Chromium Code Reviews Chromium Code Reviews
Issue 2856863003:
Upstream service worker `fetch` test to WPT (Closed)
| Index: third_party/WebKit/LayoutTests/external/wpt/service-workers/service-worker/fetch-response-taint.https.html |
| diff --git a/third_party/WebKit/LayoutTests/http/tests/serviceworker/fetch-response-taint.html b/third_party/WebKit/LayoutTests/external/wpt/service-workers/service-worker/fetch-response-taint.https.html |
| similarity index 63% |
| rename from third_party/WebKit/LayoutTests/http/tests/serviceworker/fetch-response-taint.html |
| rename to third_party/WebKit/LayoutTests/external/wpt/service-workers/service-worker/fetch-response-taint.https.html |
| index de93c03ba9ebd7bfc2bd5c51615a94620439f713..ad0e366855b0018984768795d737f14c2cf95968 100644 |
| --- a/third_party/WebKit/LayoutTests/http/tests/serviceworker/fetch-response-taint.html |
| +++ b/third_party/WebKit/LayoutTests/external/wpt/service-workers/service-worker/fetch-response-taint.https.html |
| @@ -1,38 +1,53 @@ |
| <!DOCTYPE html> |
| <title>Service Worker: Tainting of responses fetched via SW.</title> |
| -<script src="../resources/testharness.js"></script> |
| -<script src="../resources/testharnessreport.js"></script> |
| -<script src="../resources/get-host-info.js?pipe=sub"></script> |
| -<script src="resources/test-helpers.js"></script> |
| +<script src="/resources/testharness.js"></script> |
| +<script src="/resources/testharnessreport.js"></script> |
| +<script src="/common/get-host-info.sub.js?pipe=sub"></script> |
|
Marijn Kruisselbrink
2017/05/03 17:23:58
nit:
I believe you don't need the "?pipe=sub" whe
mike3
2017/05/03 18:44:03
You are correct:
|
| +<script src="resources/test-helpers.sub.js"></script> |
| <body> |
| <script> |
| var host_info = get_host_info(); |
| -var BASE_ORIGIN = host_info.HTTP_ORIGIN; |
| -var OTHER_ORIGIN = host_info.HTTP_REMOTE_ORIGIN; |
| +var BASE_ORIGIN = host_info.HTTPS_ORIGIN; |
| +var OTHER_ORIGIN = host_info.HTTPS_REMOTE_ORIGIN; |
| var BASE_URL = BASE_ORIGIN + base_path() + |
| - 'resources/fetch-access-control.php?'; |
| + 'resources/fetch-access-control.py?'; |
| var OTHER_BASE_URL = OTHER_ORIGIN + base_path() + |
| - 'resources/fetch-access-control.php?'; |
| + 'resources/fetch-access-control.py?'; |
| function frame_fetch(frame, url, mode, credentials) { |
| - return frame.contentWindow.fetch( |
| - new Request(url, {mode: mode, credentials: credentials})); |
| + var foreignPromise = frame.contentWindow.fetch( |
| + new Request(url, {mode: mode, credentials: credentials})) |
| + |
| + // Event loops should be shared between contexts of similar origin, not all |
| + // browsers adhere to this expectation at the time of this writing. Incorrect |
| + // behavior in this regard can interfere with test execution when the |
| + // provided iframe is removed from the document. |
| + // |
| + // WPT maintains a test dedicated the expected treatment of event loops, so |
| + // the following workaround is acceptable in this context. |
| + return Promise.resolve(foreignPromise); |
| } |
| function ng_test(frame, url, mode, credentials) { |
| - return frame_fetch(frame, url, mode, credentials).then( |
| + var prms = frame_fetch(frame, url, mode, credentials).then( |
| function() { |
| - throw new Error('fetching url:\"' + url + '\" mode:\"' + mode + |
| - '\" credentials:\"' + credentials + '\" should fail.'); |
| + throw new Error('Expected request to fail, but it succeeded.'); |
| }, |
| function() {}); |
| + |
| + promise_test(function() { |
| + return prms; |
| + }, 'url:\"' + url + '\" mode:\"' + mode + |
| + '\" credentials:\"' + credentials + '\" should fail.'); |
| + |
| + return prms; |
| } |
| function ok_test(frame, url, mode, credentials, expected_type, |
| expected_username) { |
