| OLD | NEW |
|---|
| 1 <script src="../../resources/get-host-info.js?pipe=sub"></script> | 1 <script src="../resources/get-host-info.sub.js"></script> |
| 2 <script src="test-helpers.js"></script> | 2 <script src="test-helpers.sub.js?pipe=sub"></script> |
| 3 <script> | 3 <script> |
| 4 var image_path = base_path() + 'fetch-access-control.php?PNGIMAGE'; | 4 var image_path = base_path() + 'fetch-access-control.py?PNGIMAGE'; |
| 5 var host_info = get_host_info(); | 5 var host_info = get_host_info(); |
| 6 var params = get_query_params(location.href); |
| 6 | 7 |
| 7 var NOT_TAINTED = 'NOT_TAINTED'; | 8 var NOT_TAINTED = 'NOT_TAINTED'; |
| 8 var TAINTED = 'TAINTED'; | 9 var TAINTED = 'TAINTED'; |
| 9 var LOAD_ERROR = 'LOAD_ERROR'; | 10 var LOAD_ERROR = 'LOAD_ERROR'; |
| 10 | 11 |
| 12 function get_query_params(url) { |
| 13 var search = (new URL(url)).search; |
| 14 if (!search) { |
| 15 return {}; |
| 16 } |
| 17 var ret = {}; |
| 18 var params = search.substring(1).split('&'); |
| 19 params.forEach(function(param) { |
| 20 var element = param.split('='); |
| 21 ret[decodeURIComponent(element[0])] = decodeURIComponent(element[1]); |
| 22 }); |
| 23 return ret; |
| 24 } |
| 25 |
| 11 function create_test_case_promise(url, cross_origin) { | 26 function create_test_case_promise(url, cross_origin) { |
| 12 return new Promise(function(resolve) { | 27 return new Promise(function(resolve) { |
| 13 var img = new Image(); | 28 var img = new Image(); |
| 14 if (cross_origin != '') { | 29 if (cross_origin != '') { |
| 15 img.crossOrigin = cross_origin; | 30 img.crossOrigin = cross_origin; |
| 16 } | 31 } |
| 17 img.onload = function() { | 32 img.onload = function() { |
| 18 try { | 33 try { |
| 19 var canvas = document.createElement('canvas'); | 34 var canvas = document.createElement('canvas'); |
| 20 canvas.width = 100; | 35 canvas.width = 100; |
| 21 canvas.height = 100; | 36 canvas.height = 100; |
| 22 var context = canvas.getContext('2d'); | 37 var context = canvas.getContext('2d'); |
| 23 context.drawImage(img, 0, 0); | 38 context.drawImage(img, 0, 0); |
| 24 context.getImageData(0, 0, 100, 100); | 39 context.getImageData(0, 0, 100, 100); |
| 25 resolve(NOT_TAINTED); | 40 resolve(NOT_TAINTED); |
| 26 } catch (e) { | 41 } catch (e) { |
| 27 resolve(TAINTED); | 42 resolve(TAINTED); |
| 28 } | 43 } |
| 29 }; | 44 }; |
| 30 img.onerror = function() { | 45 img.onerror = function() { |
| 31 resolve(LOAD_ERROR); | 46 resolve(LOAD_ERROR); |
| 32 } | 47 } |
| 33 img.src = url; | 48 img.src = url; |
| 34 }); | 49 }); |
| 35 } | 50 } |
| 36 | 51 |
| 37 function create_test_promise(url, cross_origin, expected_result) { | 52 function create_test_promise(url, cross_origin, expected_result) { |
| 53 if (params['cache']) { |
| 54 url += "&cache"; |
| 55 } |
| 56 |
| 38 return new Promise(function(resolve, reject) { | 57 return new Promise(function(resolve, reject) { |
| 39 create_test_case_promise(url, cross_origin) | 58 create_test_case_promise(url, cross_origin) |
| 40 .then(function(result) { | 59 .then(function(result) { |
| 41 if (result == expected_result) { | 60 if (result == expected_result) { |
| 42 resolve(); | 61 resolve(); |
| 43 } else { | 62 } else { |
