Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-10-02 17:49:16 +01:00
Code Issues Projects Releases Packages Wiki Activity

Auto merge of #26473 - Eijebong:cross-origin-resource-policy, r=jdm

Browse source 
Implement cross origin resource policy check

Also fixes an img load event bug that was making some test very racey.
This commit is contained in:
bors-servo 2020-05-08 13:19:20 -04:00 committed by GitHub
commit 4eefaa4a2c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
20 changed files with 138 additions and 148 deletions
Download patch file Download diff file Expand all files Collapse all files

4
tests/wpt/metadata/MANIFEST.json
View file

@ -424608,7 +424608,7 @@
]
],
"image-loads.html": [
"8a0458f107abdf2b7d6664fb8194e6b4b0222989",
"060b7551ea516837cf416c797e85474658857632",
[
null,
{}
@ -424654,7 +424654,7 @@
]
],
"script-loads.html": [
"5850e0109f18c23e40d73686bef5e4b6a6b40686",
"a9690fc70be13885d7ca6448730c83f755810774",
[
null,
{}

12
tests/wpt/metadata/fetch/cross-origin-resource-policy/fetch-in-iframe.html.ini
View file

@ -5,15 +5,3 @@
[fetch-in-iframe]
expected: FAIL
[Cross-origin fetch in a data: iframe load fails if the server blocks cross-origin loads with a 'Cross-Origin-Resource-Policy: same-origin' response header.]
expected: FAIL
[Cross-origin fetch in a data: iframe load fails if the server blocks cross-origin loads with a 'Cross-Origin-Resource-Policy: same-site' response header.]
expected: FAIL
[Cross-origin fetch in a cross origin iframe load fails if the server blocks cross-origin loads with a 'Cross-Origin-Resource-Policy: same-origin' response header.]
expected: FAIL
[Cross-origin fetch in a cross origin iframe load fails if the server blocks cross-origin loads with a 'Cross-Origin-Resource-Policy: same-site' response header.]
expected: FAIL

42
tests/wpt/metadata/fetch/cross-origin-resource-policy/fetch.any.js.ini
View file

@ -7,53 +7,11 @@
[fetch]
expected: FAIL
[Valid cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-site' response header.]
expected: FAIL
[Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' response header after a redirection.]
expected: FAIL
[Cross-origin no-cors fetch to a same-site URL with a 'Cross-Origin-Resource-Policy: same-origin' response header.]
expected: FAIL
[Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' redirect response header.]
expected: FAIL
[Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' response header.]
expected: FAIL
[Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-site' response header.]
expected: FAIL
[Cross-scheme (HTTP to HTTPS) no-cors fetch to a same-site URL with a 'Cross-Origin-Resource-Policy: same-site' response header.]
expected: FAIL
[fetch.any.worker.html]
[fetch]
expected: FAIL
[Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' response header.]
expected: FAIL
[Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-site' response header.]
expected: FAIL
[Cross-origin no-cors fetch to a same-site URL with a 'Cross-Origin-Resource-Policy: same-origin' response header.]
expected: FAIL
[Valid cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-site' response header.]
expected: FAIL
[Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' response header after a redirection.]
expected: FAIL
[Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' redirect response header.]
expected: FAIL
[Cross-scheme (HTTP to HTTPS) no-cors fetch to a same-site URL with a 'Cross-Origin-Resource-Policy: same-site' response header.]
expected: FAIL
[fetch.any.sharedworker.html]
expected: ERROR

24
tests/wpt/metadata/fetch/cross-origin-resource-policy/fetch.https.any.js.ini
View file

@ -1,16 +1,4 @@
[fetch.https.any.html]
[Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' response header after a redirection.]
expected: FAIL
[Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' redirect response header.]
expected: FAIL
[Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' response header.]
expected: FAIL
[Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-site' response header.]
expected: FAIL
[fetch.https.any.serviceworker.html]
expected: ERROR
@ -25,18 +13,6 @@
[fetch.https.any.worker.html]
[Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' response header after a redirection.]
expected: FAIL
[Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' redirect response header.]
expected: FAIL
[Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' response header.]
expected: FAIL
[Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-site' response header.]
expected: FAIL
[fetch]
expected: FAIL

2
tests/wpt/metadata/fetch/cross-origin-resource-policy/iframe-loads.html.ini
View file

@ -1,8 +1,6 @@
[iframe-loads.html]
[Untitled]
expected: FAIL
[Load an iframe that has Cross-Origin-Resource-Policy header]
expected: FAIL
[iframe-loads]
expected: FAIL

19
tests/wpt/metadata/fetch/cross-origin-resource-policy/image-loads.html.ini
View file

@ -1,19 +0,0 @@
[image-loads.html]
[Same-origin image load with a 'Cross-Origin-Resource-Policy: same-origin' response header.]
expected: FAIL
[Same-origin image load with a 'Cross-Origin-Resource-Policy: same-site' response header.]
expected: FAIL
[Cross-origin cors image load with a 'Cross-Origin-Resource-Policy: same-origin' response header.]
expected: FAIL
[Cross-origin cors image load with a 'Cross-Origin-Resource-Policy: same-site' response header.]
expected: FAIL
[Cross-origin no-cors image load with a 'Cross-Origin-Resource-Policy: same-origin' response header.]
expected: FAIL
[Cross-origin no-cors image load with a 'Cross-Origin-Resource-Policy: same-site' response header.]
expected: FAIL

9
tests/wpt/metadata/fetch/cross-origin-resource-policy/scheme-restriction.any.js.ini
View file

@ -1,9 +0,0 @@
[scheme-restriction.any.html]
[Cross-Origin-Resource-Policy: same-site blocks retrieving HTTPS from HTTP]
expected: FAIL
[scheme-restriction.any.worker.html]
[Cross-Origin-Resource-Policy: same-site blocks retrieving HTTPS from HTTP]
expected: FAIL

19
tests/wpt/metadata/fetch/cross-origin-resource-policy/script-loads.html.ini
View file

@ -1,19 +0,0 @@
[script-loads.html]
[Same-origin script load with a 'Cross-Origin-Resource-Policy: same-origin' response header.]
expected: FAIL
[Same-origin script load with a 'Cross-Origin-Resource-Policy: same-site' response header.]
expected: FAIL
[Cross-origin cors script load with a 'Cross-Origin-Resource-Policy: same-origin' response header.]
expected: FAIL
[Cross-origin cors script load with a 'Cross-Origin-Resource-Policy: same-site' response header.]
expected: FAIL
[Cross-origin no-cors script load with a 'Cross-Origin-Resource-Policy: same-origin' response header.]
expected: FAIL
[Cross-origin no-cors script load with a 'Cross-Origin-Resource-Policy: same-site' response header.]
expected: FAIL

1
tests/wpt/web-platform-tests/fetch/cross-origin-resource-policy/image-loads.html
View file

@ -16,6 +16,7 @@ const noCors = false;
function loadImage(url, shoudLoad, corsMode, title)
{
const testDiv = document.getElementById("testDiv");
promise_test(() => {
const img = new Image();
if (corsMode)

1
tests/wpt/web-platform-tests/fetch/cross-origin-resource-policy/script-loads.html
View file

@ -16,6 +16,7 @@ const noCors = false;
function loadScript(url, shoudLoad, corsMode, title)
{
const testDiv = document.getElementById("testDiv");
promise_test(() => {
const script = document.createElement("script");
if (corsMode)