Bug 1496820 [wpt PR 13375] - Enable FP reporting for sensor policy violations., a=testonly
☠☠ backed out by 09dd66ffc95a ☠ ☠
authorIan Clelland <iclelland@chromium.org>
Mon, 15 Oct 2018 17:16:32 +0000
changeset 489904 8b57f9851df8209672b2448a905ecc921bff4891
parent 489903 4c371bd8765fc77ed27c8288e9e3617f968917cd
child 489905 4cde50991a6b460c8631a4f3647e481558f81653
push id247
push userfmarier@mozilla.com
push dateSat, 27 Oct 2018 01:06:44 +0000
reviewerstestonly
bugs1496820, 13375, 867471, 1263041, 599087
milestone64.0a1
Bug 1496820 [wpt PR 13375] - Enable FP reporting for sensor policy violations., a=testonly Automatic update from web-platform-testsEnable FP reporting for sensor policy violations. This queues a report through the Reporting API whenever the Generic Sensor API is used in a frame in which the specific sensor is not allowed according to feature policy. Bug: 867471 Change-Id: I9c50f4a331b2b2230890ee0c357047704af8425a Reviewed-on: https://chromium-review.googlesource.com/c/1263041 Reviewed-by: Reilly Grant <reillyg@chromium.org> Reviewed-by: Kentaro Hara <haraken@chromium.org> Commit-Queue: Ian Clelland <iclelland@chromium.org> Cr-Commit-Position: refs/heads/master@{#599087} -- wpt-commits: 6446b4dc89324df48019ef6fa4999595d1f80abf wpt-pr: 13375
testing/web-platform/tests/feature-policy/reporting/generic-sensor-reporting.https.html
testing/web-platform/tests/feature-policy/reporting/generic-sensor-reporting.https.html.headers
new file mode 100644
--- /dev/null
+++ b/testing/web-platform/tests/feature-policy/reporting/generic-sensor-reporting.https.html
@@ -0,0 +1,55 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+  </head>
+  <body>
+    <script>
+var sensor_features_verified = {
+  "accelerometer": false,
+  "ambient-light-sensor": false,
+  "magnetometer": false,
+  "gyroscope": false
+};
+
+var check_report_format = function(reports, observer) {
+  // Check each report in this batch. This observer callback may be called
+  // multiple times before all reports have been processed.
+  for (const report of reports) {
+
+    // Validate that the reported feature is one of the sensor features, and that
+    // we have not seen a report for this feature before.
+    assert_true(sensor_features_verified.hasOwnProperty(report.body.feature));
+    assert_false(sensor_features_verified[report.body.feature]);
+
+    // Validate the remainder of the report
+    assert_equals(report.type, "feature-policy");
+    assert_equals(report.url, document.location.href);
+    assert_equals(report.body.sourceFile, document.location.href);
+    assert_equals(typeof report.body.message, "string");
+    assert_equals(typeof report.body.lineNumber, "number");
+    assert_equals(typeof report.body.columnNumber, "number");
+
+    sensor_features_verified[report.body.feature] = true;
+  }
+
+  // Test is only done when reports for all features have been seen
+  for (let result of Object.values(sensor_features_verified)) {
+    if (!result)
+      return;
+  }
+  this.done();
+};
+
+async_test(t => {
+  new ReportingObserver(t.step_func(check_report_format),
+                        {types: ['feature-policy']}).observe();
+  assert_throws("SecurityError", () => new Accelerometer(), "Constructing sensors should be blocked by policy");
+  assert_throws("SecurityError", () => new AmbientLightSensor(), "Constructing sensors should be blocked by policy");
+  assert_throws("SecurityError", () => new Gyroscope(), "Constructing sensors should be blocked by policy");
+  assert_throws("SecurityError", () => new Magnetometer(), "Constructing sensors should be blocked by policy");
+}, "Generic Sensor Report Format");
+    </script>
+  </body>
+</html>
new file mode 100644
--- /dev/null
+++ b/testing/web-platform/tests/feature-policy/reporting/generic-sensor-reporting.https.html.headers
@@ -0,0 +1,1 @@
+Feature-Policy: ambient-light-sensor 'none'; accelerometer 'none'; gyroscope 'none'; magnetometer 'none'