| 44 reject('Result of url:' + url + ' ' + | 63 reject('Result of url:' + url + ' ' + |
| 45 ' cross_origin: ' + cross_origin + ' must be ' + | 64 ' cross_origin: ' + cross_origin + ' must be ' + |
| 46 expected_result + ' but ' + result); | 65 expected_result + ' but ' + result); |
| 47 } | 66 } |
| 48 }) | 67 }) |
| 49 }); | 68 }); |
| 50 } | 69 } |
| 51 | 70 |
| 52 window.addEventListener('message', function(evt) { | 71 window.addEventListener('message', function(evt) { |
| 53 var port = evt.ports[0]; | 72 var port = evt.ports[0]; |
| 54 var image_url = host_info['HTTP_ORIGIN'] + image_path; | 73 var image_url = host_info['HTTPS_ORIGIN'] + image_path; |
| 55 var remote_image_url = host_info['HTTP_REMOTE_ORIGIN'] + image_path; | 74 var remote_image_url = host_info['HTTPS_REMOTE_ORIGIN'] + image_path; |
| 56 Promise.all([ | 75 Promise.all([ |
| 57 // Reject tests | 76 // Reject tests |
| 58 create_test_promise(image_url + '&reject', '', LOAD_ERROR), | 77 create_test_promise(image_url + '&reject', '', LOAD_ERROR), |
| 59 create_test_promise(image_url + '&reject', 'anonymous', LOAD_ERROR), | 78 create_test_promise(image_url + '&reject', 'anonymous', LOAD_ERROR), |
| 60 create_test_promise( | 79 create_test_promise( |
| 61 image_url + '&reject', 'use-credentials', LOAD_ERROR), | 80 image_url + '&reject', 'use-credentials', LOAD_ERROR), |
| 62 // Fallback tests | 81 // Fallback tests |
| 63 create_test_promise( | 82 create_test_promise( |
| 64 image_url + '&ignore', | 83 image_url + '&ignore', |
| 65 '', | 84 '', |
| 66 NOT_TAINTED), | 85 NOT_TAINTED), |
| 67 create_test_promise( | 86 create_test_promise( |
| 68 remote_image_url + '&ignore', | 87 remote_image_url + '&ignore', |
| 69 '', | 88 '', |
| 70 TAINTED), | 89 TAINTED), |
| 71 create_test_promise( | 90 create_test_promise( |
| 72 remote_image_url + '&ignore', | 91 remote_image_url + '&ignore', |
| 73 'anonymous', | 92 'anonymous', |
| 74 LOAD_ERROR), | 93 LOAD_ERROR), |
| 75 create_test_promise( | 94 create_test_promise( |
| 76 remote_image_url + '&ACAOrigin=' + host_info['HTTP_ORIGIN'] + | 95 remote_image_url + '&ACAOrigin=' + host_info['HTTPS_ORIGIN'] + |
| 77 '&ignore', | 96 '&ignore', |
| 78 'anonymous', | 97 'anonymous', |
| 79 NOT_TAINTED), | 98 NOT_TAINTED), |
| 80 create_test_promise( | 99 create_test_promise( |
| 81 remote_image_url + '&ignore', | 100 remote_image_url + '&ignore', |
| 82 'use-credentials', | 101 'use-credentials', |
| 83 LOAD_ERROR), | 102 LOAD_ERROR), |
| 84 create_test_promise( | 103 create_test_promise( |
| 85 remote_image_url + '&ACAOrigin=' + host_info['HTTP_ORIGIN'] + | 104 remote_image_url + '&ACAOrigin=' + host_info['HTTPS_ORIGIN'] + |
| 86 '&ignore', | 105 '&ignore', |
| 87 'use-credentials', | 106 'use-credentials', |
| 88 LOAD_ERROR), | 107 LOAD_ERROR), |
| 89 create_test_promise( | 108 create_test_promise( |
| 90 remote_image_url + '&ACAOrigin=' + host_info['HTTP_ORIGIN'] + | 109 remote_image_url + '&ACAOrigin=' + host_info['HTTPS_ORIGIN'] + |
| 91 '&ACACredentials=true&ignore', | 110 '&ACACredentials=true&ignore', |
| 92 'use-credentials', | 111 'use-credentials', |
| 93 NOT_TAINTED), | 112 NOT_TAINTED), |
| 94 | 113 |
