-
-
Save jugglinmike/5f188a27b8c8c6179d74af0c53727d4c to your computer and use it in GitHub Desktop.
t
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff --git a/third_party/WebKit/LayoutTests/external/wpt/service-workers/service-worker/fetch-response-taint.https.html b/third_party/WebKit/LayoutTests/external/wpt/service-workers/service-worker/fetch-response-taint.https.html | |
index de93c03..ad0e366 100644 | |
--- a/third_party/WebKit/LayoutTests/external/wpt/service-workers/service-worker/fetch-response-taint.https.html | |
+++ b/third_party/WebKit/LayoutTests/external/wpt/service-workers/service-worker/fetch-response-taint.https.html | |
@@ -1,38 +1,53 @@ | |
<!DOCTYPE html> | |
<title>Service Worker: Tainting of responses fetched via SW.</title> | |
-<script src="../resources/testharness.js"></script> | |
-<script src="../resources/testharnessreport.js"></script> | |
-<script src="../resources/get-host-info.js?pipe=sub"></script> | |
-<script src="resources/test-helpers.js"></script> | |
+<script src="/resources/testharness.js"></script> | |
+<script src="/resources/testharnessreport.js"></script> | |
+<script src="/common/get-host-info.sub.js?pipe=sub"></script> | |
+<script src="resources/test-helpers.sub.js"></script> | |
<body> | |
<script> | |
var host_info = get_host_info(); | |
-var BASE_ORIGIN = host_info.HTTP_ORIGIN; | |
-var OTHER_ORIGIN = host_info.HTTP_REMOTE_ORIGIN; | |
+var BASE_ORIGIN = host_info.HTTPS_ORIGIN; | |
+var OTHER_ORIGIN = host_info.HTTPS_REMOTE_ORIGIN; | |
var BASE_URL = BASE_ORIGIN + base_path() + | |
- 'resources/fetch-access-control.php?'; | |
+ 'resources/fetch-access-control.py?'; | |
var OTHER_BASE_URL = OTHER_ORIGIN + base_path() + | |
- 'resources/fetch-access-control.php?'; | |
+ 'resources/fetch-access-control.py?'; | |
function frame_fetch(frame, url, mode, credentials) { | |
- return frame.contentWindow.fetch( | |
- new Request(url, {mode: mode, credentials: credentials})); | |
+ var foreignPromise = frame.contentWindow.fetch( | |
+ new Request(url, {mode: mode, credentials: credentials})) | |
+ | |
+ // Event loops should be shared between contexts of similar origin, not all | |
+ // browsers adhere to this expectation at the time of this writing. Incorrect | |
+ // behavior in this regard can interfere with test execution when the | |
+ // provided iframe is removed from the document. | |
+ // | |
+ // WPT maintains a test dedicated the expected treatment of event loops, so | |
+ // the following workaround is acceptable in this context. | |
+ return Promise.resolve(foreignPromise); | |
} | |
function ng_test(frame, url, mode, credentials) { | |
- return frame_fetch(frame, url, mode, credentials).then( | |
+ var prms = frame_fetch(frame, url, mode, credentials).then( | |
function() { | |
- throw new Error('fetching url:\"' + url + '\" mode:\"' + mode + | |
- '\" credentials:\"' + credentials + '\" should fail.'); | |
+ throw new Error('Expected request to fail, but it succeeded.'); | |
}, | |
function() {}); | |
+ | |
+ promise_test(function() { | |
+ return prms; | |
+ }, 'url:\"' + url + '\" mode:\"' + mode + | |
+ '\" credentials:\"' + credentials + '\" should fail.'); | |
+ | |
+ return prms; | |
} | |
function ok_test(frame, url, mode, credentials, expected_type, | |
expected_username) { | |
- return frame_fetch(frame, url, mode, credentials) | |
+ var prms = frame_fetch(frame, url, mode, credentials) | |
.then(function(res) { | |
- assert_equals(res.type, expected_type); | |
+ assert_equals(res.type, expected_type, 'response type'); | |
