Bug 1646782 [wpt PR 24239] - COOP access reporting. Update the test suite., a=testonly
authorarthursonzogni <arthursonzogni@chromium.org>
Mon, 22 Jun 2020 10:45:09 +0000
changeset 600941 c65c4192193552d6057f41ec657d468fae1ce7fe
parent 600940 ffe6dcb7c6460f0e573a38ec758321493c79d8e4
child 600942 45c811855f6b398eac193c225a86c221e7cc63af
push id13310
push userffxbld-merge
push dateMon, 29 Jun 2020 14:50:06 +0000
treeherdermozilla-beta@15a59a0afa5c [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerstestonly
bugs1646782, 24239, 1090273, 2252339, 780247
milestone79.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1646782 [wpt PR 24239] - COOP access reporting. Update the test suite., a=testonly Automatic update from web-platform-tests COOP access reporting. Update the test suite. It has been decided to monitor only the attributes marked as CrossOrigin instead of every attributes. Updating the tests accordingly. Along the way some improvements. Bug: chromium:1090273 Change-Id: Iecd0bd478ab348f75f3835105db5bdca9edcc39b Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2252339 Commit-Queue: Arthur Sonzogni <arthursonzogni@chromium.org> Reviewed-by: Pâris Meuleman <pmeuleman@chromium.org> Cr-Commit-Position: refs/heads/master@{#780247} -- wpt-commits: ae56420c66a0f04b2ea72d0852536d3540c73c07 wpt-pr: 24239
testing/web-platform/tests/html/cross-origin-opener-policy/access-reporting/openee-accessed_openee-coop-ro.https.html
testing/web-platform/tests/html/cross-origin-opener-policy/access-reporting/openee-accessed_openee-coop.https.html
testing/web-platform/tests/html/cross-origin-opener-policy/access-reporting/opener-accessed_openee-coop-ro.https.html
testing/web-platform/tests/html/cross-origin-opener-policy/access-reporting/opener-accessed_openee-coop.https.html
testing/web-platform/tests/html/cross-origin-opener-policy/access-reporting/resources/dispatcher.js
--- a/testing/web-platform/tests/html/cross-origin-opener-policy/access-reporting/openee-accessed_openee-coop-ro.https.html
+++ b/testing/web-platform/tests/html/cross-origin-opener-policy/access-reporting/openee-accessed_openee-coop-ro.https.html
@@ -11,38 +11,39 @@
 <script>
 
 const directory = "/html/cross-origin-opener-policy/access-reporting";
 const executor_path = directory + "/resources/executor.html?pipe=";
 const cross_origin = get_host_info().HTTPS_REMOTE_ORIGIN;
 const coep_header = '|header(Cross-Origin-Embedder-Policy,require-corp)';
 
 let operation = [
-//[type    , property      , operation                   ] ,
-  ["Call"  , "blur"        , w => w.blur()               ] ,
-  ["Call"  , "foo"         , w => w.foo()                ] ,
-  ["Call"  , "location"    , w => w.location()           ] ,
-  ["Call"  , "opener"      , w => w.opener()             ] ,
-  ["Call"  , "postMessage" , w => w.postMessage()        ] ,
-  ["Call"  , "window"      , w => w.window()             ] ,
-  ["Read"  , "blur"        , w => w.blur                 ] ,
-  ["Read"  , "foo"         , w => w.foo                  ] ,
-  ["Read"  , "location"    , w => w.location             ] ,
-  ["Read"  , "opener"      , w => w.opener               ] ,
-  ["Read"  , "postMessage" , w => w.postMessage          ] ,
-  ["Read"  , "window"      , w => w.window               ] ,
-  ["Write" , "blur"        , w => w.blur = "test"        ] ,
-  ["Write" , "foo"         , w => w.foo = "test"         ] ,
-  ["Write" , "location"    , w => w.location = "test"    ] ,
-  ["Write" , "opener"      , w => w.opener = "test"      ] ,
-  ["Write" , "postMessage" , w => w.postMessage = "test" ] ,
-  ["Write" , "window"      , w => w.window = "test"      ] ,
+//[property      , operation                 ] ,
+  ["blur"        , w => w.blur()             ] ,
+  ["close"       , w => w.close()            ] ,
+  ["closed"      , w => w.closed             ] ,
+  ["focus"       , w => w.focus()            ] ,
+  ["frames"      , w => w.frames             ] ,
+  ["indexed"     , w => w[0]                 ] ,
+  ["indexed"     , w => w[0] = ""            ] ,
+  ["length"      , w => w.length             ] ,
+  ["location"    , w => w.location           ] ,
+  ["location"    , w => w.location = "#"     ] ,
+  ["named"       , w => w["test"]            ] ,
+  ["named"       , w => w["test"] = ""       ] ,
+  ["opener"      , w => w.opener             ] ,
+  ["opener"      , w => w.opener = ""        ] ,
+  ["postMessage" , w => w.postMessage("")    ] ,
+  ["postMessage" , w => w.postMessage("", "")] ,
+  ["self"        , w => w.self               ] ,
+  ["top"         , w => w.top                ] ,
+  ["window"      , w => w.window             ] ,
 ];
 
