Mercurial > mozilla-central / changeset / 605be81220d91399bfa53fca37537b409f7b9d74
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | gz | bz2 | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 1568104 [wpt PR 17989] - Port WebSocket 3p-cookie-blocking web tests to wpt_internal, a=testonly
authorLily Chen <chlily@chromium.org>
Wed, 14 Aug 2019 10:57:26 +0000
changeset 488123 605be81220d91399bfa53fca37537b409f7b9d74
parent 488122 a2a802a992a07a69658c5e3daeab5ccdb1d40069
child 488124 e4abe7c75be52ed20c1727eda0fdc6d0c7dd2676
push id36435
push usercbrindusan@mozilla.com
push dateThu, 15 Aug 2019 09:46:49 +0000
treeherdermozilla-central@0db07ff50ab5 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerstestonly
bugs1568104, 17989, 1691522, 1713670, 686071
milestone70.0a1
first release with
nightly linux32
0db07ff50ab5 / 70.0a1 / 20190815094649 / files
nightly linux64
0db07ff50ab5 / 70.0a1 / 20190815094649 / files
nightly mac
0db07ff50ab5 / 70.0a1 / 20190815094649 / files
nightly win32
0db07ff50ab5 / 70.0a1 / 20190815094649 / files
nightly win64
0db07ff50ab5 / 70.0a1 / 20190815094649 / files
last release without
nightly linux32
7d9a2196d313 / 70.0a1 / 20190814215752 / files
nightly linux64
7d9a2196d313 / 70.0a1 / 20190814215752 / files
nightly mac
7d9a2196d313 / 70.0a1 / 20190814215752 / files
nightly win32
7d9a2196d313 / 70.0a1 / 20190814215752 / files
nightly win64
7d9a2196d313 / 70.0a1 / 20190814215752 / files
Bug 1568104 [wpt PR 17989] - Port WebSocket 3p-cookie-blocking web tests to wpt_internal, a=testonly Automatic update from web-platform-tests Port WebSocket 3p-cookie-blocking web tests to wpt_internal (For context, see https://crrev.com/c/1691522.) The new requirement that SameSite=None cookies must be Secure made it impossible to properly test third party cookies on WebSocket because the web_test runner does not have a wss server. This CL ports those tests, formerly in web_tests/http/tests/security/cookies/websocket/, to web_tests/wpt_internal/websocket-cookies/. Bug: none Change-Id: Ifc6d2d78a84aa6c93e297dc71b3595108a18f179 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1713670 Commit-Queue: Lily Chen <chlily@chromium.org> Reviewed-by: Robert Ma <robertma@chromium.org> Reviewed-by: Adam Rice <ricea@chromium.org> Cr-Commit-Position: refs/heads/master@{#686071} -- wpt-commits: 990925e0c2bd9100806e7fee202911444a71a7c7 wpt-pr: 17989
testing/web-platform/tests/websockets/cookies/support/websocket-cookies-helper.sub.js file | annotate | diff | comparison | revisions
testing/web-platform/tests/websockets/cookies/third-party-cookie-accepted.https.html file | annotate | diff | comparison | revisions
testing/web-platform/tests/websockets/handlers/set-cookies-samesite_wsh.py file | annotate | diff | comparison | revisions 
new file mode 100644
--- /dev/null
+++ b/testing/web-platform/tests/websockets/cookies/support/websocket-cookies-helper.sub.js
@@ -0,0 +1,57 @@
+// Set up global variables.
+(_ => {
+  var HOST = '{{host}}';
+  var CROSS_ORIGIN_HOST = '{{hosts[alt][]}}';
+  var WSS_PORT = ':{{ports[wss][0]}}';
+  var HTTPS_PORT = ':{{ports[https][0]}}';
+
+  window.WSS_ORIGIN = 'wss://' + HOST + WSS_PORT;
+  window.WSS_CROSS_SITE_ORIGIN = 'wss://' + CROSS_ORIGIN_HOST + WSS_PORT;
+  window.HTTPS_ORIGIN = 'https://' + HOST + HTTPS_PORT;
+  window.HTTPS_CROSS_SITE_ORIGIN = 'https://' + CROSS_ORIGIN_HOST + HTTPS_PORT;
+})();
+
+// Sets a cookie with each SameSite option.
+function setSameSiteCookies(origin, value) {
+  return new Promise(resolve => {
+    const ws = new WebSocket(origin + '/set-cookies-samesite?value=' + value);
+    ws.onopen = () => {
+      ws.close();
+    };
+    ws.onclose = resolve;
+  });
+}
+
+// Clears cookies set by setSameSiteCookies().
+function clearSameSiteCookies(origin) {
+  return new Promise(resolve => {
+    const ws = new WebSocket(origin + '/set-cookies-samesite?clear');
+    ws.onopen = () => ws.close();
+    ws.onclose = resolve;
+  });
+}
+
+// Gets value of Cookie header sent in request.
+function connectAndGetRequestCookiesFrom(origin) {
+  return new Promise((resolve, reject) => {
+      var ws = new WebSocket(origin + '/echo-cookie');
+      ws.onmessage = evt => {
+          var cookies = evt.data
+          resolve(cookies);
+          ws.onerror = undefined;
+          ws.onclose = undefined;
+      };
+      ws.onerror = () => reject('Unexpected error event');
+      ws.onclose = evt => reject('Unexpected close event: ' + JSON.stringify(evt));
+  });
+}
+
+// Assert that a given cookie is or is not present in the string |cookies|.
+function assertCookie(cookies, name, value, present) {
+  var assertion = present ? assert_true : assert_false;
+  var description = name + '=' + value + ' cookie is' +
+                    (present ? ' ' : ' not ') + 'present.';
+  var re = new RegExp('(?:^|; )' + name + '=' + value + '(?:$|;)');
+  assertion(re.test(cookies), description);
+}
+
new file mode 100644
--- /dev/null
+++ b/testing/web-platform/tests/websockets/cookies/third-party-cookie-accepted.https.html
@@ -0,0 +1,25 @@
+<!DOCTYPE html>
+<meta charset="utf-8"/>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="support/websocket-cookies-helper.sub.js"></script>
+<script>
+promise_test(() => {
+  var value = '' + Math.random();
+  var origin = WSS_CROSS_SITE_ORIGIN;
+  return setSameSiteCookies(origin, value).then(
+    () => { return connectAndGetRequestCookiesFrom(origin); }
+  ).then(
+    cookies => {
+      assert_not_equals(cookies, '(none)', 'request should contain cookies.');
+      // SameSite cookies are blocked.
+      assertCookie(cookies, 'samesite-unspecified', value, false /* present */);
+      assertCookie(cookies, 'samesite-lax', value, false /* present */);
+      assertCookie(cookies, 'samesite-strict', value, false /* present */);
+      // SameSite=None third-party cookie is not blocked.
+      assertCookie(cookies, 'samesite-none', value, true /* present */);
+      return clearSameSiteCookies(origin);
+    }
+  );
+}, 'Test that third-party cookies are accepted for WebSockets.');
+</script>
new file mode 100644
--- /dev/null
+++ b/testing/web-platform/tests/websockets/handlers/set-cookies-samesite_wsh.py
@@ -0,0 +1,25 @@
+from six.moves import urllib
+
+
+def web_socket_do_extra_handshake(request):
+    url_parts = urllib.parse.urlsplit(request.uri)
+    max_age = ""
+    if "clear" in url_parts.query:
+        max_age = "; Max-Age=0"
+    value = "1"
+    if "value" in url_parts.query:
+        value = urllib.parse.parse_qs(url_parts.query)["value"][0]
+    cookies = [
+        "samesite-unspecified={}; Path=/".format(value) + max_age,
+        "samesite-lax={}; Path=/; SameSite=Lax".format(value) + max_age,
+        "samesite-strict={}; Path=/; SameSite=Strict".format(value) + max_age,
+        # SameSite=None cookies must be Secure.
+        "samesite-none={}; Path=/; SameSite=None; Secure".format(value) + max_age
+    ]
+    for cookie in cookies:
+        request.extra_headers.append(("Set-Cookie", cookie))
+
+
+def web_socket_transfer_data(request):
+    # Expect close() from user agent.
+    request.ws_stream.receive_message()
mozilla-central
Deployed from 6a55c267116a at 2019-07-31T14:20:47Z.