Bug 1488332 [wpt PR 12819] - [WebSocket] Fix cookies/006.html?wss wpt, a=testonly

Automatic update from web-platform-tests[WebSocket] Fix cookies/006.html?wss wpt The websockets/cookies/006.html?wss test didn't work on any modern browser because you can't set a secure cookie from JavaScript on an insecure page. See https://wpt.fyi/results/websockets/cookies/006.html%3Fwss. Change the expectations to never see the cookie set. Add a new test, 006.https.html, which runs over https so that the cookie can be set. Unfortunately, due to mixed content checks, this can't test the insecure "ws:" scheme, so it still doesn't cover all the cases the original test intended to. BUG=803200 Change-Id: I7e280ebc781c693529588a68cd5eef5332b730fa Reviewed-on: https://chromium-review.googlesource.com/1203495 Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Commit-Queue: Adam Rice <ricea@chromium.org> Cr-Commit-Position: refs/heads/master@{#588469} -- wpt-commits: 5ea49ac887f0d4880819d24fe3bc85bc38b96ca7 wpt-pr: 12819
2024-10-17 07:15:46 +00:00 · 2018-09-07 10:54:18 +00:00 · 2018-09-07 10:54:18 +00:00 · 2908e54b40
commit 2908e54b40
parent dad36f4dc4
3 changed files with 53 additions and 6 deletions
--- a/testing/web-platform/meta/MANIFEST.json
+++ b/testing/web-platform/meta/MANIFEST.json
@ -402407,6 +402407,12 @@
     {}
    ]
   ],
+   "websockets/cookies/006.https.html": [
+    [
+     "/websockets/cookies/006.https.html?wss",
+     {}
+    ]
+   ],
   "websockets/cookies/007.html": [
    [
     "/websockets/cookies/007.html",
@ -657951,7 +657957,11 @@
   "testharness"
  ],
  "websockets/cookies/006.html": [
-   "7e975879a3512c6024eec4532f783c295a043ffc",
+   "0e958d25e5d276cc78b6394a1332ea42a510e3f4",
+   "testharness"
+  ],
+  "websockets/cookies/006.https.html": [
+   "015eeb22f07a1d744c490248633eae9953ba5e6d",
   "testharness"
  ],
  "websockets/cookies/007.html": [
--- a/testing/web-platform/tests/websockets/cookies/006.html
+++ b/testing/web-platform/tests/websockets/cookies/006.html
@ -7,6 +7,9 @@
 <meta name="variant" content="?wss">
 <div id=log></div>
 <script>
+// This test doesn't work as originally intended, because an insecure page
+// cannot set a secure cookie. See 006.https.html for a working version. This
+// version is retained for historical purposes.
 var cookie_id = ((new Date())-0) + '.' + Math.random();
 async_test(function(t) {
  if (window.WebSocket) {
@ -19,11 +22,8 @@ async_test(function(t) {
  var ws = new WebSocket(SCHEME_DOMAIN_PORT+'/echo-cookie');
  ws.onmessage = t.step_func(function(e) {
    ws.close();
-    if (SCHEME_DOMAIN_PORT.substr(0,3) == 'wss') {
-      assert_regexp_match(e.data, new RegExp('ws_test_'+cookie_id+'=test'));
-    } else {
-      assert_false(new RegExp('ws_test_'+cookie_id+'=test').test(e.data));
-    }
+    assert_equals(e.data.indexOf('ws_test_'+cookie_id+'=test'), -1,
+                  'cookie should not have been set');
    t.done();
  })
  ws.onerror = ws.onclose = t.step_func(function(e) {assert_unreached(e.type)});
--- a/testing/web-platform/tests/websockets/cookies/006.https.html
+++ b/testing/web-platform/tests/websockets/cookies/006.https.html
@ -0,0 +1,37 @@
+<!doctype html>
+<title>WebSockets: setting Secure cookie with document.cookie, checking ws request</title>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src=../constants.js?pipe=sub></script>
+<!--
+There's no "ws:" scheme variant of this test because mixed-content checks
+won't permit creating an insecure WebSocket on a secure page.
+-->
+<meta name="variant" content="?wss">
+<div id=log></div>
+<script>
+var cookie_id = ((new Date())-0) + '.' + Math.random();
+async_test(function(t) {
+  if (window.WebSocket) {
+    document.cookie = 'ws_test_'+cookie_id+'=test; Path=/; Secure';
+  }
+  t.add_cleanup(function() {
+    // remove cookie
+    document.cookie = 'ws_test_'+cookie_id+'=; Path=/; Secure; Expires=Sun, 06 Nov 1994 08:49:37 GMT';
+  });
+  var ws = new WebSocket(SCHEME_DOMAIN_PORT+'/echo-cookie');
+  ws.onmessage = t.step_func(function(e) {
+    ws.close();
+    var cookie_was_seen = e.data.indexOf('ws_test_'+cookie_id+'=test') != -1;
+    if (SCHEME_DOMAIN_PORT.substr(0,3) == 'wss') {
+      assert_true(cookie_was_seen,
+                  'cookie should have been visible to wss');
+    } else {
+      assert_false(cookie_was_seen,
+                   'cookie should not have been visible to ws');
+    }
+    t.done();
+  })
+  ws.onerror = ws.onclose = t.step_func(function(e) {assert_unreached(e.type)});
+});
+</script>