Adding upstream version 115.8.0esr.upstream/115.8.0esr

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

22 files changed, 356 insertions, 0 deletions

diff --git a/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/accept-ch-and-redir.py b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/accept-ch-and-redir.py
new file mode 100644
index 0000000000..16ab11faa7
--- /dev/null
+++ b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/accept-ch-and-redir.py
@@ -0,0 +1,5 @@
+def main(request, response):
+    url = b''
+    if b'url' in request.GET:
+        url = request.GET[b'url']
+    return 301, [(b'Location', url),(b'Accept-CH', b'sec-ch-device-memory, device-memory, Sec-CH-DPR, DPR')], u''
diff --git a/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/accept-ch-blank.html b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/accept-ch-blank.html
new file mode 100644
index 0000000000..8a2e40ad90
--- /dev/null
+++ b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/accept-ch-blank.html
@@ -0,0 +1,11 @@
+<html>
+<body>
+
+<!-- Page with an empty accept-ch header, which disables client hints -->
+<script>
+  window.top.opener.postMessage('Loaded', '*');
+</script>
+
+
+</body>
+</html>
diff --git a/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/accept-ch-blank.html.headers b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/accept-ch-blank.html.headers
new file mode 100644
index 0000000000..25215abdf7
--- /dev/null
+++ b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/accept-ch-blank.html.headers
@@ -0,0 +1,2 @@
+Accept-CH:
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/accept-ch-test.js b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/accept-ch-test.js
new file mode 100644
index 0000000000..b0bf39250c
--- /dev/null
+++ b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/accept-ch-test.js
@@ -0,0 +1,133 @@
+const echo = "/client-hints/accept-ch-stickiness/resources/echo-client-hints-received.py";
+const accept = "/client-hints/accept-ch-stickiness/resources/accept-ch.html";
+const accept_blank = "/client-hints/accept-ch-stickiness/resources/accept-ch-blank.html";
+const no_accept = "/client-hints/accept-ch-stickiness/resources/no-accept-ch.html";
+const httpequiv_accept = "/client-hints/accept-ch-stickiness/resources/http-equiv-accept-ch.html";
+const metaequiv_delegate = "/client-hints/accept-ch-stickiness/resources/meta-equiv-delegate-ch.html";
+const expect = "/client-hints/accept-ch-stickiness/resources/expect-client-hints-headers.html"
+const do_not_expect = "/client-hints/accept-ch-stickiness/resources/do-not-expect-client-hints-headers.html"
+
+const host_info = get_host_info();
+
+function verify_initial_state(initial_url, test_name) {
+  promise_test(t => {
+    return fetch(initial_url).then(r => {
+      assert_equals(r.status, 200)
+      // Verify that the browser did not include client hints in the request
+      // headers when fetching echo-client-hints-received.py.
+      assert_false(r.headers.has("device-memory-received"),
+        "device-memory-received");
+      assert_false(r.headers.has("device-memory-deprecated-received"),
+        "device-memory-deprecated-received");
+    });
+  }, test_name + " precondition: Test that the browser does not have client " +
+    "hints preferences cached");
+}
+
+function verify_iframe_state(expect_url, test_name) {
+  promise_test(t => {
+    return new Promise(resolve => {
+      window.addEventListener('message', t.step_func(function(e) {
+        assert_equals(e.data, "PASS", "message from opened frame");
+        fetch("/client-hints/accept-ch-stickiness/resources/clear-site-data.html").then(resolve);
+      }));
+      const iframe = document.createElement("iframe");
+      iframe.src = expect_url;
+      document.body.appendChild(iframe);
+    });
+  }, test_name + " got client hints according to expectations.");
+}
+
+function verify_navigation_state(expect_url, test_name) {
+  promise_test(t => {
+    return new Promise(resolve => {
+      let win;
+      window.addEventListener('message', t.step_func(function(e) {
+        win.close();
+        assert_equals(e.data, "PASS", "message from opened page");
+        fetch("/client-hints/accept-ch-stickiness/resources/clear-site-data.html").then(resolve);
+      }));
+      // Open a new window. Verify that the user agent attaches client hints.
