Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1)

Unified Diff: third_party/WebKit/LayoutTests/imported/wpt/service-workers/service-worker/resources/fetch-canvas-tainting-iframe.html

Issue 2415873002: Import w3c tests for the service workers (Closed)
Patch Set: Rebase Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: third_party/WebKit/LayoutTests/imported/wpt/service-workers/service-worker/resources/fetch-canvas-tainting-iframe.html
diff --git a/third_party/WebKit/LayoutTests/http/tests/serviceworker/resources/fetch-canvas-tainting-iframe.html b/third_party/WebKit/LayoutTests/imported/wpt/service-workers/service-worker/resources/fetch-canvas-tainting-iframe.html
similarity index 71%
copy from third_party/WebKit/LayoutTests/http/tests/serviceworker/resources/fetch-canvas-tainting-iframe.html
copy to third_party/WebKit/LayoutTests/imported/wpt/service-workers/service-worker/resources/fetch-canvas-tainting-iframe.html
index 3948d8916d2ed4a03dbabb423ba6a756ae981d9b..3822971e80a2cbd91f5161ef0171d72d4adf61a4 100644
--- a/third_party/WebKit/LayoutTests/http/tests/serviceworker/resources/fetch-canvas-tainting-iframe.html
+++ b/third_party/WebKit/LayoutTests/imported/wpt/service-workers/service-worker/resources/fetch-canvas-tainting-iframe.html
@@ -1,13 +1,28 @@
-<script src="../../resources/get-host-info.js?pipe=sub"></script>
-<script src="test-helpers.js"></script>
+<script src="../resources/get-host-info.sub.js"></script>
+<script src="test-helpers.sub.js?pipe=sub"></script>
<script>
-var image_path = base_path() + 'fetch-access-control.php?PNGIMAGE';
+var image_path = base_path() + 'fetch-access-control.py?PNGIMAGE';
var host_info = get_host_info();
+var params = get_query_params(location.href);
var NOT_TAINTED = 'NOT_TAINTED';
var TAINTED = 'TAINTED';
var LOAD_ERROR = 'LOAD_ERROR';
+function get_query_params(url) {
+ var search = (new URL(url)).search;
+ if (!search) {
+ return {};
+ }
+ var ret = {};
+ var params = search.substring(1).split('&');
+ params.forEach(function(param) {
+ var element = param.split('=');
+ ret[decodeURIComponent(element[0])] = decodeURIComponent(element[1]);
+ });
+ return ret;
+}
+
function create_test_case_promise(url, cross_origin) {
return new Promise(function(resolve) {
var img = new Image();
@@ -35,6 +50,10 @@ function create_test_case_promise(url, cross_origin) {
}
function create_test_promise(url, cross_origin, expected_result) {
+ if (params['cache']) {
+ url += "&cache";
+ }
+
return new Promise(function(resolve, reject) {
create_test_case_promise(url, cross_origin)
.then(function(result) {
@@ -51,8 +70,8 @@ function create_test_promise(url, cross_origin, expected_result) {
window.addEventListener('message', function(evt) {
var port = evt.ports[0];
- var image_url = host_info['HTTP_ORIGIN'] + image_path;
- var remote_image_url = host_info['HTTP_REMOTE_ORIGIN'] + image_path;
+ var image_url = host_info['HTTPS_ORIGIN'] + image_path;
+ var remote_image_url = host_info['HTTPS_REMOTE_ORIGIN'] + image_path;
Promise.all([
// Reject tests
create_test_promise(image_url + '&reject', '', LOAD_ERROR),
@@ -73,7 +92,7 @@ window.addEventListener('message', function(evt) {
'anonymous',
LOAD_ERROR),
create_test_promise(
- remote_image_url + '&ACAOrigin=' + host_info['HTTP_ORIGIN'] +
+ remote_image_url + '&ACAOrigin=' + host_info['HTTPS_ORIGIN'] +
'&ignore',
'anonymous',
NOT_TAINTED),
@@ -82,12 +101,12 @@ window.addEventListener('message', function(evt) {
'use-credentials',
LOAD_ERROR),
create_test_promise(
- remote_image_url + '&ACAOrigin=' + host_info['HTTP_ORIGIN'] +
+ remote_image_url + '&ACAOrigin=' + host_info['HTTPS_ORIGIN'] +
'&ignore',
'use-credentials',
LOAD_ERROR),
create_test_promise(
- remote_image_url + '&ACAOrigin=' + host_info['HTTP_ORIGIN'] +
+ remote_image_url + '&ACAOrigin=' + host_info['HTTPS_ORIGIN'] +
'&ACACredentials=true&ignore',
'use-credentials',
NOT_TAINTED),