| 95 // Credential test (fallback) | 114 // Credential test (fallback) |
| 96 create_test_promise( | 115 create_test_promise( |
| 97 image_url + '&Auth&ignore', | 116 image_url + '&Auth&ignore', |
| 98 '', | 117 '', |
| 99 NOT_TAINTED), | 118 NOT_TAINTED), |
| 100 create_test_promise( | 119 create_test_promise( |
| 101 remote_image_url + '&Auth&ignore', | 120 remote_image_url + '&Auth&ignore', |
| 102 '', | 121 '', |
| 103 TAINTED), | 122 TAINTED), |
| 104 create_test_promise( | 123 create_test_promise( |
| 105 remote_image_url + '&Auth&ignore', | 124 remote_image_url + '&Auth&ignore', |
| 106 'anonymous', | 125 'anonymous', |
| 107 LOAD_ERROR), | 126 LOAD_ERROR), |
| 108 create_test_promise( | 127 create_test_promise( |
| 109 remote_image_url + '&Auth&ignore', | 128 remote_image_url + '&Auth&ignore', |
| 110 'use-credentials', | 129 'use-credentials', |
| 111 LOAD_ERROR), | 130 LOAD_ERROR), |
| 112 create_test_promise( | 131 create_test_promise( |
| 113 remote_image_url + '&Auth&ACAOrigin=' + host_info['HTTP_ORIGIN'] + | 132 remote_image_url + '&Auth&ACAOrigin=' + host_info['HTTPS_ORIGIN'] + |
| 114 '&ignore', | 133 '&ignore', |
| 115 'use-credentials', | 134 'use-credentials', |
| 116 LOAD_ERROR), | 135 LOAD_ERROR), |
| 117 create_test_promise( | 136 create_test_promise( |
| 118 remote_image_url + '&Auth&ACAOrigin=' + host_info['HTTP_ORIGIN'] + | 137 remote_image_url + '&Auth&ACAOrigin=' + host_info['HTTPS_ORIGIN'] + |
| 119 '&ACACredentials=true&ignore', | 138 '&ACACredentials=true&ignore', |
| 120 'use-credentials', | 139 'use-credentials', |
| 121 NOT_TAINTED), | 140 NOT_TAINTED), |
| 122 | 141 |
| 123 // Basic response | 142 // Basic response |
| 124 create_test_promise( | 143 create_test_promise( |
| 125 image_url + | 144 image_url + |
| 126 '&mode=same-origin&url=' + encodeURIComponent(image_url), | 145 '&mode=same-origin&url=' + encodeURIComponent(image_url), |
| 127 '', | 146 '', |
| 128 NOT_TAINTED), | 147 NOT_TAINTED), |
| 129 create_test_promise( | 148 create_test_promise( |
| 130 image_url + | 149 image_url + |
| 131 '&mode=same-origin&url=' + encodeURIComponent(image_url), | 150 '&mode=same-origin&url=' + encodeURIComponent(image_url), |
| 132 'anonymous', | 151 'anonymous', |
| 133 NOT_TAINTED), | 152 NOT_TAINTED), |
| 134 create_test_promise( | 153 create_test_promise( |
| 135 image_url + | 154 image_url + |
| 136 '&mode=same-origin&url=' + encodeURIComponent(image_url), | 155 '&mode=same-origin&url=' + encodeURIComponent(image_url), |
| 137 'use-credentials', | 156 'use-credentials', |
| 138 NOT_TAINTED), | 157 NOT_TAINTED), |
| 139 create_test_promise( | 158 create_test_promise( |
| 140 remote_image_url + | 159 remote_image_url + |
| 141 '&mode=same-origin&url=' + encodeURIComponent(image_url), | 160 '&mode=same-origin&url=' + encodeURIComponent(image_url), |
| 142 '', | 161 '', |
| 143 NOT_TAINTED), | 162 TAINTED), |
| 144 create_test_promise( | 163 create_test_promise( |
| 145 remote_image_url + | 164 remote_image_url + |
| 146 '&mode=same-origin&url=' + encodeURIComponent(image_url), | 165 '&mode=same-origin&url=' + encodeURIComponent(image_url), |
| 147 'anonymous', | 166 'anonymous', |
| 148 NOT_TAINTED), | 167 NOT_TAINTED), |
| 149 create_test_promise( | 168 create_test_promise( |
| 150 remote_image_url + | 169 remote_image_url + |
| 151 '&mode=same-origin&url=' + encodeURIComponent(image_url), | 170 '&mode=same-origin&url=' + encodeURIComponent(image_url), |
| 152 'use-credentials', | 171 'use-credentials', |
| 153 NOT_TAINTED), | 172 NOT_TAINTED), |
| (...skipping 22 matching lines...) Expand all Loading... |
| 176 create_test_promise( | 195 create_test_promise( |
| 177 remote_image_url + | 196 remote_image_url + |
| 178 '&mode=no-cors&url=' + encodeURIComponent(remote_image_url), | 197 '&mode=no-cors&url=' + encodeURIComponent(remote_image_url), |
| 179 'anonymous', | 198 'anonymous', |
| 180 LOAD_ERROR), | 199 LOAD_ERROR), |
| 181 create_test_promise( | 200 create_test_promise( |
| 182 remote_image_url + | 201 remote_image_url + |
| 183 '&mode=no-cors&url=' + encodeURIComponent(remote_image_url), | 202 '&mode=no-cors&url=' + encodeURIComponent(remote_image_url), |
| 184 'use-credentials', | 203 'use-credentials', |
| 185 LOAD_ERROR), | 204 LOAD_ERROR), |
| 186 | 205 |
| 187 // CORS response | 206 // CORS response |
| 188 create_test_promise( | 207 create_test_promise( |
| 189 image_url + | 208 image_url + |
| 190 '&mode=cors&url=' + | 209 '&mode=cors&url=' + |
| 191 encodeURIComponent(remote_image_url + | 210 encodeURIComponent(remote_image_url + |
| 192 '&ACAOrigin=' + host_info['HTTP_ORIGIN']), | 211 '&ACAOrigin=' + host_info['HTTPS_ORIGIN']), |
| 212 '', |
| 213 LOAD_ERROR), // We expect LOAD_ERROR since the server doesn't respon
d |
| 214 // with an Access-Control-Allow-Credentials header. |
| 215 create_test_promise( |
| 216 image_url + |
| 217 '&mode=cors&credentials=same-origin&url=' + |
| 218 encodeURIComponent(remote_image_url + |
| 219 '&ACAOrigin=' + host_info['HTTPS_ORIGIN']), |
| 193 '', | 220 '', |
| 194 NOT_TAINTED), | 221 NOT_TAINTED), |
| 195 create_test_promise( | 222 create_test_promise( |
| 196 image_url + | 223 image_url + |
| 197 '&mode=cors&url=' + | 224 '&mode=cors&url=' + |
| 198 encodeURIComponent(remote_image_url + | 225 encodeURIComponent(remote_image_url + |
| 199 '&ACAOrigin=' + host_info['HTTP_ORIGIN']), | 226 '&ACAOrigin=' + host_info['HTTPS_ORIGIN']), |
| 200 'anonymous', | 227 'anonymous', |
| 201 NOT_TAINTED), | 228 NOT_TAINTED), |
| 202 create_test_promise( | 229 create_test_promise( |
| 203 image_url + | 230 image_url + |
| 204 '&mode=cors&url=' + | 231 '&mode=cors&url=' + |
| 205 encodeURIComponent(remote_image_url + | 232 encodeURIComponent(remote_image_url + |
| 206 '&ACAOrigin=' + host_info['HTTP_ORIGIN']), | 233 '&ACAOrigin=' + host_info['HTTPS_ORIGIN']), |
| 207 'use-credentials', | 234 'use-credentials', |
| 208 NOT_TAINTED), | 235 LOAD_ERROR), // We expect LOAD_ERROR since the server doesn't respon
d |
| 236 // with an Access-Control-Allow-Credentials header. |
| 209 create_test_promise( | 237 create_test_promise( |
| 210 image_url + | 238 image_url + |
| 211 '&mode=cors&url=' + | 239 '&mode=cors&url=' + |
| 212 encodeURIComponent( | 240 encodeURIComponent( |
| 213 remote_image_url + | 241 remote_image_url + |
| 214 '&ACACredentials=true&ACAOrigin=' + host_info['HTTP_ORIGIN']), | 242 '&ACACredentials=true&ACAOrigin=' + host_info['HTTPS_ORIGIN']), |