return res.text(); | |
}) | |
.then(function(text) { | |
@@ -48,12 +63,15 @@ function ok_test(frame, url, mode, credentials, expected_type, | |
assert_equals(result.username, expected_username); | |
}); | |
} | |
- }) | |
- .catch(function(reason) { | |
- throw new Error('fetching url:\"' + url + '\" mode:\"' + mode + | |
- '\" credentials:\"' + credentials + '\" should ' + | |
- 'success. - ' + reason.message); | |
}); | |
+ | |
+ promise_test(function() { | |
+ return prms; | |
+ }, 'fetching url:\"' + url + '\" mode:\"' + mode + | |
+ '\" credentials:\"' + credentials + '\" should ' + | |
+ 'succeed.'); | |
+ | |
+ return prms; | |
} | |
function build_rewrite_url(origin, url, mode, credentials) { | |
@@ -71,12 +89,20 @@ function for_each_origin_mode_credentials(callback) { | |
}); | |
} | |
+// Create a Promise that is fulfilled when all the provided Promises have | |
+// settled. This is necessary to correctly defer test clean up until all sub | |
+// tests have completed (regardless of their passing or failing status). | |
+function allSettled(promises) { | |
+ var noop = function() {}; | |
+ var caught = promises.map(function(promise) { return promise.catch(noop); }); | |
+ return Promise.all(caught); | |
+} | |
+ | |
promise_test(function(t) { | |
var SCOPE = 'resources/fetch-response-taint-iframe.html'; | |
var SCRIPT = 'resources/fetch-rewrite-worker.js'; | |
- var frame = undefined; | |
- return login(t, host_info.HTTP_ORIGIN, host_info.HTTP_REMOTE_ORIGIN) | |
+ return login_https(t, host_info.HTTPS_ORIGIN, host_info.HTTPS_REMOTE_ORIGIN) | |
.then(function() { | |
return service_worker_unregister_and_register(t, SCRIPT, SCOPE); | |
}) | |
@@ -85,20 +111,20 @@ promise_test(function(t) { | |
}) | |
.then(function() { return with_iframe(SCOPE); }) | |
.then(function(f) { | |
- frame = f; | |
+ t.add_cleanup(function() { f.remove(); }); | |
var promises = [ | |
ok_test(f, BASE_URL, 'same-origin', 'omit', 'basic', 'undefined'), | |
ok_test(f, BASE_URL, 'same-origin', 'same-origin', 'basic', | |
- 'username1'), | |
+ 'username2s'), | |
ok_test(f, BASE_URL, 'same-origin', 'include', 'basic', | |
- 'username1'), | |
+ 'username2s'), | |
ok_test(f, BASE_URL, 'no-cors', 'omit', 'basic', 'undefined'), | |
ok_test(f, BASE_URL, 'no-cors', 'same-origin', 'basic', | |
- 'username1'), | |
- ok_test(f, BASE_URL, 'no-cors', 'include', 'basic', 'username1'), | |
+ 'username2s'), | |
+ ok_test(f, BASE_URL, 'no-cors', 'include', 'basic', 'username2s'), | |
ok_test(f, BASE_URL, 'cors', 'omit', 'basic', 'undefined'), | |
- ok_test(f, BASE_URL, 'cors', 'same-origin', 'basic', 'username1'), | |
- ok_test(f, BASE_URL, 'cors', 'include', 'basic', 'username1'), | |
+ ok_test(f, BASE_URL, 'cors', 'same-origin', 'basic', 'username2s'), | |
+ ok_test(f, BASE_URL, 'cors', 'include', 'basic', 'username2s'), | |
ng_test(f, OTHER_BASE_URL, 'same-origin', 'omit'), | |
ng_test(f, OTHER_BASE_URL, 'same-origin', 'same-origin'), | |
ng_test(f, OTHER_BASE_URL, 'same-origin', 'include'), | |
@@ -116,29 +142,34 @@ promise_test(function(t) { | |
ok_test(f, | |
OTHER_BASE_URL + 'ACAOrigin=' + BASE_ORIGIN + | |
'&ACACredentials=true', | |
- 'cors', 'include', 'cors', 'username2') | |
+ 'cors', 'include', 'cors', 'username1s') | |
]; | |
for_each_origin_mode_credentials(function(origin, mode, credentials) { | |
var url = build_rewrite_url( | |
origin, BASE_URL, 'same-origin', 'omit'); | |
// Fetch to the other origin with same-origin mode should fail. | |
- if (origin == OTHER_ORIGIN && mode == 'same-origin') | |
- return promises.push(ng_test(f, url, mode, credentials)); | |
+ if (origin == OTHER_ORIGIN && mode == 'same-origin') { | |
+ promises.push(ng_test(f, url, mode, credentials)); | |
+ } else { | |
// The response type from the SW should be basic | |
promises.push( | |
ok_test(f, url, mode, credentials, 'basic', 'undefined')); | |
+ } | |
}); | |
for_each_origin_mode_credentials(function(origin, mode, credentials) { | |
var url = build_rewrite_url( | |
origin, BASE_URL, 'same-origin', 'same-origin'); | |
+ | |
// Fetch to the other origin with same-origin mode should fail. | |
- if (origin == OTHER_ORIGIN && mode == 'same-origin') | |
- return promises.push(ng_test(f, url, mode, credentials)); | |
+ if (origin == OTHER_ORIGIN && mode == 'same-origin') { | |
+ promises.push(ng_test(f, url, mode, credentials)); | |
// The response type from the SW should be basic. | |
+ } else { | |
promises.push( | |
- ok_test(f, url, mode, credentials, 'basic', 'username1')); | |
+ ok_test(f, url, mode, credentials, 'basic', 'username2s')); | |
+ } | |
}); | |
for_each_origin_mode_credentials(function(origin, mode, credentials) { | |
@@ -151,22 +182,28 @@ promise_test(function(t) { | |
for_each_origin_mode_credentials(function(origin, mode, credentials) { | |
var url = build_rewrite_url( | |
origin, OTHER_BASE_URL, 'no-cors', 'omit'); | |
+ | |
// SW can respond only to no-cors requests. | |
- if (mode != 'no-cors') | |
- return promises.push(ng_test(f, url, mode, credentials)); | |
+ if (mode != 'no-cors') { | |
+ promises.push(ng_test(f, url, mode, credentials)); | |
+ } else { | |
// The response type from the SW should be opaque. | |
promises.push(ok_test(f, url, mode, credentials, 'opaque')); | |
+ } | |
}); | |
for_each_origin_mode_credentials(function(origin, mode, credentials) { | |
var url = build_rewrite_url( | |
origin, OTHER_BASE_URL + 'ACAOrigin=*', 'cors', 'omit'); | |
+ | |
// Fetch to the other origin with same-origin mode should fail. | |
- if (origin == OTHER_ORIGIN && mode == 'same-origin') | |
- return promises.push(ng_test(f, url, mode, credentials)); | |
+ if (origin == OTHER_ORIGIN && mode == 'same-origin') { | |
+ promises.push(ng_test(f, url, mode, credentials)); | |
+ } else { | |
// The response from the SW should be cors. | |
promises.push( | |
ok_test(f, url, mode, credentials, 'cors', 'undefined')); | |
+ } | |
}); | |
for_each_origin_mode_credentials(function(origin, mode, credentials) { | |
@@ -176,18 +213,20 @@ promise_test(function(t) { | |
'&ACACredentials=true', | |
'cors', 'include'); | |
// Fetch to the other origin with same-origin mode should fail. | |
- if (origin == OTHER_ORIGIN && mode == 'same-origin') | |
- return promises.push(ng_test(f, url, mode, credentials)); | |
+ if (origin == OTHER_ORIGIN && mode == 'same-origin') { | |
+ promises.push(ng_test(f, url, mode, credentials)); | |
+ } else { | |
// The response from the SW should be cors. | |
promises.push( | |
- ok_test(f, url, mode, credentials, 'cors', 'username2')); | |
+ ok_test(f, url, mode, credentials, 'cors', 'username1s')); | |
+ } | |
+ }); | |
+ | |
+ return allSettled(promises) | |
+ .then(function() { | |
+ return service_worker_unregister_and_done(t, SCOPE); | |
+ }); | |
}); | |
- return Promise.all(promises); | |
- }) | |
- .then(function(f) { | |
- frame.remove() | |
- }) | |
- .catch(unreached_rejection(t)); | |
}, 'Verify the tainting of responses fetched via SW'); | |
</script> | |
</body> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment