Support CORS preflight for fetch keepalive and sendBeacon

This is enabled only when Out-of-Renderer CORS is enabled. Bug: 835821, 724929, 876678, 876670, 876669, 876668, 876666, 848275 Change-Id: Ia6a3553797007f9bb905de8b84d39ec7b2370d1b Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2011786 Commit-Queue: Yutaka Hirano <yhirano@chromium.org> Reviewed-by: Yoav Weiss <yoavweiss@chromium.org> Cr-Commit-Position: refs/heads/master@{#733915}

Support CORS preflight for fetch keepalive and sendBeacon
This is enabled only when Out-of-Renderer CORS is enabled. Bug: 835821, 724929, 876678, 876670, 876669, 876668, 876666, 848275 Change-Id: Ia6a3553797007f9bb905de8b84d39ec7b2370d1b Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2011786 Commit-Queue: Yutaka Hirano <yhirano@chromium.org> Reviewed-by: Yoav Weiss <yoavweiss@chromium.org> Cr-Commit-Position: refs/heads/master@{#733915}
26d70b36 · Yutaka Hirano · Commit Bot · dca4060d · 26d70b36 · 26d70b36
Commit 26d70b36 authored Jan 22, 2020 by Yutaka Hirano Committed by Commit Bot Jan 22, 2020
13 changed files
--- a/third_party/blink/renderer/core/fetch/fetch_manager.cc
+++ b/third_party/blink/renderer/core/fetch/fetch_manager.cc
@@ -55,6 +55,7 @@
 #include "third_party/blink/renderer/platform/loader/subresource_integrity.h"
 #include "third_party/blink/renderer/platform/network/http_names.h"
 #include "third_party/blink/renderer/platform/network/network_utils.h"
+#include "third_party/blink/renderer/platform/runtime_enabled_features.h"
 #include "third_party/blink/renderer/platform/weborigin/kurl.h"
 #include "third_party/blink/renderer/platform/weborigin/scheme_registry.h"
 #include "third_party/blink/renderer/platform/weborigin/security_origin.h"
@@ -763,7 +764,8 @@ void FetchManager::Loader::PerformHTTPFetch(ExceptionState& exception_state) {
  request.SetSkipServiceWorker(is_isolated_world_);

  if (fetch_request_data_->Keepalive()) {
-    if (cors::IsCorsEnabledRequestMode(fetch_request_data_->Mode()) &&
+    if (!RuntimeEnabledFeatures::OutOfBlinkCorsEnabled() &&
+        cors::IsCorsEnabledRequestMode(fetch_request_data_->Mode()) &&
        (!cors::IsCorsSafelistedMethod(request.HttpMethod()) ||
         !cors::ContainsOnlyCorsSafelistedOrForbiddenHeaders(
             request.HttpHeaderFields()))) {

--- a/third_party/blink/renderer/modules/beacon/navigator_beacon.cc
+++ b/third_party/blink/renderer/modules/beacon/navigator_beacon.cc
@@ -17,6 +17,7 @@
 #include "third_party/blink/renderer/platform/bindings/script_state.h"
 #include "third_party/blink/renderer/platform/instrumentation/use_counter.h"
 #include "third_party/blink/renderer/platform/loader/cors/cors.h"
+#include "third_party/blink/renderer/platform/runtime_enabled_features.h"

 namespace blink {

@@ -99,7 +100,8 @@ bool NavigatorBeacon::SendBeaconImpl(
        PingLoader::SendBeacon(GetSupplementable()->GetFrame(), url, data_view);
  } else if (data.IsBlob()) {
    Blob* blob = data.GetAsBlob();
-    if (!cors::IsCorsSafelistedContentType(blob->type())) {
+    if (!RuntimeEnabledFeatures::OutOfBlinkCorsEnabled() &&
+        !cors::IsCorsSafelistedContentType(blob->type())) {
      UseCounter::Count(context,
                        WebFeature::kSendBeaconWithNonSimpleContentType);
      if (RuntimeEnabledFeatures::

