-
Notifications
You must be signed in to change notification settings - Fork 54
/
credentials-tests.js
130 lines (117 loc) · 4.93 KB
/
credentials-tests.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
function createCookieValue(settings) {
return settings.credentials + '-' + settings.origin;
}
function createSetCookieURL(settings) {
const params = new URLSearchParams;
params.append('name', 'cookieName');
params.append('value', createCookieValue(settings));
if (settings.origin == 'same') {
return get_host_info().HTTPS_ORIGIN +
'/worklets/resources/set-cookie.py?' + params;
}
if (settings.origin == 'remote') {
return get_host_info().HTTPS_REMOTE_ORIGIN +
'/worklets/resources/set-cookie.py?' + params;
}
assert_unreached('settings.origin has an invalid value.');
}
function createScriptURL(settings) {
const params = new URLSearchParams;
if (settings.expectCredentialsSent)
params.append('value', createCookieValue(settings));
if (settings.origin == 'same') {
return get_host_info().HTTPS_ORIGIN +
'/worklets/resources/credentials.py?' + params;
}
if (settings.origin == 'remote') {
return get_host_info().HTTPS_REMOTE_ORIGIN +
'/worklets/resources/credentials.py?' + params;
}
assert_unreached('settings.origin has an invalid value.');
}
function createWorkletOptions(settings) {
if (settings.credentials == '')
return {};
return { credentials: settings.credentials };
}
// Run a credentials test with the given settings.
//
// Example:
// settings = {
// workletType: 'paint',
// credentials: 'include',
// origin: 'same', // 'same' or 'remote'
// expectCredentialsSent: true
// };
function runCredentialsTest(settings) {
const worklet = get_worklet(settings.workletType);
const setCookieURL = createSetCookieURL(settings);
const scriptURL = createScriptURL(settings);
const options = createWorkletOptions(settings);
// { credentials: 'include' } is necessary for configuring document's cookies
// with the Set-Cookie: header of the response.
return fetch(setCookieURL, { mode: 'cors', credentials: 'include' })
.then(response => worklet.addModule(scriptURL, options));
}
// Runs a series of tests related to credentials on a worklet.
//
// Usage:
// runCredentialsTests("paint");
function runCredentialsTests(worklet_type) {
promise_test(() => {
return runCredentialsTest({ workletType: worklet_type,
credentials: '',
origin: 'same',
expectCredentialsSent: true });
}, 'Importing a same-origin script with the default WorkletOptions should ' +
'send the credentials');
promise_test(() => {
return runCredentialsTest({ workletType: worklet_type,
credentials: '',
origin: 'remote',
expectCredentialsSent: false });
}, 'Importing a remote-origin script with the default WorkletOptions ' +
'should not send the credentials');
promise_test(() => {
return runCredentialsTest({ workletType: worklet_type,
credentials: 'omit',
origin: 'same',
expectCredentialsSent: false });
}, 'Importing a same-origin script with credentials=omit should not send ' +
'the credentials');
promise_test(() => {
return runCredentialsTest({ workletType: worklet_type,
credentials: 'omit',
origin: 'remote',
expectCredentialsSent: false });
}, 'Importing a remote-origin script with credentials=omit should not send ' +
'the credentials');
promise_test(() => {
return runCredentialsTest({ workletType: worklet_type,
credentials: 'same-origin',
origin: 'same',
expectCredentialsSent: true });
}, 'Importing a same-origin script with credentials=same-origin should ' +
'send the credentials');
promise_test(() => {
return runCredentialsTest({ workletType: worklet_type,
credentials: 'same-origin',
origin: 'remote',
expectCredentialsSent: false });
}, 'Importing a remote-origin script with credentials=same-origin should ' +
'not send the credentials');
promise_test(() => {
return runCredentialsTest({ workletType: worklet_type,
credentials: 'include',
origin: 'same',
expectCredentialsSent: true });
}, 'Importing a same-origin script with credentials=include should send ' +
'the credentials');
promise_test(() => {
return runCredentialsTest({ workletType: worklet_type,
credentials: 'include',
origin: 'remote',
expectCredentialsSent: true });
}, 'Importing a remote-origin script with credentials=include should ' +
'send the credentials');
}