+      win = window.open(expect_url);
+      assert_not_equals(win, null, "Popup windows not allowed?");
+    });
+  }, test_name + " got client hints according to expectations.");
+}
+
+function verify_subresource_state(expect_url, test_name) {
+  promise_test(t => {
+    return new Promise(resolve => {
+      fetch(expect_url).then(response => response.text()).then(t.step_func(text => {
+        assert_true(text.includes("PASS"));
+        fetch("/client-hints/accept-ch-stickiness/resources/clear-site-data.html").then(resolve);
+      }));
+    });
+  }, test_name + " got client hints according to expectations.");
+}
+
+function verify_syncxhr_state(expect_url, test_name) {
+  promise_test(t => {
+    return new Promise(resolve => {
+      const xhr = new XMLHttpRequest();
+      xhr.onreadystatechange = t.step_func(() => {
+        if (xhr.readyState != XMLHttpRequest.DONE) {
+          return;
+        }
+        assert_true(xhr.responseText.includes("PASS"));
+        fetch("/client-hints/accept-ch-stickiness/resources/clear-site-data.html").then(resolve);
+      });
+      xhr.open("GET", expect_url, false /* async */);
+      xhr.send();
+    });
+  }, test_name + " got client hints according to expectations.");
+}
+
+function attempt_set(test_type, accept_url, test_name, test_name_suffix) {
+  promise_test(t => {
+    return new Promise(resolve => {
+      if (test_type == "navigation") {
+        const win = window.open(accept_url);
+        assert_not_equals(win, null, "Popup windows not allowed?");
+        addEventListener('message', t.step_func(() => {
+          win.close();
+          resolve();
+        }), false);
+      } else if (test_type == "iframe") {
+        const iframe = document.createElement("iframe");
+        iframe.addEventListener('load', t.step_func(() => {
+          resolve();
+        }), false);
+        iframe.src = accept_url;
+        document.body.appendChild(iframe);
+      } else if (test_type == "subresource") {
+        fetch(accept_url).then(r => {
+          assert_equals(r.status, 200, "subresource response status")
+          // Verify that the browser did not include client hints in the request
+          // headers, just because we can..
+          assert_false(r.headers.has("device-memory-received"),
+            "device-memory-received",
+            "subresource request had no client hints");
+          assert_false(r.headers.has("device-memory-deprecated-received"),
+            "device-memory-deprecated-received",
+            "subresource request had no client hints");
+          resolve();
+        });
+      } else {
+        assert_unreached("unknown test type");
+      }
+    });
+  }, test_name +  " set Accept-CH" + test_name_suffix);
+}
+
+const run_test = test => {
+  // First, verify the initial state to make sure that the browser does not have
+  // client hints preferences cached from a previous run of the test.
+  verify_initial_state(test.initial_url, test.name);
+
+  // Then, attempt to set Accept-CH
+  attempt_set(test.type, test.accept_url, test.name, "");
+
+  // Finally, verify that CH are actually sent (or not) on requests
+  verify_navigation_state(test.expect_url, test.name);
+};
+
diff --git a/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/accept-ch.html b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/accept-ch.html
new file mode 100644
index 0000000000..694c5b03bc
--- /dev/null
+++ b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/accept-ch.html
@@ -0,0 +1,16 @@
+<html>
+<body>
+
+<!-- An empty webpage whose response headers include Accept-CH
+header. Fetching this webpage should cause
+user-agent to persist origin preferences for the client hints
+specified in the Accept-CH header until a Clear-Site-Data header
+is sent or user action is take to clear the session or data about
+the origin.-->
+<script>
+  window.top.opener.postMessage('Loaded', '*');
+</script>
+
+
+</body>
+</html>
diff --git a/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/accept-ch.html.headers b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/accept-ch.html.headers
new file mode 100644
index 0000000000..e3ee616f2b
--- /dev/null
+++ b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/accept-ch.html.headers
@@ -0,0 +1,2 @@
+Accept-CH: sec-ch-device-memory, device-memory, Sec-CH-DPR, DPR
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/clear-site-data.html b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/clear-site-data.html
new file mode 100644
index 0000000000..e69de29bb2
--- /dev/null
+++ b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/clear-site-data.html
diff --git a/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/clear-site-data.html.headers b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/clear-site-data.html.headers
new file mode 100644
index 0000000000..955424f246
--- /dev/null
+++ b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/clear-site-data.html.headers
@@ -0,0 +1,2 @@
+Clear-Site-Data: "*"
+Access-Control-Allow-Origin: *
\ No newline at end of file
diff --git a/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/do-expect-received.py b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/do-expect-received.py
new file mode 100644
index 0000000000..d2a544e46a
--- /dev/null
+++ b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/do-expect-received.py
@@ -0,0 +1,20 @@
+def main(request, response):
+    """
+    Check that headers sent to navigate here *do* contain the device-memory client
+    hint, and report success/failure in a way compatible with
+    verify_{subresource|iframe}_state() in accept-ch-test.js
+    """
+
+    if b"device-memory" in request.headers and b"sec-ch-device-memory" in request.headers:
+      result = u"PASS"
+    else:
+      result = u"FAIL"
+
+    content = u'''
+<script>
+  let messagee = window.opener || window.parent;
+  messagee.postMessage("%s" , "*");
+</script>
+''' % (result)
+    headers = [(b"Content-Type", b"text/html"), (b"Access-Control-Allow-Origin", b"*")]
+    return 200, headers, content
diff --git a/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/do-not-expect-client-hints-headers.html b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/do-not-expect-client-hints-headers.html
new file mode 100644
index 0000000000..2421eea18e
--- /dev/null
+++ b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/do-not-expect-client-hints-headers.html
@@ -0,0 +1,22 @@
+<html>
+<body>
+<script>
+
+// This test checks if browser attaches the device-memory client hint in the
+// HTTP request headers.
+
+// echo-client-hints-received.py sets the response headers depending on the set
+// of client hints it receives in the request headers.
+
+fetch("/client-hints/accept-ch-stickiness/resources/echo-client-hints-received.py").then(r => {
+  if(r.status == 200 && !r.headers.has("device-memory-received") && !r.headers.has("device-memory-deprecated-received")) {
+    window.top.opener.postMessage('PASS', '*');
+  }
+  else {
+    window.top.opener.postMessage('FAIL', '*');
+  }
+});
+
+</script>
+</body>
+</html>
diff --git a/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/do-not-expect-received.py b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/do-not-expect-received.py
new file mode 100644
index 0000000000..48ebc21d14
--- /dev/null
+++ b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/do-not-expect-received.py
@@ -0,0 +1,20 @@
+def main(request, response):
+    """
+    Check that headers sent to navigate here *do not* contain the device-memory client
+    hint, and report success/failure in a way compatible with
+    verify_{subresource|iframe}_state() in accept-ch-test.js
+    """
+
+    if b"device-memory" in request.headers or b"sec-ch-device-memory" in request.headers:
+      result = u"FAIL"
+    else:
+      result = u"PASS"
+
+    content = u'''
+<script>
+  let messagee = window.opener || window.parent;
+  messagee.postMessage("%s" , "*");
+</script>
+''' % (result)
+    headers = [(b"Content-Type", b"text/html"), (b"Access-Control-Allow-Origin", b"*")]
+    return 200, headers, content
diff --git a/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/echo-client-hints-received.py b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/echo-client-hints-received.py
new file mode 100644
index 0000000000..3c61330671
--- /dev/null
+++ b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/echo-client-hints-received.py
@@ -0,0 +1,14 @@
+def main(request, response):
+    """
+    Simple handler that sets a response header based on which client hint
+    request headers were received.
+    """
+
+    response.headers.append(b"Access-Control-Allow-Origin", b"*")
+    response.headers.append(b"Access-Control-Allow-Headers", b"*")
+    response.headers.append(b"Access-Control-Expose-Headers", b"*")
+
+    if b"sec-ch-device-memory" in request.headers:
+            response.headers.set(b"device-memory-received", request.headers.get(b"sec-ch-device-memory"))
+    if b"device-memory" in request.headers:
+            response.headers.set(b"device-memory-deprecated-received", request.headers.get(b"device-memory"))
diff --git a/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/expect-client-hints-headers.html b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/expect-client-hints-headers.html
new file mode 100644
index 0000000000..1cde2ffd05
--- /dev/null
+++ b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/expect-client-hints-headers.html
@@ -0,0 +1,22 @@
+<html>
+<body>
+<script>
+
+// This test checks if browser attaches the device-memory client hint in the
+// HTTP request headers.
+
+// echo-client-hints-received.py sets the response headers depending on the set
+// of client hints it receives in the request headers.
+
+fetch("/client-hints/accept-ch-stickiness/resources/echo-client-hints-received.py").then(r => {
+  if(r.status == 200 && r.headers.has("device-memory-received") && r.headers.has("device-memory-deprecated-received")) {
+    window.top.opener.postMessage('PASS', '*');
+  }
+  else {
+    window.top.opener.postMessage('FAIL', '*');
+  }
+});
+
+</script>
+</body>
+</html>
diff --git a/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/expect-received.py b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/expect-received.py
new file mode 100644
index 0000000000..876f025f3e
--- /dev/null
+++ b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/expect-received.py
@@ -0,0 +1,28 @@
+def main(request, response):
+    """
+    Check that headers sent to navigate here contain the device-memory client
+    hint, and report success/failure in a way compatible with
+    verify_navigation_state() in accept-ch-test.js
+    """
+
+    if b"sec-ch-device-memory" not in request.headers:
+      result = u"DEVICE-MEMORY"
+    elif b"device-memory" not in request.headers:
+      result = u"DEVICE-MEMORY-DEPRECATED"
+    elif b"sec-ch-ua" not in request.headers:
+      result = u"UA"
+    elif b"sec-ch-ua-mobile" not in request.headers:
+      result = u"MOBILE"
+    elif b"sec-ch-ua-platform" not in request.headers:
+      result = u"PLATFORM"
+    else:
+      result = u"PASS"
+
+    content = u'''
+<script>
+  let messagee = window.opener || window.parent;
+  messagee.postMessage("%s" , "*");
+</script>
+''' % (result)
+    headers = [(b"Content-Type", b"text/html"), (b"Access-Control-Allow-Origin", b"*")]
+    return 200, headers, content
diff --git a/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/feature-policy-with-cross-origin-subresource.html b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/feature-policy-with-cross-origin-subresource.html
new file mode 100644
index 0000000000..f7e1a767b4
--- /dev/null
+++ b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/feature-policy-with-cross-origin-subresource.html
@@ -0,0 +1,25 @@
+<html>
+<body>
+<script src="/common/get-host-info.sub.js"></script>
+<script>
+
+// This test checks if browser attaches the device-memory client hint in the
+// HTTP request headers --- while requesting it from 3P context after
+// settings feature policy to allow it; with Accept-CH coming from a sticky
+// source.
+
+// echo-client-hints-received.py sets the response headers depending on the set
+// of client hints it receives in the request headers.
+
+fetch(get_host_info()["HTTPS_REMOTE_ORIGIN"] + "/client-hints/accept-ch-stickiness/resources/echo-client-hints-received.py").then(r => {
+  if(r.status == 200 && r.headers.has("device-memory-received") && r.headers.has("device-memory-deprecated-received")) {
+    window.top.opener.postMessage('PASS', '*');
+  }
+  else {
+    window.top.opener.postMessage('FAIL', '*');
+  }
+});
+
+</script>
+</body>
+</html>
diff --git a/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/feature-policy-with-cross-origin-subresource.html.headers b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/feature-policy-with-cross-origin-subresource.html.headers
new file mode 100644
index 0000000000..4738714fb4
--- /dev/null
+++ b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/feature-policy-with-cross-origin-subresource.html.headers
@@ -0,0 +1 @@
+Permissions-Policy: ch-device-memory=*
diff --git a/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/http-equiv-accept-ch.html b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/http-equiv-accept-ch.html
new file mode 100644
index 0000000000..561cae49ca
--- /dev/null
+++ b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/http-equiv-accept-ch.html
@@ -0,0 +1,8 @@
+<html>
+<meta http-equiv="Accept-CH" content="sec-ch-device-memory,device-memory">
+<body>
+<script>
+  window.top.opener.postMessage('Loaded', '*');
+</script>
+</body>
+</html>
diff --git a/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/http-equiv-accept-ch.html.headers b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/http-equiv-accept-ch.html.headers
new file mode 100644
index 0000000000..27140bf36e
--- /dev/null
+++ b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/http-equiv-accept-ch.html.headers
@@ -0,0 +1,2 @@
+Access-Control-Allow-Origin: *
+
diff --git a/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/meta-equiv-delegate-ch.html b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/meta-equiv-delegate-ch.html
new file mode 100644
index 0000000000..7d7c4ccdf7
--- /dev/null
+++ b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/meta-equiv-delegate-ch.html
@@ -0,0 +1,9 @@
+<!DOCTYPE html>
+<html>
+<meta http-equiv="Delegate-CH" content="sec-ch-device-memory;device-memory">
+<body>
+<script>
+  window.top.opener.postMessage('Loaded', '*');
+</script>
+</body>
+</html>
diff --git a/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/meta-equiv-delegate-ch.html.headers b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/meta-equiv-delegate-ch.html.headers
new file mode 100644
index 0000000000..27140bf36e
--- /dev/null
+++ b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/meta-equiv-delegate-ch.html.headers
@@ -0,0 +1,2 @@
+Access-Control-Allow-Origin: *
+
diff --git a/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/no-accept-ch.html b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/no-accept-ch.html
new file mode 100644
index 0000000000..16ed6c1a7c
--- /dev/null
+++ b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/no-accept-ch.html
@@ -0,0 +1,11 @@
+<html>
+<body>
+
+<!-- Page with out an accept-ch header; client hints are unaffected -->
+<script>
+  window.top.opener.postMessage('Loaded', '*');
+</script>
+
+
+</body>
+</html>
diff --git a/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/no-accept-ch.html.headers b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/no-accept-ch.html.headers
new file mode 100644
index 0000000000..cb762eff80
--- /dev/null
+++ b/testing/web-platform/tests/client-hints/accept-ch-stickiness/resources/no-accept-ch.html.headers
@@ -0,0 +1 @@
+Access-Control-Allow-Origin: *