@@ -110,12 +129,12 @@ window.addEventListener('message', function(evt) {
'use-credentials',
LOAD_ERROR),
create_test_promise(
- remote_image_url + '&Auth&ACAOrigin=' + host_info['HTTP_ORIGIN'] +
+ remote_image_url + '&Auth&ACAOrigin=' + host_info['HTTPS_ORIGIN'] +
'&ignore',
'use-credentials',
LOAD_ERROR),
create_test_promise(
- remote_image_url + '&Auth&ACAOrigin=' + host_info['HTTP_ORIGIN'] +
+ remote_image_url + '&Auth&ACAOrigin=' + host_info['HTTPS_ORIGIN'] +
'&ACACredentials=true&ignore',
'use-credentials',
NOT_TAINTED),
@@ -140,7 +159,7 @@ window.addEventListener('message', function(evt) {
remote_image_url +
'&mode=same-origin&url=' + encodeURIComponent(image_url),
'',
- NOT_TAINTED),
+ TAINTED),
create_test_promise(
remote_image_url +
'&mode=same-origin&url=' + encodeURIComponent(image_url),
@@ -183,64 +202,85 @@ window.addEventListener('message', function(evt) {
'&mode=no-cors&url=' + encodeURIComponent(remote_image_url),
'use-credentials',
LOAD_ERROR),
-
+
// CORS response
create_test_promise(
image_url +
'&mode=cors&url=' +
encodeURIComponent(remote_image_url +
- '&ACAOrigin=' + host_info['HTTP_ORIGIN']),
+ '&ACAOrigin=' + host_info['HTTPS_ORIGIN']),
+ '',
+ LOAD_ERROR), // We expect LOAD_ERROR since the server doesn't respond
+ // with an Access-Control-Allow-Credentials header.
+ create_test_promise(
+ image_url +
+ '&mode=cors&credentials=same-origin&url=' +
+ encodeURIComponent(remote_image_url +
+ '&ACAOrigin=' + host_info['HTTPS_ORIGIN']),
'',
NOT_TAINTED),
create_test_promise(
image_url +
'&mode=cors&url=' +
encodeURIComponent(remote_image_url +
- '&ACAOrigin=' + host_info['HTTP_ORIGIN']),
+ '&ACAOrigin=' + host_info['HTTPS_ORIGIN']),
'anonymous',
NOT_TAINTED),
create_test_promise(
image_url +
'&mode=cors&url=' +
encodeURIComponent(remote_image_url +
- '&ACAOrigin=' + host_info['HTTP_ORIGIN']),
+ '&ACAOrigin=' + host_info['HTTPS_ORIGIN']),
'use-credentials',
- NOT_TAINTED),
+ LOAD_ERROR), // We expect LOAD_ERROR since the server doesn't respond
+ // with an Access-Control-Allow-Credentials header.
create_test_promise(
image_url +
'&mode=cors&url=' +
encodeURIComponent(
remote_image_url +
- '&ACACredentials=true&ACAOrigin=' + host_info['HTTP_ORIGIN']),
+ '&ACACredentials=true&ACAOrigin=' + host_info['HTTPS_ORIGIN']),
'use-credentials',
NOT_TAINTED),
create_test_promise(
remote_image_url +
'&mode=cors&url=' +
encodeURIComponent(remote_image_url +
- '&ACAOrigin=' + host_info['HTTP_ORIGIN']),
+ '&ACAOrigin=' + host_info['HTTPS_ORIGIN']),
'',
- NOT_TAINTED),
+ LOAD_ERROR), // We expect LOAD_ERROR since the server doesn't respond
+ // with an Access-Control-Allow-Credentials header.
+ create_test_promise(
+ remote_image_url +
+ '&mode=cors&credentials=same-origin&url=' +
+ encodeURIComponent(remote_image_url +
+ '&ACAOrigin=' + host_info['HTTPS_ORIGIN']),
+ '',
+ TAINTED), // The cross-origin no-cors request is immediately tainted.
+ // Since this happens before the service worker interception,
+ // it does not matter what kind of response it returns.
+ // The result will always be tainted.
create_test_promise(
remote_image_url +
'&mode=cors&url=' +
encodeURIComponent(remote_image_url +
- '&ACAOrigin=' + host_info['HTTP_ORIGIN']),
+ '&ACAOrigin=' + host_info['HTTPS_ORIGIN']),
'anonymous',
NOT_TAINTED),
create_test_promise(
remote_image_url +
'&mode=cors&url=' +
encodeURIComponent(remote_image_url +
- '&ACAOrigin=' + host_info['HTTP_ORIGIN']),
+ '&ACAOrigin=' + host_info['HTTPS_ORIGIN']),
'use-credentials',
- NOT_TAINTED),
+ LOAD_ERROR), // We expect LOAD_ERROR since the server doesn't respond
+ // with an Access-Control-Allow-Credentials header.
create_test_promise(
remote_image_url +
'&mode=cors&url=' +
encodeURIComponent(
remote_image_url +
- '&ACACredentials=true&ACAOrigin=' + host_info['HTTP_ORIGIN']),
+ '&ACACredentials=true&ACAOrigin=' + host_info['HTTPS_ORIGIN']),
'use-credentials',
NOT_TAINTED)
])

Powered by Google App Engine
This is Rietveld 408576698