From 6a0d040e8e8838c27e723e5d15dfaed9464d4c8f Mon Sep 17 00:00:00 2001 From: Brandon Maslen Date: Tue, 26 May 2020 11:21:35 +0000 Subject: [PATCH] Bug 1637100 [wpt PR 23515] - Update Storage Access API Logic & E2E Tests, a=testonly Automatic update from web-platform-tests Update Storage Access API Logic & E2E Tests This change updates the logic used in the Blink document for document.hasStorageAccess and document.requestStorageAccess. Gates have been added to ensure the proper restrictions such as having a non-opaque origin, sandbox token (if applicable), as well as ensuring that hasStorageAccess reflects the actual state of storage access on the page. Additionally defense in depth logic checks have been added in StorageAccessGrantPermissionContext to shortcut if we get a request for a scenario no grant would be needed. Some additional cleanup is included with this change to remove the temporary usage of CONTENT_SETTING_SESSION in StorageAccessGrantPermissionContext and to ensure all content settings updates will propagate to the network service. A follow up change will ensure this does not result in duplicate updates when we perform our initial update. Browser tests have been added to validate end to end functionality. Bug: 989663 Change-Id: I09fdc115a30a71e341961b385a2e2e05fd161536 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2194905 Reviewed-by: Maksim Orlovich Reviewed-by: Christian Dullweber Reviewed-by: Mike West Reviewed-by: Theresa Reviewed-by: Balazs Engedy Commit-Queue: Brandon Maslen Cr-Commit-Position: refs/heads/master@{#769847} -- wpt-commits: 619f6fa4dff862035b18d9adf721ecf599522ea0 wpt-pr: 23515 --- .../tests/storage-access-api/hasStorageAccess.sub.window.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/testing/web-platform/tests/storage-access-api/hasStorageAccess.sub.window.js b/testing/web-platform/tests/storage-access-api/hasStorageAccess.sub.window.js index b8b9e492d2590..21400e68619a0 100644 --- a/testing/web-platform/tests/storage-access-api/hasStorageAccess.sub.window.js +++ b/testing/web-platform/tests/storage-access-api/hasStorageAccess.sub.window.js @@ -55,7 +55,7 @@ if (topLevelDocument) { RunTestsInIFrame("hasStorageAccess.sub.window.html?testCase=same-origin-frame&rootdocument=false"); // Create a test with a single-child cross-origin iframe. - RunTestsInIFrame("http://{{domains[www]}}:{{ports[http][0]}}/storage-access-api/hasStorageAccess.sub.window.html?testCase=cross-origin-frame&allowed=false&rootdocument=false"); + RunTestsInIFrame("http://{{domains[www]}}:{{ports[http][0]}}/storage-access-api/hasStorageAccess.sub.window.html?testCase=cross-origin-frame&rootdocument=false"); // Validate the nested-iframe scenario where the same-origin frame containing // the tests is not the first child. @@ -63,5 +63,5 @@ if (topLevelDocument) { // Validate the nested-iframe scenario where the cross-origin frame containing // the tests is not the first child. - RunTestsInNestedIFrame("http://{{domains[www]}}:{{ports[http][0]}}/storage-access-api/hasStorageAccess.sub.window.html?testCase=nested-cross-origin-frame&allowed=false&rootdocument=false"); + RunTestsInNestedIFrame("http://{{domains[www]}}:{{ports[http][0]}}/storage-access-api/hasStorageAccess.sub.window.html?testCase=nested-cross-origin-frame&rootdocument=false"); }