| - return frame_fetch(frame, url, mode, credentials) |
| + var prms = frame_fetch(frame, url, mode, credentials) |
| .then(function(res) { |
| - assert_equals(res.type, expected_type); |
| + assert_equals(res.type, expected_type, 'response type'); |
| return res.text(); |
| }) |
| .then(function(text) { |
| @@ -48,12 +63,15 @@ function ok_test(frame, url, mode, credentials, expected_type, |
| assert_equals(result.username, expected_username); |
| }); |
| } |
| - }) |
| - .catch(function(reason) { |
| - throw new Error('fetching url:\"' + url + '\" mode:\"' + mode + |
| - '\" credentials:\"' + credentials + '\" should ' + |
| - 'success. - ' + reason.message); |
| }); |
| + |
| + promise_test(function() { |
| + return prms; |
| + }, 'fetching url:\"' + url + '\" mode:\"' + mode + |
| + '\" credentials:\"' + credentials + '\" should ' + |
| + 'succeed.'); |
| + |
| + return prms; |
| } |
| function build_rewrite_url(origin, url, mode, credentials) { |
| @@ -71,12 +89,20 @@ function for_each_origin_mode_credentials(callback) { |
| }); |
| } |
| +// Create a Promise that is fulfilled when all the provided Promises have |
| +// settled. This is necessary to correctly defer test clean up until all sub |
| +// tests have completed (regardless of their passing or failing status). |
| +function allSettled(promises) { |
| + var noop = function() {}; |
| + var caught = promises.map(function(promise) { return promise.catch(noop); }); |
| + return Promise.all(caught); |
| +} |
| + |
| promise_test(function(t) { |
| var SCOPE = 'resources/fetch-response-taint-iframe.html'; |
| var SCRIPT = 'resources/fetch-rewrite-worker.js'; |
| - var frame = undefined; |
| - return login(t, host_info.HTTP_ORIGIN, host_info.HTTP_REMOTE_ORIGIN) |
| + return login_https(t, host_info.HTTPS_ORIGIN, host_info.HTTPS_REMOTE_ORIGIN) |
| .then(function() { |
| return service_worker_unregister_and_register(t, SCRIPT, SCOPE); |
| }) |
| @@ -85,20 +111,20 @@ promise_test(function(t) { |
| }) |
| .then(function() { return with_iframe(SCOPE); }) |
| .then(function(f) { |
| - frame = f; |
| + t.add_cleanup(function() { f.remove(); }); |
| var promises = [ |
| ok_test(f, BASE_URL, 'same-origin', 'omit', 'basic', 'undefined'), |
| ok_test(f, BASE_URL, 'same-origin', 'same-origin', 'basic', |
| - 'username1'), |
| + 'username2s'), |
| ok_test(f, BASE_URL, 'same-origin', 'include', 'basic', |
| - 'username1'), |
| + 'username2s'), |
| ok_test(f, BASE_URL, 'no-cors', 'omit', 'basic', 'undefined'), |
| ok_test(f, BASE_URL, 'no-cors', 'same-origin', 'basic', |
| - 'username1'), |
| - ok_test(f, BASE_URL, 'no-cors', 'include', 'basic', 'username1'), |
| + 'username2s'), |
| + ok_test(f, BASE_URL, 'no-cors', 'include', 'basic', 'username2s'), |
| ok_test(f, BASE_URL, 'cors', 'omit', 'basic', 'undefined'), |
| - ok_test(f, BASE_URL, 'cors', 'same-origin', 'basic', 'username1'), |
| - ok_test(f, BASE_URL, 'cors', 'include', 'basic', 'username1'), |
| + ok_test(f, BASE_URL, 'cors', 'same-origin', 'basic', 'username2s'), |
| + ok_test(f, BASE_URL, 'cors', 'include', 'basic', 'username2s'), |
| ng_test(f, OTHER_BASE_URL, 'same-origin', 'omit'), |
| ng_test(f, OTHER_BASE_URL, 'same-origin', 'same-origin'), |
| ng_test(f, OTHER_BASE_URL, 'same-origin', 'include'), |
| @@ -116,29 +142,34 @@ promise_test(function(t) { |
| ok_test(f, |
| OTHER_BASE_URL + 'ACAOrigin=' + BASE_ORIGIN + |
| '&ACACredentials=true', |
| - 'cors', 'include', 'cors', 'username2') |
| + 'cors', 'include', 'cors', 'username1s') |
| ]; |
| for_each_origin_mode_credentials(function(origin, mode, credentials) { |
| var url = build_rewrite_url( |
| origin, BASE_URL, 'same-origin', 'omit'); |
| // Fetch to the other origin with same-origin mode should fail. |
| - if (origin == OTHER_ORIGIN && mode == 'same-origin') |
| - return promises.push(ng_test(f, url, mode, credentials)); |
