Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-09-14 17:08:22 +01:00
Code Issues Projects Releases Packages Wiki Activity

Update web-platform-tests to revision 81962ac8802223d038b188b6f9cb88a0a9c5beee

Browse source
This commit is contained in:
WPT Sync Bot 2018-05-18 22:02:29 -04:00
parent fe1a057bd1
commit 24183668c4
1960 changed files with 29853 additions and 10555 deletions
Download patch file Download diff file Expand all files Collapse all files

39
tests/wpt/web-platform-tests/cookies/samesite/fetch.html Normal file
View file

@ -0,0 +1,39 @@
<!DOCTYPE html>
<meta charset="utf-8"/>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/cookies/resources/cookie-helper.sub.js"></script>
<script>
function create_test(origin, target, expectedStatus, title) {
promise_test(t => {
var value = "" + Math.random();
return resetSameSiteCookies(origin, value)
.then(_ => {
return credFetch(target + "/cookies/resources/list.py")
.then(r => r.json())
.then(cookies => verifySameSiteCookieState(expectedStatus, value, cookies));
});
}, title);
}
// No redirect:
create_test(ORIGIN, ORIGIN, SameSiteStatus.STRICT, "Same-host fetches are strictly same-site");
create_test(SUBDOMAIN_ORIGIN, SUBDOMAIN_ORIGIN, SameSiteStatus.STRICT, "Subdomain fetches are strictly same-site");
create_test(CROSS_SITE_ORIGIN, CROSS_SITE_ORIGIN, SameSiteStatus.CROSS_SITE, "Cross-site fetches are cross-site");
// Redirect from {same-host,subdomain,cross-site} to same-host:
create_test(ORIGIN, redirectTo(ORIGIN, ORIGIN), SameSiteStatus.STRICT, "Same-host redirecting to same-host fetches are strictly same-site");
create_test(ORIGIN, redirectTo(SUBDOMAIN_ORIGIN, ORIGIN), SameSiteStatus.STRICT, "Subdomain redirecting to same-host fetches are strictly same-site");
create_test(ORIGIN, redirectTo(CROSS_SITE_ORIGIN, ORIGIN), SameSiteStatus.STRICT, "Cross-site redirecting to same-host fetches are strictly same-site");
// Redirect from {same-host,subdomain,cross-site} to same-host:
create_test(SUBDOMAIN_ORIGIN, redirectTo(ORIGIN, SUBDOMAIN_ORIGIN), SameSiteStatus.STRICT, "Same-host redirecting to subdomain fetches are strictly same-site");
create_test(SUBDOMAIN_ORIGIN, redirectTo(SUBDOMAIN_ORIGIN, SUBDOMAIN_ORIGIN), SameSiteStatus.STRICT, "Subdomain redirecting to subdomain fetches are strictly same-site");
create_test(SUBDOMAIN_ORIGIN, redirectTo(CROSS_SITE_ORIGIN, SUBDOMAIN_ORIGIN), SameSiteStatus.STRICT, "Cross-site redirecting to subdomain fetches are strictly same-site");
// Redirect from {same-host,subdomain,cross-site} to cross-site:
create_test(CROSS_SITE_ORIGIN, redirectTo(ORIGIN, CROSS_SITE_ORIGIN), SameSiteStatus.CROSS_SITE, "Same-host redirecting to cross-site fetches are cross-site");
create_test(CROSS_SITE_ORIGIN, redirectTo(SUBDOMAIN_ORIGIN, CROSS_SITE_ORIGIN), SameSiteStatus.CROSS_SITE, "Subdomain redirecting to cross-site fetches are cross-site");
create_test(CROSS_SITE_ORIGIN, redirectTo(CROSS_SITE_ORIGIN, CROSS_SITE_ORIGIN), SameSiteStatus.CROSS_SITE, "Cross-site redirecting to cross-site fetches are cross-site");
</script>

57
tests/wpt/web-platform-tests/cookies/samesite/form-get-blank-reload.html Normal file
View file

@ -0,0 +1,57 @@
<!DOCTYPE html>
<meta charset="utf-8"/>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/cookies/resources/cookie-helper.sub.js"></script>
<script>
function create_test(origin, target, expectedStatus, title) {
promise_test(t => {
var value = "" + Math.random();
return resetSameSiteCookies(origin, value)
.then(_ => {
return new Promise((resolve, reject) => {
var f = document.createElement('form');
f.action = target + "/cookies/resources/postToParent.py";
f.target = "_blank";
f.method = "GET";
// If |target| contains a `redir` parameter, extract it, and add it
// to the form so it doesn't get dropped in the submission.
var url = new URL(f.action);
if (url.pathname = "/cookies/rfc6265/resources/redirectWithCORSHeaders.py") {
var i = document.createElement("input");
i.name = "location";
i.value = url.searchParams.get("location");
i.type = "hidden";
f.appendChild(i);
}
var reloaded = false;
var msgHandler = e => {
try {
verifySameSiteCookieState(expectedStatus, value, e.data);
} catch (e) {
reject(e);
}
if (reloaded) {
window.removeEventListener("message", msgHandler);
e.source.close();
resolve("Popup received the cookie.");
} else {
reloaded = true;
e.source.postMessage("reload", "*");
}
};
window.addEventListener("message", msgHandler);
document.body.appendChild(f);
f.submit();
});
});
}, title);
}
create_test(ORIGIN, ORIGIN, SameSiteStatus.STRICT, "Reloaded same-host top-level form GETs are strictly same-site");
create_test(SUBDOMAIN_ORIGIN, SUBDOMAIN_ORIGIN, SameSiteStatus.STRICT, "Reloaded subdomain top-level form GETs are strictly same-site");
create_test(CROSS_SITE_ORIGIN, CROSS_SITE_ORIGIN, SameSiteStatus.LAX, "Reloaded cross-site top-level form GETs are laxly same-site");
</script>

66
tests/wpt/web-platform-tests/cookies/samesite/form-get-blank.html Normal file
View file

@ -0,0 +1,66 @@
<!DOCTYPE html>
<meta charset="utf-8"/>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/cookies/resources/cookie-helper.sub.js"></script>
<script>
function create_test(origin, target, expectedStatus, title) {
promise_test(t => {
var value = "" + Math.random();
return resetSameSiteCookies(origin, value)
.then(_ => {
return new Promise((resolve, reject) => {
var f = document.createElement('form');
f.action = target + "/cookies/resources/postToParent.py";
f.target = "_blank";
f.method = "GET";
// If |target| contains a `redir` parameter, extract it, and add it
// to the form so it doesn't get dropped in the submission.
var url = new URL(f.action);
if (url.pathname == "/cookies/resources/redirectWithCORSHeaders.py") {
var i = document.createElement("input");
i.name = "location";
i.type="hidden";
i.value = url.searchParams.get("location");
f.appendChild(i);
}
var msgHandler = e => {
window.removeEventListener("message", msgHandler);
e.source.close();
try {
verifySameSiteCookieState(expectedStatus, value, e.data);
resolve("Popup received the cookie.");
} catch (e) {
reject(e);
}
};
window.addEventListener("message", msgHandler);
document.body.appendChild(f);
f.submit();
});
});
}, title);
}
// No redirect:
create_test(ORIGIN, ORIGIN, SameSiteStatus.STRICT, "Same-host top-level form GETs are strictly same-site");
create_test(SUBDOMAIN_ORIGIN, SUBDOMAIN_ORIGIN, SameSiteStatus.STRICT, "Subdomain top-level form GETs are strictly same-site");
create_test(CROSS_SITE_ORIGIN, CROSS_SITE_ORIGIN, SameSiteStatus.LAX, "Cross-site top-level form GETs are laxly same-site");
// Redirect from {same-host,subdomain,cross-site} to same-host:
create_test(ORIGIN, redirectTo(ORIGIN, ORIGIN), SameSiteStatus.STRICT, "Same-host redirecting to same-host top-level form GETs are strictly same-site");
create_test(ORIGIN, redirectTo(SUBDOMAIN_ORIGIN, ORIGIN), SameSiteStatus.STRICT, "Subdomain redirecting to same-host top-level form GETs are strictly same-site");
create_test(ORIGIN, redirectTo(CROSS_SITE_ORIGIN, ORIGIN), SameSiteStatus.STRICT, "Cross-site redirecting to same-host top-level form GETs are strictly same-site");
// Redirect from {same-host,subdomain,cross-site} to same-host:
create_test(SUBDOMAIN_ORIGIN, redirectTo(ORIGIN, SUBDOMAIN_ORIGIN), SameSiteStatus.STRICT, "Same-host redirecting to subdomain top-level form GETs are strictly same-site");
create_test(SUBDOMAIN_ORIGIN, redirectTo(SUBDOMAIN_ORIGIN, SUBDOMAIN_ORIGIN), SameSiteStatus.STRICT, "Subdomain redirecting to subdomain top-level form GETs are strictly same-site");
create_test(SUBDOMAIN_ORIGIN, redirectTo(CROSS_SITE_ORIGIN, SUBDOMAIN_ORIGIN), SameSiteStatus.STRICT, "Cross-site redirecting to subdomain top-level form GETs are strictly same-site");
// Redirect from {same-host,subdomain,cross-site} to cross-site:
create_test(CROSS_SITE_ORIGIN, redirectTo(ORIGIN, CROSS_SITE_ORIGIN), SameSiteStatus.LAX, "Same-host redirecting to cross-site top-level form GETs are laxly same-site");
create_test(CROSS_SITE_ORIGIN, redirectTo(SUBDOMAIN_ORIGIN, CROSS_SITE_ORIGIN), SameSiteStatus.LAX, "Subdomain redirecting to cross-site top-level form GETs are laxly same-site");
create_test(CROSS_SITE_ORIGIN, redirectTo(CROSS_SITE_ORIGIN, CROSS_SITE_ORIGIN), SameSiteStatus.LAX, "Cross-site redirecting to cross-site top-level form GETs are laxly same-site");
</script>

47
tests/wpt/web-platform-tests/cookies/samesite/form-post-blank-reload.html Normal file
View file

@ -0,0 +1,47 @@
<!DOCTYPE html>
<meta charset="utf-8"/>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/cookies/resources/cookie-helper.sub.js"></script>
<script>
function create_test(origin, target, expectedStatus, title) {
promise_test(t => {
var value = "" + Math.random();
return resetSameSiteCookies(origin, value)
.then(_ => {
return new Promise((resolve, reject) => {
var f = document.createElement('form');
f.action = target + "/cookies/resources/postToParent.py";
f.target = "_blank";
f.method = "POST";
var reloaded = false;
var msgHandler = e => {
try {
verifySameSiteCookieState(expectedStatus, value, e.data);
} catch (e) {
reject(e);
}
if (reloaded) {
window.removeEventListener("message", msgHandler);
e.source.close();
resolve("Popup received the cookie.");
} else {
reloaded = true;
e.source.postMessage("reload", "*");
}
};
window.addEventListener("message", msgHandler);
document.body.appendChild(f);
f.submit();
});
});
}, title);
}
create_test(ORIGIN, ORIGIN, SameSiteStatus.STRICT, "Reloaded same-host top-level form POSTs are strictly same-site");
create_test(SUBDOMAIN_ORIGIN, SUBDOMAIN_ORIGIN, SameSiteStatus.STRICT, "Reloaded subdomain top-level form POSTs are strictly same-site");
create_test(CROSS_SITE_ORIGIN, CROSS_SITE_ORIGIN, SameSiteStatus.CROSS_SITE, "Reloaded cross-site top-level form POSTs are not same-site");
</script>

55
tests/wpt/web-platform-tests/cookies/samesite/form-post-blank.html Normal file
View file

@ -0,0 +1,55 @@
<!DOCTYPE html>
<meta charset="utf-8"/>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/cookies/resources/cookie-helper.sub.js"></script>
<script>
function create_test(origin, target, expectedStatus, title) {
promise_test(t => {
var value = "" + Math.random();
return resetSameSiteCookies(origin, value)
.then(_ => {
return new Promise((resolve, reject) => {
var f = document.createElement('form');
f.action = target + "/cookies/resources/postToParent.py";
f.target = "_blank";
f.method = "POST";
var msgHandler = e => {
window.removeEventListener("message", msgHandler);
e.source.close();
try {
verifySameSiteCookieState(expectedStatus, value, e.data);
resolve("Popup received the cookie.");
} catch (e) {
reject(e);
}
};
window.addEventListener("message", msgHandler);
document.body.appendChild(f);
f.submit();
});
});
}, title);
}
// No redirect:
create_test(ORIGIN, ORIGIN, SameSiteStatus.STRICT, "Same-host top-level form POSTs are strictly same-site");
create_test(SUBDOMAIN_ORIGIN, SUBDOMAIN_ORIGIN, SameSiteStatus.STRICT, "Subdomain top-level form POSTs are strictly same-site");
create_test(CROSS_SITE_ORIGIN, CROSS_SITE_ORIGIN, SameSiteStatus.CROSS_SITE, "Cross-site top-level form POSTs are cross-site");
// Redirect from {same-host,subdomain,cross-site} to same-host:
create_test(ORIGIN, redirectTo(ORIGIN, ORIGIN), SameSiteStatus.STRICT, "Same-host redirecting to same-host top-level form POSTs are strictly same-site");
create_test(ORIGIN, redirectTo(SUBDOMAIN_ORIGIN, ORIGIN), SameSiteStatus.STRICT, "Subdomain redirecting to same-host top-level form POSTs are strictly same-site");
create_test(ORIGIN, redirectTo(CROSS_SITE_ORIGIN, ORIGIN), SameSiteStatus.STRICT, "Cross-site redirecting to same-host top-level form POSTs are strictly same-site");
// Redirect from {same-host,subdomain,cross-site} to same-host:
create_test(SUBDOMAIN_ORIGIN, redirectTo(ORIGIN, SUBDOMAIN_ORIGIN), SameSiteStatus.STRICT, "Same-host redirecting to subdomain top-level form POSTs are strictly same-site");
create_test(SUBDOMAIN_ORIGIN, redirectTo(SUBDOMAIN_ORIGIN, SUBDOMAIN_ORIGIN), SameSiteStatus.STRICT, "Subdomain redirecting to subdomain top-level form POSTs are strictly same-site");
create_test(SUBDOMAIN_ORIGIN, redirectTo(CROSS_SITE_ORIGIN, SUBDOMAIN_ORIGIN), SameSiteStatus.STRICT, "Cross-site redirecting to subdomain top-level form POSTs are strictly same-site");
// Redirect from {same-host,subdomain,cross-site} to cross-site:
create_test(CROSS_SITE_ORIGIN, redirectTo(ORIGIN, CROSS_SITE_ORIGIN), SameSiteStatus.CROSS_SITE, "Same-host redirecting to cross-site top-level form POSTs are cross-site");
create_test(CROSS_SITE_ORIGIN, redirectTo(SUBDOMAIN_ORIGIN, CROSS_SITE_ORIGIN), SameSiteStatus.CROSS_SITE, "Subdomain redirecting to cross-site top-level form POSTs are cross-site");
create_test(CROSS_SITE_ORIGIN, redirectTo(CROSS_SITE_ORIGIN, CROSS_SITE_ORIGIN), SameSiteStatus.CROSS_SITE, "Cross-site redirecting to cross-site top-level form POSTs are cross-site");
</script>

47
tests/wpt/web-platform-tests/cookies/samesite/iframe-reload.html Normal file
View file

@ -0,0 +1,47 @@
<!DOCTYPE html>
<meta charset="utf-8"/>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/cookies/resources/cookie-helper.sub.js"></script>
<!-- We're appending an <iframe> to the document's body, so execute tests after we have a body -->
<body>
<script>
function create_test(origin, target, expectedStatus, title) {
promise_test(t => {
var value = "" + Math.random();
return resetSameSiteCookies(origin, value)
.then(_ => {
return new Promise((resolve, reject) => {
var iframe = document.createElement("iframe");
iframe.onerror = _ => reject("IFrame could not be loaded.");
var reloaded = false;
var msgHandler = e => {
try {
verifySameSiteCookieState(expectedStatus, value, e.data);
} catch (e) {
reject(e);
}
if (reloaded) {
window.removeEventListener("message", msgHandler);
document.body.removeChild(iframe);
resolve("IFrame received the cookie.");
} else {
reloaded = true;
e.source.postMessage("reload", "*");
}
};
window.addEventListener("message", msgHandler);
iframe.src = target + "/cookies/resources/postToParent.py";
document.body.appendChild(iframe);
});
});
}, title);
}
create_test(ORIGIN, ORIGIN, SameSiteStatus.STRICT, "Reloaded same-host fetches are strictly same-site");
create_test(SUBDOMAIN_ORIGIN, SUBDOMAIN_ORIGIN, SameSiteStatus.STRICT, "Reloaded subdomain fetches are strictly same-site");
create_test(CROSS_SITE_ORIGIN, CROSS_SITE_ORIGIN, SameSiteStatus.CROSS_SITE, "Reloaded cross-site fetches are cross-site");
</script>

59
tests/wpt/web-platform-tests/cookies/samesite/iframe.html Normal file
View file

@ -0,0 +1,59 @@
<!DOCTYPE html>
<meta charset="utf-8"/>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/cookies/resources/cookie-helper.sub.js"></script>
<!-- We're appending an <iframe> to the document's body, so execute tests after we have a body -->
<body>
<script>
function create_test(origin, target, expectedStatus, title) {
promise_test(t => {
var value = "" + Math.random();
return resetSameSiteCookies(origin, value)
.then(_ => {
return new Promise((resolve, reject) => {
var iframe = document.createElement("iframe");
iframe.onerror = _ => reject("IFrame could not be loaded.");
var msgHandler = e => {
if (e.source == iframe.contentWindow) {
// Cleanup, then verify cookie state:
document.body.removeChild(iframe);
window.removeEventListener("message", msgHandler);
try {
verifySameSiteCookieState(expectedStatus, value, e.data);
resolve();
} catch(e) {
reject(e);
}
}
};
window.addEventListener("message", msgHandler);
iframe.src = target + "/cookies/resources/postToParent.py";
document.body.appendChild(iframe);
});
});
}, title);
}
// No redirect:
create_test(ORIGIN, ORIGIN, SameSiteStatus.STRICT, "Same-host fetches are strictly same-site");
create_test(SUBDOMAIN_ORIGIN, SUBDOMAIN_ORIGIN, SameSiteStatus.STRICT, "Subdomain fetches are strictly same-site");
create_test(CROSS_SITE_ORIGIN, CROSS_SITE_ORIGIN, SameSiteStatus.CROSS_SITE, "Cross-site fetches are cross-site");
// Redirect from {same-host,subdomain,cross-site} to same-host:
create_test(ORIGIN, redirectTo(ORIGIN, ORIGIN), SameSiteStatus.STRICT, "Same-host redirecting to same-host fetches are strictly same-site");
create_test(ORIGIN, redirectTo(SUBDOMAIN_ORIGIN, ORIGIN), SameSiteStatus.STRICT, "Subdomain redirecting to same-host fetches are strictly same-site");
create_test(ORIGIN, redirectTo(CROSS_SITE_ORIGIN, ORIGIN), SameSiteStatus.STRICT, "Cross-site redirecting to same-host fetches are strictly same-site");
// Redirect from {same-host,subdomain,cross-site} to same-host:
create_test(SUBDOMAIN_ORIGIN, redirectTo(ORIGIN, SUBDOMAIN_ORIGIN), SameSiteStatus.STRICT, "Same-host redirecting to subdomain fetches are strictly same-site");
create_test(SUBDOMAIN_ORIGIN, redirectTo(SUBDOMAIN_ORIGIN, SUBDOMAIN_ORIGIN), SameSiteStatus.STRICT, "Subdomain redirecting to subdomain fetches are strictly same-site");
create_test(SUBDOMAIN_ORIGIN, redirectTo(CROSS_SITE_ORIGIN, SUBDOMAIN_ORIGIN), SameSiteStatus.STRICT, "Cross-site redirecting to subdomain fetches are strictly same-site");
// Redirect from {same-host,subdomain,cross-site} to cross-site:
create_test(CROSS_SITE_ORIGIN, redirectTo(ORIGIN, CROSS_SITE_ORIGIN), SameSiteStatus.CROSS_SITE, "Same-host redirecting to cross-site fetches are cross-site");
create_test(CROSS_SITE_ORIGIN, redirectTo(SUBDOMAIN_ORIGIN, CROSS_SITE_ORIGIN), SameSiteStatus.CROSS_SITE, "Subdomain redirecting to cross-site fetches are cross-site");
create_test(CROSS_SITE_ORIGIN, redirectTo(CROSS_SITE_ORIGIN, CROSS_SITE_ORIGIN), SameSiteStatus.CROSS_SITE, "Cross-site redirecting to cross-site fetches are cross-site");
</script>

