Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Bug 1535814 [wpt PR 15782] - [resource-timing] Add TAO null check tes…
…ts and make sure they pass, a=testonly Automatic update from web-platform-tests [resource-timing] Add TAO null check tests and make sure they pass This CL brings in the pending test [1] for a null TAO check and opaque origins, adds another test to make sure only case-sensitive "null" is taken into account, and changes the TAO implementation to actually pass the tests. [1] web-platform-tests/wpt#13507 Change-Id: I1656d5a5cf2a833ada4dc83278eda0a07cec66c7 BUG=940898 Change-Id: I1656d5a5cf2a833ada4dc83278eda0a07cec66c7 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1517653 Commit-Queue: Yoav Weiss <yoavweisschromium.org> Reviewed-by: Nicolás Peña Moreno <npmchromium.org> Cr-Commit-Position: refs/heads/master{#641123} -- wpt-commits: b90e1587455350962c4efc39b7c1bbf588d6ab64 wpt-pr: 15782 UltraBlame original commit: 3d2c191f504c051a25b6d265d1804d9f42d73f62
- Loading branch information
Showing
4 changed files
with
89 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
42 changes: 42 additions & 0 deletions
42
testing/web-platform/tests/resource-timing/TAO-case-insensitive-null-opaque-origin.sub.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
<!DOCTYPE html> | ||
<html> | ||
<head> | ||
<meta charset="utf-8" /> | ||
<title>Resource Timing TAO - "Null" and opaque origin</title> | ||
<link rel="author" title="Google" href="http://www.google.com/" /> | ||
<link rel="help" href="https://www.w3.org/TR/resource-timing-2/#timing-allow-origin"/> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
<script> | ||
|
||
const t = async_test("Test case-insensitive null TAO value with opaque origins"); | ||
window.addEventListener("message", t.step_func_done(e=>{ | ||
assert_equals(e.data, "PASS"); | ||
})); | ||
</script> | ||
</head> | ||
<body> | ||
<h1>Description</h1> | ||
<p>This test validates that for a cross origin resource, the timing allow check algorithm will fail when the value of Timing-Allow-Origin is a case-insensitive match to null and the origin is an opaque origin.</p> | ||
<div id="log"></div> | ||
<iframe id="frameContext"></iframe> | ||
<script> | ||
let frame_content = "data:text/html;utf8,<body>" + | ||
"<script>" + | ||
"const url = '{{location[scheme]}}://{{host}}:{{ports[http][1]}}/resource-timing/resources/TAOResponse.py?tao=Null';" + | ||
"const observe = (list, observer) => {" + | ||
" const entry = list.getEntries()[0];" + | ||
" const sum = entry.redirectStart + entry.redirectEnd + entry.domainLookupStart + entry.domainLookupEnd + entry.connectStart +" + | ||
" entry.connectEnd + entry.secureConnectionStart + entry.requestStart + entry.responseStart + entry.transferSize +" + | ||
" entry.encodedBodySize + entry.decodedBodySize;" + | ||
" const result = sum == 0 ? 'PASS' : 'FAIL';" + | ||
" window.parent.postMessage(result, '*');" + | ||
"};" + | ||
"let observer = new PerformanceObserver(observe);" + | ||
"observer.observe({ entryTypes: ['resource'] });" + | ||
"fetch(url);" + | ||
"</" + "script></body>"; | ||
document.getElementById("frameContext").src = frame_content; | ||
</script> | ||
</body> | ||
</html> |
42 changes: 42 additions & 0 deletions
42
testing/web-platform/tests/resource-timing/TAO-null-opaque-origin.sub.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
<!DOCTYPE html> | ||
<html> | ||
<head> | ||
<meta charset="utf-8" /> | ||
<title>Resource Timing TAO - "null" and opaque origin</title> | ||
<link rel="author" title="Google" href="http://www.google.com/" /> | ||
<link rel="help" href="https://www.w3.org/TR/resource-timing-2/#timing-allow-origin"/> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
<script> | ||
|
||
const t = async_test("Test null TAO value with opaque origins"); | ||
window.addEventListener("message", t.step_func_done(e=>{ | ||
assert_equals(e.data, "PASS"); | ||
})); | ||
</script> | ||
</head> | ||
<body> | ||
<h1>Description</h1> | ||
<p>This test validates that for a cross origin resource, the timing allow check algorithm will succeed when the value of Timing-Allow-Origin is null and the origin is an opaque origin.</p> | ||
<div id="log"></div> | ||
<iframe id="frameContext"></iframe> | ||
<script> | ||
let frame_content = "data:text/html;utf8,<body>" + | ||
"<script>" + | ||
"const url = '{{location[scheme]}}://{{host}}:{{ports[http][1]}}/resource-timing/resources/TAOResponse.py?tao=null';" + | ||
"const observe = (list, observer) => {" + | ||
" const entry = list.getEntries()[0];" + | ||
" const sum = entry.redirectStart + entry.redirectEnd + entry.domainLookupStart + entry.domainLookupEnd + entry.connectStart +" + | ||
" entry.connectEnd + entry.secureConnectionStart + entry.requestStart + entry.responseStart + entry.transferSize +" + | ||
" entry.encodedBodySize + entry.decodedBodySize;" + | ||
" const result = sum != 0 ? 'PASS' : 'FAIL';" + | ||
" window.parent.postMessage(result, '*');" + | ||
"};" + | ||
"let observer = new PerformanceObserver(observe);" + | ||
"observer.observe({ entryTypes: ['resource'] });" + | ||
"fetch(url);" + | ||
"</" + "script></body>"; | ||
document.getElementById("frameContext").src = frame_content; | ||
</script> | ||
</body> | ||
</html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters