Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.
Sign upAdd net unit tests that process opaque-filtered response FetchMetadata #25693
Comments
|
I posted this while unaware of .actual_response(); there is no problem. |
bors-servo
added a commit
that referenced
this issue
Feb 11, 2020
Filter file: and about: responses opaquely <!-- Please describe your changes on the following line: --> file: and about: schemes were being treated like data: for cors purposes, when in fact they should have been subject to opaque response filtering. A comment indicated that this was necessary for some CSS tests, but I think the comment was out of date; the only tests depending on the unfiltered responses are unit tests that do not test any CSS functionality. I've updated those tests to now test for the opaque-filtering itself. --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `___` with appropriate data: --> - [x] `./mach build -d` does not report any errors - [x] `./mach test-tidy` does not report any errors - [x] These changes fix #25686 <!-- Either: --> - [X] There are tests for these changes, but also some loss of unit test coverage (#25693) and a newly failing test case (#25692) <!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.--> <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
bors-servo
added a commit
that referenced
this issue
Feb 11, 2020
Filter file: and about: responses opaquely <!-- Please describe your changes on the following line: --> file: and about: schemes were being treated like data: for cors purposes, when in fact they should have been subject to opaque response filtering. A comment indicated that this was necessary for some CSS tests, but I think the comment was out of date; the only tests depending on the unfiltered responses are unit tests that do not test any CSS functionality. I've updated those tests to now test for the opaque-filtering itself. --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `___` with appropriate data: --> - [x] `./mach build -d` does not report any errors - [x] `./mach test-tidy` does not report any errors - [x] These changes fix #25686 <!-- Either: --> - [X] There are tests for these changes, but also some loss of unit test coverage (#25693) and a newly failing test case (#25692) <!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.--> <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
As I write this, the test_fetch_file unit test in net/tests/fetch.rs only works because file: requests aren't having opaque filtering applied to them, which is wrong and a possible security issue. (#25686).
Once that's fixed, we're going to have a gap in unit test coverage, since the unit tests as currently written have no way to peek at the FetchMetadata to see whether file fetches are seeing the correct file contents. An example of non-test code that does this peeking is the ImageContext used by HTMLImageElement, which has to be able to get an image out of a response for layout purposes even if the response is opaque filtered.