Skip to content

Instantly share code, notes, and snippets.

@jugglinmike

jugglinmike/t.diff Secret

Created May 2, 2017 18:39
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save jugglinmike/5f188a27b8c8c6179d74af0c53727d4c to your computer and use it in GitHub Desktop.
Save jugglinmike/5f188a27b8c8c6179d74af0c53727d4c to your computer and use it in GitHub Desktop.
Download ZIP
t
Raw
t.diff
diff --git a/third_party/WebKit/LayoutTests/external/wpt/service-workers/service-worker/fetch-response-taint.https.html b/third_party/WebKit/LayoutTests/external/wpt/service-workers/service-worker/fetch-response-taint.https.html
index de93c03..ad0e366 100644
--- a/third_party/WebKit/LayoutTests/external/wpt/service-workers/service-worker/fetch-response-taint.https.html
+++ b/third_party/WebKit/LayoutTests/external/wpt/service-workers/service-worker/fetch-response-taint.https.html
@@ -1,38 +1,53 @@
<!DOCTYPE html>
<title>Service Worker: Tainting of responses fetched via SW.</title>
-<script src="../resources/testharness.js"></script>
-<script src="../resources/testharnessreport.js"></script>
-<script src="../resources/get-host-info.js?pipe=sub"></script>
-<script src="resources/test-helpers.js"></script>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/get-host-info.sub.js?pipe=sub"></script>
+<script src="resources/test-helpers.sub.js"></script>
<body>
<script>
var host_info = get_host_info();
-var BASE_ORIGIN = host_info.HTTP_ORIGIN;
-var OTHER_ORIGIN = host_info.HTTP_REMOTE_ORIGIN;
+var BASE_ORIGIN = host_info.HTTPS_ORIGIN;
+var OTHER_ORIGIN = host_info.HTTPS_REMOTE_ORIGIN;
var BASE_URL = BASE_ORIGIN + base_path() +
- 'resources/fetch-access-control.php?';
+ 'resources/fetch-access-control.py?';
var OTHER_BASE_URL = OTHER_ORIGIN + base_path() +
- 'resources/fetch-access-control.php?';
+ 'resources/fetch-access-control.py?';
function frame_fetch(frame, url, mode, credentials) {
- return frame.contentWindow.fetch(
- new Request(url, {mode: mode, credentials: credentials}));
+ var foreignPromise = frame.contentWindow.fetch(
+ new Request(url, {mode: mode, credentials: credentials}))
+
+ // Event loops should be shared between contexts of similar origin, not all
+ // browsers adhere to this expectation at the time of this writing. Incorrect
+ // behavior in this regard can interfere with test execution when the
+ // provided iframe is removed from the document.
+ //
+ // WPT maintains a test dedicated the expected treatment of event loops, so
+ // the following workaround is acceptable in this context.
+ return Promise.resolve(foreignPromise);
}
function ng_test(frame, url, mode, credentials) {
- return frame_fetch(frame, url, mode, credentials).then(
+ var prms = frame_fetch(frame, url, mode, credentials).then(
function() {
- throw new Error('fetching url:\"' + url + '\" mode:\"' + mode +
- '\" credentials:\"' + credentials + '\" should fail.');
+ throw new Error('Expected request to fail, but it succeeded.');
},
function() {});
+
+ promise_test(function() {
+ return prms;
+ }, 'url:\"' + url + '\" mode:\"' + mode +
+ '\" credentials:\"' + credentials + '\" should fail.');
+
+ return prms;
}
function ok_test(frame, url, mode, credentials, expected_type,
expected_username) {
- return frame_fetch(frame, url, mode, credentials)
+ var prms = frame_fetch(frame, url, mode, credentials)
.then(function(res) {
- assert_equals(res.type, expected_type);
+ assert_equals(res.type, expected_type, 'response type');
return res.text();
})
.then(function(text) {
@@ -48,12 +63,15 @@ function ok_test(frame, url, mode, credentials, expected_type,
assert_equals(result.username, expected_username);
});
}
- })
- .catch(function(reason) {
- throw new Error('fetching url:\"' + url + '\" mode:\"' + mode +
- '\" credentials:\"' + credentials + '\" should ' +
- 'success. - ' + reason.message);
});
+
+ promise_test(function() {
+ return prms;
+ }, 'fetching url:\"' + url + '\" mode:\"' + mode +
+ '\" credentials:\"' + credentials + '\" should ' +
+ 'succeed.');
+
+ return prms;
}
function build_rewrite_url(origin, url, mode, credentials) {
@@ -71,12 +89,20 @@ function for_each_origin_mode_credentials(callback) {
});
}
+// Create a Promise that is fulfilled when all the provided Promises have
+// settled. This is necessary to correctly defer test clean up until all sub
+// tests have completed (regardless of their passing or failing status).
+function allSettled(promises) {
+ var noop = function() {};
+ var caught = promises.map(function(promise) { return promise.catch(noop); });
+ return Promise.all(caught);
+}
+
promise_test(function(t) {
var SCOPE = 'resources/fetch-response-taint-iframe.html';
var SCRIPT = 'resources/fetch-rewrite-worker.js';
- var frame = undefined;
- return login(t, host_info.HTTP_ORIGIN, host_info.HTTP_REMOTE_ORIGIN)
+ return login_https(t, host_info.HTTPS_ORIGIN, host_info.HTTPS_REMOTE_ORIGIN)
.then(function() {
return service_worker_unregister_and_register(t, SCRIPT, SCOPE);
})
@@ -85,20 +111,20 @@ promise_test(function(t) {
})
.then(function() { return with_iframe(SCOPE); })
.then(function(f) {
- frame = f;
+ t.add_cleanup(function() { f.remove(); });
var promises = [
ok_test(f, BASE_URL, 'same-origin', 'omit', 'basic', 'undefined'),
ok_test(f, BASE_URL, 'same-origin', 'same-origin', 'basic',
- 'username1'),
+ 'username2s'),
ok_test(f, BASE_URL, 'same-origin', 'include', 'basic',
- 'username1'),
+ 'username2s'),
ok_test(f, BASE_URL, 'no-cors', 'omit', 'basic', 'undefined'),
ok_test(f, BASE_URL, 'no-cors', 'same-origin', 'basic',
- 'username1'),
- ok_test(f, BASE_URL, 'no-cors', 'include', 'basic', 'username1'),
+ 'username2s'),
+ ok_test(f, BASE_URL, 'no-cors', 'include', 'basic', 'username2s'),
ok_test(f, BASE_URL, 'cors', 'omit', 'basic', 'undefined'),
- ok_test(f, BASE_URL, 'cors', 'same-origin', 'basic', 'username1'),
- ok_test(f, BASE_URL, 'cors', 'include', 'basic', 'username1'),
+ ok_test(f, BASE_URL, 'cors', 'same-origin', 'basic', 'username2s'),
+ ok_test(f, BASE_URL, 'cors', 'include', 'basic', 'username2s'),
ng_test(f, OTHER_BASE_URL, 'same-origin', 'omit'),
ng_test(f, OTHER_BASE_URL, 'same-origin', 'same-origin'),
ng_test(f, OTHER_BASE_URL, 'same-origin', 'include'),
@@ -116,29 +142,34 @@ promise_test(function(t) {
ok_test(f,
OTHER_BASE_URL + 'ACAOrigin=' + BASE_ORIGIN +
'&ACACredentials=true',
- 'cors', 'include', 'cors', 'username2')
+ 'cors', 'include', 'cors', 'username1s')
];
for_each_origin_mode_credentials(function(origin, mode, credentials) {
var url = build_rewrite_url(
origin, BASE_URL, 'same-origin', 'omit');
// Fetch to the other origin with same-origin mode should fail.
- if (origin == OTHER_ORIGIN && mode == 'same-origin')
- return promises.push(ng_test(f, url, mode, credentials));
+ if (origin == OTHER_ORIGIN && mode == 'same-origin') {
+ promises.push(ng_test(f, url, mode, credentials));
+ } else {
// The response type from the SW should be basic
promises.push(
ok_test(f, url, mode, credentials, 'basic', 'undefined'));
+ }
});
for_each_origin_mode_credentials(function(origin, mode, credentials) {
var url = build_rewrite_url(
origin, BASE_URL, 'same-origin', 'same-origin');
+
// Fetch to the other origin with same-origin mode should fail.
- if (origin == OTHER_ORIGIN && mode == 'same-origin')
- return promises.push(ng_test(f, url, mode, credentials));
+ if (origin == OTHER_ORIGIN && mode == 'same-origin') {
+ promises.push(ng_test(f, url, mode, credentials));
// The response type from the SW should be basic.
+ } else {
promises.push(
- ok_test(f, url, mode, credentials, 'basic', 'username1'));
+ ok_test(f, url, mode, credentials, 'basic', 'username2s'));
+ }
});
for_each_origin_mode_credentials(function(origin, mode, credentials) {
@@ -151,22 +182,28 @@ promise_test(function(t) {
for_each_origin_mode_credentials(function(origin, mode, credentials) {
var url = build_rewrite_url(
origin, OTHER_BASE_URL, 'no-cors', 'omit');
+
// SW can respond only to no-cors requests.
- if (mode != 'no-cors')
- return promises.push(ng_test(f, url, mode, credentials));
+ if (mode != 'no-cors') {
+ promises.push(ng_test(f, url, mode, credentials));
+ } else {
// The response type from the SW should be opaque.
promises.push(ok_test(f, url, mode, credentials, 'opaque'));
+ }
});
for_each_origin_mode_credentials(function(origin, mode, credentials) {
var url = build_rewrite_url(
origin, OTHER_BASE_URL + 'ACAOrigin=*', 'cors', 'omit');
+
// Fetch to the other origin with same-origin mode should fail.
- if (origin == OTHER_ORIGIN && mode == 'same-origin')
- return promises.push(ng_test(f, url, mode, credentials));
+ if (origin == OTHER_ORIGIN && mode == 'same-origin') {
+ promises.push(ng_test(f, url, mode, credentials));
+ } else {
// The response from the SW should be cors.
promises.push(
ok_test(f, url, mode, credentials, 'cors', 'undefined'));
+ }
});
for_each_origin_mode_credentials(function(origin, mode, credentials) {
@@ -176,18 +213,20 @@ promise_test(function(t) {
'&ACACredentials=true',
'cors', 'include');
// Fetch to the other origin with same-origin mode should fail.
- if (origin == OTHER_ORIGIN && mode == 'same-origin')
- return promises.push(ng_test(f, url, mode, credentials));
+ if (origin == OTHER_ORIGIN && mode == 'same-origin') {
+ promises.push(ng_test(f, url, mode, credentials));
+ } else {
// The response from the SW should be cors.
promises.push(
- ok_test(f, url, mode, credentials, 'cors', 'username2'));
+ ok_test(f, url, mode, credentials, 'cors', 'username1s'));
+ }
+ });
+
+ return allSettled(promises)
+ .then(function() {
+ return service_worker_unregister_and_done(t, SCOPE);
+ });
});
- return Promise.all(promises);
- })
- .then(function(f) {
- frame.remove()
- })
- .catch(unreached_rejection(t));
}, 'Verify the tainting of responses fetched via SW');
</script>
</body>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment