WebSocket: don't check the restricted port list synchronously

In 2017 the HTML standard changed to no longer check the bad port list
synchronously in the WebSocket constructor, instead relying on the
lower-level check in Fetch to cause an asynchronous failure.

Safari is now implementing
this (https://github.com/web-platform-tests/wpt/pull/26392#issuecomment-722593477),
so update our implementation to match.

BUG=705534

Change-Id: I29c35fa2307a1215d5f382f86ca97bbfd17aba2e
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2521874Reviewed-by: Yoichi Osato <yoichio@chromium.org>
Commit-Queue: Adam Rice <ricea@chromium.org>
Cr-Commit-Position: refs/heads/master@{#824747}

third_party/blink/renderer/modules/websockets/dom_websocket_test.cc

@@ -146,19 +146,6 @@ TEST(DOMWebSocketTest, connectToURLHavingFragmentIdentifier) {
   EXPECT_EQ(DOMWebSocket::kClosed, websocket_scope.Socket().readyState());
 }
 
-TEST(DOMWebSocketTest, invalidPort) {
-  V8TestingScope scope;
-  DOMWebSocketTestScope websocket_scope(scope.GetExecutionContext());
-  websocket_scope.Socket().Connect("ws://example.com:7", Vector<String>(),
-                                   scope.GetExceptionState());
-
-  EXPECT_TRUE(scope.GetExceptionState().HadException());
-  EXPECT_EQ(DOMExceptionCode::kSecurityError,
-            scope.GetExceptionState().CodeAs<DOMExceptionCode>());
-  EXPECT_EQ("The port 7 is not allowed.", scope.GetExceptionState().Message());
-  EXPECT_EQ(DOMWebSocket::kClosed, websocket_scope.Socket().readyState());
-}
-
 // FIXME: Add a test for Content Security Policy.
 
 TEST(DOMWebSocketTest, invalidSubprotocols) {

third_party/blink/renderer/modules/websockets/websocket_common.cc

@@ -16,7 +16,6 @@
 #include "third_party/blink/renderer/modules/websockets/websocket_channel.h"
 #include "third_party/blink/renderer/platform/bindings/exception_state.h"
 #include "third_party/blink/renderer/platform/instrumentation/use_counter.h"
-#include "third_party/blink/renderer/platform/weborigin/known_ports.h"
 #include "third_party/blink/renderer/platform/weborigin/security_origin.h"
 #include "third_party/blink/renderer/platform/wtf/assertions.h"
 #include "third_party/blink/renderer/platform/wtf/text/string_builder.h"
@@ -80,13 +79,6 @@ WebSocketCommon::ConnectResult WebSocketCommon::Connect(
     return ConnectResult::kException;
   }
 
-  if (!IsPortAllowedForScheme(url_)) {
-    state_ = kClosed;
-    exception_state.ThrowSecurityError(
-        "The port " + String::Number(url_.Port()) + " is not allowed.");
-    return ConnectResult::kException;
-  }
-
   if (!execution_context->GetContentSecurityPolicyForCurrentWorld()
            ->AllowConnectToSource(url_, url_, RedirectStatus::kNoRedirect)) {
     state_ = kClosed;

third_party/blink/web_tests/external/wpt/websockets/Create-blocked-port.any-expected.txt

-This is a testharness.js-based test.
-Found 68 tests; 1 PASS, 67 FAIL, 0 TIMEOUT, 0 NOTRUN.
-PASS Basic check
-FAIL WebSocket blocked port test 1 Failed to construct 'WebSocket': The port 1 is not allowed.
-FAIL WebSocket blocked port test 7 Failed to construct 'WebSocket': The port 7 is not allowed.
-FAIL WebSocket blocked port test 9 Failed to construct 'WebSocket': The port 9 is not allowed.
-FAIL WebSocket blocked port test 11 Failed to construct 'WebSocket': The port 11 is not allowed.
-FAIL WebSocket blocked port test 13 Failed to construct 'WebSocket': The port 13 is not allowed.
-FAIL WebSocket blocked port test 15 Failed to construct 'WebSocket': The port 15 is not allowed.
-FAIL WebSocket blocked port test 17 Failed to construct 'WebSocket': The port 17 is not allowed.
-FAIL WebSocket blocked port test 19 Failed to construct 'WebSocket': The port 19 is not allowed.
-FAIL WebSocket blocked port test 20 Failed to construct 'WebSocket': The port 20 is not allowed.
-FAIL WebSocket blocked port test 21 Failed to construct 'WebSocket': The port 21 is not allowed.
-FAIL WebSocket blocked port test 22 Failed to construct 'WebSocket': The port 22 is not allowed.
-FAIL WebSocket blocked port test 23 Failed to construct 'WebSocket': The port 23 is not allowed.
-FAIL WebSocket blocked port test 25 Failed to construct 'WebSocket': The port 25 is not allowed.
-FAIL WebSocket blocked port test 37 Failed to construct 'WebSocket': The port 37 is not allowed.
-FAIL WebSocket blocked port test 42 Failed to construct 'WebSocket': The port 42 is not allowed.
-FAIL WebSocket blocked port test 43 Failed to construct 'WebSocket': The port 43 is not allowed.
-FAIL WebSocket blocked port test 53 Failed to construct 'WebSocket': The port 53 is not allowed.
-FAIL WebSocket blocked port test 77 Failed to construct 'WebSocket': The port 77 is not allowed.
-FAIL WebSocket blocked port test 79 Failed to construct 'WebSocket': The port 79 is not allowed.
-FAIL WebSocket blocked port test 87 Failed to construct 'WebSocket': The port 87 is not allowed.
-FAIL WebSocket blocked port test 95 Failed to construct 'WebSocket': The port 95 is not allowed.
-FAIL WebSocket blocked port test 101 Failed to construct 'WebSocket': The port 101 is not allowed.
-FAIL WebSocket blocked port test 102 Failed to construct 'WebSocket': The port 102 is not allowed.
-FAIL WebSocket blocked port test 103 Failed to construct 'WebSocket': The port 103 is not allowed.
-FAIL WebSocket blocked port test 104 Failed to construct 'WebSocket': The port 104 is not allowed.
-FAIL WebSocket blocked port test 109 Failed to construct 'WebSocket': The port 109 is not allowed.
-FAIL WebSocket blocked port test 110 Failed to construct 'WebSocket': The port 110 is not allowed.
-FAIL WebSocket blocked port test 111 Failed to construct 'WebSocket': The port 111 is not allowed.
-FAIL WebSocket blocked port test 113 Failed to construct 'WebSocket': The port 113 is not allowed.
-FAIL WebSocket blocked port test 115 Failed to construct 'WebSocket': The port 115 is not allowed.
-FAIL WebSocket blocked port test 117 Failed to construct 'WebSocket': The port 117 is not allowed.
-FAIL WebSocket blocked port test 119 Failed to construct 'WebSocket': The port 119 is not allowed.
-FAIL WebSocket blocked port test 123 Failed to construct 'WebSocket': The port 123 is not allowed.
-FAIL WebSocket blocked port test 135 Failed to construct 'WebSocket': The port 135 is not allowed.
-FAIL WebSocket blocked port test 139 Failed to construct 'WebSocket': The port 139 is not allowed.
-FAIL WebSocket blocked port test 143 Failed to construct 'WebSocket': The port 143 is not allowed.
-FAIL WebSocket blocked port test 179 Failed to construct 'WebSocket': The port 179 is not allowed.
-FAIL WebSocket blocked port test 389 Failed to construct 'WebSocket': The port 389 is not allowed.
-FAIL WebSocket blocked port test 427 Failed to construct 'WebSocket': The port 427 is not allowed.
-FAIL WebSocket blocked port test 465 Failed to construct 'WebSocket': The port 465 is not allowed.
-FAIL WebSocket blocked port test 512 Failed to construct 'WebSocket': The port 512 is not allowed.
-FAIL WebSocket blocked port test 513 Failed to construct 'WebSocket': The port 513 is not allowed.
-FAIL WebSocket blocked port test 514 Failed to construct 'WebSocket': The port 514 is not allowed.
-FAIL WebSocket blocked port test 515 Failed to construct 'WebSocket': The port 515 is not allowed.
-FAIL WebSocket blocked port test 526 Failed to construct 'WebSocket': The port 526 is not allowed.
-FAIL WebSocket blocked port test 530 Failed to construct 'WebSocket': The port 530 is not allowed.
-FAIL WebSocket blocked port test 531 Failed to construct 'WebSocket': The port 531 is not allowed.
-FAIL WebSocket blocked port test 532 Failed to construct 'WebSocket': The port 532 is not allowed.
-FAIL WebSocket blocked port test 540 Failed to construct 'WebSocket': The port 540 is not allowed.
-FAIL WebSocket blocked port test 548 Failed to construct 'WebSocket': The port 548 is not allowed.
-FAIL WebSocket blocked port test 556 Failed to construct 'WebSocket': The port 556 is not allowed.
-FAIL WebSocket blocked port test 563 Failed to construct 'WebSocket': The port 563 is not allowed.
-FAIL WebSocket blocked port test 587 Failed to construct 'WebSocket': The port 587 is not allowed.
-FAIL WebSocket blocked port test 601 Failed to construct 'WebSocket': The port 601 is not allowed.
-FAIL WebSocket blocked port test 636 Failed to construct 'WebSocket': The port 636 is not allowed.
-FAIL WebSocket blocked port test 993 Failed to construct 'WebSocket': The port 993 is not allowed.
-FAIL WebSocket blocked port test 995 Failed to construct 'WebSocket': The port 995 is not allowed.
-FAIL WebSocket blocked port test 2049 Failed to construct 'WebSocket': The port 2049 is not allowed.
-FAIL WebSocket blocked port test 3659 Failed to construct 'WebSocket': The port 3659 is not allowed.
-FAIL WebSocket blocked port test 4045 Failed to construct 'WebSocket': The port 4045 is not allowed.
-FAIL WebSocket blocked port test 6000 Failed to construct 'WebSocket': The port 6000 is not allowed.
-FAIL WebSocket blocked port test 6665 Failed to construct 'WebSocket': The port 6665 is not allowed.
-FAIL WebSocket blocked port test 6666 Failed to construct 'WebSocket': The port 6666 is not allowed.
-FAIL WebSocket blocked port test 6667 Failed to construct 'WebSocket': The port 6667 is not allowed.
-FAIL WebSocket blocked port test 6668 Failed to construct 'WebSocket': The port 6668 is not allowed.
-FAIL WebSocket blocked port test 6669 Failed to construct 'WebSocket': The port 6669 is not allowed.
-FAIL WebSocket blocked port test 6697 Failed to construct 'WebSocket': The port 6697 is not allowed.
-Harness: the test ran to completion.
-

third_party/blink/web_tests/external/wpt/websockets/Create-blocked-port.any.worker-expected.txt

-This is a testharness.js-based test.
-Found 68 tests; 1 PASS, 67 FAIL, 0 TIMEOUT, 0 NOTRUN.
-PASS Basic check
-FAIL WebSocket blocked port test 1 Failed to construct 'WebSocket': The port 1 is not allowed.
-FAIL WebSocket blocked port test 7 Failed to construct 'WebSocket': The port 7 is not allowed.
-FAIL WebSocket blocked port test 9 Failed to construct 'WebSocket': The port 9 is not allowed.
-FAIL WebSocket blocked port test 11 Failed to construct 'WebSocket': The port 11 is not allowed.
-FAIL WebSocket blocked port test 13 Failed to construct 'WebSocket': The port 13 is not allowed.
-FAIL WebSocket blocked port test 15 Failed to construct 'WebSocket': The port 15 is not allowed.
-FAIL WebSocket blocked port test 17 Failed to construct 'WebSocket': The port 17 is not allowed.
-FAIL WebSocket blocked port test 19 Failed to construct 'WebSocket': The port 19 is not allowed.
-FAIL WebSocket blocked port test 20 Failed to construct 'WebSocket': The port 20 is not allowed.
-FAIL WebSocket blocked port test 21 Failed to construct 'WebSocket': The port 21 is not allowed.
-FAIL WebSocket blocked port test 22 Failed to construct 'WebSocket': The port 22 is not allowed.
-FAIL WebSocket blocked port test 23 Failed to construct 'WebSocket': The port 23 is not allowed.
-FAIL WebSocket blocked port test 25 Failed to construct 'WebSocket': The port 25 is not allowed.
-FAIL WebSocket blocked port test 37 Failed to construct 'WebSocket': The port 37 is not allowed.
-FAIL WebSocket blocked port test 42 Failed to construct 'WebSocket': The port 42 is not allowed.
-FAIL WebSocket blocked port test 43 Failed to construct 'WebSocket': The port 43 is not allowed.
-FAIL WebSocket blocked port test 53 Failed to construct 'WebSocket': The port 53 is not allowed.
-FAIL WebSocket blocked port test 77 Failed to construct 'WebSocket': The port 77 is not allowed.
-FAIL WebSocket blocked port test 79 Failed to construct 'WebSocket': The port 79 is not allowed.
-FAIL WebSocket blocked port test 87 Failed to construct 'WebSocket': The port 87 is not allowed.
-FAIL WebSocket blocked port test 95 Failed to construct 'WebSocket': The port 95 is not allowed.
-FAIL WebSocket blocked port test 101 Failed to construct 'WebSocket': The port 101 is not allowed.
-FAIL WebSocket blocked port test 102 Failed to construct 'WebSocket': The port 102 is not allowed.
-FAIL WebSocket blocked port test 103 Failed to construct 'WebSocket': The port 103 is not allowed.
-FAIL WebSocket blocked port test 104 Failed to construct 'WebSocket': The port 104 is not allowed.
-FAIL WebSocket blocked port test 109 Failed to construct 'WebSocket': The port 109 is not allowed.
-FAIL WebSocket blocked port test 110 Failed to construct 'WebSocket': The port 110 is not allowed.
-FAIL WebSocket blocked port test 111 Failed to construct 'WebSocket': The port 111 is not allowed.
-FAIL WebSocket blocked port test 113 Failed to construct 'WebSocket': The port 113 is not allowed.
-FAIL WebSocket blocked port test 115 Failed to construct 'WebSocket': The port 115 is not allowed.
-FAIL WebSocket blocked port test 117 Failed to construct 'WebSocket': The port 117 is not allowed.
-FAIL WebSocket blocked port test 119 Failed to construct 'WebSocket': The port 119 is not allowed.
-FAIL WebSocket blocked port test 123 Failed to construct 'WebSocket': The port 123 is not allowed.
-FAIL WebSocket blocked port test 135 Failed to construct 'WebSocket': The port 135 is not allowed.
-FAIL WebSocket blocked port test 139 Failed to construct 'WebSocket': The port 139 is not allowed.
-FAIL WebSocket blocked port test 143 Failed to construct 'WebSocket': The port 143 is not allowed.
-FAIL WebSocket blocked port test 179 Failed to construct 'WebSocket': The port 179 is not allowed.
-FAIL WebSocket blocked port test 389 Failed to construct 'WebSocket': The port 389 is not allowed.
-FAIL WebSocket blocked port test 427 Failed to construct 'WebSocket': The port 427 is not allowed.
-FAIL WebSocket blocked port test 465 Failed to construct 'WebSocket': The port 465 is not allowed.
-FAIL WebSocket blocked port test 512 Failed to construct 'WebSocket': The port 512 is not allowed.
-FAIL WebSocket blocked port test 513 Failed to construct 'WebSocket': The port 513 is not allowed.
-FAIL WebSocket blocked port test 514 Failed to construct 'WebSocket': The port 514 is not allowed.
-FAIL WebSocket blocked port test 515 Failed to construct 'WebSocket': The port 515 is not allowed.
-FAIL WebSocket blocked port test 526 Failed to construct 'WebSocket': The port 526 is not allowed.
-FAIL WebSocket blocked port test 530 Failed to construct 'WebSocket': The port 530 is not allowed.
-FAIL WebSocket blocked port test 531 Failed to construct 'WebSocket': The port 531 is not allowed.
-FAIL WebSocket blocked port test 532 Failed to construct 'WebSocket': The port 532 is not allowed.
-FAIL WebSocket blocked port test 540 Failed to construct 'WebSocket': The port 540 is not allowed.
-FAIL WebSocket blocked port test 548 Failed to construct 'WebSocket': The port 548 is not allowed.
-FAIL WebSocket blocked port test 556 Failed to construct 'WebSocket': The port 556 is not allowed.
-FAIL WebSocket blocked port test 563 Failed to construct 'WebSocket': The port 563 is not allowed.
-FAIL WebSocket blocked port test 587 Failed to construct 'WebSocket': The port 587 is not allowed.
-FAIL WebSocket blocked port test 601 Failed to construct 'WebSocket': The port 601 is not allowed.
-FAIL WebSocket blocked port test 636 Failed to construct 'WebSocket': The port 636 is not allowed.
-FAIL WebSocket blocked port test 993 Failed to construct 'WebSocket': The port 993 is not allowed.
-FAIL WebSocket blocked port test 995 Failed to construct 'WebSocket': The port 995 is not allowed.
-FAIL WebSocket blocked port test 2049 Failed to construct 'WebSocket': The port 2049 is not allowed.
-FAIL WebSocket blocked port test 3659 Failed to construct 'WebSocket': The port 3659 is not allowed.
-FAIL WebSocket blocked port test 4045 Failed to construct 'WebSocket': The port 4045 is not allowed.
-FAIL WebSocket blocked port test 6000 Failed to construct 'WebSocket': The port 6000 is not allowed.
-FAIL WebSocket blocked port test 6665 Failed to construct 'WebSocket': The port 6665 is not allowed.
-FAIL WebSocket blocked port test 6666 Failed to construct 'WebSocket': The port 6666 is not allowed.
-FAIL WebSocket blocked port test 6667 Failed to construct 'WebSocket': The port 6667 is not allowed.
-FAIL WebSocket blocked port test 6668 Failed to construct 'WebSocket': The port 6668 is not allowed.
-FAIL WebSocket blocked port test 6669 Failed to construct 'WebSocket': The port 6669 is not allowed.
-FAIL WebSocket blocked port test 6697 Failed to construct 'WebSocket': The port 6697 is not allowed.
-Harness: the test ran to completion.
-

third_party/blink/web_tests/http/tests/websocket/port-blocking-expected.txt

+CONSOLE ERROR: line 19: WebSocket connection to 'ws://127.0.0.1:25/' failed: Error in connection establishment: net::ERR_UNSAFE_PORT
+WebSocket: Test port blocking.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+PASS closeEvent.wasClean is false
+PASS successfullyParsed is true
+
+TEST COMPLETE
+

third_party/blink/web_tests/http/tests/websocket/port-blocking.html

+<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
+<html>
+<head>
+<!-- This test intentionally uses the deprecated js-test.js framework so that a
+    port-blocking-expected.txt file will be required. The expectations will
+    include the console message, which will verify that the connection failed
+    because of port blocking and not just because the port was not open. -->
+<script src="/js-test-resources/js-test.js"></script>
+</head>
+<body>
+<div id="description"></div>
+<div id="console"></div>
+<script type="text/javascript">
+description("WebSocket: Test port blocking.");
+
+window.jsTestIsAsync = true;
+
+// Port 25 is SMTP, which is unlikely to ever be removed from the restricted ports list.
+const ws = new WebSocket("ws://127.0.0.1:25/");
+let closeEvent;
+
+ws.onopen = () => {
+  testFailed("onopen was called");
+  finishJSTest();
+};
+
+ws.onclose = event => {
+    closeEvent = event;
+    shouldBeFalse("closeEvent.wasClean");
+    finishJSTest();
+};
+
+</script>
+</body>
+</html>

third_party/blink/web_tests/http/tests/websocket/url-parsing-expected.txt

@@ -7,7 +7,6 @@ PASS new WebSocket(null) threw exception SyntaxError: Failed to construct 'WebSo
 PASS new WebSocket("ws://javascript:a") threw exception SyntaxError: Failed to construct 'WebSocket': The URL 'ws://javascript:a' is invalid..
 PASS new WebSocket("/applet") threw exception SyntaxError: Failed to construct 'WebSocket': The URL '/applet' is invalid..
 PASS new WebSocket("javascript:a") threw exception SyntaxError: Failed to construct 'WebSocket': The URL's scheme must be either 'ws' or 'wss'. 'javascript' is not allowed..
-PASS new WebSocket("ws://127.0.0.1:25/") threw exception SecurityError: Failed to construct 'WebSocket': The port 25 is not allowed..
 PASS (new WebSocket("ws://127.0.0.1:8880/a/../simple")).url is "ws://127.0.0.1:8880/simple"
 PASS (new WebSocket("ws://127.0.0.1:8880/simple?")).url is "ws://127.0.0.1:8880/simple?"
 PASS (new WebSocket("ws://127.0.0.1:8880/simple?k=v")).url is "ws://127.0.0.1:8880/simple?k=v"

third_party/blink/web_tests/http/tests/websocket/url-parsing.html

@@ -24,9 +24,6 @@ shouldThrow('new WebSocket("/applet")');
 // Non ws URL is not allowed.
 shouldThrow('new WebSocket("javascript:a")');
 
-// UA is allowed to block access to some ports, which we do.
-shouldThrow('new WebSocket("ws://127.0.0.1:25/")');
-
 // Resolve the url string using the resolve a Web address algorithm.
 // Use 127.0.0.1:8880 and existing ws handler to make sure we don't receive unexpected response (so no console message appears)
 shouldBe('(new WebSocket("ws://127.0.0.1:8880/a/../simple")).url', '"ws://127.0.0.1:8880/simple"');