Skip to content
Permalink
Browse files
Add support for COEP violation reporting
https://bugs.webkit.org/show_bug.cgi?id=244985

Reviewed by Brent Fulgham.

Add support for COEP violation reporting:
- https://html.spec.whatwg.org/multipage/origin.html#queue-a-cross-origin-embedder-policy-inheritance-violation
- https://fetch.spec.whatwg.org/#queue-a-cross-origin-embedder-policy-corp-violation-report

* LayoutTests/TestExpectations:
* LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/reporting-navigation.https-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/reporting-subresource-corp.https-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/reporting-to-document-reporting-endpoint.https.window-expected.txt:
* Source/WebCore/DerivedSources-input.xcfilelist:
* Source/WebCore/DerivedSources-output.xcfilelist:
* Source/WebCore/DerivedSources.make:
* Source/WebCore/Modules/reporting/Report.cpp:
(WebCore::Report::createReportFormDataForViolation):
* Source/WebCore/Modules/reporting/Report.h:
* Source/WebCore/Modules/reporting/ReportBody.cpp:
* Source/WebCore/Modules/reporting/ReportingClient.h:
* Source/WebCore/Modules/reporting/ReportingObserver.cpp:
(WebCore::isVisibleToReportingObservers):
* Source/WebCore/Modules/reporting/ViolationReportType.h:
* Source/WebCore/Sources.txt:
* Source/WebCore/WebCore.xcodeproj/project.pbxproj:
* Source/WebCore/bindings/js/JSReportBodyCustom.cpp:
(WebCore::toJSNewlyCreated):
* Source/WebCore/dom/Document.cpp:
(WebCore::Document::sendReportToEndpoints):
* Source/WebCore/dom/Document.h:
* Source/WebCore/loader/COEPInheritenceViolationReportBody.cpp: Copied from Source/WebCore/Modules/reporting/Report.cpp.
(WebCore::COEPInheritenceViolationReportBody::create):
(WebCore::COEPInheritenceViolationReportBody::COEPInheritenceViolationReportBody):
(WebCore::COEPInheritenceViolationReportBody::disposition const):
* Source/WebCore/loader/COEPInheritenceViolationReportBody.h: Copied from Source/WebCore/Modules/reporting/Report.h.
(WebCore::COEPInheritenceViolationReportBody::blockedURL const):
(WebCore::COEPInheritenceViolationReportBody::encode const):
(WebCore::COEPInheritenceViolationReportBody::decode):
(isType):
* Source/WebCore/loader/COEPInheritenceViolationReportBody.idl: Copied from Source/WebCore/Modules/reporting/ReportBody.cpp.
* Source/WebCore/loader/CORPViolationReportBody.cpp: Copied from Source/WebCore/Modules/reporting/Report.cpp.
(WebCore::CORPViolationReportBody::create):
(WebCore::CORPViolationReportBody::CORPViolationReportBody):
(WebCore::CORPViolationReportBody::type const):
(WebCore::CORPViolationReportBody::disposition const):
(WebCore::CORPViolationReportBody::destination const):
* Source/WebCore/loader/CORPViolationReportBody.h: Added.
(WebCore::CORPViolationReportBody::blockedURL const):
(WebCore::CORPViolationReportBody::encode const):
(WebCore::CORPViolationReportBody::decode):
(isType):
* Source/WebCore/loader/CORPViolationReportBody.idl: Copied from Source/WebCore/Modules/reporting/ReportBody.cpp.
* Source/WebCore/loader/CrossOriginEmbedderPolicy.cpp:
(WebCore::sendCOEPInheritenceViolation):
(WebCore::sendCOEPCORPViolation):
* Source/WebCore/loader/CrossOriginEmbedderPolicy.h:
* Source/WebCore/loader/CrossOriginOpenerPolicy.cpp:
(WebCore::sendViolationReportWhenNavigatingToCOOPResponse):
(WebCore::sendViolationReportWhenNavigatingAwayFromCOOPResponse):
(WebCore::createViolationReportObject): Deleted.
* Source/WebCore/loader/PingLoader.cpp:
(WebCore::PingLoader::sendViolationReport):
* Source/WebCore/loader/PingLoader.h:
* Source/WebCore/page/csp/ContentSecurityPolicy.cpp:
(WebCore::ContentSecurityPolicy::reportViolation const):
* Source/WebCore/workers/WorkerGlobalScope.cpp:
(WebCore::WorkerGlobalScope::sendReportToEndpoints):
* Source/WebCore/workers/WorkerGlobalScope.h:
* Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp:
(WebKit::contextURLforCORPViolation):
(WebKit::performCORPCheck):
* Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.cpp:
(WebKit::NetworkResourceLoadParameters::encode const):
(WebKit::NetworkResourceLoadParameters::decode):
* Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.h:
* Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp:
(WebKit::NetworkResourceLoader::shouldInterruptLoadForCSPFrameAncestorsOrXFrameOptions):
(WebKit::NetworkResourceLoader::shouldInterruptNavigationForCrossOriginEmbedderPolicy):
(WebKit::NetworkResourceLoader::shouldInterruptWorkerLoadForCrossOriginEmbedderPolicy):
(WebKit::NetworkResourceLoader::frameIdentifierForReport const):
(WebKit::NetworkResourceLoader::notifyReportObservers):
(WebKit::NetworkResourceLoader::sendReportToEndpoints):
* Source/WebKit/NetworkProcess/NetworkResourceLoader.h:
* Source/WebKit/Shared/WebCoreArgumentCoders.cpp:
(IPC::ArgumentCoder<RefPtr<WebCore::ReportBody>>::encode):
(IPC::ArgumentCoder<RefPtr<WebCore::ReportBody>>::decode):
* Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp:
(WebKit::addParametersShared):
(WebKit::WebLoaderStrategy::scheduleLoadFromNetworkProcess):
(WebKit::WebLoaderStrategy::startPingLoad):
* Source/WebKit/WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::sendReportToEndpoints):
* Source/WebKit/WebProcess/WebPage/WebPage.h:
* Source/WebKit/WebProcess/WebPage/WebPage.messages.in:

Canonical link: https://commits.webkit.org/254466@main
  • Loading branch information
cdumez committed Sep 14, 2022
1 parent 02f58b6 commit 33bacbfe4c429e62f63587f0ba98013a0db2bfad
Show file tree
Hide file tree
Showing 58 changed files with 711 additions and 144 deletions.
@@ -229,14 +229,14 @@ imported/w3c/web-platform-tests/speech-api/ [ Skip ]
# Support for COEP violation reporting is missing.
imported/w3c/web-platform-tests/html/cross-origin-opener-policy/reporting/access-reporting/
imported/w3c/web-platform-tests/html/cross-origin-opener-policy/reporting/document-reporting/
imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/reporting-navigation.https.html
imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/reporting-subresource-corp.https.html
imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/reporting-to-document-reporting-endpoint.https.window.html
imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/reporting-to-endpoint.https.html
imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/reporting-to-frame-owner.https.html
imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/reporting-to-worker-owner.https.html
imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/cache-storage-reporting-document.https.html [ Skip ]

# This test is failing in all major browser engines as of Sept 2022. The reason is that the Reporting-Endpoints header
# is served on the parent of the reporting frame, not the reporting frame.
imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/reporting-to-endpoint.https.html

# Only Mac and iOS have an implementation of UIScriptController::doAsyncTask().
fast/harness/uiscriptcontroller [ Skip ]

@@ -439,11 +439,15 @@ http/wpt/html/cross-origin-embedder-policy/require-corp.https.html [ DumpJSConso
imported/w3c/web-platform-tests/FileAPI/url/sandboxed-iframe.html [ DumpJSConsoleLogInStdErr ]
imported/w3c/web-platform-tests/eventsource/format-mime-bogus.any.html [ DumpJSConsoleLogInStdErr ]
imported/w3c/web-platform-tests/html/anonymous-iframe/embedding.tentative.https.window.html [ DumpJSConsoleLogInStdErr ]
imported/w3c/web-platform-tests/html/browsers/browsing-the-web/navigating-across-documents/failure-check-sequence.https.html [ DumpJSConsoleLogInStdErr ]
imported/w3c/web-platform-tests/html/browsers/history/the-location-interface/location-protocol-setter-non-broken.html [ DumpJSConsoleLogInStdErr Failure Pass ]
imported/w3c/web-platform-tests/html/browsers/history/the-location-interface/location-protocol-setter-non-broken-weird.html [ DumpJSConsoleLogInStdErr ]
imported/w3c/web-platform-tests/html/browsers/origin/cross-origin-objects/cross-origin-objects.html [ DumpJSConsoleLogInStdErr ]
imported/w3c/web-platform-tests/html/browsers/sandboxing/sandbox-disallow-popups.html [ DumpJSConsoleLogInStdErr ]
imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/blob.https.html [ DumpJSConsoleLogInStdErr ]
imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/reporting-navigation.https.html [ DumpJSConsoleLogInStdErr ]
imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/reporting-subresource-corp.https.html [ DumpJSConsoleLogInStdErr ]
imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/reporting-to-document-reporting-endpoint.https.window.html [ DumpJSConsoleLogInStdErr ]
imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/require-corp-cached-images.https.html [ DumpJSConsoleLogInStdErr ]
imported/w3c/web-platform-tests/html/cross-origin-embedder-policy/require-corp-revalidated-images.https.html [ DumpJSConsoleLogInStdErr ]
imported/w3c/web-platform-tests/html/cross-origin-opener-policy/coop-csp-sandbox.https.html [ DumpJSConsoleLogInStdErr ]
@@ -2,6 +2,7 @@ CONSOLE MESSAGE: Refused to load http://localhost:8000/security/contentSecurityP
CSP report received:
CONTENT_TYPE: application/csp-report
HTTP_HOST: localhost:8000
HTTP_REFERER: http://127.0.0.1:8000/
REQUEST_METHOD: POST
REQUEST_URI: /security/contentSecurityPolicy/resources/save-report.py?test=/security/contentSecurityPolicy/1.1/report-frame-ancestors-cross-origin.html
=== POST DATA ===
@@ -2,6 +2,7 @@ CONSOLE MESSAGE: Refused to load https://localhost:8443/security/contentSecurity
CSP report received:
CONTENT_TYPE: application/csp-report
HTTP_HOST: localhost:8443
HTTP_REFERER: http://127.0.0.1:8000/
REQUEST_METHOD: POST
REQUEST_URI: /security/contentSecurityPolicy/resources/save-report.py?test=/security/contentSecurityPolicy/1.1/report-frame-ancestors-cross-origin.html
=== POST DATA ===
@@ -2,6 +2,7 @@ CONSOLE MESSAGE: Refused to load http://127.0.0.1:8000/security/contentSecurityP
CSP report received:
CONTENT_TYPE: application/csp-report
HTTP_HOST: 127.0.0.1:8000
HTTP_REFERER: http://127.0.0.1:8000/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-same-origin.html
REQUEST_METHOD: POST
REQUEST_URI: /security/contentSecurityPolicy/resources/save-report.py?test=/security/contentSecurityPolicy/1.1/report-frame-ancestors-same-origin.html
=== POST DATA ===
@@ -2,6 +2,7 @@ CONSOLE MESSAGE: Refused to load https://127.0.0.1:8443/security/contentSecurity
CSP report received:
CONTENT_TYPE: application/csp-report
HTTP_HOST: 127.0.0.1:8443
HTTP_REFERER: http://127.0.0.1:8000/
REQUEST_METHOD: POST
REQUEST_URI: /security/contentSecurityPolicy/resources/save-report.py?test=/security/contentSecurityPolicy/1.1/report-frame-ancestors-same-origin.html
=== POST DATA ===
@@ -1,10 +1,6 @@
CONSOLE MESSAGE: Refused to load https://localhost:9443/common/blank.html?pipe=header(x-frame-options,%20deny) because it does not appear in the frame-src directive of the Content Security Policy.
CONSOLE MESSAGE: Refused to load https://localhost:9443/common/blank.html because it does not appear in the frame-src directive of the Content Security Policy.
CONSOLE MESSAGE: Refused to load https://localhost:9443/common/blank.html because it does not appear in the frame-src directive of the Content Security Policy.
CONSOLE MESSAGE: Refused to display 'https://localhost:9443/common/blank.html?pipe=header(x-frame-options,%20deny)' in a frame because it set 'X-Frame-Options' to 'deny'.

PASS CSP check precedes X-Frame-Options check
PASS CSP check precedes COEP check - CSP header first
PASS CSP check precedes COEP check - COEP header first
FAIL COEP check precedes X-Frame-Options check assert_equals: expected (string) "coep" but got (object) null
PASS COEP check precedes X-Frame-Options check

@@ -1,3 +1,3 @@

FAIL Prevent local scheme documents from loading within a COEP: require-corp iframe if they inherit COEP: none assert_equals: expected 3 but got 0
FAIL Prevent local scheme documents from loading within a COEP: require-corp iframe if they inherit COEP: none assert_equals: expected 3 but got 1

@@ -1,47 +1,32 @@
CONSOLE MESSAGE: Cancelled load to https://127.0.0.1:9443/common/blank.html?pipe=|header(cross-origin-embedder-policy,require-corp) because it violates the resource's Cross-Origin-Resource-Policy response header.
CONSOLE MESSAGE: Cancelled load to https://127.0.0.1:9443/common/blank.html?pipe=|header(cross-origin-embedder-policy,require-corp) because it violates the resource's Cross-Origin-Resource-Policy response header.
CONSOLE MESSAGE: Cancelled load to https://127.0.0.1:9443/common/blank.html?pipe= because it violates the resource's Cross-Origin-Resource-Policy response header.
CONSOLE MESSAGE: Cancelled load to https://127.0.0.1:9443/common/blank.html?pipe= because it violates the resource's Cross-Origin-Resource-Policy response header.
CONSOLE MESSAGE: Refused to display 'https://127.0.0.1:9443/common/blank.html?pipe=|header(cross-origin-resource-policy,cross-origin)' in a frame because of Cross-Origin-Embedder-Policy.
CONSOLE MESSAGE: Refused to display 'https://127.0.0.1:9443/common/blank.html?pipe=|header(cross-origin-resource-policy,cross-origin)' in a frame because of Cross-Origin-Embedder-Policy.
CONSOLE MESSAGE: Refused to display 'https://127.0.0.1:9443/common/blank.html?pipe=|header(cross-origin-embedder-policy-report-only,require-corp)|header(cross-origin-resource-policy,cross-origin)' in a frame because of Cross-Origin-Embedder-Policy.
CONSOLE MESSAGE: Refused to display 'https://127.0.0.1:9443/common/blank.html?pipe=|header(cross-origin-embedder-policy-report-only,require-corp)|header(cross-origin-resource-policy,cross-origin)' in a frame because of Cross-Origin-Embedder-Policy.
CONSOLE MESSAGE: Refused to load https://127.0.0.1:9443/common/blank.html?pipe=|header(cross-origin-resource-policy,cross-origin)|header(content-security-policy,frame-ancestors%20%27none%27) because it does not appear in the frame-ancestors directive of the Content Security Policy.
CONSOLE MESSAGE: Refused to load https://127.0.0.1:9443/common/blank.html?pipe=|header(cross-origin-resource-policy,cross-origin)|header(content-security-policy,frame-ancestors%20%27none%27) because it does not appear in the frame-ancestors directive of the Content Security Policy.
CONSOLE MESSAGE: Refused to display 'https://127.0.0.1:9443/common/blank.html?pipe=|header(cross-origin-resource-policy,cross-origin)|header(x-frame-options,deny)' in a frame because it set 'X-Frame-Options' to 'deny'.
CONSOLE MESSAGE: Refused to display 'https://127.0.0.1:9443/common/blank.html?pipe=|header(cross-origin-resource-policy,cross-origin)|header(x-frame-options,deny)' in a frame because it set 'X-Frame-Options' to 'deny'.


Harness Error (TIMEOUT), message = null

PASS parent: (none), target: (none), with empty frame: false
PASS parent: (none), target: (none), with empty frame: true
PASS parent: (none), target: |header(cross-origin-embedder-policy,require-corp), with empty frame: false
PASS parent: (none), target: |header(cross-origin-embedder-policy,require-corp), with empty frame: true
TIMEOUT parent: |header(cross-origin-embedder-policy,require-corp), target: |header(cross-origin-embedder-policy,require-corp), with empty frame: false Test timed out
TIMEOUT parent: |header(cross-origin-embedder-policy,require-corp), target: |header(cross-origin-embedder-policy,require-corp), with empty frame: true Test timed out
TIMEOUT parent: |header(cross-origin-embedder-policy,require-corp), target: (none), with empty frame: false Test timed out
TIMEOUT parent: |header(cross-origin-embedder-policy,require-corp), target: (none), with empty frame: true Test timed out
PASS parent: |header(cross-origin-embedder-policy,require-corp), target: |header(cross-origin-embedder-policy,require-corp), with empty frame: false
PASS parent: |header(cross-origin-embedder-policy,require-corp), target: |header(cross-origin-embedder-policy,require-corp), with empty frame: true
PASS parent: |header(cross-origin-embedder-policy,require-corp), target: (none), with empty frame: false
PASS parent: |header(cross-origin-embedder-policy,require-corp), target: (none), with empty frame: true
PASS parent: (none), target: |header(cross-origin-resource-policy,cross-origin), with empty frame: false
PASS parent: (none), target: |header(cross-origin-resource-policy,cross-origin), with empty frame: true
TIMEOUT parent: |header(cross-origin-embedder-policy,require-corp), target: |header(cross-origin-resource-policy,cross-origin), with empty frame: false Test timed out
TIMEOUT parent: |header(cross-origin-embedder-policy,require-corp), target: |header(cross-origin-resource-policy,cross-origin), with empty frame: true Test timed out
PASS parent: |header(cross-origin-embedder-policy,require-corp), target: |header(cross-origin-resource-policy,cross-origin), with empty frame: false
PASS parent: |header(cross-origin-embedder-policy,require-corp), target: |header(cross-origin-resource-policy,cross-origin), with empty frame: true
PASS parent: (none), target: |header(cross-origin-embedder-policy,require-corp)|header(cross-origin-resource-policy,cross-origin), with empty frame: false
PASS parent: (none), target: |header(cross-origin-embedder-policy,require-corp)|header(cross-origin-resource-policy,cross-origin), with empty frame: true
PASS parent: |header(cross-origin-embedder-policy,require-corp), target: |header(cross-origin-embedder-policy,require-corp)|header(cross-origin-resource-policy,cross-origin), with empty frame: false
PASS parent: |header(cross-origin-embedder-policy,require-corp), target: |header(cross-origin-embedder-policy,require-corp)|header(cross-origin-resource-policy,cross-origin), with empty frame: true
TIMEOUT parent: |header(cross-origin-embedder-policy-report-only,require-corp), target: |header(cross-origin-embedder-policy,require-corp), with empty frame: false Test timed out
TIMEOUT parent: |header(cross-origin-embedder-policy-report-only,require-corp), target: |header(cross-origin-embedder-policy,require-corp), with empty frame: true Test timed out
TIMEOUT parent: |header(cross-origin-embedder-policy-report-only,require-corp), target: (none), with empty frame: false Test timed out
TIMEOUT parent: |header(cross-origin-embedder-policy-report-only,require-corp), target: (none), with empty frame: true Test timed out
TIMEOUT parent: |header(cross-origin-embedder-policy-report-only,require-corp), target: |header(cross-origin-resource-policy,cross-origin), with empty frame: false Test timed out
TIMEOUT parent: |header(cross-origin-embedder-policy-report-only,require-corp), target: |header(cross-origin-resource-policy,cross-origin), with empty frame: true Test timed out
PASS parent: |header(cross-origin-embedder-policy-report-only,require-corp), target: |header(cross-origin-embedder-policy,require-corp), with empty frame: false
PASS parent: |header(cross-origin-embedder-policy-report-only,require-corp), target: |header(cross-origin-embedder-policy,require-corp), with empty frame: true
PASS parent: |header(cross-origin-embedder-policy-report-only,require-corp), target: (none), with empty frame: false
PASS parent: |header(cross-origin-embedder-policy-report-only,require-corp), target: (none), with empty frame: true
PASS parent: |header(cross-origin-embedder-policy-report-only,require-corp), target: |header(cross-origin-resource-policy,cross-origin), with empty frame: false
PASS parent: |header(cross-origin-embedder-policy-report-only,require-corp), target: |header(cross-origin-resource-policy,cross-origin), with empty frame: true
PASS parent: |header(cross-origin-embedder-policy-report-only,require-corp), target: |header(cross-origin-embedder-policy,require-corp)|header(cross-origin-resource-policy,cross-origin), with empty frame: false
PASS parent: |header(cross-origin-embedder-policy-report-only,require-corp), target: |header(cross-origin-embedder-policy,require-corp)|header(cross-origin-resource-policy,cross-origin), with empty frame: true
TIMEOUT parent: |header(cross-origin-embedder-policy,require-corp), target: |header(cross-origin-embedder-policy-report-only,require-corp)|header(cross-origin-resource-policy,cross-origin), with empty frame: false Test timed out
TIMEOUT parent: |header(cross-origin-embedder-policy,require-corp), target: |header(cross-origin-embedder-policy-report-only,require-corp)|header(cross-origin-resource-policy,cross-origin), with empty frame: true Test timed out
PASS parent: |header(cross-origin-embedder-policy,require-corp), target: |header(cross-origin-embedder-policy-report-only,require-corp)|header(cross-origin-resource-policy,cross-origin), with empty frame: false
PASS parent: |header(cross-origin-embedder-policy,require-corp), target: |header(cross-origin-embedder-policy-report-only,require-corp)|header(cross-origin-resource-policy,cross-origin), with empty frame: true
PASS parent: |header(cross-origin-embedder-policy,require-corp), target: |header(cross-origin-resource-policy,cross-origin)|header(content-security-policy,frame-ancestors 'none'), with empty frame: false
PASS parent: |header(cross-origin-embedder-policy,require-corp), target: |header(cross-origin-resource-policy,cross-origin)|header(content-security-policy,frame-ancestors 'none'), with empty frame: true
TIMEOUT parent: |header(cross-origin-embedder-policy,require-corp), target: |header(cross-origin-resource-policy,cross-origin)|header(x-frame-options,deny), with empty frame: false Test timed out
TIMEOUT parent: |header(cross-origin-embedder-policy,require-corp), target: |header(cross-origin-resource-policy,cross-origin)|header(x-frame-options,deny), with empty frame: true Test timed out
PASS parent: |header(cross-origin-embedder-policy,require-corp), target: |header(cross-origin-resource-policy,cross-origin)|header(x-frame-options,deny), with empty frame: false
PASS parent: |header(cross-origin-embedder-policy,require-corp), target: |header(cross-origin-resource-policy,cross-origin)|header(x-frame-options,deny), with empty frame: true

@@ -1,30 +1,26 @@
CONSOLE MESSAGE: Cancelled load to https://127.0.0.1:9443/html/cross-origin-embedder-policy/resources/nothing-same-origin-corp.txt because it violates the resource's Cross-Origin-Resource-Policy response header.
CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/html/cross-origin-embedder-policy/resources/nothing-same-origin-corp.txt due to access control checks.
CONSOLE MESSAGE: Cancelled load to https://127.0.0.1:9443/common/text-plain.txt because it violates the resource's Cross-Origin-Resource-Policy response header.
CONSOLE MESSAGE: Fetch API cannot load https://127.0.0.1:9443/common/text-plain.txt due to access control checks.


Harness Error (TIMEOUT), message = null

PASS [document] same-origin
PASS [document] blocked by CORP: same-origin
TIMEOUT [document] blocked due to COEP Test timed out
NOTRUN [document] blocked during redirect
NOTRUN [dedicated worker] same-origin
NOTRUN [dedicated worker] blocked by CORP: same-origin
NOTRUN [dedicated worker] blocked due to COEP
NOTRUN [dedicated worker] blocked during redirect
NOTRUN [shared worker] same-origin
NOTRUN [shared worker] blocked by CORP: same-origin
NOTRUN [shared worker] blocked due to COEP
NOTRUN [shared worker] blocked during redirect
NOTRUN [service worker] same-origin
NOTRUN [service worker] blocked by CORP: same-origin
NOTRUN [service worker] blocked due to COEP
NOTRUN [service worker] blocked during redirect
NOTRUN [between service worker and page] same-origin
NOTRUN [between service worker and page] blocked by CORP: same-origin
NOTRUN [between service worker and page] blocked due to COEP
PASS [document] blocked due to COEP
PASS [document] blocked during redirect
PASS [dedicated worker] same-origin
PASS [dedicated worker] blocked by CORP: same-origin
FAIL [dedicated worker] blocked due to COEP assert_equals: expected 2 but got 0
FAIL [dedicated worker] blocked during redirect assert_equals: expected 2 but got 0
PASS [shared worker] same-origin
PASS [shared worker] blocked by CORP: same-origin
FAIL [shared worker] blocked due to COEP assert_equals: expected 2 but got 0
FAIL [shared worker] blocked during redirect assert_equals: expected 2 but got 0
PASS [service worker] same-origin
PASS [service worker] blocked by CORP: same-origin
FAIL [service worker] blocked due to COEP assert_equals: expected 2 but got 0
FAIL [service worker] blocked during redirect assert_equals: expected 2 but got 0
PASS [between service worker and page] same-origin
PASS [between service worker and page] blocked by CORP: same-origin
TIMEOUT [between service worker and page] blocked due to COEP Test timed out
NOTRUN [between service worker and page] blocked during redirect
NOTRUN destination: script

0 comments on commit 33bacbf

Please sign in to comment.