Update web-platform-tests to revision 14cfa4d648cc1c853b4153268df672d21425f8c1

2025-08-06 06:00:15 +01:00 · 2017-10-30 09:31:22 -04:00 · 2017-10-30 09:31:22 -04:00 · 75736751d9
commit 75736751d9
parent 1b73cf3352
1213 changed files with 19434 additions and 12344 deletions
--- a/tests/wpt/web-platform-tests/secure-contexts/basic-popup-and-iframe-tests.https.js
+++ b/tests/wpt/web-platform-tests/secure-contexts/basic-popup-and-iframe-tests.https.js
@ -52,7 +52,8 @@ const eLoadInEverything        = eLoadInPopup | eLoadInUnsandboxedIframe | eLoad

 // Flags indicating if a document type is expected to be a Secure Context:
 const eSecureNo              = 1;
-const eSecureIfCreatorSecure = 2;
+const eSecureIfNewWindow     = 2;
+const eSecureIfCreatorSecure = 3;

 // Flags indicating how the result of a test is obtained:
 const eResultFromPostMessage       = 1;
@ -69,7 +70,7 @@ const loadTypes = [
  new LoadType("an https: URI",
               eLoadInEverything,
               https_dir + "postMessage-helper.https.html",
-               eSecureIfCreatorSecure,
+               eSecureIfNewWindow,
               eResultFromPostMessage),
  new LoadType("a blob: URI",
               eLoadInEverything,
@ -80,7 +81,7 @@ const loadTypes = [
               // popup not relevant:
               eLoadInUnsandboxedIframe | eLoadInSandboxedIframe,
               "<script>(opener||parent).postMessage(isSecureContext, '*')</script>",
-               eSecureIfCreatorSecure,
+               eSecureIfNewWindow,
               eResultFromPostMessage),
  new LoadType("a javascript: URI",
               // can't load in sandbox:
@ -179,31 +180,39 @@ LoadTarget.prototype.load_and_get_result_for = function(loadType) {
                                " loading " + loadType.desc)
  if (loadType.resultFrom == eResultFromExaminationSync) {
    let domTarget = this.open(loadType);
-    let result = domTarget instanceof Window ?
+    let isFrame = domTarget instanceof HTMLIFrameElement;
+    let result = !isFrame ?
          domTarget.isSecureContext : domTarget.contentWindow.isSecureContext;
    this.close(domTarget);
-    return Promise.resolve(result);
+    return Promise.resolve({ result: result, isFrame: isFrame});
  }
  let target = this;
  if (loadType.resultFrom == eResultFromExaminationOnLoad) {
    return new Promise(function(resolve, reject) {
      function handleLoad(event) {
-        let result = domTarget instanceof Window ?
+        clearTimeout(timer);
+        let isFrame = domTarget instanceof HTMLIFrameElement;
+        let result = !isFrame ?
              domTarget.isSecureContext : domTarget.contentWindow.isSecureContext;
        domTarget.removeEventListener("load", handleLoad);
        target.close(domTarget);
-        resolve(result);
+        resolve({ result: result, isFrame: isFrame});
      }
      let domTarget = target.open(loadType);
      domTarget.addEventListener("load", handleLoad, false);
+
+      // Some browsers don't fire `load` events for `about:blank`. That's weird, but it also
+      // isn't what we're testing here.
+      let timer = setTimeout(handleLoad, 500);
    });
  }
  if (loadType.resultFrom == eResultFromPostMessage) {
    return new Promise(function(resolve, reject) {
      function handleMessage(event) {
+        let isFrame = domTarget instanceof HTMLIFrameElement;
        window.removeEventListener("message", handleMessage);
        target.close(domTarget);
-        resolve(event.data);
+        resolve({ result: event.data, isFrame: isFrame});
      }
      window.addEventListener("message", handleMessage, false);
      let domTarget = target.open(loadType);
@ -232,13 +241,21 @@ function run_next_test() {
    function(value) {
      run_next_test_soon();
      loadTarget.currentTest.step(function() {
+        // If the new context is always non-secure, the assertion is straightforward.
        if (loadType.expectedSecureFlag == eSecureNo) {
-          assert_false(value, loadType.desc + " in " + loadTarget.desc + " should not create a Secure Context");
-        } else if (loadType.expectedSecureFlag == eSecureIfCreatorSecure) {
+          assert_false(value.result, loadType.desc + " in " + loadTarget.desc + " should not create a Secure Context");
+        // If the new context is always secure if opened in a new window, and it's
+        // been opened in a new window, the assertion is likewise straightforward.
+        } else if (loadType.expectedSecureFlag == eSecureIfNewWindow && !value.isFrame) {
+          assert_true(value.result, loadType.desc + " in " + loadTarget.desc + " should create a secure context regardless of its creator's state.");
+        // Otherwise, we're either dealing with a context that's secure if and only
+        // if its creator context (e.g. this window) is secure.
+        } else if ((loadType.expectedSecureFlag == eSecureIfNewWindow && value.isFrame) ||
+                   (loadType.expectedSecureFlag == eSecureIfCreatorSecure)) {
          if (!window.isSecureContext) {
-            assert_false(value, loadType.desc + " in " + loadTarget.desc + " should not create a Secure Context when its creator is not a Secure Context.");
+            assert_false(value.result, loadType.desc + " in " + loadTarget.desc + " should not create a Secure Context when its creator is not a Secure Context.");
          } else {
-            assert_true(value, loadType.desc + " in " + loadTarget.desc + " should create a Secure Context when its creator is a Secure Context");
+            assert_true(value.result, loadType.desc + " in " + loadTarget.desc + " should create a Secure Context when its creator is a Secure Context");
          }
        } else {
          assert_unreached(loadType.desc + " - unknown expected secure flag: " + expectedSecureFlag);