| 215 'use-credentials', | 243 'use-credentials', |
| 216 NOT_TAINTED), | 244 NOT_TAINTED), |
| 217 create_test_promise( | 245 create_test_promise( |
| 218 remote_image_url + | 246 remote_image_url + |
| 219 '&mode=cors&url=' + | 247 '&mode=cors&url=' + |
| 220 encodeURIComponent(remote_image_url + | 248 encodeURIComponent(remote_image_url + |
| 221 '&ACAOrigin=' + host_info['HTTP_ORIGIN']), | 249 '&ACAOrigin=' + host_info['HTTPS_ORIGIN']), |
| 222 '', | 250 '', |
| 223 NOT_TAINTED), | 251 LOAD_ERROR), // We expect LOAD_ERROR since the server doesn't respon
d |
| 252 // with an Access-Control-Allow-Credentials header. |
| 253 create_test_promise( |
| 254 remote_image_url + |
| 255 '&mode=cors&credentials=same-origin&url=' + |
| 256 encodeURIComponent(remote_image_url + |
| 257 '&ACAOrigin=' + host_info['HTTPS_ORIGIN']), |
| 258 '', |
| 259 TAINTED), // The cross-origin no-cors request is immediately tainted
. |
| 260 // Since this happens before the service worker intercepti
on, |
| 261 // it does not matter what kind of response it returns. |
| 262 // The result will always be tainted. |
| 224 create_test_promise( | 263 create_test_promise( |
| 225 remote_image_url + | 264 remote_image_url + |
| 226 '&mode=cors&url=' + | 265 '&mode=cors&url=' + |
| 227 encodeURIComponent(remote_image_url + | 266 encodeURIComponent(remote_image_url + |
| 228 '&ACAOrigin=' + host_info['HTTP_ORIGIN']), | 267 '&ACAOrigin=' + host_info['HTTPS_ORIGIN']), |
| 229 'anonymous', | 268 'anonymous', |
| 230 NOT_TAINTED), | 269 NOT_TAINTED), |
| 231 create_test_promise( | 270 create_test_promise( |
| 232 remote_image_url + | 271 remote_image_url + |
| 233 '&mode=cors&url=' + | 272 '&mode=cors&url=' + |
| 234 encodeURIComponent(remote_image_url + | 273 encodeURIComponent(remote_image_url + |
| 235 '&ACAOrigin=' + host_info['HTTP_ORIGIN']), | 274 '&ACAOrigin=' + host_info['HTTPS_ORIGIN']), |
| 236 'use-credentials', | 275 'use-credentials', |
| 237 NOT_TAINTED), | 276 LOAD_ERROR), // We expect LOAD_ERROR since the server doesn't respon
d |
| 277 // with an Access-Control-Allow-Credentials header. |
| 238 create_test_promise( | 278 create_test_promise( |
| 239 remote_image_url + | 279 remote_image_url + |
| 240 '&mode=cors&url=' + | 280 '&mode=cors&url=' + |
| 241 encodeURIComponent( | 281 encodeURIComponent( |
| 242 remote_image_url + | 282 remote_image_url + |
| 243 '&ACACredentials=true&ACAOrigin=' + host_info['HTTP_ORIGIN']), | 283 '&ACACredentials=true&ACAOrigin=' + host_info['HTTPS_ORIGIN']), |
| 244 'use-credentials', | 284 'use-credentials', |
| 245 NOT_TAINTED) | 285 NOT_TAINTED) |
| 246 ]) | 286 ]) |
| 247 .then(function() { | 287 .then(function() { |
| 248 port.postMessage({results: 'finish'}); | 288 port.postMessage({results: 'finish'}); |
| 249 }) | 289 }) |
| 250 .catch(function(e) { | 290 .catch(function(e) { |
| 251 port.postMessage({results: 'failure:' + e}); | 291 port.postMessage({results: 'failure:' + e}); |
| 252 }); | 292 }); |
| 253 }, false); | 293 }, false); |
| 254 </script> | 294 </script> |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2415873002:
Import w3c tests for the service workers (Closed)
