Bug 1647840 [wpt PR 24319] - Implement Storage Access commands for TestDriver, a=testonly
authorBrandon Walderman <brwalder@microsoft.com>
Thu, 30 Jul 2020 13:03:06 +0000
changeset 542772 aba026d98ef6a323dc78b589cb369f019f7fab93
parent 542771 e38b4cbd307f73365c4abda75c5c7256739605be
child 542773 072d37bfdacc788db9c65af84655ea1a9b4293bd
push id37657
push usernerli@mozilla.com
push dateSat, 01 Aug 2020 09:48:10 +0000
treeherdermozilla-central@750bc4c5c4ad [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerstestonly
bugs1647840, 24319, 1096803, 2253280, 790441
milestone81.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1647840 [wpt PR 24319] - Implement Storage Access commands for TestDriver, a=testonly Automatic update from web-platform-tests Implement Storage Access commands for TestDriver This change implements the Set Storage Access command for TestDriver in Blink and content_shell: https://privacycg.github.io/storage-access/#automation This is needed to support more in-depth WPT tests for the Storage Access API. The current WPT tests for this feature cover basic IDL behavior, but are not able to verify that the requestStorageAccess API itself is functional because the browser must first be put into a state where third-party cookies are blocked. A new set_storage_access method has been added to testdriver.js. It functions similarly to the existing set_permission method. This calls a Blink-internal method that forwards the passed in arguments to the content shell via Mojo. A new WebTestStorageAccessManager class in the content shell converts the arguments into ContentSettingsPatterns and passes these settings to the CookieManager. The WebTestStorageAccessManager also enables third-party cookie blocking so that these rules will take effect. Bug: 1096803 Change-Id: I635687e7d00cf95fa2cf54fb86e1f65a0fe85f3f Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2253280 Reviewed-by: Martin Šrámek <msramek@chromium.org> Reviewed-by: Mike West <mkwst@chromium.org> Commit-Queue: Brandon Walderman <brwalder@microsoft.com> Cr-Commit-Position: refs/heads/master@{#790441} -- wpt-commits: 48846ad574a9dca786b02b2e94c8173c575c29fb wpt-pr: 24319
testing/web-platform/tests/resources/testdriver.js
testing/web-platform/tests/storage-access-api/resources/set-cookie.py
testing/web-platform/tests/storage-access-api/storageAccess.testdriver.sub.html
--- a/testing/web-platform/tests/resources/testdriver.js
+++ b/testing/web-platform/tests/resources/testdriver.js
@@ -350,16 +350,42 @@
          * https://w3c.github.io/webauthn/#sctn-automation-set-user-verified
          *
          * @param {String} authenticator_id - the ID of the authenticator
          * @param {boolean} uv - the User Verified flag
          */
         set_user_verified: function(authenticator_id, uv) {
             return window.test_driver_internal.set_user_verified(authenticator_id, uv);
         },
+
+        /**
+         * Sets the storage access rule for an origin when embedded
+         * in a third-party context.
+         *
+         * {@link https://privacycg.github.io/storage-access/#set-storage-access-command}
+         *
+         * @param {String} origin - A third-party origin to block or allow.
+         *                          May be "*" to indicate all origins.
+         * @param {String} embedding_origin - an embedding (first-party) origin
+         *                                    on which {origin}'s access should
+         *                                    be blocked or allowed.
+         *                                    May be "*" to indicate all origins.
+         * @param {String} state - The storage access setting.
+         *                         Must be either "allowed" or "blocked".
+         *
+         * @returns {Promise} Fulfilled after the storage access rule has been
+         *                    set, or rejected if setting the rule fails.
+         */
+        set_storage_access: function(origin, embedding_origin, state) {
+            if (state !== "allowed" && state !== "blocked") {
+                throw new Error("storage access status must be 'allowed' or 'blocked'");
+            }
+            const blocked = state === "blocked";
+            return window.test_driver_internal.set_storage_access(origin, embedding_origin, blocked);
+        },
     };
 
     window.test_driver_internal = {
         /**
          * This flag should be set to `true` by any code which implements the
          * internal methods defined below for automation purposes. Doing so
          * allows the library to signal failure immediately when an automated
          * implementation of one of the methods is not available.
