| author | arthursonzogni <arthursonzogni@chromium.org> |
| Mon, 22 Jun 2020 10:38:09 +0000 | |
| changeset 536796 | 261b96e41af0dd40595df64c644a4cfaabdebccd |
| parent 536795 | 3fb6b940ae6435c72a844555ab911d7d96df5601 |
| child 536797 | 6ddaab82e8aec48f193aaca616e396d7aa49827e |
| push id | 119680 |
| push user | wptsync@mozilla.com |
| push date | Tue, 23 Jun 2020 11:08:22 +0000 |
| treeherder | autoland@7ca3d4bada73 [default view] [failures only] |
| perfherder | [talos] [build metrics] [platform microbench] (compared to previous push) |
| reviewers | testonly |
| bugs | 1644708, 24083, 2223934, 1090273, 2238114, 776942 |
| milestone | 79.0a1 |
| first release with | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
| last release without | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
--- a/testing/web-platform/tests/html/cross-origin-opener-policy/access-reporting/openee-accessed_openee-coop-ro.https.html +++ b/testing/web-platform/tests/html/cross-origin-opener-policy/access-reporting/openee-accessed_openee-coop-ro.https.html @@ -11,46 +11,46 @@ <script> const directory = "/html/cross-origin-opener-policy/access-reporting"; const executor_path = directory + "/resources/executor.html?pipe="; const cross_origin = get_host_info().HTTPS_REMOTE_ORIGIN; const coep_header = '|header(Cross-Origin-Embedder-Policy,require-corp)'; let operation = [ -//[test name , operation ] , - ["Call blur" , w => w.blur() ] , - ["Call foo" , w => w.foo() ] , - ["Call location" , w => w.location() ] , - ["Call opener" , w => w.opener() ] , - ["Call postMessage" , w => w.postMessage() ] , - ["Call window" , w => w.window() ] , - ["Read blur" , w => w.blur ] , - ["Read foo" , w => w.foo ] , - ["Read location" , w => w.location ] , - ["Read opener" , w => w.opener ] , - ["Read postMessage" , w => w.postMessage ] , - ["Read window" , w => w.window ] , - ["Write blur" , w => w.blur = "test" ] , - ["Write foo" , w => w.foo = "test" ] , - ["Write location" , w => w.location = "test" ] , - ["Write opener" , w => w.opener = "test" ] , - ["Write postMessage" , w => w.postMessage = "test" ] , - ["Write window" , w => w.window = "test" ] , +//[type , property , operation ] , + ["Call" , "blur" , w => w.blur() ] , + ["Call" , "foo" , w => w.foo() ] , + ["Call" , "location" , w => w.location() ] , + ["Call" , "opener" , w => w.opener() ] , + ["Call" , "postMessage" , w => w.postMessage() ] , + ["Call" , "window" , w => w.window() ] , + ["Read" , "blur" , w => w.blur ] , + ["Read" , "foo" , w => w.foo ] , + ["Read" , "location" , w => w.location ] , + ["Read" , "opener" , w => w.opener ] , + ["Read" , "postMessage" , w => w.postMessage ] , + ["Read" , "window" , w => w.window ] , + ["Write" , "blur" , w => w.blur = "test" ] , + ["Write" , "foo" , w => w.foo = "test" ] , + ["Write" , "location" , w => w.location = "test" ] , + ["Write" , "opener" , w => w.opener = "test" ] , + ["Write" , "postMessage" , w => w.postMessage = "test" ] , + ["Write" , "window" , w => w.window = "test" ] , ]; -operation.forEach(([test, op]) => { +operation.forEach(([type, property, op]) => { promise_test(async t => { const report_token = token(); const executor_token = token(); const callback_token = token(); const reportTo = reportToHeaders(report_token); const openee_url = cross_origin + executor_path + - reportTo.header + reportTo.coopReportOnlySameOrigin + coep_header + + reportTo.header + reportTo.coopReportOnlySameOriginHeader + coep_header + `&uuid=${executor_token}`; const openee = window.open(openee_url); t.add_cleanup(() => send(executor_token, "window.close()")) // 1. Make sure the new document to be loaded. send(executor_token, ` send("${callback_token}", "Ready"); `); @@ -70,15 +70,21 @@ operation.forEach(([test, op]) => { try {op(openee)} catch(e) {} // 4. A COOP access reports must be sent as a result of (3). let report_2 = await receive(report_token); assert_not_equals(report_1, "timeout"); report_2 = JSON.parse(report_2); assert_equals(report_2.length, 1); assert_equals(report_2[0].type, "coop"); - assert_equals(report_2[0].body["violation-type"], "access"); + assert_equals(report_2[0].url, openee_url); + assert_equals(report_2[0].body["violation-type"], "access-to-coop-page"); assert_equals(report_2[0].body["disposition"], "reporting"); assert_equals(report_2[0].body["effective-policy"], "same-origin-plus-coep"); - }, `${test}`); + assert_equals(report_2[0].body["property"], property); + assert_equals(report_2[0].body["source-file"], undefined); + assert_equals(report_2[0].body["lineno"], undefined); + assert_equals(report_2[0].body["colno"], undefined); + // TODO(arthursonzogni): Add check for report > body > blocked-window-url + }, `${type} ${property}`); }); </script>
--- a/testing/web-platform/tests/html/cross-origin-opener-policy/access-reporting/openee-accessed_openee-coop.https.html +++ b/testing/web-platform/tests/html/cross-origin-opener-policy/access-reporting/openee-accessed_openee-coop.https.html @@ -11,46 +11,46 @@ <script> const directory = "/html/cross-origin-opener-policy/access-reporting"; const executor_path = directory + "/resources/executor.html?pipe="; const cross_origin = get_host_info().HTTPS_REMOTE_ORIGIN; const coep_header = '|header(Cross-Origin-Embedder-Policy,require-corp)'; let operation = [ -//[test name , operation ] , - ["Call blur" , w => w.blur() ] , - ["Call foo" , w => w.foo() ] , - ["Call location" , w => w.location() ] , - ["Call opener" , w => w.opener() ] , - ["Call postMessage" , w => w.postMessage() ] , - ["Call window" , w => w.window() ] , - ["Read blur" , w => w.blur ] , - ["Read foo" , w => w.foo ] , - ["Read location" , w => w.location ] , - ["Read opener" , w => w.opener ] , - ["Read postMessage" , w => w.postMessage ] , - ["Read window" , w => w.window ] , - ["Write blur" , w => w.blur = "test" ] , - ["Write foo" , w => w.foo = "test" ] , - ["Write location" , w => w.location = "test" ] , - ["Write opener" , w => w.opener = "test" ] , - ["Write postMessage" , w => w.postMessage = "test" ] , - ["Write window" , w => w.window = "test" ] , +//[type , property , operation ] , + ["Call" , "blur" , w => w.blur() ] , + ["Call" , "foo" , w => w.foo() ] , + ["Call" , "location" , w => w.location() ] , + ["Call" , "opener" , w => w.opener() ] , + ["Call" , "postMessage" , w => w.postMessage() ] , + ["Call" , "window" , w => w.window() ] , + ["Read" , "blur" , w => w.blur ] , + ["Read" , "foo" , w => w.foo ] , + ["Read" , "location" , w => w.location ] , + ["Read" , "opener" , w => w.opener ] , + ["Read" , "postMessage" , w => w.postMessage ] , + ["Read" , "window" , w => w.window ] , + ["Write" , "blur" , w => w.blur = "test" ] , + ["Write" , "foo" , w => w.foo = "test" ] , + ["Write" , "location" , w => w.location = "test" ] , + ["Write" , "opener" , w => w.opener = "test" ] , + ["Write" , "postMessage" , w => w.postMessage = "test" ] , + ["Write" , "window" , w => w.window = "test" ] , ]; -operation.forEach(([test, op]) => { +operation.forEach(([type, property, op]) => { promise_test(async t => { const report_token = token(); const executor_token = token(); const callback_token = token(); const reportTo = reportToHeaders(report_token); const openee_url = cross_origin + executor_path + - reportTo.header + reportTo.coopSameOrigin + coep_header + + reportTo.header + reportTo.coopSameOriginHeader + coep_header + `&uuid=${executor_token}`; const openee = window.open(openee_url); t.add_cleanup(() => send(executor_token, "window.close()")) // 1. Make sure the new document to be loaded. send(executor_token, ` send("${callback_token}", "Ready"); `); @@ -70,15 +70,22 @@ operation.forEach(([test, op]) => { try {op(openee)} catch(e) {} // 4. A COOP access reports must be sent as a result of (3). let report_2 = await receive(report_token); assert_not_equals(report_2, "timeout"); report_2 = JSON.parse(report_2); assert_equals(report_2.length, 1); assert_equals(report_2[0].type, "coop"); - assert_equals(report_2[0].body["violation-type"], "access"); + assert_equals(report_2[0].url, openee_url); + assert_equals(report_2[0].body["violation-type"], "access-to-coop-page"); assert_equals(report_2[0].body["disposition"], "enforce"); assert_equals(report_2[0].body["effective-policy"], "same-origin-plus-coep"); - }, `${test}`); + assert_equals(report_2[0].body["property"], property); + assert_equals(report_2[0].body["source-file"], undefined); + assert_equals(report_2[0].body["lineno"], undefined); + assert_equals(report_2[0].body["colno"], undefined); + // TODO(arthursonzogni): Add check for report > body > blocked-window-url + + }, `${type} ${property}`); }); </script>
--- a/testing/web-platform/tests/html/cross-origin-opener-policy/access-reporting/opener-accessed_openee-coop-ro.https.html +++ b/testing/web-platform/tests/html/cross-origin-opener-policy/access-reporting/opener-accessed_openee-coop-ro.https.html @@ -11,46 +11,46 @@ <script> const directory = "/html/cross-origin-opener-policy/access-reporting"; const executor_path = directory + "/resources/executor.html?pipe="; const cross_origin = get_host_info().HTTPS_REMOTE_ORIGIN; const coep_header = '|header(Cross-Origin-Embedder-Policy,require-corp)'; let operation = [ -//[test name , operation ] , - ["Call blur" , "opener.blur()" ] , - ["Call foo" , "opener.foo()" ] , - ["Call location" , "opener.location()" ] , - ["Call opener" , "opener.opener()" ] , - ["Call postMessage" , "opener.postMessage()" ] , - ["Call window" , "opener.window()" ] , - ["Read blur" , "opener.blur" ] , - ["Read foo" , "opener.foo" ] , - ["Read location" , "opener.location" ] , - ["Read opener" , "opener.opener" ] , - ["Read postMessage" , "opener.postMessage" ] , - ["Read window" , "opener.window" ] , - ["Write blur" , "opener.blur = 'test'" ] , - ["Write foo" , "opener.foo = 'test'" ] , - ["Write location" , "opener.location = 'test'" ] , - ["Write opener" , "opener.opener = 'test'" ] , - ["Write postMessage" , "opener.postMessage = 'test'" ] , - ["Write window" , "opener.window = 'test'" ] , +//[type , property , operation ] , + ["Call" , "blur" , "opener.blur()" ] , + ["Call" , "foo" , "opener.foo()" ] , + ["Call" , "location" , "opener.location()" ] , + ["Call" , "opener" , "opener.opener()" ] , + ["Call" , "postMessage" , "opener.postMessage()" ] , + ["Call" , "window" , "opener.window()" ] , + ["Read" , "blur" , "opener.blur" ] , + ["Read" , "foo" , "opener.foo" ] , + ["Read" , "location" , "opener.location" ] , + ["Read" , "opener" , "opener.opener" ] , + ["Read" , "postMessage" , "opener.postMessage" ] , + ["Read" , "window" , "opener.window" ] , + ["Write" , "blur" , "opener.blur = 'test'" ] , + ["Write" , "foo" , "opener.foo = 'test'" ] , + ["Write" , "location" , "opener.location = 'test'" ] , + ["Write" , "opener" , "opener.opener = 'test'" ] , + ["Write" , "postMessage" , "opener.postMessage = 'test'" ] , + ["Write" , "window" , "opener.window = 'test'" ] , ]; -operation.forEach(([test, op]) => { +operation.forEach(([type, property, op]) => { promise_test(async t => { const report_token = token(); const executor_token = token(); const callback_token = token(); const reportTo = reportToHeaders(report_token); const openee_url = cross_origin + executor_path + - reportTo.header + reportTo.coopReportOnlySameOrigin + coep_header + + reportTo.header + reportTo.coopReportOnlySameOriginHeader + coep_header + `&uuid=${executor_token}`; const openee = window.open(openee_url); t.add_cleanup(() => send(executor_token, "window.close()")) // 1. Skip the first report about the opener breakage. let report_1 = await receive(report_token); assert_not_equals(report_1, "timeout"); report_1 = JSON.parse(report_1); @@ -69,15 +69,19 @@ operation.forEach(([test, op]) => { // 4. A COOP access reports must be sent as a result of (3). let report_2 = await receive(report_token); assert_not_equals(report_2, "timeout"); report_2 = JSON.parse(report_2); assert_equals(report_2.length, 1); assert_equals(report_2[0].type, "coop"); - assert_equals(report_2[0].body["violation-type"], "access"); + assert_equals(report_2[0].body["violation-type"], "access-from-coop-page"); assert_equals(report_2[0].body["disposition"], "reporting"); assert_equals(report_2[0].body["effective-policy"], "same-origin-plus-coep"); - }, `${test}`); + assert_equals(report_2[0].body["property"], property); + assert_equals(report_2[0].body["source-file"], undefined); + assert_equals(report_2[0].body["lineno"], undefined); + assert_equals(report_2[0].body["colno"], undefined); + }, `${type} ${property}`); }); </script>
--- a/testing/web-platform/tests/html/cross-origin-opener-policy/access-reporting/opener-accessed_openee-coop.https.html +++ b/testing/web-platform/tests/html/cross-origin-opener-policy/access-reporting/opener-accessed_openee-coop.https.html @@ -11,73 +11,77 @@ <script> const directory = "/html/cross-origin-opener-policy/access-reporting"; const executor_path = directory + "/resources/executor.html?pipe="; const cross_origin = get_host_info().HTTPS_REMOTE_ORIGIN; const coep_header = '|header(Cross-Origin-Embedder-Policy,require-corp)'; let operation = [ -//[test name , operation ] , - ["Call blur" , "opener.blur()" ] , - ["Call foo" , "opener.foo()" ] , - ["Call location" , "opener.location()" ] , - ["Call opener" , "opener.opener()" ] , - ["Call postMessage" , "opener.postMessage()" ] , - ["Call window" , "opener.window()" ] , - ["Read blur" , "opener.blur" ] , - ["Read foo" , "opener.foo" ] , - ["Read location" , "opener.location" ] , - ["Read opener" , "opener.opener" ] , - ["Read postMessage" , "opener.postMessage" ] , - ["Read window" , "opener.window" ] , - ["Write blur" , "opener.blur = 'test'" ] , - ["Write foo" , "opener.foo = 'test'" ] , - ["Write location" , "opener.location = 'test'" ] , - ["Write opener" , "opener.opener = 'test'" ] , - ["Write postMessage" , "opener.postMessage = 'test'" ] , - ["Write window" , "opener.window = 'test'" ] , +//[type , property , operation ] , + ["Call" , "blur" , "opener.blur()" ] , + ["Call" , "foo" , "opener.foo()" ] , + ["Call" , "location" , "opener.location()" ] , + ["Call" , "opener" , "opener.opener()" ] , + ["Call" , "postMessage" , "opener.postMessage()" ] , + ["Call" , "window" , "opener.window()" ] , + ["Read" , "blur" , "opener.blur" ] , + ["Read" , "foo" , "opener.foo" ] , + ["Read" , "location" , "opener.location" ] , + ["Read" , "opener" , "opener.opener" ] , + ["Read" , "postMessage" , "opener.postMessage" ] , + ["Read" , "window" , "opener.window" ] , + ["Write" , "blur" , "opener.blur = 'test'" ] , + ["Write" , "foo" , "opener.foo = 'test'" ] , + ["Write" , "location" , "opener.location = 'test'" ] , + ["Write" , "opener" , "opener.opener = 'test'" ] , + ["Write" , "postMessage" , "opener.postMessage = 'test'" ] , + ["Write" , "window" , "opener.window = 'test'" ] , ]; -operation.forEach(([test, op]) => { +operation.forEach(([type, property, op]) => { promise_test(async t => { const report_token = token(); const executor_token = token(); const callback_token = token(); const reportTo = reportToHeaders(report_token); const openee_url = cross_origin + executor_path + - reportTo.header + reportTo.coopSameOrigin + coep_header + + reportTo.header + reportTo.coopSameOriginHeader + coep_header + `&uuid=${executor_token}`; const openee = window.open(openee_url); t.add_cleanup(() => send(executor_token, "window.close()")); // 1. Skip the first report about the opener breakage. let report_1 = await receive(report_token); assert_not_equals(report_1, "timeout"); report_1 = JSON.parse(report_1); assert_equals(report_1.length, 1); assert_equals(report_1[0].type, "coop"); assert_equals(report_1[0].body["violation-type"], "navigation-to-document"); assert_equals(report_1[0].body["disposition"], "enforce"); - // 3. Try to access the opener. A report is sent, because of COOP-RO+COEP. + // 3. Try to access the opener. A report is sent, because of COOP+COEP. send(executor_token, ` try {${op}} catch(e) {} send("${callback_token}", "Done"); `); let reply = await receive(callback_token); assert_equals(reply, "Done"); // 4. A COOP access reports must be sent as a result of (3). let report_2 = await receive(report_token); assert_not_equals(report_2, "timeout"); report_2 = JSON.parse(report_2); assert_equals(report_2.length, 1); assert_equals(report_2[0].type, "coop"); - assert_equals(report_2[0].body["violation-type"], "access"); + assert_equals(report_2[0].body["violation-type"], "access-from-coop-page"); assert_equals(report_2[0].body["disposition"], "enforce"); assert_equals(report_2[0].body["effective-policy"], "same-origin-plus-coep"); - }, `${test}`); + assert_equals(report_2[0].body["property"], property); + assert_equals(report_2[0].body["source-file"], undefined); + assert_equals(report_2[0].body["lineno"], undefined); + assert_equals(report_2[0].body["colno"], undefined); + }, `${type} ${property}`); }); </script>
--- a/testing/web-platform/tests/html/cross-origin-opener-policy/access-reporting/resources/dispatcher.js +++ b/testing/web-platform/tests/html/cross-origin-opener-policy/access-reporting/resources/dispatcher.js @@ -44,12 +44,12 @@ const reportToHeaders = function(uuid) { }; reportToJSON = JSON.stringify(reportToJSON) .replace(/,/g, '\\,') .replace(/\(/g, '\\\(') .replace(/\)/g, '\\\)='); return { header: `|header(report-to,${reportToJSON})`, - coopSameOrigin: `|header(Cross-Origin-Opener-Policy, same-origin%3Breport-to="${uuid}")`, - coopReportOnlySameOrigin: `|header(Cross-Origin-Opener-Policy-Report-Only, same-origin%3Breport-to="${uuid}")`, + coopSameOriginHeader: `|header(Cross-Origin-Opener-Policy, same-origin%3Breport-to="${uuid}")`, + coopReportOnlySameOriginHeader: `|header(Cross-Origin-Opener-Policy-Report-Only, same-origin%3Breport-to="${uuid}")`, }; };