Bug 1454245 [wpt PR 10483] - PaymentHandler: Not allow to call operation if event is not trusted, a=testonly
authorJinho Bang <jinho.bang@samsung.com>
Wed, 25 Apr 2018 18:54:44 +0000
changeset 471889 b15b72fbd840c799467c9f91de012840803bea23
parent 471888 655a006612fb1d4cf8121e6e67d3b6e41c6afc6a
child 471890 04d6f363e6445f09fbd89aa6ec8923366a48b578
push id1728
push userjlund@mozilla.com
push dateMon, 18 Jun 2018 21:12:27 +0000
treeherdermozilla-release@c296fde26f5f [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerstestonly
bugs1454245, 10483, 833530, 1013664, 551238
milestone61.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1454245 [wpt PR 10483] - PaymentHandler: Not allow to call operation if event is not trusted, a=testonly Automatic update from web-platform-testsPaymentHandler: Not allow to call operation if event is not trusted Related spec change: https://github.com/w3c/payment-handler/pull/294 Bug: 833530 Change-Id: I65d0e01bb5b6bfdd44925b90ba98837161cc136b Reviewed-on: https://chromium-review.googlesource.com/1013664 Reviewed-by: Rouslan Solomakhin <rouslan@chromium.org> Commit-Queue: Jinho Bang <jinho.bang@samsung.com> Cr-Commit-Position: refs/heads/master@{#551238} -- wpt-commits: e08f2142aa8e98034966994966e02fff3747bdf8 wpt-pr: 10483
testing/web-platform/meta/MANIFEST.json
testing/web-platform/tests/payment-handler/untrusted-event.https.html
testing/web-platform/tests/payment-handler/untrusted-event.js
--- a/testing/web-platform/meta/MANIFEST.json
+++ b/testing/web-platform/meta/MANIFEST.json
@@ -288705,16 +288705,21 @@
      {}
     ]
    ],
    "payment-handler/register-and-activate-service-worker.js": [
     [
      {}
     ]
    ],
+   "payment-handler/untrusted-event.js": [
+    [
+     {}
+    ]
+   ],
    "payment-method-basic-card/OWNERS": [
     [
      {}
     ]
    ],
    "payment-method-id/OWNERS": [
     [
      {}
@@ -353599,16 +353604,22 @@
     ]
    ],
    "payment-handler/payment-request-event.https.html": [
     [
      "/payment-handler/payment-request-event.https.html",
      {}
     ]
    ],
+   "payment-handler/untrusted-event.https.html": [
+    [
+     "/payment-handler/untrusted-event.https.html",
+     {}
+    ]
+   ],
    "payment-method-basic-card/payment-request-canmakepayment-method.https.html": [
     [
      "/payment-method-basic-card/payment-request-canmakepayment-method.https.html",
      {}
     ]
    ],
    "payment-request/PaymentCurrencyAmount/currencySystem-member.https.html": [
     [
@@ -587124,16 +587135,24 @@
   "payment-handler/payment-request-event.https.html": [
    "37e76b630197399daa3eb5ea49e8a4150c61c29c",
    "testharness"
   ],
   "payment-handler/register-and-activate-service-worker.js": [
    "be0cc9201508bb936dc87307b12ee7545020778b",
    "support"
   ],
+  "payment-handler/untrusted-event.https.html": [
+   "0de348d157bc45eaf54afffad257dfd72db0a468",
+   "testharness"
+  ],
+  "payment-handler/untrusted-event.js": [
+   "b46f1952420558f315241b048ebf68568c6f4fd6",
+   "support"
+  ],
   "payment-method-basic-card/OWNERS": [
    "ee0b02c59588d15b6efdb983c492ebbf50127e1c",
    "support"
   ],
   "payment-method-basic-card/empty-data-manual.https.html": [
    "f58fecb7d70aac64befe54f403208da14e479b1b",
    "manual"
   ],
new file mode 100644
--- /dev/null
+++ b/testing/web-platform/tests/payment-handler/untrusted-event.https.html
@@ -0,0 +1,56 @@
+<!DOCTYPE html>
+<meta charset=utf-8>
+<link rel="help" href="https://w3c.github.io/payment-handler/">
+<title>Test for untrusted event</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/service-workers/service-worker/resources/test-helpers.sub.js"></script>
+<script>
+
+async function getResultFromSW(serviceWorkerContainer) {
+  return new Promise((resolve, reject) => {
+    serviceWorkerContainer.addEventListener('message', listener = e => {
+      serviceWorkerContainer.removeEventListener('message', listener);
+      if (e.data) {
+        resolve(e.data);
+      } else {
+        reject();
+      }
+    });
+  });
+}
+
+promise_test(async t => {
+  const registration = await service_worker_unregister_and_register(
+      t, 'untrusted-event.js', 'payment-app/');
+  await wait_for_state(t, registration.installing, 'activated');
+
+  const controlled_window = (await with_iframe('payment-app/payment.html')).contentWindow;
+
+  // Test for untrusted PaymentRequestEvent
+  {
+    const result = getResultFromSW(controlled_window.navigator.serviceWorker);
+    controlled_window.navigator.serviceWorker.controller.postMessage('paymentrequest');
+
+    const expected = [
+      "InvalidStateError", /* respondWith */
+      "InvalidStateError"  /* openWindow */
+    ];
+
+    assert_array_equals(await result, expected);
+  }
+
+  // Test for untrusted CanMakePaymentEvent
+  {
+    const result = getResultFromSW(controlled_window.navigator.serviceWorker);
+    controlled_window.navigator.serviceWorker.controller.postMessage('canmakepayment');
+
+    const expected = [
+      "InvalidStateError", /* respondWith */
+    ];
+
+    assert_array_equals(await result, expected);
+  }
+});
+
+</script>
new file mode 100644
--- /dev/null
+++ b/testing/web-platform/tests/payment-handler/untrusted-event.js
@@ -0,0 +1,59 @@
+let sender = null;
+
+self.addEventListener('message', e => {
+  sender = e.source;
+
+  if (e.data == 'paymentrequest') {
+    self.dispatchEvent(new PaymentRequestEvent('paymentrequest', {
+      methodData: [{
+        supportedMethods: 'basic-card'
+      }],
+      total: {
+        currency: 'USD',
+        value: '100'
+      },
+      modifiers: [{
+        supportedMethods: 'basic-card'
+      }]
+    }));
+  } else if (e.data == 'canmakepayment') {
+    self.dispatchEvent(new CanMakePaymentEvent('canmakepayment', {
+      methodData: [{
+        supportedMethods: 'basic-card'
+      }],
+      modifiers: [{
+        supportedMethods: 'basic-card'
+      }]
+    }));
+  }
+});
+
+self.addEventListener('paymentrequest', async e => {
+  const result = [];
+
+  try {
+    e.respondWith({});
+  } catch (exception) {
+    result.push(exception.name);
+  }
+
+  try {
+    await e.openWindow('payment-app/payment.html');
+  } catch (exception) {
+    result.push(exception.name);
+  }
+
+  sender.postMessage(result);
+});
+
+self.addEventListener('canmakepayment', async e => {
+  const result = [];
+
+  try {
+    e.respondWith({});
+  } catch (exception) {
+    result.push(exception.name);
+  }
+
+  sender.postMessage(result);
+});