-operation.forEach(([type, property, op]) => {
+operation.forEach(([property, op]) => {
   promise_test(async t => {
     const report_token = token();
     const executor_token = token();
     const callback_token = token();
 
     const reportTo = reportToHeaders(report_token);
     const openee_url = cross_origin + executor_path +
       reportTo.header + reportTo.coopReportOnlySameOriginHeader + coep_header +
@@ -54,37 +55,38 @@ operation.forEach(([type, property, op])
     send(executor_token, `
       send("${callback_token}", "Ready");
     `);
     let reply = await receive(callback_token);
     assert_equals(reply, "Ready");
 
     // 2. Skip the first report about the opener breakage.
     let report_1 = await receive(report_token);
-    assert_not_equals(report_1, "timeout");
+    assert_not_equals(report_1, "timeout",
+      "Receive navigation-to-document report");
     report_1 = JSON.parse(report_1);
     assert_equals(report_1.length, 1);
     assert_equals(report_1[0].type, "coop");
     assert_equals(report_1[0].body["violation-type"], "navigation-to-document");
     assert_equals(report_1[0].body["disposition"], "reporting");
 
     // 3. Try to access the openee. A report is sent, because of COOP-RO+COEP.
     try {op(openee)} catch(e) {}
 
     // 4. A COOP access reports must be sent as a result of (3).
     let report_2 = await receive(report_token);
-    assert_not_equals(report_1, "timeout");
+    assert_not_equals(report_2, "timeout", "Receive access report");
     report_2 = JSON.parse(report_2);
     assert_equals(report_2.length, 1);
     assert_equals(report_2[0].type, "coop");
-    assert_equals(report_2[0].url, openee_url);
+    assert_equals(report_2[0].url, openee_url.replace(/"/g, '%22'));
     assert_equals(report_2[0].body["violation-type"], "access-to-coop-page");
     assert_equals(report_2[0].body["disposition"], "reporting");
     assert_equals(report_2[0].body["effective-policy"], "same-origin-plus-coep");
     assert_equals(report_2[0].body["property"], property);
     assert_equals(report_2[0].body["source-file"], undefined);
     assert_equals(report_2[0].body["lineno"], undefined);
     assert_equals(report_2[0].body["colno"], undefined);
     // TODO(arthursonzogni): Add check for report > body > blocked-window-url
-  }, `${type} ${property}`);
+  }, `${op}`);
 });
 
 </script>
--- a/testing/web-platform/tests/html/cross-origin-opener-policy/access-reporting/openee-accessed_openee-coop.https.html
+++ b/testing/web-platform/tests/html/cross-origin-opener-policy/access-reporting/openee-accessed_openee-coop.https.html
@@ -11,38 +11,39 @@
 <script>
 
 const directory = "/html/cross-origin-opener-policy/access-reporting";
 const executor_path = directory + "/resources/executor.html?pipe=";
 const cross_origin = get_host_info().HTTPS_REMOTE_ORIGIN;
 const coep_header = '|header(Cross-Origin-Embedder-Policy,require-corp)';
 
 let operation = [
-//[type    , property      , operation                   ] ,
-  ["Call"  , "blur"        , w => w.blur()               ] ,
-  ["Call"  , "foo"         , w => w.foo()                ] ,
-  ["Call"  , "location"    , w => w.location()           ] ,
-  ["Call"  , "opener"      , w => w.opener()             ] ,
-  ["Call"  , "postMessage" , w => w.postMessage()        ] ,
-  ["Call"  , "window"      , w => w.window()             ] ,
-  ["Read"  , "blur"        , w => w.blur                 ] ,
-  ["Read"  , "foo"         , w => w.foo                  ] ,
-  ["Read"  , "location"    , w => w.location             ] ,
-  ["Read"  , "opener"      , w => w.opener               ] ,
-  ["Read"  , "postMessage" , w => w.postMessage          ] ,
-  ["Read"  , "window"      , w => w.window               ] ,
-  ["Write" , "blur"        , w => w.blur = "test"        ] ,
-  ["Write" , "foo"         , w => w.foo = "test"         ] ,
-  ["Write" , "location"    , w => w.location = "test"    ] ,
-  ["Write" , "opener"      , w => w.opener = "test"      ] ,
-  ["Write" , "postMessage" , w => w.postMessage = "test" ] ,
-  ["Write" , "window"      , w => w.window = "test"      ] ,
+//[property      , operation                 ] ,
+  ["blur"        , w => w.blur()             ] ,
+  ["close"       , w => w.close()            ] ,
+  ["closed"      , w => w.closed             ] ,
+  ["focus"       , w => w.focus()            ] ,
+  ["frames"      , w => w.frames             ] ,
+  ["indexed"     , w => w[0]                 ] ,
+  ["indexed"     , w => w[0] = ""            ] ,
+  ["length"      , w => w.length             ] ,
+  ["location"    , w => w.location           ] ,
+  ["location"    , w => w.location = "#"     ] ,
+  ["named"       , w => w["test"]            ] ,
+  ["named"       , w => w["test"] = ""       ] ,
+  ["opener"      , w => w.opener             ] ,
+  ["opener"      , w => w.opener = ""        ] ,
+  ["postMessage" , w => w.postMessage("")    ] ,
+  ["postMessage" , w => w.postMessage("", "")] ,
+  ["self"        , w => w.self               ] ,
+  ["top"         , w => w.top                ] ,
+  ["window"      , w => w.window             ] ,
 ];
 
-operation.forEach(([type, property, op]) => {
+operation.forEach(([property, op]) => {
   promise_test(async t => {
     const report_token = token();
     const executor_token = token();
     const callback_token = token();
 
     const reportTo = reportToHeaders(report_token);
     const openee_url = cross_origin + executor_path +
       reportTo.header + reportTo.coopSameOriginHeader + coep_header +
@@ -54,38 +55,39 @@ operation.forEach(([type, property, op])
     send(executor_token, `
       send("${callback_token}", "Ready");
     `);
     let reply = await receive(callback_token);
     assert_equals(reply, "Ready");
 
     // 2. Skip the first report about the opener breakage.
     let report_1 = await receive(report_token);
-    assert_not_equals(report_1, "timeout");
+    assert_not_equals(report_1, "timeout",
+      "Receive navigation-to-document report");
     report_1 = JSON.parse(report_1);
     assert_equals(report_1.length, 1);
     assert_equals(report_1[0].type, "coop");
     assert_equals(report_1[0].body["violation-type"], "navigation-to-document");
     assert_equals(report_1[0].body["disposition"], "enforce");
 
     // 3. Try to access the openee. This shouldn't work because of COOP+COEP.
     try {op(openee)} catch(e) {}
 
     // 4. A COOP access reports must be sent as a result of (3).
     let report_2 = await receive(report_token);
-    assert_not_equals(report_2, "timeout");
+    assert_not_equals(report_2, "timeout", "Receive access report");
     report_2 = JSON.parse(report_2);
     assert_equals(report_2.length, 1);
     assert_equals(report_2[0].type, "coop");
-    assert_equals(report_2[0].url, openee_url);
+    assert_equals(report_2[0].url, openee_url.replace(/"/g, '%22'));
     assert_equals(report_2[0].body["violation-type"], "access-to-coop-page");
     assert_equals(report_2[0].body["disposition"], "enforce");
     assert_equals(report_2[0].body["effective-policy"], "same-origin-plus-coep");
     assert_equals(report_2[0].body["property"], property);
     assert_equals(report_2[0].body["source-file"], undefined);
     assert_equals(report_2[0].body["lineno"], undefined);
     assert_equals(report_2[0].body["colno"], undefined);
     // TODO(arthursonzogni): Add check for report > body > blocked-window-url
 
-  }, `${type} ${property}`);
+  }, `${op}`);
 });
 
 </script>
--- a/testing/web-platform/tests/html/cross-origin-opener-policy/access-reporting/opener-accessed_openee-coop-ro.https.html
+++ b/testing/web-platform/tests/html/cross-origin-opener-policy/access-reporting/opener-accessed_openee-coop-ro.https.html
@@ -11,77 +11,80 @@
 <script>
 
 const directory = "/html/cross-origin-opener-policy/access-reporting";
 const executor_path = directory + "/resources/executor.html?pipe=";
 const cross_origin = get_host_info().HTTPS_REMOTE_ORIGIN;
 const coep_header = '|header(Cross-Origin-Embedder-Policy,require-corp)';
 
 let operation = [
-//[type    , property      , operation                     ] ,
-  ["Call"  , "blur"        , "opener.blur()"               ] ,
-  ["Call"  , "foo"         , "opener.foo()"                ] ,
-  ["Call"  , "location"    , "opener.location()"           ] ,
-  ["Call"  , "opener"      , "opener.opener()"             ] ,
-  ["Call"  , "postMessage" , "opener.postMessage()"        ] ,
-  ["Call"  , "window"      , "opener.window()"             ] ,
-  ["Read"  , "blur"        , "opener.blur"                 ] ,
-  ["Read"  , "foo"         , "opener.foo"                  ] ,
-  ["Read"  , "location"    , "opener.location"             ] ,
-  ["Read"  , "opener"      , "opener.opener"               ] ,
-  ["Read"  , "postMessage" , "opener.postMessage"          ] ,
-  ["Read"  , "window"      , "opener.window"               ] ,
-  ["Write" , "blur"        , "opener.blur = 'test'"        ] ,
-  ["Write" , "foo"         , "opener.foo = 'test'"         ] ,
-  ["Write" , "location"    , "opener.location = 'test'"    ] ,
-  ["Write" , "opener"      , "opener.opener = 'test'"      ] ,
-  ["Write" , "postMessage" , "opener.postMessage = 'test'" ] ,
-  ["Write" , "window"      , "opener.window = 'test'"      ] ,
+//[property      , operation                   ] ,
+  ["blur"        , 'opener.blur()'             ] ,
+  ["close"       , 'opener.close()'            ] ,
+  ["closed"      , 'opener.closed'             ] ,
+  ["focus"       , 'opener.focus()'            ] ,
+  ["frames"      , 'opener.frames'             ] ,
+  ["indexed"     , 'opener[0]'                 ] ,
+  ["indexed"     , 'opener[0] = ""'            ] ,
+  ["length"      , 'opener.length'             ] ,
+  ["location"    , 'opener.location'           ] ,
+  ["location"    , 'opener.location = "#"'     ] ,
+  ["named"       , 'opener["test"]'            ] ,
+  ["named"       , 'opener["test"] = ""'       ] ,
+  ["opener"      , 'opener.opener'             ] ,
+  ["opener"      , 'opener.opener = ""'        ] ,
+  ["postMessage" , 'opener.postMessage("")'    ] ,
+  ["postMessage" , 'opener.postMessage("", "")'] ,
+  ["self"        , 'opener.self'               ] ,
+  ["top"         , 'opener.top'                ] ,
+  ["window"      , 'opener.window'             ] ,
 ];
 
-operation.forEach(([type, property, op]) => {
+operation.forEach(([property, op]) => {
   promise_test(async t => {
     const report_token = token();
     const executor_token = token();
     const callback_token = token();
 
     const reportTo = reportToHeaders(report_token);
     const openee_url = cross_origin + executor_path +
       reportTo.header + reportTo.coopReportOnlySameOriginHeader + coep_header +
       `&uuid=${executor_token}`;
     const openee = window.open(openee_url);
     t.add_cleanup(() => send(executor_token, "window.close()"))
 
     // 1. Skip the first report about the opener breakage.
     let report_1 = await receive(report_token);
-    assert_not_equals(report_1, "timeout");
+    assert_not_equals(report_1, "timeout",
+      "Receive navigation-to-document report");
     report_1 = JSON.parse(report_1);
     assert_equals(report_1.length, 1);
     assert_equals(report_1[0].type, "coop");
     assert_equals(report_1[0].body["violation-type"], "navigation-to-document");
     assert_equals(report_1[0].body["disposition"], "reporting");
 
     // 3. Try to access the opener. A report is sent, because of COOP-RO+COEP.
     send(executor_token, `
       try {${op}} catch(e) {}
       send("${callback_token}", "Done");
     `);
     let reply = await receive(callback_token);
     assert_equals(reply, "Done");
 
     // 4. A COOP access reports must be sent as a result of (3).
     let report_2 = await receive(report_token);
-    assert_not_equals(report_2, "timeout");
+    assert_not_equals(report_2, "timeout", "Receive access report");
     report_2 = JSON.parse(report_2);
 
     assert_equals(report_2.length, 1);
     assert_equals(report_2[0].type, "coop");
+    assert_equals(report_2[0].url, openee_url.replace(/"/g, '%22'));
     assert_equals(report_2[0].body["violation-type"], "access-from-coop-page");
     assert_equals(report_2[0].body["disposition"], "reporting");
     assert_equals(report_2[0].body["effective-policy"], "same-origin-plus-coep");
     assert_equals(report_2[0].body["property"], property);
     assert_equals(report_2[0].body["source-file"], undefined);
     assert_equals(report_2[0].body["lineno"], undefined);
     assert_equals(report_2[0].body["colno"], undefined);
-  }, `${type} ${property}`);
+  }, `${op})`);
 });
 
 </script>
--- a/testing/web-platform/tests/html/cross-origin-opener-policy/access-reporting/opener-accessed_openee-coop.https.html
+++ b/testing/web-platform/tests/html/cross-origin-opener-policy/access-reporting/opener-accessed_openee-coop.https.html
@@ -11,77 +11,80 @@
 <script>
 
 const directory = "/html/cross-origin-opener-policy/access-reporting";
 const executor_path = directory + "/resources/executor.html?pipe=";
 const cross_origin = get_host_info().HTTPS_REMOTE_ORIGIN;
 const coep_header = '|header(Cross-Origin-Embedder-Policy,require-corp)';
 
 let operation = [
-//[type    , property      , operation                     ] ,
-  ["Call"  , "blur"        , "opener.blur()"               ] ,
-  ["Call"  , "foo"         , "opener.foo()"                ] ,
-  ["Call"  , "location"    , "opener.location()"           ] ,
-  ["Call"  , "opener"      , "opener.opener()"             ] ,
-  ["Call"  , "postMessage" , "opener.postMessage()"        ] ,
-  ["Call"  , "window"      , "opener.window()"             ] ,
-  ["Read"  , "blur"        , "opener.blur"                 ] ,
-  ["Read"  , "foo"         , "opener.foo"                  ] ,
-  ["Read"  , "location"    , "opener.location"             ] ,
-  ["Read"  , "opener"      , "opener.opener"               ] ,
-  ["Read"  , "postMessage" , "opener.postMessage"          ] ,
-  ["Read"  , "window"      , "opener.window"               ] ,
-  ["Write" , "blur"        , "opener.blur = 'test'"        ] ,
-  ["Write" , "foo"         , "opener.foo = 'test'"         ] ,
-  ["Write" , "location"    , "opener.location = 'test'"    ] ,
-  ["Write" , "opener"      , "opener.opener = 'test'"      ] ,
-  ["Write" , "postMessage" , "opener.postMessage = 'test'" ] ,
-  ["Write" , "window"      , "opener.window = 'test'"      ] ,
+//[property      , operation                   ] ,
+  ["blur"        , 'opener.blur()'             ] ,
+  ["close"       , 'opener.close()'            ] ,
+  ["closed"      , 'opener.closed'             ] ,
+  ["focus"       , 'opener.focus()'            ] ,
+  ["frames"      , 'opener.frames'             ] ,
+  ["indexed"     , 'opener[0]'                 ] ,
+  ["indexed"     , 'opener[0] = ""'            ] ,
+  ["length"      , 'opener.length'             ] ,
+  ["location"    , 'opener.location'           ] ,
+  ["location"    , 'opener.location = "#"'     ] ,
+  ["named"       , 'opener["test"]'            ] ,
+  ["named"       , 'opener["test"] = ""'       ] ,
+  ["opener"      , 'opener.opener'             ] ,
+  ["opener"      , 'opener.opener = ""'        ] ,
+  ["postMessage" , 'opener.postMessage("")'    ] ,
+  ["postMessage" , 'opener.postMessage("", "")'] ,
+  ["self"        , 'opener.self'               ] ,
+  ["top"         , 'opener.top'                ] ,
+  ["window"      , 'opener.window'             ] ,
 ];
 