--- a/third_party/blink/web_tests/FlagExpectations/disable-features=OutOfBlinkCors
+++ b/third_party/blink/web_tests/FlagExpectations/disable-features=OutOfBlinkCors
@@ -49,3 +49,13 @@ crbug.com/870173 virtual/cache-storage-high-priority-match/external/wpt/service-
 crbug.com/870173 virtual/cache-storage-sequence/external/wpt/service-workers/service-worker/fetch-request-xhr.https.html [ Failure ]
 crbug.com/870173 virtual/omt-service-worker-startup/external/wpt/service-workers/service-worker/fetch-request-xhr.https.html [ Failure ]
 crbug.com/870173 virtual/omt-worker-fetch/external/wpt/service-workers/service-worker/fetch-request-xhr.https.html [ Failure ]
+
+# preflight support for fetch keepalive and sendBeacon is only for OOR-CORS.
+crbug.com/835821 external/wpt/beacon/beacon-basic-blob.html [ Failure ]
+crbug.com/835821 external/wpt/beacon/beacon-basic-blobMax.html [ Failure ]
+crbug.com/835821 external/wpt/beacon/beacon-cors.sub.window.html [ Failure ]
+crbug.com/835821 external/wpt/beacon/beacon-navigate.html [ Failure ]
+crbug.com/835821 external/wpt/beacon/beacon-redirect.window.html [ Failure ]
+crbug.com/835821 external/wpt/fetch/api/basic/keepalive.html [ Failure ]
+crbug.com/835821 http/tests/sendbeacon/beacon-blob-with-non-simple-type.html [ Failure ]
+crbug.com/835821 virtual/stable/http/tests/sendbeacon/beacon-blob-with-non-simple-type.html [ Failure ]
--- a/third_party/blink/web_tests/external/wpt/beacon/beacon-basic-blob-expected.txt
+++ b/third_party/blink/web_tests/external/wpt/beacon/beacon-basic-blob-expected.txt
-This is a testharness.js-based test.
-FAIL Verify 'navigator.sendbeacon()' successfully sends for variant: EmptyBlob Failed to execute 'sendBeacon' on 'Navigator': sendBeacon() with a Blob whose type is not any of the CORS-safelisted values for the Content-Type request header is disabled temporarily. See http://crbug.com/490015 for details.
-FAIL Verify 'navigator.sendbeacon()' successfully sends for variant: SmallBlob Failed to execute 'sendBeacon' on 'Navigator': sendBeacon() with a Blob whose type is not any of the CORS-safelisted values for the Content-Type request header is disabled temporarily. See http://crbug.com/490015 for details.
-FAIL Verify 'navigator.sendbeacon()' successfully sends for variant: MediumBlob Failed to execute 'sendBeacon' on 'Navigator': sendBeacon() with a Blob whose type is not any of the CORS-safelisted values for the Content-Type request header is disabled temporarily. See http://crbug.com/490015 for details.
-FAIL Verify 'navigator.sendbeacon()' successfully sends for variant: LargeBlob Failed to execute 'sendBeacon' on 'Navigator': sendBeacon() with a Blob whose type is not any of the CORS-safelisted values for the Content-Type request header is disabled temporarily. See http://crbug.com/490015 for details.
-Harness: the test ran to completion.
-
--- a/third_party/blink/web_tests/external/wpt/beacon/beacon-basic-blobMax-expected.txt
+++ b/third_party/blink/web_tests/external/wpt/beacon/beacon-basic-blobMax-expected.txt
-This is a testharness.js-based test.
-FAIL Verify 'navigator.sendbeacon()' successfully sends for variant: MaxBlob Failed to execute 'sendBeacon' on 'Navigator': sendBeacon() with a Blob whose type is not any of the CORS-safelisted values for the Content-Type request header is disabled temporarily. See http://crbug.com/490015 for details.
-Harness: the test ran to completion.
-
--- a/third_party/blink/web_tests/external/wpt/beacon/beacon-cors.sub.window-expected.txt
+++ b/third_party/blink/web_tests/external/wpt/beacon/beacon-cors.sub.window-expected.txt
-This is a testharness.js-based test.
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: NoData-CORS-ALLOW
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: NullData-CORS-ALLOW
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: UndefinedData-CORS-ALLOW
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallString-CORS-ALLOW
-FAIL Verify 'navigator.sendbeacon()' successfully sends for variant: SmallBlob-CORS-ALLOW Failed to execute 'sendBeacon' on 'Navigator': sendBeacon() with a Blob whose type is not any of the CORS-safelisted values for the Content-Type request header is disabled temporarily. See http://crbug.com/490015 for details.
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallBufferSource-CORS-ALLOW
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallFormData-CORS-ALLOW
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallSafeContentTypeEncoded-CORS-ALLOW
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallSafeContentTypeForm-CORS-ALLOW
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallSafeContentTypeText-CORS-ALLOW
