status). |
+function allSettled(promises) { |
+ var noop = function() {}; |
+ var caught = promises.map(function(promise) { return promise.catch(noop); }); |
+ return Promise.all(caught); |
+} |
+ |
promise_test(function(t) { |
var SCOPE = 'resources/fetch-response-taint-iframe.html'; |
var SCRIPT = 'resources/fetch-rewrite-worker.js'; |
- var frame = undefined; |
- return login(t, host_info.HTTP_ORIGIN, host_info.HTTP_REMOTE_ORIGIN) |
+ return login_https(t, host_info.HTTPS_ORIGIN, host_info.HTTPS_REMOTE_ORIGIN) |
.then(function() { |
return service_worker_unregister_and_register(t, SCRIPT, SCOPE); |
}) |
@@ -85,20 +111,20 @@ promise_test(function(t) { |
}) |
.then(function() { return with_iframe(SCOPE); }) |
.then(function(f) { |
- frame = f; |
+ t.add_cleanup(function() { f.remove(); }); |
var promises = [ |
ok_test(f, BASE_URL, 'same-origin', 'omit', 'basic', 'undefined'), |
ok_test(f, BASE_URL, 'same-origin', 'same-origin', 'basic', |
- 'username1'), |
+ 'username2s'), |
ok_test(f, BASE_URL, 'same-origin', 'include', 'basic', |
- 'username1'), |
+ 'username2s'), |
ok_test(f, BASE_URL, 'no-cors', 'omit', 'basic', 'undefined'), |
ok_test(f, BASE_URL, 'no-cors', 'same-origin', 'basic', |
- 'username1'), |
- ok_test(f, BASE_URL, 'no-cors', 'include', 'basic', 'username1'), |
+ 'username2s'), |
+ ok_test(f, BASE_URL, 'no-cors', 'include', 'basic', 'username2s'), |
ok_test(f, BASE_URL, 'cors', 'omit', 'basic', 'undefined'), |
- ok_test(f, BASE_URL, 'cors', 'same-origin', 'basic', 'username1'), |
- ok_test(f, BASE_URL, 'cors', 'include', 'basic', 'username1'), |
+ ok_test(f, BASE_URL, 'cors', 'same-origin', 'basic', 'username2s'), |
+ ok_test(f, BASE_URL, 'cors', 'include', 'basic', 'username2s'), |
ng_test(f, OTHER_BASE_URL, 'same-origin', 'omit'), |
ng_test(f, OTHER_BASE_URL, 'same-origin', 'same-origin'), |
ng_test(f, OTHER_BASE_URL, 'same-origin', 'include'), |
@@ -116,29 +142,34 @@ promise_test(function(t) { |
ok_test(f, |
OTHER_BASE_URL + 'ACAOrigin=' + BASE_ORIGIN + |
'&ACACredentials=true', |
- 'cors', 'include', 'cors', 'username2') |
+ 'cors', 'include', 'cors', 'username1s') |
]; |
for_each_origin_mode_credentials(function(origin, mode, credentials) { |
var url = build_rewrite_url( |
origin, BASE_URL, 'same-origin', 'omit'); |
// Fetch to the other origin with same-origin mode should fail. |
- if (origin == OTHER_ORIGIN && mode == 'same-origin') |
- return promises.push(ng_test(f, url, mode, credentials)); |
- // The response type from the SW should be basic |
- promises.push( |
+ if (origin == OTHER_ORIGIN && mode == 'same-origin') { |
+ promises.push(ng_test(f, url, mode, credentials)); |
+ } else { |
+ // The response type from the SW should be basic |
+ promises.push( |
ok_test(f, url, mode, credentials, 'basic', 'undefined')); |
+ } |
}); |
for_each_origin_mode_credentials(function(origin, mode, credentials) { |
var url = build_rewrite_url( |
origin, BASE_URL, 'same-origin', 'same-origin'); |
+ |
// Fetch to the other origin with same-origin mode should fail. |
- if (origin == OTHER_ORIGIN && mode == 'same-origin') |
- return promises.push(ng_test(f, url, mode, credentials)); |
+ if (origin == OTHER_ORIGIN && mode == 'same-origin') { |
+ promises.push(ng_test(f, url, mode, credentials)); |
// The response type from the SW should be basic. |
- promises.push( |
- ok_test(f, url, mode, credentials, 'basic', 'username1')); |
+ } else { |
+ promises.push( |
+ ok_test(f, url, mode, credentials, 'basic', 'username2s')); |
+ } |
}); |
for_each_origin_mode_credentials(function(origin, mode, credentials) { |
@@ -151,22 +182,28 @@ promise_test(function(t) { |
for_each_origin_mode_credentials(function(origin, mode, credentials) { |
var url = build_rewrite_url( |
origin, OTHER_BASE_URL, 'no-cors', 'omit'); |
+ |
// SW can respond only to no-cors requests. |
- if (mode != 'no-cors') |
- return promises.push(ng_test(f, url, mode, credentials)); |
- // The response type from the SW should be opaque. |
- promises.push(ok_test(f, url, mode, credentials, 'opaque')); |
+ if (mode != 'no-cors') { |
+ promises.push(ng_test(f, url, mode, credentials)); |
+ } else { |
+ // The response type from the SW should be opaque. |
+ promises.push(ok_test(f, url, mode, credentials, 'opaque')); |
+ } |
}); |
for_each_origin_mode_credentials(function(origin, mode, credentials) { |
var url = build_rewrite_url( |
origin, OTHER_BASE_URL + 'ACAOrigin=*', 'cors', 'omit'); |
+ |
// Fetch to the other origin with same-origin mode should fail. |
- if (origin == OTHER_ORIGIN && mode == 'same-origin') |
- return promises.push(ng_test(f, url, mode, credentials)); |
- // The response from the SW should be cors. |
- promises.push( |
+ if (origin == OTHER_ORIGIN && mode == 'same-origin') { |
+ promises.push(ng_test(f, url, mode, credentials)); |
+ } else { |
+ // The response from the SW should be cors. |
+ promises.push( |
ok_test(f, url, mode, credentials, 'cors', 'undefined')); |
+ } |
}); |
for_each_origin_mode_credentials(function(origin, mode, credentials) { |
@@ -176,18 +213,20 @@ promise_test(function(t) { |
'&ACACredentials=true', |
'cors', 'include'); |
// Fetch to the other origin with same-origin mode should fail. |
- if (origin == OTHER_ORIGIN && mode == 'same-origin') |
- return promises.push(ng_test(f, url, mode, credentials)); |
- // The response from the SW should be cors. |
- promises.push( |
- ok_test(f, url, mode, credentials, 'cors', 'username2')); |
+ if (origin == OTHER_ORIGIN && mode == 'same-origin') { |
+ promises.push(ng_test(f, url, mode, credentials)); |
+ } else { |
+ // The response from the SW should be cors. |
+ promises.push( |
+ ok_test(f, url, mode, credentials, 'cors', 'username1s')); |
+ } |
}); |
- return Promise.all(promises); |
- }) |
- .then(function(f) { |
- frame.remove() |
- }) |
- .catch(unreached_rejection(t)); |
+ |
+ return allSettled(promises) |
+ .then(function() { |
+ return service_worker_unregister_and_done(t, SCOPE); |
+ }); |
+ }); |
}, 'Verify the tainting of responses fetched via SW'); |
</script> |
</body> |