Bug 1194848 - Make it possible to run fetch-canvas-tainting.https.html; r=jdm
☠☠ backed out by dc161b1cddbf ☠ ☠
authorEhsan Akhgari <ehsan@mozilla.com>
Thu, 10 Sep 2015 15:18:00 -0400
changeset 268872 5029ca635908316185400ab96db137dd2b2690f9
parent 268871 5c2f2bdb911b5682eb2c1074799c9c472635fbd5
child 268873 0ad51d302ba94629ea1050732c1365438f98a14c
push id66956
push userjosh@joshmatthews.net
push dateThu, 22 Oct 2015 01:50:16 +0000
treeherdermozilla-inbound@56bc1314e660 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjdm
bugs1194848
milestone44.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1194848 - Make it possible to run fetch-canvas-tainting.https.html; r=jdm
testing/web-platform/mozilla/meta/service-workers/service-worker/fetch-canvas-tainting.https.html.ini
testing/web-platform/mozilla/tests/service-workers/service-worker/fetch-canvas-tainting.https.html
testing/web-platform/mozilla/tests/service-workers/service-worker/resources/fetch-canvas-tainting-iframe.html
deleted file mode 100644
--- a/testing/web-platform/mozilla/meta/service-workers/service-worker/fetch-canvas-tainting.https.html.ini
+++ /dev/null
@@ -1,6 +0,0 @@
-[fetch-canvas-tainting.https.html]
-  type: testharness
-  expected: TIMEOUT
-  [Verify canvas tainting of fetched image in a Service Worker]
-    expected: TIMEOUT
-
--- a/testing/web-platform/mozilla/tests/service-workers/service-worker/fetch-canvas-tainting.https.html
+++ b/testing/web-platform/mozilla/tests/service-workers/service-worker/fetch-canvas-tainting.https.html
@@ -6,33 +6,33 @@
 <script src="resources/test-helpers.sub.js?pipe=sub"></script>
 <body>
 <script>
 async_test(function(t) {
     var SCOPE = 'resources/fetch-canvas-tainting-iframe.html';
     var SCRIPT = 'resources/fetch-rewrite-worker.js';
     var host_info = get_host_info();
 
-    login(t)
+    login_https(t)
       .then(function() {
           return service_worker_unregister_and_register(t, SCRIPT, SCOPE);
         })
       .then(function(registration) {
           return wait_for_state(t, registration.installing, 'activated');
         })
       .then(function() { return with_iframe(SCOPE); })
       .then(function(frame) {
           return new Promise(function(resolve, reject) {
               var channel = new MessageChannel();
               channel.port1.onmessage = t.step_func(function(e) {
                   assert_equals(e.data.results, 'finish');
                   frame.remove();
                   service_worker_unregister_and_done(t, SCOPE);
                 });
               frame.contentWindow.postMessage({},
-                                              host_info['HTTP_ORIGIN'],
+                                              host_info['HTTPS_ORIGIN'],
                                               [channel.port2]);
             });
         })
       .catch(unreached_rejection(t));
   }, 'Verify canvas tainting of fetched image in a Service Worker');
 </script>
 </body>
--- a/testing/web-platform/mozilla/tests/service-workers/service-worker/resources/fetch-canvas-tainting-iframe.html
+++ b/testing/web-platform/mozilla/tests/service-workers/service-worker/resources/fetch-canvas-tainting-iframe.html
@@ -46,18 +46,18 @@ function create_test_promise(url, cross_
                    expected_result + ' but ' + result);
           }
         })
     });
 }
 
 window.addEventListener('message', function(evt) {
     var port = evt.ports[0];
-    var image_url = host_info['HTTP_ORIGIN'] + image_path;
-    var remote_image_url = host_info['HTTP_REMOTE_ORIGIN'] + image_path;
+    var image_url = host_info['HTTPS_ORIGIN'] + image_path;
+    var remote_image_url = host_info['HTTPS_REMOTE_ORIGIN'] + image_path;
     Promise.all([
         // Reject tests
         create_test_promise(image_url + '&reject', '', LOAD_ERROR),
         create_test_promise(image_url + '&reject', 'anonymous', LOAD_ERROR),
         create_test_promise(
             image_url + '&reject', 'use-credentials', LOAD_ERROR),
         // Fallback tests
         create_test_promise(
@@ -68,31 +68,31 @@ window.addEventListener('message', funct
             remote_image_url + '&ignore',
             '',
             TAINTED),
         create_test_promise(
             remote_image_url + '&ignore',
             'anonymous',
             LOAD_ERROR),
         create_test_promise(
-            remote_image_url + '&ACAOrigin=' + host_info['HTTP_ORIGIN'] +
+            remote_image_url + '&ACAOrigin=' + host_info['HTTPS_ORIGIN'] +
             '&ignore',
             'anonymous',
             NOT_TAINTED),
         create_test_promise(
             remote_image_url + '&ignore',
             'use-credentials',
             LOAD_ERROR),
         create_test_promise(
-            remote_image_url + '&ACAOrigin=' + host_info['HTTP_ORIGIN'] +
+            remote_image_url + '&ACAOrigin=' + host_info['HTTPS_ORIGIN'] +
             '&ignore',
             'use-credentials',
             LOAD_ERROR),
         create_test_promise(
-            remote_image_url + '&ACAOrigin=' + host_info['HTTP_ORIGIN'] +
+            remote_image_url + '&ACAOrigin=' + host_info['HTTPS_ORIGIN'] +
             '&ACACredentials=true&ignore',
             'use-credentials',
             NOT_TAINTED),
 
         // Credential test (fallback)
         create_test_promise(
             image_url + '&Auth&ignore',
             '',
@@ -105,22 +105,22 @@ window.addEventListener('message', funct
             remote_image_url + '&Auth&ignore',
             'anonymous',
             LOAD_ERROR),
         create_test_promise(
             remote_image_url + '&Auth&ignore',
             'use-credentials',
             LOAD_ERROR),
         create_test_promise(
-            remote_image_url + '&Auth&ACAOrigin=' + host_info['HTTP_ORIGIN'] +
+            remote_image_url + '&Auth&ACAOrigin=' + host_info['HTTPS_ORIGIN'] +
             '&ignore',
             'use-credentials',
             LOAD_ERROR),
         create_test_promise(
-            remote_image_url + '&Auth&ACAOrigin=' + host_info['HTTP_ORIGIN'] +
+            remote_image_url + '&Auth&ACAOrigin=' + host_info['HTTPS_ORIGIN'] +
             '&ACACredentials=true&ignore',
             'use-credentials',
             NOT_TAINTED),
 
         // Basic response
         create_test_promise(
             image_url +
             '&mode=same-origin&url=' + encodeURIComponent(image_url),
@@ -184,68 +184,74 @@ window.addEventListener('message', funct
             'use-credentials',
             LOAD_ERROR),
         
         // CORS response
         create_test_promise(
             image_url +
             '&mode=cors&url=' +
             encodeURIComponent(remote_image_url +
-                               '&ACAOrigin=' + host_info['HTTP_ORIGIN']),
+                               '&ACAOrigin=' + host_info['HTTPS_ORIGIN']),
             '',
-            NOT_TAINTED),
+            TAINTED), // We expect TAINTED since the default origin behavior here
+                      // is taint, and it doesn't matter what kind of fetch the
+                      // SW performs.
         create_test_promise(
             image_url +
             '&mode=cors&url=' +
             encodeURIComponent(remote_image_url +
-                               '&ACAOrigin=' + host_info['HTTP_ORIGIN']),
+                               '&ACAOrigin=' + host_info['HTTPS_ORIGIN']),
             'anonymous',
             NOT_TAINTED),
         create_test_promise(
             image_url +
             '&mode=cors&url=' +
             encodeURIComponent(remote_image_url +
-                               '&ACAOrigin=' + host_info['HTTP_ORIGIN']),
+                               '&ACAOrigin=' + host_info['HTTPS_ORIGIN']),
             'use-credentials',
-            NOT_TAINTED),
+            LOAD_ERROR), // We expect LOAD_ERROR since the server doesn't respond
+                         // with an Access-Control-Allow-Credentials header.
         create_test_promise(
             image_url +
             '&mode=cors&url=' +
             encodeURIComponent(
                 remote_image_url +
-                '&ACACredentials=true&ACAOrigin=' + host_info['HTTP_ORIGIN']),
+                '&ACACredentials=true&ACAOrigin=' + host_info['HTTPS_ORIGIN']),
             'use-credentials',
             NOT_TAINTED),
         create_test_promise(
             remote_image_url +
             '&mode=cors&url=' +
             encodeURIComponent(remote_image_url +
-                               '&ACAOrigin=' + host_info['HTTP_ORIGIN']),
+                               '&ACAOrigin=' + host_info['HTTPS_ORIGIN']),
             '',
-            NOT_TAINTED),
+            TAINTED), // We expect TAINTED since the default origin behavior here
+                      // is taint, and it doesn't matter what kind of fetch the
+                      // SW performs.
         create_test_promise(
             remote_image_url +
             '&mode=cors&url=' +
             encodeURIComponent(remote_image_url +
-                               '&ACAOrigin=' + host_info['HTTP_ORIGIN']),
+                               '&ACAOrigin=' + host_info['HTTPS_ORIGIN']),
             'anonymous',
             NOT_TAINTED),
         create_test_promise(
             remote_image_url +
             '&mode=cors&url=' +
             encodeURIComponent(remote_image_url +
-                               '&ACAOrigin=' + host_info['HTTP_ORIGIN']),
+                               '&ACAOrigin=' + host_info['HTTPS_ORIGIN']),
             'use-credentials',
-            NOT_TAINTED),
+            LOAD_ERROR), // We expect LOAD_ERROR since the server doesn't respond
+                         // with an Access-Control-Allow-Credentials header.
         create_test_promise(
             remote_image_url +
             '&mode=cors&url=' +
             encodeURIComponent(
                 remote_image_url +
-                '&ACACredentials=true&ACAOrigin=' + host_info['HTTP_ORIGIN']),
+                '&ACACredentials=true&ACAOrigin=' + host_info['HTTPS_ORIGIN']),
             'use-credentials',
             NOT_TAINTED)
       ])
       .then(function() {
           port.postMessage({results: 'finish'});
         })
       .catch(function(e) {
           port.postMessage({results: 'failure:' + e});