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: NoData-CORS-FORBID
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: NullData-CORS-FORBID
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: UndefinedData-CORS-FORBID
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallString-CORS-FORBID
-FAIL Verify 'navigator.sendbeacon()' successfully sends for variant: SmallBlob-CORS-FORBID Failed to execute 'sendBeacon' on 'Navigator': sendBeacon() with a Blob whose type is not any of the CORS-safelisted values for the Content-Type request header is disabled temporarily. See http://crbug.com/490015 for details.
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallBufferSource-CORS-FORBID
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallFormData-CORS-FORBID
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallSafeContentTypeEncoded-CORS-FORBID
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallSafeContentTypeForm-CORS-FORBID
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallSafeContentTypeText-CORS-FORBID
-FAIL Verify 'navigator.sendbeacon()' successfully sends for variant: SmallCORSContentTypeText-PREFLIGHT-ALLOW Failed to execute 'sendBeacon' on 'Navigator': sendBeacon() with a Blob whose type is not any of the CORS-safelisted values for the Content-Type request header is disabled temporarily. See http://crbug.com/490015 for details.
-Harness: the test ran to completion.
-
--- a/third_party/blink/web_tests/external/wpt/beacon/beacon-navigate-expected.txt
+++ b/third_party/blink/web_tests/external/wpt/beacon/beacon-navigate-expected.txt
-This is a testharness.js-based test.
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: NoData-NAVIGATE
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: NullData-NAVIGATE
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: UndefinedData-NAVIGATE
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallString-NAVIGATE
-FAIL Verify 'navigator.sendbeacon()' successfully sends for variant: SmallBlob-NAVIGATE Failed to execute 'sendBeacon' on 'Navigator': sendBeacon() with a Blob whose type is not any of the CORS-safelisted values for the Content-Type request header is disabled temporarily. See http://crbug.com/490015 for details.
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallBufferSource-NAVIGATE
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallFormData-NAVIGATE
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallSafeContentTypeEncoded-NAVIGATE
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallSafeContentTypeForm-NAVIGATE
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallSafeContentTypeText-NAVIGATE
-Harness: the test ran to completion.
-
--- a/third_party/blink/web_tests/external/wpt/beacon/beacon-redirect.window-expected.txt
+++ b/third_party/blink/web_tests/external/wpt/beacon/beacon-redirect.window-expected.txt
-This is a testharness.js-based test.
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: NoData-307
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: NullData-307
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: UndefinedData-307
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallString-307
-FAIL Verify 'navigator.sendbeacon()' successfully sends for variant: SmallBlob-307 Failed to execute 'sendBeacon' on 'Navigator': sendBeacon() with a Blob whose type is not any of the CORS-safelisted values for the Content-Type request header is disabled temporarily. See http://crbug.com/490015 for details.
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallBufferSource-307
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallFormData-307
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallSafeContentTypeEncoded-307
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallSafeContentTypeForm-307
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallSafeContentTypeText-307
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: NoData-308
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: NullData-308
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: UndefinedData-308
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallString-308
-FAIL Verify 'navigator.sendbeacon()' successfully sends for variant: SmallBlob-308 Failed to execute 'sendBeacon' on 'Navigator': sendBeacon() with a Blob whose type is not any of the CORS-safelisted values for the Content-Type request header is disabled temporarily. See http://crbug.com/490015 for details.
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallBufferSource-308
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallFormData-308
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallSafeContentTypeEncoded-308
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallSafeContentTypeForm-308
-PASS Verify 'navigator.sendbeacon()' successfully sends for variant: SmallSafeContentTypeText-308
-Harness: the test ran to completion.
-
--- a/third_party/blink/web_tests/external/wpt/fetch/api/basic/keepalive.html
+++ b/third_party/blink/web_tests/external/wpt/fetch/api/basic/keepalive.html
@@ -7,25 +7,85 @@
 <script src="/common/get-host-info.sub.js"></script>
 <body>
 <script>
+function getUrl(origin1, origin2, withHeaders) {
+  const frameOrigin = host_info.HTTP_NOTSAMESITE_ORIGIN;
+  return `${frameOrigin}/fetch/api/resources/keepalive-iframe.html?` +
+    `origin1=${origin1}&` +
+    `origin2=${origin2}&` +
+    (withHeaders ? `with-headers` : ``);
+}
+
+async function getToken() {
+  return new Promise((resolve) => {
+    window.addEventListener('message', (event) => {
+      resolve(event.data);
+    }, {once: true});
+  });
+}
+
+async function queryToken(token) {
+  const response = await fetch(`../resources/stash-take.py?key=${token}`);
+  const json = await response.json();
+  return json;
+}
+
+// In order to parallelize the work, we are going to have an async_test
+// for the rest of the work. Note that we want the serialized behavior
+// for the steps so far, so we don't want to make the entire test case
+// an async_test.
+function checkToken(testName, token) {
+  async_test((test) => {
+    new Promise((resolve) => test.step_timeout(resolve, 1000)).then(() => {
+      return queryToken(token);
+    }).then((result) => {
+      assert_equals(result, 'on');
+    }).then(() => {
+      test.done();
+    }).catch(test.step_func((e) => {
+      assert_unreached(e);
+    }));
+  }, testName);
+}
+
 const host_info = get_host_info();
 promise_test(async (test) => {
  const iframe = document.createElement('iframe');
-  iframe.src = host_info.HTTP_REMOTE_ORIGIN +
-    '/fetch/api/resources/keepalive-iframe.html';
+  iframe.src = getUrl('', '', false);
  document.body.appendChild(iframe);
-  const uuid_promise = new Promise((resolve) => {
-    window.addEventListener('message', (event) => {
-      resolve(event.data);
-    });
-  });
+  const tokenPromise = getToken();
  await (new Promise((resolve) => iframe.addEventListener('load', resolve)));
-  const uuid = await uuid_promise;
+  const token = await tokenPromise;
  iframe.remove();
-  await (new Promise((resolve) => test.step_timeout(resolve, 1000)));
-  const response = await fetch(`../resources/stash-take.py?key=${uuid}`);
-  const json = await response.json();
-  assert_equals(json, 'on');
-});
+
+  checkToken('same-origin', token);
+}, 'same-origin; setting up');
+
+promise_test(async (test) => {
+  const iframe = document.createElement('iframe');
+  iframe.src = getUrl(host_info.HTTP_REMOTE_ORIGIN,
+                      host_info.HTTP_REMOTE_ORIGIN_WITH_DIFFERENT_PORT, false);
+  document.body.appendChild(iframe);
+  const tokenPromise = getToken();
+  await (new Promise((resolve) => iframe.addEventListener('load', resolve)));
+  const token = await tokenPromise;
+  iframe.remove();
+
+  checkToken('cross-origin redirect', token);
+}, 'cross-origin redirect; setting up');
+
+promise_test(async (test) => {
+  const iframe = document.createElement('iframe');
+  iframe.src = getUrl(host_info.HTTP_REMOTE_ORIGIN,
+                      host_info.HTTP_REMOTE_ORIGIN_WITH_DIFFERENT_PORT, true);
+  document.body.appendChild(iframe);
+  const tokenPromise = getToken();
+  await (new Promise((resolve) => iframe.addEventListener('load', resolve)));
+  const token = await tokenPromise;
+  iframe.remove();
+
+  checkToken('cross-origin redirect with preflight', token);
+}, 'cross-origin redirect with preflight; setting up');
+
 </script>
 </body>
 </html>
--- a/third_party/blink/web_tests/external/wpt/fetch/api/resources/keepalive-iframe.html
+++ b/third_party/blink/web_tests/external/wpt/fetch/api/resources/keepalive-iframe.html
@@ -2,16 +2,24 @@
 <html>
 <meta charset="utf-8">
 <script src="/common/utils.js"></script>
+<script src="/common/get-host-info.sub.js"></script>
 <script>
-const uuid = token();
-const URL =
-    `../resources/redirect.py?` +
-    `delay=100&` +
-    `location=../resources/stash-put.py?key=${uuid}%26value=on`;
+const SEARCH_PARAMS = new URL(location.href).searchParams;
+const ORIGIN1 = SEARCH_PARAMS.get('origin1') || '';
+const ORIGIN2 = SEARCH_PARAMS.get('origin2') || '';
+const WITH_HEADERS = !!SEARCH_PARAMS.has('with-headers');
+const TOKEN = token();
+
+const url =
+    `${ORIGIN1}/fetch/api/resources/redirect.py?` +
+    `delay=500&` +
+    `allow_headers=foo&` +
+    `location=${ORIGIN2}/fetch/api/resources/stash-put.py?key=${TOKEN}%26value=on`;

