Bug 1569486 [wpt PR 18126] - [WPT/common/security-features] Support multiple policy deliveries in top-level Documents, a=testonly

Automatic update from web-platform-tests [WPT/common/security-features] Support multiple policy deliveries in top-level Documents Currently, policy deliveries (and thus <meta>, HTTP headers) in top-level Documents are processed by `handleDelivery()` methods, which accept only one policy delivery. This CL - Merges `handleDelivery()` methods into a single `handle_delivery()`, - Introduce `util.PolicyDelivery` to represent policy deliveries as explicitly typed objects, and - Extends `handle_delivery()` to accept multiple policy deliveries. Bug: 906850 Change-Id: Iadbef1240c4855967e40f81cb3417389cff5c9eb Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1723229 Commit-Queue: Hiroshige Hayashizaki <hiroshige@chromium.org> Reviewed-by: Kenichi Ishibashi <bashi@chromium.org> Cr-Commit-Position: refs/heads/master@{#683355} -- wpt-commits: 88fcfe65bbdd13215452d8d2bc57d0c0336fde17 wpt-pr: 18126
2024-10-26 03:35:33 +00:00 · 2019-08-06 17:24:07 +00:00 · 2019-08-06 17:24:07 +00:00 · e913d05aee
commit e913d05aee
parent 597f9da349
4 changed files with 56 additions and 49 deletions
--- a/testing/web-platform/tests/common/security-features/tools/generate.py
+++ b/testing/web-platform/tests/common/security-features/tools/generate.py
@ -57,6 +57,45 @@ def dump_test_parameters(selection):
        selection, indent=2, separators=(',', ': '), sort_keys=True)


+def handle_deliveries(policy_deliveries):
+    '''
+    Generate <meta> elements and HTTP headers for the given list of
+    PolicyDelivery.
+    TODO(hiroshige): Merge duplicated code here, scope/document.py, etc.
+    '''
+
+    meta = ''
+    headers = {}
+
+    for delivery in policy_deliveries:
+        if delivery.value is None:
+            continue
+        if delivery.key == 'referrerPolicy':
+            if delivery.delivery_type == 'meta':
+                meta += \
+                    '<meta name="referrer" content="%s">' % delivery.value
+            elif delivery.delivery_type == 'http-rp':
+                headers['Referrer-Policy'] = delivery.value
+                # TODO(kristijanburnik): Limit to WPT origins.
+                headers['Access-Control-Allow-Origin'] = '*'
+            else:
+                raise Exception(
+                    'Invalid delivery_type: %s' % delivery.delivery_type)
+        elif delivery.key == 'mixedContent':
+            assert (delivery.value == 'opt-in')
+            if delivery.delivery_type == 'meta':
+                meta += '<meta http-equiv="Content-Security-Policy" ' + \
+                       'content="block-all-mixed-content">'
+            elif delivery.delivery_type == 'http-rp':
+                headers['Content-Security-Policy'] = 'block-all-mixed-content'
+            else:
+                raise Exception(
+                    'Invalid delivery_type: %s' % delivery.delivery_type)
+        else:
+            raise Exception('Invalid delivery_key: %s' % delivery.key)
+    return {"meta": meta, "headers": headers}
+
+
 def generate_selection(config, selection, spec, test_html_template_basename):
    test_parameters = dump_test_parameters(selection)
    # Adjust the template for the test invoking JS. Indent it to look nice.
@ -109,13 +148,16 @@ def generate_selection(config, selection, spec, test_html_template_basename):
    except:
        pass

-    delivery = config.handleDelivery(selection, spec)
+    delivery = handle_deliveries([
+        util.PolicyDelivery(selection['delivery_type'],
+                            selection['delivery_key'],
+                            selection['delivery_value'])
+    ])

    if len(delivery['headers']) > 0:
        with open(test_headers_filename, "w") as f:
            for header in delivery['headers']:
-                f.write(header)
-                f.write('\n')
+                f.write('%s: %s\n' % (header, delivery['headers'][header]))

    selection['meta_delivery_method'] = delivery['meta']
    # Obey the lint and pretty format.
--- a/testing/web-platform/tests/common/security-features/tools/util.py
+++ b/testing/web-platform/tests/common/security-features/tools/util.py
@ -39,3 +39,14 @@ def load_spec_json(path_to_spec):
                print(read_nth_line(f, line_number).rstrip())
                print(" " * (column - 1) + "^")
            sys.exit(1)
+
+
+class PolicyDelivery(object):
+    '''
+    See `@typedef PolicyDelivery` comments in `resources/common.js`.
+    '''
+
+    def __init__(self, delivery_type, key, value):
+        self.delivery_type = delivery_type
+        self.key = key
+        self.value = value
--- a/testing/web-platform/tests/mixed-content/generic/tools/generate.py
+++ b/testing/web-platform/tests/mixed-content/generic/tools/generate.py
@ -48,25 +48,6 @@ expectation: %(expectation)s
        self.spec_directory = os.path.abspath(
            os.path.join(script_directory, '..', '..'))

-    def handleDelivery(self, selection, spec):
-        delivery_type = selection['delivery_type']
-        delivery_value = selection['delivery_value']
-
-        meta = ''
-        headers = []
-
-        if delivery_value is not None:
-            if delivery_type == 'meta':
-                meta = '<meta http-equiv="Content-Security-Policy" ' + \
-                       'content="block-all-mixed-content">'
-            elif delivery_type == 'http-rp':
-                headers.append(
-                    "Content-Security-Policy: block-all-mixed-content")
-            else:
-                raise ValueError("Invalid delivery_type %s" % delivery_type)
-
-        return {"meta": meta, "headers": headers}
-

 if __name__ == '__main__':
    generate.main(MixedContentConfig())
--- a/testing/web-platform/tests/referrer-policy/generic/tools/generate.py
+++ b/testing/web-platform/tests/referrer-policy/generic/tools/generate.py
@ -42,33 +42,6 @@ the target request is %(origin)s.'''
        self.spec_directory = os.path.abspath(
            os.path.join(script_directory, '..', '..'))

-    def handleDelivery(self, selection, spec):
-        delivery_type = selection['delivery_type']
-        delivery_value = selection['delivery_value']
-
-        meta = ''
-        headers = []
-        if delivery_value != None:
-            if delivery_type == 'meta':
-                meta = \
-                    '<meta name="referrer" content="%s">' % delivery_value
-            elif delivery_type == 'http-rp':
-                meta = \
-                    "<!-- No meta: Referrer policy delivered via HTTP headers. -->"
-                headers.append('Referrer-Policy: ' + '%s' % delivery_value)
-                # TODO(kristijanburnik): Limit to WPT origins.
-                headers.append('Access-Control-Allow-Origin: *')
-            elif delivery_type == 'attr':
-                # attr-referrer is supported by the JS test wrapper.
-                pass
-            elif delivery_type == 'rel-noref':
-                # rel=noreferrer is supported by the JS test wrapper.
-                pass
-            else:
-                raise ValueError('Not implemented delivery_type: ' \
-                                  + delivery_type)
-        return {"meta": meta, "headers": headers}
-

 if __name__ == '__main__':
    generate.main(ReferrerPolicyConfig())