| - // The response type from the SW should be basic |
| - promises.push( |
| + if (origin == OTHER_ORIGIN && mode == 'same-origin') { |
| + promises.push(ng_test(f, url, mode, credentials)); |
| + } else { |
| + // The response type from the SW should be basic |
| + promises.push( |
| ok_test(f, url, mode, credentials, 'basic', 'undefined')); |
| + } |
| }); |
| for_each_origin_mode_credentials(function(origin, mode, credentials) { |
| var url = build_rewrite_url( |
| origin, BASE_URL, 'same-origin', 'same-origin'); |
| + |
| // Fetch to the other origin with same-origin mode should fail. |
| - if (origin == OTHER_ORIGIN && mode == 'same-origin') |
| - return promises.push(ng_test(f, url, mode, credentials)); |
| + if (origin == OTHER_ORIGIN && mode == 'same-origin') { |
| + promises.push(ng_test(f, url, mode, credentials)); |
| // The response type from the SW should be basic. |
| - promises.push( |
| - ok_test(f, url, mode, credentials, 'basic', 'username1')); |
| + } else { |
| + promises.push( |
| + ok_test(f, url, mode, credentials, 'basic', 'username2s')); |
| + } |
| }); |
| for_each_origin_mode_credentials(function(origin, mode, credentials) { |
| @@ -151,22 +182,28 @@ promise_test(function(t) { |
| for_each_origin_mode_credentials(function(origin, mode, credentials) { |
| var url = build_rewrite_url( |
| origin, OTHER_BASE_URL, 'no-cors', 'omit'); |
| + |
| // SW can respond only to no-cors requests. |
| - if (mode != 'no-cors') |
| - return promises.push(ng_test(f, url, mode, credentials)); |
| - // The response type from the SW should be opaque. |
| - promises.push(ok_test(f, url, mode, credentials, 'opaque')); |
| + if (mode != 'no-cors') { |
| + promises.push(ng_test(f, url, mode, credentials)); |
| + } else { |
| + // The response type from the SW should be opaque. |
| + promises.push(ok_test(f, url, mode, credentials, 'opaque')); |
| + } |
| }); |
| for_each_origin_mode_credentials(function(origin, mode, credentials) { |
| var url = build_rewrite_url( |
| origin, OTHER_BASE_URL + 'ACAOrigin=*', 'cors', 'omit'); |
| + |
| // Fetch to the other origin with same-origin mode should fail. |
| - if (origin == OTHER_ORIGIN && mode == 'same-origin') |
| - return promises.push(ng_test(f, url, mode, credentials)); |
| - // The response from the SW should be cors. |
| - promises.push( |
| + if (origin == OTHER_ORIGIN && mode == 'same-origin') { |
| + promises.push(ng_test(f, url, mode, credentials)); |
| + } else { |
| + // The response from the SW should be cors. |
| + promises.push( |
| ok_test(f, url, mode, credentials, 'cors', 'undefined')); |
| + } |
| }); |
| for_each_origin_mode_credentials(function(origin, mode, credentials) { |
| @@ -176,18 +213,20 @@ promise_test(function(t) { |
| '&ACACredentials=true', |
| 'cors', 'include'); |
| // Fetch to the other origin with same-origin mode should fail. |
| - if (origin == OTHER_ORIGIN && mode == 'same-origin') |
| - return promises.push(ng_test(f, url, mode, credentials)); |
| - // The response from the SW should be cors. |
| - promises.push( |
| - ok_test(f, url, mode, credentials, 'cors', 'username2')); |
| + if (origin == OTHER_ORIGIN && mode == 'same-origin') { |
| + promises.push(ng_test(f, url, mode, credentials)); |
| + } else { |
| + // The response from the SW should be cors. |
| + promises.push( |
| + ok_test(f, url, mode, credentials, 'cors', 'username1s')); |
| + } |
| }); |
| - return Promise.all(promises); |
| - }) |
| - .then(function(f) { |
| - frame.remove() |
| - }) |
| - .catch(unreached_rejection(t)); |
| + |
| + return allSettled(promises) |
| + .then(function() { |
| + return service_worker_unregister_and_done(t, SCOPE); |
| + }); |
| + }); |
| }, 'Verify the tainting of responses fetched via SW'); |
| </script> |
| </body> |