 addEventListener('load', () => {
-  let p = fetch(URL, {keepalive: true});
-  window.parent.postMessage(uuid, '*');
+  const headers = WITH_HEADERS ? {'foo': 'bar'} : undefined;
+  let p = fetch(url, {keepalive: true, headers});
+  window.parent.postMessage(TOKEN, '*');
 });
 </script>
 </html>
--- a/third_party/blink/web_tests/external/wpt/fetch/api/resources/stash-put.py
+++ b/third_party/blink/web_tests/external/wpt/fetch/api/resources/stash-put.py
 def main(request, response):
+    if request.method == 'OPTIONS':
+        # CORS preflight
+        response.headers.set('Access-Control-Allow-Origin', '*')
+        response.headers.set('Access-Control-Allow-Methods', '*')
+        response.headers.set('Access-Control-Allow-Headers', '*')
+        return 'done'
+
    url_dir = '/'.join(request.url_parts.path.split('/')[:-1]) + '/'
    key = request.GET.first("key")
    value = request.GET.first("value")

--- a/third_party/blink/web_tests/http/tests/fetch/chromium/keepalive-preflight.html
+++ b/third_party/blink/web_tests/http/tests/fetch/chromium/keepalive-preflight.html
-<!doctype html>
-<html>
-<script src="/resources/testharness.js"></script>
-<script src="/resources/testharnessreport.js"></script>
-<script>
-promise_test((t) => {
-    const method = 'X';
-    const keepalive = true;
-    return promise_rejects(t, TypeError(), fetch('/', {method, keepalive}),
-        'keepalive with non-simple request');
-  }, 'keepalive: we do not support non-simple requests at this time');
-</script>
-</html>
--- a/third_party/blink/web_tests/http/tests/sendbeacon/beacon-blob-with-non-simple-type.html
+++ b/third_party/blink/web_tests/http/tests/sendbeacon/beacon-blob-with-non-simple-type.html
@@ -3,12 +3,7 @@
 <script src="/js-test-resources/testharnessreport.js"></script>
 <script>
 test(() => {
-  assert_throws(
-      'SecurityError',
-      () => {
-        navigator.sendBeacon("/",
-                             new Blob(["X"], {type: "image/png"}));
-      });
+  assert_true(navigator.sendBeacon("/", new Blob(["X"], {type: "image/png"})));
 }, "navigator.sendBeacon() to a cross-origin target with a Blob body with " +
-    "non-simple type should throw.");
+   "non-simple type should not throw.");
 </script>