mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-09 03:15:11 +00:00
Bug 1687734 [wpt PR 27257] - Deflake wpt test about CSPEE., a=testonly
Automatic update from web-platform-tests Deflake wpt test about CSPEE. The test was timing out. This is likely caused by not running as "slow" and having many promise_test running in sequence. This patch: - Make them run in parallel. - Fix an error "is-disallowed" vs "is-not-allowed" - Fix an error HTTP vs HTTPS. The "same-origin" case is now useful. - For injecting a script, prefer document.write over javascript-url. The Javascript-url might be canceled by Document::CancelPendingJavaScriptUrls() and this might be another reason to explain the flakes. Bug: chromium:1163751 Change-Id: Id0fe915c551cc464df23fa4235090216b8f701ad Fixed: chromium:1163751 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2640615 Commit-Queue: Arthur Sonzogni <arthursonzogni@chromium.org> Reviewed-by: Antonio Sartori <antoniosartori@chromium.org> Cr-Commit-Position: refs/heads/master@{#845706} -- wpt-commits: c788d7b979d0e2791c298da4b7c1aa9bc844f803 wpt-pr: 27257
This commit is contained in:
parent
daedd0e1f4
commit
6b1d629cea
@ -9,31 +9,47 @@
|
||||
// Check sandbox flags are properly defined when its parent requires them and
|
||||
// the child allows it.
|
||||
|
||||
const same_origin = get_host_info().HTTPS_ORIGIN;
|
||||
const cross_origin = get_host_info().HTTPS_REMOTE_ORIGIN;
|
||||
const same_origin = get_host_info().HTTP_ORIGIN;
|
||||
const cross_origin = get_host_info().HTTP_REMOTE_ORIGIN;
|
||||
const check_sandbox_url =
|
||||
"/html/browsers/sandboxing/resources/check-sandbox-flags.html?pipe=";
|
||||
const allow_csp_from_star = "|header(Allow-CSP-From,*)";
|
||||
|
||||
// Return a promise, resolving when |element| triggers |event_name| event.
|
||||
const future = (element, event_name) => {
|
||||
const future = (element, event_name, source) => {
|
||||
return new Promise(resolve => {
|
||||
element.addEventListener(event_name, event => resolve(event))
|
||||
element.addEventListener(event_name, event => {
|
||||
if (!source || source.contentWindow == event.source)
|
||||
resolve(event)
|
||||
})
|
||||
});
|
||||
};
|
||||
|
||||
const check_sandbox_script = `
|
||||
<script>
|
||||
try {
|
||||
document.domain = document.domain;
|
||||
parent.postMessage("document-domain-is-allowed", "*");
|
||||
} catch (exception) {
|
||||
parent.postMessage("document-domain-is-disallowed", "*");
|
||||
}
|
||||
</scr`+`ipt>
|
||||
`;
|
||||
|
||||
const sandbox_policy = "sandbox allow-scripts allow-same-origin";
|
||||
|
||||
promise_test(async test => {
|
||||
// Test using the modern async/await primitives are easier to read/write.
|
||||
// However they run sequentially, contrary to async_test. This is the parallel
|
||||
// version, to avoid timing out.
|
||||
let promise_test_parallel = (promise, description) => {
|
||||
async_test(test => {
|
||||
promise(test)
|
||||
.then(() => {test.done();})
|
||||
.catch(test.step_func(error => { throw error; }));
|
||||
}, description);
|
||||
};
|
||||
|
||||
promise_test_parallel(async test => {
|
||||
const iframe = document.createElement("iframe");
|
||||
iframe.csp = sandbox_policy;
|
||||
|
||||
@ -43,16 +59,15 @@ promise_test(async test => {
|
||||
iframe.src = "/fetch/api/resources/infinite-slow-response.py";
|
||||
document.body.appendChild(iframe);
|
||||
|
||||
const iframe_reply = future(window, "message");
|
||||
iframe.contentWindow.location =
|
||||
`javascript:${encodeURI(check_sandbox_script)}`;
|
||||
const iframe_reply = future(window, "message", iframe);
|
||||
iframe.contentDocument.write(check_sandbox_script);
|
||||
const result = await iframe_reply;
|
||||
iframe.remove();
|
||||
|
||||
assert_equals(result.data, "document-domain-is-disallowed");
|
||||
}, "initial empty document");
|
||||
|
||||
promise_test(async test => {
|
||||
promise_test_parallel(async test => {
|
||||
const iframe = document.createElement("iframe");
|
||||
iframe.src = "data:text/html,dummy";
|
||||
|
||||
@ -65,73 +80,71 @@ promise_test(async test => {
|
||||
iframe.src = "about:blank";
|
||||
await iframe_load_2;
|
||||
|
||||
const iframe_reply = future(window, "message");
|
||||
iframe.contentWindow.location =
|
||||
`javascript:${encodeURI(check_sandbox_script)}`;
|
||||
const iframe_reply = future(window, "message", iframe);
|
||||
iframe.contentDocument.write(check_sandbox_script);
|
||||
const result = await iframe_reply;
|
||||
|
||||
assert_equals(result.data, "document-domain-is-disallowed");
|
||||
}, "about:blank");
|
||||
|
||||
promise_test(async test => {
|
||||
promise_test_parallel(async test => {
|
||||
const iframe = document.createElement("iframe");
|
||||
iframe.csp = sandbox_policy;
|
||||
iframe.src =
|
||||
`data:text/html,<script>${encodeURI(check_sandbox_script)}</scr`+`ipt>`;
|
||||
`data:text/html,${encodeURI(check_sandbox_script)}`;
|
||||
|
||||
const iframe_reply = future(window, "message");
|
||||
const iframe_reply = future(window, "message", iframe);
|
||||
document.body.appendChild(iframe);
|
||||
const result = await iframe_reply;
|
||||
|
||||
assert_equals(result.data, "document-domain-is-disallowed");
|
||||
}, "data-url");
|
||||
|
||||
promise_test(async test => {
|
||||
promise_test_parallel(async test => {
|
||||
const iframe = document.createElement("iframe");
|
||||
iframe.csp = sandbox_policy;
|
||||
iframe.srcdoc = `<script>${check_sandbox_script}</scr`+`ipt>`;
|
||||
iframe.srcdoc = check_sandbox_script;
|
||||
|
||||
const iframe_reply = future(window, "message");
|
||||
const iframe_reply = future(window, "message", iframe);
|
||||
document.body.appendChild(iframe);
|
||||
const result = await iframe_reply;
|
||||
|
||||
assert_equals(result.data, "document-domain-is-disallowed");
|
||||
}, "srcdoc");
|
||||
|
||||
promise_test(async test => {
|
||||
promise_test_parallel(async test => {
|
||||
const iframe = document.createElement("iframe");
|
||||
iframe.csp = sandbox_policy;
|
||||
|
||||
const blob = new Blob(
|
||||
[ `<script>${check_sandbox_script}</scr`+`ipt>` ], { type: "text/html" });
|
||||
const blob = new Blob([check_sandbox_script], { type: "text/html" });
|
||||
|
||||
iframe.src = URL.createObjectURL(blob);
|
||||
|
||||
const iframe_reply = future(window, "message");
|
||||
const iframe_reply = future(window, "message", iframe);
|
||||
document.body.appendChild(iframe);
|
||||
const result = await iframe_reply;
|
||||
|
||||
assert_equals(result.data, "document-domain-is-disallowed");
|
||||
}, "blob URL");
|
||||
|
||||
promise_test(async test => {
|
||||
promise_test_parallel(async test => {
|
||||
const iframe = document.createElement("iframe");
|
||||
iframe.csp = sandbox_policy;
|
||||
iframe.src = same_origin + check_sandbox_url + allow_csp_from_star;
|
||||
|
||||
const iframe_reply = future(window, "message");
|
||||
const iframe_reply = future(window, "message", iframe);
|
||||
document.body.appendChild(iframe);
|
||||
const result = await iframe_reply;
|
||||
|
||||
assert_equals(result.data, "document-domain-is-disallowed");
|
||||
}, "same-origin");
|
||||
|
||||
promise_test(async test => {
|
||||
promise_test_parallel(async test => {
|
||||
const iframe = document.createElement("iframe");
|
||||
iframe.csp = sandbox_policy;
|
||||
iframe.src = cross_origin + check_sandbox_url + allow_csp_from_star;
|
||||
|
||||
const iframe_reply = future(window, "message");
|
||||
const iframe_reply = future(window, "message", iframe);
|
||||
document.body.appendChild(iframe);
|
||||
const result = await iframe_reply;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user