72
tests/wpt/web-platform-tests/cookies/samesite/img.html Normal file
View file

@ -0,0 +1,72 @@
<!DOCTYPE html>
<meta charset="utf-8"/>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/cookies/resources/cookie-helper.sub.js"></script>
<script>
function assert_cookie_present(origin, name, value) {
return new Promise((resolve, reject) => {
var img = document.createElement("img");
img.onload = _ => resolve("'" + name + "=" + value + "' present on " + origin);
img.onerror = _ => reject("'" + name + "=" + value + "' not present on " + origin);
// We need to URL encode the destination path/query if we're redirecting:
if (origin.match(/\/redir/))
img.src = origin + encodeURIComponent("/cookies/resources/imgIfMatch.py?name=" + name + "&value=" + value);
else
img.src = origin + "/cookies/resources/imgIfMatch.py?name=" + name + "&value=" + value;
});
}
function assert_cookie_absent(origin, name, value) {
return new Promise((resolve, reject) => {
var img = document.createElement("img");
img.onload = _ => reject("'" + name + "=" + value + "' present on " + origin);
img.onerror = _ => resolve("'" + name + "=" + value + "' not present on " + origin);
// We need to URL encode the destination path/query if we're redirecting:
if (origin.match(/\/redir/))
img.src = origin + encodeURIComponent("/cookies/resources/imgIfMatch.py?name=" + name + "&value=" + value);
else
img.src = origin + "/cookies/resources/imgIfMatch.py?name=" + name + "&value=" + value;
});
}
function create_test(origin, target, expectedStatus, title) {
promise_test(t => {
var value = "" + Math.random();
return resetSameSiteCookies(origin, value)
.then(_ => {
return Promise.all([
assert_cookie_present(target, "samesite_none", value),
expectedStatus == SameSiteStatus.STRICT ?
assert_cookie_present(target, "samesite_strict", value) :
assert_cookie_absent(target, "samesite_strict", value),
expectedStatus == SameSiteStatus.CROSS_SITE ?
assert_cookie_absent(target, "samesite_lax", value) :
assert_cookie_present(target, "samesite_lax", value)
]);
});
}, title);
}
// No redirect:
create_test(ORIGIN, ORIGIN, SameSiteStatus.STRICT, "Same-host images are strictly same-site");
create_test(SUBDOMAIN_ORIGIN, SUBDOMAIN_ORIGIN, SameSiteStatus.STRICT, "Subdomain images are strictly same-site");
create_test(CROSS_SITE_ORIGIN, CROSS_SITE_ORIGIN, SameSiteStatus.CROSS_SITE, "Cross-site images are cross-site");
// Redirect from {same-host,subdomain,cross-site} to same-host:
create_test(ORIGIN, redirectTo(ORIGIN, ORIGIN), SameSiteStatus.STRICT, "Same-host redirecting to same-host images are strictly same-site");
create_test(ORIGIN, redirectTo(SUBDOMAIN_ORIGIN, ORIGIN), SameSiteStatus.STRICT, "Subdomain redirecting to same-host images are strictly same-site");
create_test(ORIGIN, redirectTo(CROSS_SITE_ORIGIN, ORIGIN), SameSiteStatus.STRICT, "Cross-site redirecting to same-host images are strictly same-site");
// Redirect from {same-host,subdomain,cross-site} to same-host:
create_test(SUBDOMAIN_ORIGIN, redirectTo(ORIGIN, SUBDOMAIN_ORIGIN), SameSiteStatus.STRICT, "Same-host redirecting to subdomain images are strictly same-site");
create_test(SUBDOMAIN_ORIGIN, redirectTo(SUBDOMAIN_ORIGIN, SUBDOMAIN_ORIGIN), SameSiteStatus.STRICT, "Subdomain redirecting to subdomain images are strictly same-site");
create_test(SUBDOMAIN_ORIGIN, redirectTo(CROSS_SITE_ORIGIN, SUBDOMAIN_ORIGIN), SameSiteStatus.STRICT, "Cross-site redirecting to subdomain images are strictly same-site");
// Redirect from {same-host,subdomain,cross-site} to cross-site:
create_test(CROSS_SITE_ORIGIN, redirectTo(ORIGIN, CROSS_SITE_ORIGIN), SameSiteStatus.CROSS_SITE, "Same-host redirecting to cross-site images are cross-site");
create_test(CROSS_SITE_ORIGIN, redirectTo(SUBDOMAIN_ORIGIN, CROSS_SITE_ORIGIN), SameSiteStatus.CROSS_SITE, "Subdomain redirecting to cross-site images are cross-site");
create_test(CROSS_SITE_ORIGIN, redirectTo(CROSS_SITE_ORIGIN, CROSS_SITE_ORIGIN), SameSiteStatus.CROSS_SITE, "Cross-site redirecting to cross-site images are cross-site");
</script>

44
tests/wpt/web-platform-tests/cookies/samesite/window-open-reload.html Normal file
View file

@ -0,0 +1,44 @@
<!DOCTYPE html>
<meta charset="utf-8"/>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/cookies/resources/cookie-helper.sub.js"></script>
<script>
function create_test(origin, target, expectedStatus, title) {
promise_test(t => {
var value = "" + Math.random();
return resetSameSiteCookies(origin, value)
.then(_ => {
return new Promise((resolve, reject) => {
var w = window.open(origin + "/cookies/resources/postToParent.py");
var reloaded = false;
var msgHandler = e => {
try {
verifySameSiteCookieState(expectedStatus, value, e.data);
} catch (e) {
reject(e);
}
if (reloaded) {
window.removeEventListener("message", msgHandler);
w.close();
resolve("Popup received the cookie.");
} else {
reloaded = true;
w.postMessage("reload", "*");
}
};
window.addEventListener("message", msgHandler);
if (!w)
reject("Popup could not be opened (did you whitelist the test site in your popup blocker?).");
});
});
}, title);
}
create_test(ORIGIN, ORIGIN, SameSiteStatus.STRICT, "Reloaded same-host auxiliary navigations are strictly same-site.");
create_test(SUBDOMAIN_ORIGIN, SUBDOMAIN_ORIGIN, SameSiteStatus.STRICT, "Reloaded subdomain auxiliary navigations are strictly same-site.");
create_test(CROSS_SITE_ORIGIN, CROSS_SITE_ORIGIN, SameSiteStatus.LAX, "Reloaded ross-site auxiliary navigations are laxly same-site");
</script>

