Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-08-15 02:15:33 +01:00
Code Issues Projects Releases Packages Wiki Activity

Update web-platform-tests to revision 4f22c5b19bae217799ce92c9df6dfdf2800c6d81

Browse source
This commit is contained in:
WPT Sync Bot 2019-09-30 10:46:11 +00:00
parent 086e06b28b
commit ae931fea9a
70 changed files with 1114 additions and 416 deletions
Download patch file Download diff file Expand all files Collapse all files

37
tests/wpt/web-platform-tests/upgrade-insecure-requests/generic/test-case.sub.js Normal file
View file

@ -0,0 +1,37 @@
// TODO(hiroshige): Document the type of `scenario`.
function TestCase(scenario, description) {
const urls = getRequestURLs(scenario.subresource,
scenario.origin,
scenario.redirection);
const checkResult = _ => {
// Send request to check if the key has been torn down.
return xhrRequest(urls.assertUrl)
.then(assertResult => {
// Now check if the value has been torn down. If it's still there,
// we have blocked the request to mixed-content.
assert_equals(assertResult.status, scenario.expectation,
"The resource request should be '" + scenario.expectation + "'.");
});
};
function runTest() {
/** @type {Subresource} */
const subresource = {
subresourceType: scenario.subresource,
url: urls.testUrl,
policyDeliveries: scenario.subresource_policy_deliveries,
};
promise_test(() => {
return xhrRequest(urls.announceUrl)
// Send out the real resource request.
// This should tear down the key if it's not blocked.
.then(_ => invokeRequest(subresource, scenario.source_context_list))
// We check the key state, regardless of whether the main request
// succeeded or failed.
.then(checkResult, checkResult);
}, description);
} // runTest
return {start: runTest};
}

42
tests/wpt/web-platform-tests/upgrade-insecure-requests/generic/tools/generate.py Executable file
View file

@ -0,0 +1,42 @@
#!/usr/bin/env python
import os
import sys
sys.path.insert(
0,
os.path.join(
os.path.dirname(os.path.abspath(__file__)), '..', '..', '..', 'common',
'security-features', 'tools'))
import generate
class UpgradeInsecureRequestsConfig(object):
def __init__(self):
self.selection_pattern = \
'%(source_context_list)s.%(delivery_type)s/' + \
'%(delivery_value)s/' + \
'%(subresource)s/' + \
'%(origin)s.%(redirection)s.%(source_scheme)s'
self.test_file_path_pattern = 'gen/' + self.selection_pattern + '.html'
self.test_description_template = 'Upgrade-Insecure-Requests: Expects %(expectation)s for %(subresource)s to %(origin)s origin and %(redirection)s redirection from %(source_scheme)s context.'
self.test_page_title_template = 'Upgrade-Insecure-Requests: %s'
self.helper_js = '/upgrade-insecure-requests/generic/test-case.sub.js'
# For debug target only.
self.sanity_checker_js = '/upgrade-insecure-requests/generic/sanity-checker.js'
self.spec_json_js = '/upgrade-insecure-requests/spec_json.js'
self.test_case_name = 'TestCase'
script_directory = os.path.dirname(os.path.abspath(__file__))
self.spec_directory = os.path.abspath(
os.path.join(script_directory, '..', '..'))
if __name__ == '__main__':
generate.main(UpgradeInsecureRequestsConfig())

376
tests/wpt/web-platform-tests/upgrade-insecure-requests/spec.src.json Normal file
View file

@ -0,0 +1,376 @@
{
"specification": [
{
"name": "No upgrade-insecure-request",
"title": "No upgrade-insecure-request",
"description": "No upgrade-insecure-request",
"specification_url": "https://w3c.github.io/webappsec-upgrade-insecure-requests/",
"test_expansion": [
{
"name": "Without upgrade-insecure-request, all requests are blocked ...",
"expansion": "default",
"source_scheme": "https",
"source_context_list": "*",
"delivery_type": "meta",
"delivery_value": null,
"redirection": "*",
"subresource": "*",
"origin": "*",
"expectation": "blocked"
},
{
"name": "... except for the secure requests listed here",
"expansion": "override",
"source_scheme": "https",
"source_context_list": "*",
"delivery_type": "meta",
"delivery_value": null,
"redirection": "no-redirect",
"subresource": "*",
"origin": [
"same-https",
"cross-https",
"same-wss",
"cross-wss"
],
"expectation": "allowed"
}
]
},
{
"name": "With upgrade-insecure-request",
"title": "With upgrade-insecure-request",
"description": "With upgrade-insecure-request",
"specification_url": "https://w3c.github.io/webappsec-upgrade-insecure-requests/",
"test_expansion": [
{
"name": "With upgrade-insecure-request, all insecure requests are upgraded and allowed.",
"expansion": "default",
"source_scheme": "https",
"source_context_list": "*",
"delivery_type": "*",
"delivery_value": "upgrade",
"redirection": "*",
"subresource": "*",
"origin": "*",
"expectation": "allowed"
}
]
}
],
"delivery_key": "upgradeInsecureRequests",
"excluded_tests": [
{
"name": "Omit secure requests",
"expansion": "*",
"source_scheme": "*",
"source_context_list": "*",
"delivery_type": "*",
"delivery_value": "*",
"redirection": "no-redirect",
"subresource": "*",
"origin": [
"same-https",
"cross-https",
"same-wss",
"cross-wss"
],
"expectation": "allowed"
},
{
"name": "For inheriting tests skip http-rp because we already have <meta> tests",
"expansion": "*",
"source_scheme": "*",
"source_context_list": [
"srcdoc-inherit",
"iframe-blank-inherit",
"worker-classic-data"
],
"delivery_type": "http-rp",
"delivery_value": "*",
"redirection": "*",
"subresource": "*",
"origin": "*",
"expectation": "*"
},
{
"name": "Workers are same-origin only",
"expansion": "*",
"source_scheme": "*",
"source_context_list": "*",
"delivery_type": "*",
"delivery_value": "*",
"redirection": "*",
"subresource": [
"worker-classic",
"worker-module",
"sharedworker-classic"
],
"origin": [
"cross-https",
"cross-http-downgrade",
"cross-wss",
"cross-ws-downgrade"
],
"expectation": "*"
},
{
"name": "Websockets are ws/wss-only",
"expansion": "*",
"source_scheme": "*",
"source_context_list": "*",
"delivery_type": "*",
"delivery_value": "*",
"redirection": "*",
"subresource": "websocket",
"origin": [
"same-https",
"same-http-downgrade",
"cross-https",
"cross-http-downgrade"
],
"expectation": "*"
},
{
"name": "Websockets is no-redirect only",
"expansion": "*",
"source_scheme": "*",
"source_context_list": "*",
"delivery_type": "*",
"delivery_value": "*",
"redirection": [
"downgrade"
],
"subresource": "websocket",
"origin": "*",
"expectation": "*"
},
{
"name": "ws/wss are websocket-only",
"expansion": "*",
"source_scheme": "*",
"source_context_list": "*",
"delivery_type": "*",
"delivery_value": "*",
"redirection": "*",
"subresource": [
"iframe-tag",
"img-tag",
"xhr",
"fetch",
"worker-classic",
"worker-module",
"worker-import-data",
"sharedworker-classic",
"worklet-animation",
"worklet-audio",
"worklet-layout",
"worklet-paint",
"worklet-animation-import-data",
"worklet-audio-import-data",
"worklet-layout-import-data",
"worklet-paint-import-data"
],
"origin": [
"same-wss",
"same-ws-downgrade",
"cross-wss",
"cross-ws-downgrade"
],
"expectation": "*"
}
],
"source_context_schema": {
"supported_delivery_type": {
"top": [
"http-rp",
"meta"
],
"iframe": [
"http-rp",
"meta"
],
"iframe-blank": [
"meta"
],
"srcdoc": [
"meta"
],
"worker-classic": [
"http-rp"
],
"worker-module": [
"http-rp"
],
"worker-classic-data": [],
"worker-module-data": []
},
"supported_subresource": {
"top": "*",
"iframe": "*",
"iframe-blank": "*",
"srcdoc": "*",
"worker-classic": [
"xhr",
"fetch",
"websocket"
],
"worker-module": [
"xhr",
"fetch",
"websocket"
],
"worker-classic-data": [
"xhr",
"fetch",
"websocket"
],
"worker-module-data": [
"xhr",
"fetch",
"websocket"
]
}
},
"subresource_schema": {
"supported_delivery_type": {
"xhr": [],
"worker-classic": [],
"worker-module": [],
"worker-import-data": [],
"sharedworker-classic": [],
"worklet-animation": [],
"worklet-audio": [],
"worklet-layout": [],
"worklet-paint": [],
"worklet-animation-import-data": [],
"worklet-audio-import-data": [],
"worklet-layout-import-data": [],
"worklet-paint-import-data": [],
"fetch": [],
"websocket": [],
"img-tag": [],
"iframe-tag": []
}
},
"source_context_list_schema": {
"top": {
"description": "CSP set by the top-level Document",
"sourceContextList": [
{
"sourceContextType": "top",
"policyDeliveries": [
"policy"
]
}
],
"subresourcePolicyDeliveries": []
},
"srcdoc-inherit": {
"description": "srcdoc iframe should inherit parent Document's policy",
"sourceContextList": [
{
"sourceContextType": "top",
"policyDeliveries": [
"policy"
]
},
{
"sourceContextType": "srcdoc"
}
],
"subresourcePolicyDeliveries": []
},
"iframe-blank-inherit": {
"description": "blank iframe should inherit parent Document's policy",
"sourceContextList": [
{
"sourceContextType": "top",
"policyDeliveries": [
"policy"
]
},
{
"sourceContextType": "iframe-blank"
}
],
"subresourcePolicyDeliveries": []
},
"worker-classic-data": {
"description": "CSP set by the top-level Document is inherited to dedicated workers",
"sourceContextList": [
{
"sourceContextType": "top",
"policyDeliveries": [
"policy"
]
},
{
"sourceContextType": "worker-classic-data",
"policyDeliveries": []
}
],
"subresourcePolicyDeliveries": []
}
},
"test_expansion_schema": {
"expansion": [
"default",
"override"
],
"source_scheme": [
"https"
],
"delivery_type": [
"http-rp",
"meta"
],
"delivery_value": [
null,
"upgrade"
],
"source_context_list": [
"top",
"srcdoc-inherit",
"iframe-blank-inherit",
"worker-classic-data"
],
"redirection": [
"no-redirect",
"downgrade"
],
"origin": [
"same-https",
"same-http-downgrade",
"cross-https",
"cross-http-downgrade",
"same-wss",
"same-ws-downgrade",
"cross-wss",
"cross-ws-downgrade"
],
"subresource": [
"iframe-tag",
"img-tag",
"xhr",
"fetch",
"websocket",
"worker-classic",
"worker-module",
"worker-import-data",
"sharedworker-classic",
"worklet-animation",
"worklet-audio",
"worklet-layout",
"worklet-paint",
"worklet-animation-import-data",
"worklet-audio-import-data",
"worklet-layout-import-data",
"worklet-paint-import-data"
],
"expectation": [
"allowed",
"blocked"
]
}
}

