Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-08-16 10:55:34 +01:00
Code Issues Projects Releases Packages Wiki Activity

Update web-platform-tests to revision 9a4d479ed1347eb9184abc70d628a6da2297657a

Browse source
This commit is contained in:
WPT Sync Bot 2019-07-17 10:25:43 +00:00
parent b6cc0f60a9
commit effeb278b6
120 changed files with 3731 additions and 298 deletions
Download patch file Download diff file Expand all files Collapse all files

37
tests/wpt/web-platform-tests/fetch/sec-metadata/fetch.tentative.sub.html Normal file
View file

@ -0,0 +1,37 @@
<!DOCTYPE html>
<script src=/resources/testharness.js></script>
<script src=/resources/testharnessreport.js></script>
<script src=/fetch/sec-metadata/resources/helper.js></script>
<script>
// http -> https should see `Sec-Fetch-Site: cross-site`.
// This is a regression test for
// https://github.com/w3c/webappsec-fetch-metadata/issues/34
promise_test(t => {
assert_equals(location.protocol, "http:");
return fetch("https://{{host}}:{{ports[https][0]}}/fetch/sec-metadata/resources/echo-as-json.py")
.then(r => r.json())
.then(j => {
assert_header_equals(j, {
"dest": "empty",
"site": "cross-site",
"user": "",
"mode": "cors",
});
});
}, "http->https fetch (cross-scheme => cross-site)");
// http -> http should see no `Sec-Fetch-Site`.
promise_test(t => {
assert_equals(location.protocol, "http:");
return fetch("resources/echo-as-json.py")
.then(r => r.json())
.then(j => {
assert_header_equals(j, {
"dest": "",
"site": "",
"user": "",
"mode": "",
});
});
}, "http->http fetch (non-trustworthy destination => no sec-metadata)");
</script>

19
tests/wpt/web-platform-tests/fetch/sec-metadata/iframe.tentative.sub.html
View file

@ -60,4 +60,23 @@
document.body.appendChild(i);
}, "Non-secure cross-site iframe => No headers.");
async_test(t => {
let i = document.createElement('iframe');
i.src = "https://{{host}}:{{ports[https][0]}}/fetch/sec-metadata/resources/post-to-owner.py";
window.addEventListener('message', t.step_func(e => {
if (e.source != i.contentWindow)
return;
assert_header_equals(e.data, {
"dest": "nested-document",
"site": "cross-site",
"user": "",
"mode": "nested-navigate",
});
t.done();
}));
document.body.appendChild(i);
}, "Secure, cross-site (cross-scheme, same-host) iframe");
</script>

4
tests/wpt/web-platform-tests/fetch/sec-metadata/redirect/multiple-redirect-https-downgrade-upgrade.tentative.sub.html
View file

@ -19,7 +19,7 @@
<div id="fontTest">Downgraded then upgraded font</div>
<script>
let nonce = token();
let expected = { "dest": "", "site": "same-site", "user": "", "mode": "" };
let expected = { "dest": "", "site": "cross-site", "user": "", "mode": "" };
// Validate various scenarios handle a request that redirects from https => http
// correctly and avoids disclosure of any Sec- headers.
@ -52,7 +52,7 @@
// Note that we're using `undefined` here, as opposed to "" elsewhere because of the way
// that `image.py` encodes data.
"dest": undefined,
"site": "same-site",
"site": "cross-site",
"user": undefined,
"mode": undefined,
});

4
tests/wpt/web-platform-tests/fetch/sec-metadata/redirect/redirect-http-upgrade.tentative.sub.html
View file

@ -19,7 +19,7 @@
<div id="fontTest">Upgraded font</div>
<script>
let nonce = token();
let expected = { "dest": "", "site": "same-site", "user": "", "mode": "" };
let expected = { "dest": "", "site": "cross-site", "user": "", "mode": "" };
// Validate various scenarios handle a request that redirects from http => https correctly and add the proper Sec- headers.
RunCommonRedirectTests("Http upgrade", upgradeRedirectTo, expected);
@ -51,7 +51,7 @@
// Note that we're using `undefined` here, as opposed to "" elsewhere because of the way
// that `image.py` encodes data.
"dest": undefined,
"site": "same-site",
"site": "cross-site",
"user": undefined,
"mode": undefined,
});