-operation.forEach(([type, property, op]) => {
+operation.forEach(([property, op]) => {
   promise_test(async t => {
     const report_token = token();
     const executor_token = token();
     const callback_token = token();
 
     const reportTo = reportToHeaders(report_token);
     const openee_url = cross_origin + executor_path +
       reportTo.header + reportTo.coopSameOriginHeader + coep_header +
       `&uuid=${executor_token}`;
     const openee = window.open(openee_url);
     t.add_cleanup(() => send(executor_token, "window.close()"));
 
     // 1. Skip the first report about the opener breakage.
     let report_1 = await receive(report_token);
-    assert_not_equals(report_1, "timeout");
+    assert_not_equals(report_1, "timeout",
+      "Receive navigation-to-document report");
     report_1 = JSON.parse(report_1);
     assert_equals(report_1.length, 1);
     assert_equals(report_1[0].type, "coop");
     assert_equals(report_1[0].body["violation-type"], "navigation-to-document");
     assert_equals(report_1[0].body["disposition"], "enforce");
 
     // 3. Try to access the opener. A report is sent, because of COOP+COEP.
     send(executor_token, `
       try {${op}} catch(e) {}
       send("${callback_token}", "Done");
     `);
     let reply = await receive(callback_token);
     assert_equals(reply, "Done");
 
     // 4. A COOP access reports must be sent as a result of (3).
     let report_2 = await receive(report_token);
-    assert_not_equals(report_2, "timeout");
+    assert_not_equals(report_2, "timeout", "Received access report");
     report_2 = JSON.parse(report_2);
 
     assert_equals(report_2.length, 1);
     assert_equals(report_2[0].type, "coop");
+    assert_equals(report_2[0].url, openee_url.replace(/"/g, '%22'));
     assert_equals(report_2[0].body["violation-type"], "access-from-coop-page");
     assert_equals(report_2[0].body["disposition"], "enforce");
     assert_equals(report_2[0].body["effective-policy"], "same-origin-plus-coep");
     assert_equals(report_2[0].body["property"], property);
     assert_equals(report_2[0].body["source-file"], undefined);
     assert_equals(report_2[0].body["lineno"], undefined);
     assert_equals(report_2[0].body["colno"], undefined);
-  }, `${type} ${property}`);
+  }, `${op}`);
 });
 
 </script>
--- a/testing/web-platform/tests/html/cross-origin-opener-policy/access-reporting/resources/dispatcher.js
+++ b/testing/web-platform/tests/html/cross-origin-opener-policy/access-reporting/resources/dispatcher.js
@@ -44,12 +44,12 @@ const reportToHeaders = function(uuid) {
   };
   reportToJSON = JSON.stringify(reportToJSON)
                      .replace(/,/g, '\\,')
                      .replace(/\(/g, '\\\(')
                      .replace(/\)/g, '\\\)=');
 
   return {
     header: `|header(report-to,${reportToJSON})`,
-    coopSameOriginHeader: `|header(Cross-Origin-Opener-Policy, same-origin%3Breport-to="${uuid}")`,
-    coopReportOnlySameOriginHeader: `|header(Cross-Origin-Opener-Policy-Report-Only, same-origin%3Breport-to="${uuid}")`,
+    coopSameOriginHeader: `|header(Cross-Origin-Opener-Policy,same-origin%3Breport-to="${uuid}")`,
+    coopReportOnlySameOriginHeader: `|header(Cross-Origin-Opener-Policy-Report-Only,same-origin%3Breport-to="${uuid}")`,
   };
 };