1
tests/wpt/web-platform-tests/upgrade-insecure-requests/spec_json.js Normal file
View file

File diff suppressed because one or more lines are too long

64
tests/wpt/web-platform-tests/upgrade-insecure-requests/support/generate.py
View file

@ -1,64 +0,0 @@
# Usage: execute
# $ python support/generate.py
# at wpt/upgrade-insecure-requests/.
#
# Note: Some tests (link-upgrade.sub.https.html and
# websocket-upgrade.https.html) are not covered by this generator script.
template = '''<!DOCTYPE html>
<html>
<head>
<!-- Generated by wpt/upgrade-insecure-requests/support/generate.py -->%(additionalMeta)s
<title>Upgrade Insecure Requests: %(name)s.</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="./support/testharness-helper.sub.js"></script>
<script src="/common/security-features/resources/common.sub.js"></script>
<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">
</head>
<body>
<script>
const tests = %(generatorName)s(ResourceType.%(resourceType)s, %(sameOriginOnly)s);
tests.forEach(test => testMap['%(name)s'](test));
</script>
</body>
</html>
'''
def getLong(file):
testsThatNeedMoreTime = [ "worker-subresource-fetch-redirect-upgrade.https.html" ]
if any(file in item for item in testsThatNeedMoreTime ):
return '\n<meta name="timeout" content="long">'
return ""
# resourceType is |ResourceType| in testharness-helper.sub.js.
for name, resourceType in [
('image', 'IMAGE'), ('iframe', 'FRAME'),
('animation-worklet', 'WORKLET'), ('audio-worklet', 'WORKLET'),
('layout-worklet', 'WORKLET'), ('paint-worklet', 'WORKLET'),
('worker', 'WORKER'),
('module-worker', 'WORKER'),
('worker-subresource-xhr', 'FETCH'),
('worker-subresource-fetch', 'FETCH'),
('shared-worker', 'SHARED_WORKER')]:
# TODO(https://crbug.com/989399): Add tests for subresource requests on shared
# workers, and main/subresource requests on service workers.
sameOriginOnly = 'false'
if resourceType == 'WORKER' or resourceType == 'SHARED_WORKER':
sameOriginOnly = 'true'
types = [('', 'generateTests'), ('-redirect', 'generateRedirectTests')]
if name == 'module-worker' or resourceType == 'WORKLET':
types.append(('-import', 'generateModuleImportTests'))
for typeName, generatorName in types:
filename = '%s%s-upgrade.https.html' % (name, typeName)
with open(filename, 'w') as html_file:
html_file.write(template % {
'name': name,
'additionalMeta': getLong(filename),
'resourceType': resourceType,
'generatorName': generatorName,
'sameOriginOnly': sameOriginOnly})