Skip to content

GitLab

T
tangled
Commit 304d00ba authored by Matt Falkenhagen's avatar Matt Falkenhagen Committed by Commit Bot
Browse files
Options

service worker: Remove fetch-* http tests redundant with WPT tests. 

Remove the following tests:
- fetch-canvas-tainting.html
- fetch-cors-xhr.html
- fetch-csp.html

These are redundant with corresponding WPT tests. They previously could
not be removed without losing test coverage because the WPT tests were
being skipped due to time outs, see
https://codereview.chromium.org/2805313003/. But those WPT tests are now
passing. A small exception is the WPT fetch-canvas-tainting* tests
flakily timeout, but they are still enabled and mostly passing so we
won't lose test coverage.

These tests were originally written at r179595 and upstreamed to WPT
at https://github.com/web-platform-tests/wpt/commit/b2e3ab765e26436850208dbdcf747c3be75b1999.

Bug: 688116, 373120
Change-Id: Ic2dc2ddc322aae89b1e06e5a16b1ed8c30265d00
Reviewed-on: https://chromium-review.googlesource.com/c/1370236Reviewed-by: default avatarHiroki Nakagawa <nhiroki@chromium.org>
Commit-Queue: Matt Falkenhagen <falken@chromium.org>
Cr-Commit-Position: refs/heads/master@{#615440}
parent 3c3a6bf8
Hide whitespace changes
Inline Side-by-side
Showing with 0 additions and 673 deletions
third_party/blink/web_tests/http/tests/serviceworker/fetch-canvas-tainting.html deleted 100644 → 0
View file @ 3c3a6bf8
<!DOCTYPE html>
<!-- This test cannot be upstreamed to WPT because the equivalent version
available in Web Platform Tests is known to cause timeout errors in the
Chromium automated build system. They should be maintained only to preserve
test converage until the corresponding versions in Web Platform Tests can be
made to pass consistently. See
https://codereview.chromium.org/2805313003/ -->
<title>Service Worker: canvas tainting of the fetched image</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/resources/get-host-info.js?pipe=sub"></script>
<script src="resources/test-helpers.js"></script>
<body>
<script>
async_test(function(t) {
var SCOPE = 'resources/fetch-canvas-tainting-iframe.html';
var SCRIPT = 'resources/fetch-rewrite-worker.js';
var host_info = get_host_info();
login(t, host_info.HTTP_ORIGIN, host_info.HTTP_REMOTE_ORIGIN)
.then(function() {
return service_worker_unregister_and_register(t, SCRIPT, SCOPE);
})
.then(function(registration) {
return wait_for_state(t, registration.installing, 'activated');
})
.then(function() { return with_iframe(SCOPE); })
.then(function(frame) {
return new Promise(function(resolve, reject) {
var channel = new MessageChannel();
channel.port1.onmessage = t.step_func(function(e) {
assert_equals(e.data.results, 'finish');
frame.remove();
service_worker_unregister_and_done(t, SCOPE);
});
frame.contentWindow.postMessage({},
host_info['HTTP_ORIGIN'],
[channel.port2]);
});
})
.catch(unreached_rejection(t));
}, 'Verify canvas tainting of fetched image in a Service Worker');
</script>
</body>
third_party/blink/web_tests/http/tests/serviceworker/fetch-cors-xhr.html deleted 100644 → 0
View file @ 3c3a6bf8
<!DOCTYPE html>
<!-- This test cannot be upstreamed to WPT because the equivalent version
available in Web Platform Tests is known to cause timeout errors in the
Chromium automated build system. They should be maintained only to preserve
test converage until the corresponding versions in Web Platform Tests can be
made to pass consistently. See
https://codereview.chromium.org/2805313003/ -->
<title>Service Worker: CORS XHR of fetch()</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/resources/get-host-info.js?pipe=sub"></script>
<script src="resources/test-helpers.js"></script>
<body>
<script>
async_test(function(t) {
var SCOPE = 'resources/fetch-cors-xhr-iframe.html';
var SCRIPT = 'resources/fetch-rewrite-worker.js';
var host_info = get_host_info();
login(t, host_info.HTTP_ORIGIN, host_info.HTTP_REMOTE_ORIGIN)
.then(function() {
return service_worker_unregister_and_register(t, SCRIPT, SCOPE);
})
.then(function(registration) {
return wait_for_state(t, registration.installing, 'activated');
})
.then(function() { return with_iframe(SCOPE); })
.then(function(frame) {
return new Promise(function(resolve, reject) {
var channel = new MessageChannel();
channel.port1.onmessage = t.step_func(function(e) {
assert_equals(e.data.results, 'finish');
frame.remove();
service_worker_unregister_and_done(t, SCOPE);
});
frame.contentWindow.postMessage({},
host_info['HTTP_ORIGIN'],
[channel.port2]);
});
})
.catch(unreached_rejection(t));
}, 'Verify CORS XHR of fetch() in a Service Worker');
</script>
</body>
third_party/blink/web_tests/http/tests/serviceworker/fetch-csp-expected.txt deleted 100644 → 0
View file @ 3c3a6bf8
CONSOLE ERROR: Refused to load the image 'http://localhost:8000/serviceworker/resources/fetch-access-control.php?PNGIMAGE' because it violates the following Content Security Policy directive: "img-src http://127.0.0.1:8000".
CONSOLE ERROR: Refused to load the image 'http://localhost:8000/serviceworker/resources/fetch-access-control.php?PNGIMAGE' because it violates the following Content Security Policy directive: "img-src http://127.0.0.1:8000".
This is a testharness.js-based test.
PASS Verify CSP control of fetch() in a Service Worker
Harness: the test ran to completion.
third_party/blink/web_tests/http/tests/serviceworker/fetch-csp.html deleted 100644 → 0
View file @ 3c3a6bf8
<!DOCTYPE html>
<!-- This test cannot be upstreamed to WPT because the equivalent version
available in Web Platform Tests is known to cause timeout errors in the
Chromium automated build system. They should be maintained only to preserve
test converage until the corresponding versions in Web Platform Tests can be
made to pass consistently. See
https://codereview.chromium.org/2805313003/ -->
<title>Service Worker: CSP control of fetch()</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/resources/get-host-info.js?pipe=sub"></script>
<script src="resources/test-helpers.js"></script>
<script>
function assert_resolves(promise, description) {
return promise.catch(function(reason) {
throw new Error(description + ' - ' + reason.message);
});
}
function assert_rejects(promise, description) {
return promise.then(
function() { throw new Error(description); },
function() {});
}
promise_test(function(t) {
var SCOPE = 'resources/fetch-csp-iframe.html';
var SCRIPT = 'resources/fetch-rewrite-worker.js';
var host_info = get_host_info();
var IMAGE_PATH =
base_path() + 'resources/fetch-access-control.php?PNGIMAGE';
var IMAGE_URL = host_info['HTTP_ORIGIN'] + IMAGE_PATH;
var REMOTE_IMAGE_URL = host_info['HTTP_REMOTE_ORIGIN'] + IMAGE_PATH;
var REDIRECT_URL =
host_info['HTTP_ORIGIN'] + base_path() + 'resources/redirect.php';
var frame;
return service_worker_unregister_and_register(t, SCRIPT, SCOPE)
.then(function(registration) {
return wait_for_state(t, registration.installing, 'activated');
})
.then(function() {
return with_iframe(
SCOPE + '?' +
encodeURIComponent('img-src ' + host_info['HTTP_ORIGIN'] +
'; script-src \'unsafe-inline\''));
})
.then(function(f) {
frame = f;
return assert_resolves(
frame.contentWindow.load_image(IMAGE_URL),
'Allowed scope image resource should be loaded.');
})
.then(function() {
return assert_rejects(
frame.contentWindow.load_image(REMOTE_IMAGE_URL),
'Disallowed scope image resource should not be loaded.');
})
.then(function() {
return assert_resolves(
frame.contentWindow.load_image(
// The request for IMAGE_URL will be fetched in SW.
'./dummy?url=' + encodeURIComponent(IMAGE_URL)),
'Allowed scope image resource which was fetched via SW should ' +
'be loaded.');
})
.then(function() {
return assert_rejects(
frame.contentWindow.load_image(
// The request for REMOTE_IMAGE_URL will be fetched in SW.
'./dummy?mode=no-cors&url=' +
encodeURIComponent(REMOTE_IMAGE_URL)),
'Disallowed scope image resource which was fetched via SW ' +
'should not be loaded.');
})
.then(function() {
frame.remove();
return with_iframe(
SCOPE + '?' +
encodeURIComponent(
'img-src ' + REDIRECT_URL +
'; script-src \'unsafe-inline\''));
})
.then(function(f) {
frame = f;
return assert_resolves(
frame.contentWindow.load_image(
// Set 'ignore' not to call respondWith() in the SW.
REDIRECT_URL + '?ignore&Redirect=' +
encodeURIComponent(IMAGE_URL)),
'When the request was redirected, CSP match algorithm should ' +
'ignore the path component of the URL.');
})
.then(function() {
return assert_resolves(
frame.contentWindow.load_image(
// This request will be fetched via SW and redirected by
// redirect.php.
REDIRECT_URL + '?Redirect=' + encodeURIComponent(IMAGE_URL)),
'When the request was redirected via SW, CSP match algorithm ' +
'should ignore the path component of the URL.');
})
.then(function() {
return assert_resolves(
frame.contentWindow.load_image(
// The request for IMAGE_URL will be fetched in SW.
REDIRECT_URL + '?url=' + encodeURIComponent(IMAGE_URL)),
'When the request was fetched via SW, CSP match algorithm ' +
'should ignore the path component of the URL.');
})
.then(function() {
frame.remove();
service_worker_unregister_and_done(t, SCOPE);
});
}, 'Verify CSP control of fetch() in a Service Worker');
</script>
third_party/blink/web_tests/http/tests/serviceworker/resources/fetch-canvas-tainting-iframe.html deleted 100644 → 0
View file @ 3c3a6bf8
<script src="/resources/get-host-info.js?pipe=sub"></script>
<script src="test-helpers.js"></script>
<script>
var image_path = base_path() + 'fetch-access-control.php?PNGIMAGE';
var host_info = get_host_info();
var NOT_TAINTED = 'NOT_TAINTED';
var TAINTED = 'TAINTED';
var LOAD_ERROR = 'LOAD_ERROR';
function create_test_case_promise(url, cross_origin) {
return new Promise(function(resolve) {
var img = new Image();
if (cross_origin != '') {
img.crossOrigin = cross_origin;
}
img.onload = function() {
try {
var canvas = document.createElement('canvas');
canvas.width = 100;
canvas.height = 100;
var context = canvas.getContext('2d');
context.drawImage(img, 0, 0);
context.getImageData(0, 0, 100, 100);
resolve(NOT_TAINTED);
} catch (e) {
resolve(TAINTED);
}
};
img.onerror = function() {
resolve(LOAD_ERROR);
}
img.src = url;
});
}
function create_test_promise(url, cross_origin, expected_result) {
return new Promise(function(resolve, reject) {
create_test_case_promise(url, cross_origin)
.then(function(result) {
if (result == expected_result) {
resolve();
} else {
reject('Result of url:' + url + ' ' +
' cross_origin: ' + cross_origin + ' must be ' +
expected_result + ' but ' + result);
}
})
});
}
window.addEventListener('message', function(evt) {
var port = evt.ports[0];
var image_url = host_info['HTTP_ORIGIN'] + image_path;
var remote_image_url = host_info['HTTP_REMOTE_ORIGIN'] + image_path;
Promise.all([
// Reject tests
create_test_promise(image_url + '&reject', '', LOAD_ERROR),
create_test_promise(image_url + '&reject', 'anonymous', LOAD_ERROR),
create_test_promise(
image_url + '&reject', 'use-credentials', LOAD_ERROR),
// Fallback tests
create_test_promise(
image_url + '&ignore',
'',
NOT_TAINTED),
create_test_promise(
remote_image_url + '&ignore',
'',
TAINTED),
create_test_promise(
remote_image_url + '&ignore',
'anonymous',
LOAD_ERROR),
create_test_promise(
remote_image_url + '&ACAOrigin=' + host_info['HTTP_ORIGIN'] +
'&ignore',
'anonymous',
NOT_TAINTED),
create_test_promise(
remote_image_url + '&ignore',
'use-credentials',
LOAD_ERROR),
create_test_promise(
remote_image_url + '&ACAOrigin=' + host_info['HTTP_ORIGIN'] +
'&ignore',
'use-credentials',
LOAD_ERROR),
create_test_promise(
remote_image_url + '&ACAOrigin=' + host_info['HTTP_ORIGIN'] +
'&ACACredentials=true&ignore',
'use-credentials',
NOT_TAINTED),
// Credential test (fallback)
create_test_promise(
image_url + '&Auth&ignore',
'',
NOT_TAINTED),
create_test_promise(
remote_image_url + '&Auth&ignore',
'',
TAINTED),
create_test_promise(
remote_image_url + '&Auth&ignore',
'anonymous',
LOAD_ERROR),
create_test_promise(
remote_image_url + '&Auth&ignore',
'use-credentials',
LOAD_ERROR),
create_test_promise(
remote_image_url + '&Auth&ACAOrigin=' + host_info['HTTP_ORIGIN'] +
'&ignore',
'use-credentials',
LOAD_ERROR),
create_test_promise(
remote_image_url + '&Auth&ACAOrigin=' + host_info['HTTP_ORIGIN'] +
'&ACACredentials=true&ignore',
'use-credentials',
NOT_TAINTED),
// Basic response
create_test_promise(
image_url +
'&mode=same-origin&url=' + encodeURIComponent(image_url),
'',
NOT_TAINTED),
create_test_promise(
image_url +
'&mode=same-origin&url=' + encodeURIComponent(image_url),
'anonymous',
NOT_TAINTED),
create_test_promise(
image_url +
'&mode=same-origin&url=' + encodeURIComponent(image_url),
'use-credentials',
NOT_TAINTED),
create_test_promise(
remote_image_url +
'&mode=same-origin&url=' + encodeURIComponent(image_url),
'',
NOT_TAINTED),
create_test_promise(
remote_image_url +
'&mode=same-origin&url=' + encodeURIComponent(image_url),
'anonymous',
NOT_TAINTED),
create_test_promise(
remote_image_url +
'&mode=same-origin&url=' + encodeURIComponent(image_url),
'use-credentials',
NOT_TAINTED),
// Opaque response
create_test_promise(
image_url +
'&mode=no-cors&url=' + encodeURIComponent(remote_image_url),
'',
TAINTED),
create_test_promise(
image_url +
'&mode=no-cors&url=' + encodeURIComponent(remote_image_url),
'anonymous',
LOAD_ERROR),
create_test_promise(
image_url +
'&mode=no-cors&url=' + encodeURIComponent(remote_image_url),
'use-credentials',
LOAD_ERROR),
create_test_promise(
remote_image_url +
'&mode=no-cors&url=' + encodeURIComponent(remote_image_url),
'',
TAINTED),
create_test_promise(
remote_image_url +
'&mode=no-cors&url=' + encodeURIComponent(remote_image_url),
'anonymous',
LOAD_ERROR),
create_test_promise(
remote_image_url +
'&mode=no-cors&url=' + encodeURIComponent(remote_image_url),
'use-credentials',
LOAD_ERROR),
// CORS response
create_test_promise(
image_url +
'&mode=cors&url=' +
encodeURIComponent(remote_image_url +
'&ACAOrigin=' + host_info['HTTP_ORIGIN']),
'',
NOT_TAINTED),
create_test_promise(
image_url +
'&mode=cors&url=' +
encodeURIComponent(remote_image_url +
'&ACAOrigin=' + host_info['HTTP_ORIGIN']),
'anonymous',
NOT_TAINTED),
create_test_promise(
image_url +
'&mode=cors&url=' +
encodeURIComponent(remote_image_url +
'&ACAOrigin=' + host_info['HTTP_ORIGIN']),
'use-credentials',
NOT_TAINTED),
create_test_promise(
image_url +
'&mode=cors&url=' +
encodeURIComponent(
remote_image_url +
'&ACACredentials=true&ACAOrigin=' + host_info['HTTP_ORIGIN']),
'use-credentials',
NOT_TAINTED),
create_test_promise(
remote_image_url +
'&mode=cors&url=' +
encodeURIComponent(remote_image_url +
'&ACAOrigin=' + host_info['HTTP_ORIGIN']),
'',
NOT_TAINTED),
create_test_promise(
remote_image_url +
'&mode=cors&url=' +
encodeURIComponent(remote_image_url +
'&ACAOrigin=' + host_info['HTTP_ORIGIN']),
'anonymous',
NOT_TAINTED),
create_test_promise(
remote_image_url +
'&mode=cors&url=' +
encodeURIComponent(remote_image_url +
'&ACAOrigin=' + host_info['HTTP_ORIGIN']),
'use-credentials',
NOT_TAINTED),
create_test_promise(
remote_image_url +
'&mode=cors&url=' +
encodeURIComponent(
remote_image_url +
'&ACACredentials=true&ACAOrigin=' + host_info['HTTP_ORIGIN']),
'use-credentials',
NOT_TAINTED)
])
.then(function() {
port.postMessage({results: 'finish'});
})
.catch(function(e) {
port.postMessage({results: 'failure:' + e});
});
}, false);
</script>
third_party/blink/web_tests/http/tests/serviceworker/resources/fetch-cors-xhr-iframe.html deleted 100644 → 0
View file @ 3c3a6bf8
<script src="/resources/get-host-info.js?pipe=sub"></script>
<script src="test-helpers.js"></script>
<script>
var path = base_path() + 'fetch-access-control.php';
var host_info = get_host_info();
var SUCCESS = 'SUCCESS';
var FAIL = 'FAIL';
function create_test_case_promise(url, with_credentials) {
return new Promise(function(resolve) {
var xhr = new XMLHttpRequest();
xhr.onload = function() {
if (xhr.status == 200) {
resolve(SUCCESS);
} else {
resolve("STATUS" + xhr.status);
}
}
xhr.onerror = function() {
resolve(FAIL);
}
xhr.responseType = 'text';
xhr.withCredentials = with_credentials;
xhr.open('GET', url, true);
xhr.send();
});
}
function create_test_promise(url, with_credentials, expected_result) {
return new Promise(function(resolve, reject) {
create_test_case_promise(url, with_credentials)
.then(function(result) {
if (result == expected_result) {
resolve();
} else {
reject('Result of url:' + url + ' ' +
' with_credentials: ' + with_credentials + ' must be ' +
expected_result + ' but ' + result);
}
})
});
}
function create_serial_promise(test_cases) {
var promise = Promise.resolve();
test_cases.forEach(function(test_case) {
promise = promise.then(function() {
return create_test_promise(test_case[0], test_case[1], test_case[2]);
});
});
return promise;
}
window.addEventListener('message', function(evt) {
var port = evt.ports[0];
var url = host_info['HTTP_ORIGIN'] + path;
var remote_url = host_info['HTTP_REMOTE_ORIGIN'] + path;
// If the 4th value of the item of TEST_CASES is true, the test case outputs
// warning messages. So such tests must be executed in serial to match the
// expected output text.
var TEST_CASES = [
// Reject tests
[url + '?reject', false, FAIL],
[url + '?reject', true, FAIL],
[remote_url + '?reject', false, FAIL],
[remote_url + '?reject', true, FAIL],
// Reject(resolve-null) tests
[url + '?resolve-null', false, FAIL],
[url + '?resolve-null', true, FAIL],
[remote_url + '?resolve-null', false, FAIL],
[remote_url + '?resolve-null', true, FAIL],
// Fallback tests
[url + '?ignore', false, SUCCESS],
[url + '?ignore', true, SUCCESS],
[remote_url + '?ignore', false, FAIL, true], // Executed in serial.
[remote_url + '?ignore', true, FAIL, true], // Executed in serial.
[
remote_url + '?ACAOrigin=' + host_info['HTTP_ORIGIN'] + '&ignore',
false, SUCCESS
],
[
remote_url + '?ACAOrigin=' + host_info['HTTP_ORIGIN'] + '&ignore',
true, FAIL, true // Executed in serial.
],
[
remote_url + '?ACAOrigin=' + host_info['HTTP_ORIGIN'] +
'&ACACredentials=true&ignore',
true, SUCCESS
],
// Credential test (fallback)
[url + '?Auth&ignore', false, SUCCESS],
[url + '?Auth&ignore', true, SUCCESS],
[remote_url + '?Auth&ignore', false, FAIL, true], // Executed in serial.
[remote_url + '?Auth&ignore', true, FAIL, true], // Executed in serial.
[
remote_url + '?Auth&ACAOrigin=' + host_info['HTTP_ORIGIN'] + '&ignore',
false, 'STATUS401'
],
[
remote_url + '?Auth&ACAOrigin=' + host_info['HTTP_ORIGIN'] + '&ignore',
true, FAIL, true // Executed in serial.
],
[
remote_url + '?Auth&ACAOrigin=' + host_info['HTTP_ORIGIN'] +
'&ACACredentials=true&ignore',
true, SUCCESS
],
// Basic response
[
url + '?mode=same-origin&url=' + encodeURIComponent(url),
false, SUCCESS
],
[
url + '?mode=same-origin&url=' + encodeURIComponent(url),
false, SUCCESS
],
[
remote_url + '?mode=same-origin&url=' + encodeURIComponent(url),
false, SUCCESS
],
[
remote_url + '?mode=same-origin&url=' + encodeURIComponent(url),
false, SUCCESS
],
// Opaque response
[
url + '?mode=no-cors&url=' + encodeURIComponent(remote_url),
false, FAIL
],
[
url + '?mode=no-cors&url=' + encodeURIComponent(remote_url),
false, FAIL
],
[
remote_url + '?mode=no-cors&url=' + encodeURIComponent(remote_url),
false, FAIL
],
[
remote_url + '?mode=no-cors&url=' + encodeURIComponent(remote_url),
false, FAIL
],
// CORS response
[
url + '?mode=cors&url=' +
encodeURIComponent(remote_url + '?ACAOrigin=' +
host_info['HTTP_ORIGIN']),
false, SUCCESS
],
[
url + '?mode=cors&url=' +
encodeURIComponent(remote_url + '?ACAOrigin=' +
host_info['HTTP_ORIGIN']),
true, SUCCESS
],
[
remote_url + '?mode=cors&url=' +
encodeURIComponent(remote_url + '?ACAOrigin=' +
host_info['HTTP_ORIGIN']),
false, SUCCESS
],
[
remote_url +
'?mode=cors&url=' +
encodeURIComponent(remote_url + '?ACAOrigin=' +
host_info['HTTP_ORIGIN']),
true, SUCCESS
]
];
var promises = [];
var serial_tests = [];
for (var i = 0; i < TEST_CASES.length ; ++i) {
if (!TEST_CASES[i][3]) {
promises.push(create_test_promise(TEST_CASES[i][0],
TEST_CASES[i][1],
TEST_CASES[i][2]));
} else {
serial_tests.push(TEST_CASES[i]);
}
}
promises.push(create_serial_promise(serial_tests));
Promise.all(promises)
.then(function() {
port.postMessage({results: 'finish'});
})
.catch(function(e) {
port.postMessage({results: 'failure:' + e});
});
}, false);
</script>
third_party/blink/web_tests/http/tests/serviceworker/resources/fetch-csp-iframe.html deleted 100644 → 0
View file @ 3c3a6bf8
<script>
var meta = document.createElement('meta');
meta.setAttribute('http-equiv', 'Content-Security-Policy');
meta.setAttribute('content', decodeURIComponent(location.search.substring(1)));
document.head.appendChild(meta);
function load_image(url) {
return new Promise(function(resolve, reject) {
var img = document.createElement('img');
document.body.appendChild(img);
img.onload = resolve;
img.onerror = reject;
img.src = url;
});
}
</script>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment