mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-17 07:15:46 +00:00
Bug 1488332 [wpt PR 12819] - [WebSocket] Fix cookies/006.html?wss wpt, a=testonly
Automatic update from web-platform-tests[WebSocket] Fix cookies/006.html?wss wpt The websockets/cookies/006.html?wss test didn't work on any modern browser because you can't set a secure cookie from JavaScript on an insecure page. See https://wpt.fyi/results/websockets/cookies/006.html%3Fwss. Change the expectations to never see the cookie set. Add a new test, 006.https.html, which runs over https so that the cookie can be set. Unfortunately, due to mixed content checks, this can't test the insecure "ws:" scheme, so it still doesn't cover all the cases the original test intended to. BUG=803200 Change-Id: I7e280ebc781c693529588a68cd5eef5332b730fa Reviewed-on: https://chromium-review.googlesource.com/1203495 Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Commit-Queue: Adam Rice <ricea@chromium.org> Cr-Commit-Position: refs/heads/master@{#588469} -- wpt-commits: 5ea49ac887f0d4880819d24fe3bc85bc38b96ca7 wpt-pr: 12819
This commit is contained in:
parent
dad36f4dc4
commit
2908e54b40
@ -402407,6 +402407,12 @@
|
||||
{}
|
||||
]
|
||||
],
|
||||
"websockets/cookies/006.https.html": [
|
||||
[
|
||||
"/websockets/cookies/006.https.html?wss",
|
||||
{}
|
||||
]
|
||||
],
|
||||
"websockets/cookies/007.html": [
|
||||
[
|
||||
"/websockets/cookies/007.html",
|
||||
@ -657951,7 +657957,11 @@
|
||||
"testharness"
|
||||
],
|
||||
"websockets/cookies/006.html": [
|
||||
"7e975879a3512c6024eec4532f783c295a043ffc",
|
||||
"0e958d25e5d276cc78b6394a1332ea42a510e3f4",
|
||||
"testharness"
|
||||
],
|
||||
"websockets/cookies/006.https.html": [
|
||||
"015eeb22f07a1d744c490248633eae9953ba5e6d",
|
||||
"testharness"
|
||||
],
|
||||
"websockets/cookies/007.html": [
|
||||
|
@ -7,6 +7,9 @@
|
||||
<meta name="variant" content="?wss">
|
||||
<div id=log></div>
|
||||
<script>
|
||||
// This test doesn't work as originally intended, because an insecure page
|
||||
// cannot set a secure cookie. See 006.https.html for a working version. This
|
||||
// version is retained for historical purposes.
|
||||
var cookie_id = ((new Date())-0) + '.' + Math.random();
|
||||
async_test(function(t) {
|
||||
if (window.WebSocket) {
|
||||
@ -19,11 +22,8 @@ async_test(function(t) {
|
||||
var ws = new WebSocket(SCHEME_DOMAIN_PORT+'/echo-cookie');
|
||||
ws.onmessage = t.step_func(function(e) {
|
||||
ws.close();
|
||||
if (SCHEME_DOMAIN_PORT.substr(0,3) == 'wss') {
|
||||
assert_regexp_match(e.data, new RegExp('ws_test_'+cookie_id+'=test'));
|
||||
} else {
|
||||
assert_false(new RegExp('ws_test_'+cookie_id+'=test').test(e.data));
|
||||
}
|
||||
assert_equals(e.data.indexOf('ws_test_'+cookie_id+'=test'), -1,
|
||||
'cookie should not have been set');
|
||||
t.done();
|
||||
})
|
||||
ws.onerror = ws.onclose = t.step_func(function(e) {assert_unreached(e.type)});
|
||||
|
37
testing/web-platform/tests/websockets/cookies/006.https.html
Normal file
37
testing/web-platform/tests/websockets/cookies/006.https.html
Normal file
@ -0,0 +1,37 @@
|
||||
<!doctype html>
|
||||
<title>WebSockets: setting Secure cookie with document.cookie, checking ws request</title>
|
||||
<script src=/resources/testharness.js></script>
|
||||
<script src=/resources/testharnessreport.js></script>
|
||||
<script src=../constants.js?pipe=sub></script>
|
||||
<!--
|
||||
There's no "ws:" scheme variant of this test because mixed-content checks
|
||||
won't permit creating an insecure WebSocket on a secure page.
|
||||
-->
|
||||
<meta name="variant" content="?wss">
|
||||
<div id=log></div>
|
||||
<script>
|
||||
var cookie_id = ((new Date())-0) + '.' + Math.random();
|
||||
async_test(function(t) {
|
||||
if (window.WebSocket) {
|
||||
document.cookie = 'ws_test_'+cookie_id+'=test; Path=/; Secure';
|
||||
}
|
||||
t.add_cleanup(function() {
|
||||
// remove cookie
|
||||
document.cookie = 'ws_test_'+cookie_id+'=; Path=/; Secure; Expires=Sun, 06 Nov 1994 08:49:37 GMT';
|
||||
});
|
||||
var ws = new WebSocket(SCHEME_DOMAIN_PORT+'/echo-cookie');
|
||||
ws.onmessage = t.step_func(function(e) {
|
||||
ws.close();
|
||||
var cookie_was_seen = e.data.indexOf('ws_test_'+cookie_id+'=test') != -1;
|
||||
if (SCHEME_DOMAIN_PORT.substr(0,3) == 'wss') {
|
||||
assert_true(cookie_was_seen,
|
||||
'cookie should have been visible to wss');
|
||||
} else {
|
||||
assert_false(cookie_was_seen,
|
||||
'cookie should not have been visible to ws');
|
||||
}
|
||||
t.done();
|
||||
})
|
||||
ws.onerror = ws.onclose = t.step_func(function(e) {assert_unreached(e.type)});
|
||||
});
|
||||
</script>
|
Loading…
Reference in New Issue
Block a user