53
tests/wpt/web-platform-tests/cookies/samesite/window-open.html Normal file
View file

@ -0,0 +1,53 @@
<!DOCTYPE html>
<meta charset="utf-8"/>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/cookies/resources/cookie-helper.sub.js"></script>
<script>
function create_test(origin, target, expectedStatus, title) {
promise_test(t => {
var value = "" + Math.random();
return resetSameSiteCookies(origin, value)
.then(_ => {
return new Promise((resolve, reject) => {
var w = window.open(origin + "/cookies/resources/postToParent.py");
var msgHandler = e => {
window.removeEventListener("message", msgHandler);
w.close();
try {
verifySameSiteCookieState(expectedStatus, value, e.data);
resolve("Popup received the cookie.");
} catch (e) {
reject(e);
}
};
window.addEventListener("message", msgHandler);
if (!w)
reject("Popup could not be opened (did you whitelist the test site in your popup blocker?).");
});
});
}, title);
}
// No redirect:
create_test(ORIGIN, ORIGIN, SameSiteStatus.STRICT, "Same-host auxiliary navigations are strictly same-site");
create_test(SUBDOMAIN_ORIGIN, SUBDOMAIN_ORIGIN, SameSiteStatus.STRICT, "Subdomain auxiliary navigations are strictly same-site");
create_test(CROSS_SITE_ORIGIN, CROSS_SITE_ORIGIN, SameSiteStatus.LAX, "Cross-site auxiliary navigations are laxly same-site");
// Redirect from {same-host,subdomain,cross-site} to same-host:
create_test(ORIGIN, redirectTo(ORIGIN, ORIGIN), SameSiteStatus.STRICT, "Same-host redirecting to same-host auxiliary navigations are strictly same-site");
create_test(ORIGIN, redirectTo(SUBDOMAIN_ORIGIN, ORIGIN), SameSiteStatus.STRICT, "Subdomain redirecting to same-host auxiliary navigations are strictly same-site");
create_test(ORIGIN, redirectTo(CROSS_SITE_ORIGIN, ORIGIN), SameSiteStatus.STRICT, "Cross-site redirecting to same-host auxiliary navigations are strictly same-site");
// Redirect from {same-host,subdomain,cross-site} to same-host:
create_test(SUBDOMAIN_ORIGIN, redirectTo(ORIGIN, SUBDOMAIN_ORIGIN), SameSiteStatus.STRICT, "Same-host redirecting to subdomain auxiliary navigations are strictly same-site");
create_test(SUBDOMAIN_ORIGIN, redirectTo(SUBDOMAIN_ORIGIN, SUBDOMAIN_ORIGIN), SameSiteStatus.STRICT, "Subdomain redirecting to subdomain auxiliary navigations are strictly same-site");
create_test(SUBDOMAIN_ORIGIN, redirectTo(CROSS_SITE_ORIGIN, SUBDOMAIN_ORIGIN), SameSiteStatus.STRICT, "Cross-site redirecting to subdomain auxiliary navigations are strictly same-site");
// Redirect from {same-host,subdomain,cross-site} to cross-site:
create_test(CROSS_SITE_ORIGIN, redirectTo(ORIGIN, CROSS_SITE_ORIGIN), SameSiteStatus.LAX, "Same-host redirecting to cross-site auxiliary navigations are laxly same-site");
create_test(CROSS_SITE_ORIGIN, redirectTo(SUBDOMAIN_ORIGIN, CROSS_SITE_ORIGIN), SameSiteStatus.LAX, "Subdomain redirecting to cross-site auxiliary navigations are laxly same-site");
create_test(CROSS_SITE_ORIGIN, redirectTo(CROSS_SITE_ORIGIN, CROSS_SITE_ORIGIN), SameSiteStatus.LAX, "Cross-site redirecting to cross-site auxiliary navigations are laxly same-site");
</script>