@@ -564,10 +590,18 @@
          *
          * @param {String} authenticator_id - the ID of the authenticator
          * @param {boolean} uv - the User Verified flag
          *
          */
         set_user_verified: function(authenticator_id, uv) {
             return Promise.reject(new Error("unimplemented"));
         },
+
+        /**
+         * Sets the storage access policy for a third-party origin when loaded
+         * in the current first party context
+         */
+        set_storage_access: function(origin, embedding_origin, blocked) {
+            return Promise.reject(new Error("unimplemented"));
+        },
     };
 })();
new file mode 100644
--- /dev/null
+++ b/testing/web-platform/tests/storage-access-api/resources/set-cookie.py
@@ -0,0 +1,27 @@
+def main(request, response):
+  name = request.GET.first(b"name")
+  value = request.GET.first(b"value")
+  testcase = request.GET.first(b"testcase")
+  response_headers = [(b"Set-Cookie", name + b"=" + value)]
+
+  body = b"""
+  <!DOCTYPE html>
+  <meta charset="utf-8">
+  <title>Set Storage Access Subframe</title>
+  <script src="/resources/testharness.js"></script>
+
+  <script>
+    let querystring = window.location.search.substring(1).split("&");
+    const allowed = querystring.some(param => param.toLowerCase() === "allowed=true");
+
+    test(() => {
+      if (allowed) {
+        assert_equals(document.cookie, "%s=%s");
+      } else {
+        assert_equals(document.cookie, "");
+      }
+    }, "[%s] Cookie access is allowed: " + allowed);
+  </script>
+  """ % (name, value, testcase)
+
+  return (200, response_headers, body)
new file mode 100644
--- /dev/null
+++ b/testing/web-platform/tests/storage-access-api/storageAccess.testdriver.sub.html
@@ -0,0 +1,31 @@
+<!DOCTYPE html>
+<head>
+  <title>TestDriver - Set Storage Access Command Tests</title>
+  <script src="/resources/testharness.js"></script>
+  <script src="/resources/testharnessreport.js"></script>
+  <script src="/resources/testdriver.js"></script>
+  <script src="/resources/testdriver-vendor.js"></script>
+  <script src="helpers.js"></script>
+</head>
+<body>
+  <script>
+    "use strict";
+
+    promise_test(async t => {
+      // Allow a third-party site embedded in this first-party site.
+      await window.test_driver.set_storage_access("http://{{domains[www]}}:{{ports[http][0]}}/", "http://{{domains[]}}:{{ports[http][0]}}/", "allowed");
+      // Block a third-party site embedded in this first-party site.
+      await window.test_driver.set_storage_access("http://{{domains[www1]}}:{{ports[http][0]}}/", "http://{{domains[]}}:{{ports[http][0]}}/", "blocked");
+      // Block a third-party site on all first-party sites.
+      await window.test_driver.set_storage_access("http://{{domains[www2]}}:{{ports[http][0]}}/", "*", "blocked");
+    }, "Set up storage access rules");
+
+    RunTestsInIFrame("http://{{domains[]}}:{{ports[http][0]}}/storage-access-api/resources/set-cookie.py?name=hello0&value=world0&allowed=true&testcase=same-site");
+
+    RunTestsInIFrame("http://{{domains[www]}}:{{ports[http][0]}}/storage-access-api/resources/set-cookie.py?name=hello&value=world&allowed=true&testcase=third-party-allowed-on-first-party-site");
+
+    RunTestsInIFrame("http://{{domains[www1]}}:{{ports[http][0]}}/storage-access-api/resources/set-cookie.py?name=hello1&value=world1&allowed=false&testcase=third-party-blocked-on-first-party-site");
+
+    RunTestsInIFrame("http://{{domains[www2]}}:{{ports[http][0]}}/storage-access-api/resources/set-cookie.py?name=hello2&value=world2&allowed=false&testcase=third-party-blocked-all");
+  </script>
+</body>