From 0ebf5bdf043a27fd3dfb7f92e0cb63d88954c44d Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Fri, 19 Apr 2024 03:47:29 +0200
Subject: Adding upstream version 115.8.0esr.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 .../web-platform/tests/websockets/cookies/001.html | 28 +++++++++++
 .../web-platform/tests/websockets/cookies/002.html | 26 ++++++++++
 .../web-platform/tests/websockets/cookies/003.html | 34 +++++++++++++
 .../web-platform/tests/websockets/cookies/004.html | 31 ++++++++++++
 .../web-platform/tests/websockets/cookies/005.html | 35 +++++++++++++
 .../web-platform/tests/websockets/cookies/006.html | 35 +++++++++++++
 .../web-platform/tests/websockets/cookies/007.html | 36 ++++++++++++++
 .../tests/websockets/cookies/support/set-cookie.py |  7 +++
 .../support/websocket-cookies-helper.sub.js        | 57 ++++++++++++++++++++++
 .../cookies/third-party-cookie-accepted.https.html | 25 ++++++++++
 10 files changed, 314 insertions(+)
 create mode 100644 testing/web-platform/tests/websockets/cookies/001.html
 create mode 100644 testing/web-platform/tests/websockets/cookies/002.html
 create mode 100644 testing/web-platform/tests/websockets/cookies/003.html
 create mode 100644 testing/web-platform/tests/websockets/cookies/004.html
 create mode 100644 testing/web-platform/tests/websockets/cookies/005.html
 create mode 100644 testing/web-platform/tests/websockets/cookies/006.html
 create mode 100644 testing/web-platform/tests/websockets/cookies/007.html
 create mode 100644 testing/web-platform/tests/websockets/cookies/support/set-cookie.py
 create mode 100644 testing/web-platform/tests/websockets/cookies/support/websocket-cookies-helper.sub.js
 create mode 100644 testing/web-platform/tests/websockets/cookies/third-party-cookie-accepted.https.html

(limited to 'testing/web-platform/tests/websockets/cookies')

diff --git a/testing/web-platform/tests/websockets/cookies/001.html b/testing/web-platform/tests/websockets/cookies/001.html
new file mode 100644
index 0000000000..c43947fa87
--- /dev/null
+++ b/testing/web-platform/tests/websockets/cookies/001.html
@@ -0,0 +1,28 @@
+<!doctype html>
+<title>WebSockets: Cookie in request</title>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src=../constants.sub.js></script>
+<meta name="variant" content="">
+<meta name="variant" content="?wss&wpt_flags=https">
+<meta name="variant" content="?wpt_flags=h2">
+<div id=log></div>
+<script>
+var cookie_id = ((new Date())-0) + '.' + Math.random();
+async_test(function(t) {
+  if (window.WebSocket) {
+    document.cookie = 'ws_test_'+cookie_id+'=test; Path=/';
+  }
+  t.add_cleanup(function() {
+    // remove cookie
+    document.cookie = 'ws_test_'+cookie_id+'=; Path=/; Expires=Sun, 06 Nov 1994 08:49:37 GMT';
+  });
+  var ws = new WebSocket(SCHEME_DOMAIN_PORT+'/echo-cookie');
+  ws.onmessage = t.step_func(function(e) {
+    assert_regexp_match(e.data, new RegExp('ws_test_'+cookie_id+'=test'));
+    ws.close();
+    t.done();
+  });
+  ws.onerror = ws.onclose = t.step_func(function(e) {assert_unreached(e.type)});
+});
+</script>
diff --git a/testing/web-platform/tests/websockets/cookies/002.html b/testing/web-platform/tests/websockets/cookies/002.html
new file mode 100644
index 0000000000..1a5e03e335
--- /dev/null
+++ b/testing/web-platform/tests/websockets/cookies/002.html
@@ -0,0 +1,26 @@
+<!doctype html>
+<title>WebSockets: Set-Cookie in response</title>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src=../constants.sub.js></script>
+<meta name="variant" content="">
+<meta name="variant" content="?wss&wpt_flags=https">
+<meta name="variant" content="?wpt_flags=h2">
+<div id=log></div>
+<script>
+var cookie_id = ((new Date())-0) + '.' + Math.random();
+async_test(function(t) {
+  t.add_cleanup(function() {
+    // remove cookie
+    document.cookie = 'ws_test_'+cookie_id+'=; Path=/; Expires=Sun, 06 Nov 1994 08:49:37 GMT';
+  });
+  var ws = new WebSocket(SCHEME_DOMAIN_PORT+'/set-cookie?'+cookie_id);
+  ws.onopen = t.step_func(function(e) {
+    assert_regexp_match(document.cookie, new RegExp('ws_test_'+cookie_id+'=test'));
+    ws.close();
+    ws.onclose = null;
+    t.done();
+  });
+  ws.onerror = ws.onclose = t.step_func(function(e) {assert_unreached(e.type)});
+});
+</script>
diff --git a/testing/web-platform/tests/websockets/cookies/003.html b/testing/web-platform/tests/websockets/cookies/003.html
new file mode 100644
index 0000000000..2af4735402
--- /dev/null
+++ b/testing/web-platform/tests/websockets/cookies/003.html
@@ -0,0 +1,34 @@
+<!doctype html>
+<title>WebSockets: sending HttpOnly cookies in ws request</title>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src=../constants.sub.js></script>
+<meta name="variant" content="">
+<meta name="variant" content="?wss&wpt_flags=https">
+<meta name="variant" content="?wpt_flags=h2">
+<div id=log></div>
+<script>
+setup({explicit_done:true})
+var cookie_id = ((new Date())-0) + '.' + Math.random();
+
+var t = async_test(function(t) {
+  var iframe = document.createElement('iframe');
+  t.add_cleanup(function() {
+    // remove cookie
+    iframe.src = 'support/set-cookie.py?'+encodeURIComponent('ws_test_'+cookie_id+'=; Path=/; HttpOnly; Expires=Sun, 06 Nov 1994 08:49:37 GMT');
+    iframe.onload = done;
+  });
+  iframe.src = 'support/set-cookie.py?'+encodeURIComponent('ws_test_'+cookie_id+'=test; Path=/; HttpOnly');
+  iframe.onload = t.step_func(function() {
+    var ws = new WebSocket(SCHEME_DOMAIN_PORT+'/echo-cookie');
+    ws.onmessage = t.step_func(function(e) {
+      ws.close();
+      ws.onclose = null;
+      assert_regexp_match(e.data, new RegExp('ws_test_'+cookie_id+'=test'));
+      t.done();
+    });
+    ws.onerror = ws.onclose = t.step_func(function(e) {assert_unreached(e.type)});
+  });
+  document.body.appendChild(iframe);
+});
+</script>
diff --git a/testing/web-platform/tests/websockets/cookies/004.html b/testing/web-platform/tests/websockets/cookies/004.html
new file mode 100644
index 0000000000..efc3a9f84d
--- /dev/null
+++ b/testing/web-platform/tests/websockets/cookies/004.html
@@ -0,0 +1,31 @@
+<!doctype html>
+<title>WebSockets: setting HttpOnly cookies in ws response, checking document.cookie</title>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src=../constants.sub.js></script>
+<meta name="variant" content="">
+<meta name="variant" content="?wss&wpt_flags=https">
+<div id=log></div>
+<script>
+setup({explicit_done:true})
+var cookie_id = ((new Date())-0) + '.' + Math.random();
+
+var t = async_test(function(t) {
+  var iframe = document.createElement('iframe');
+  t.add_cleanup(function() {
+    // remove cookie
+    iframe.src = 'support/set-cookie.py?'+encodeURIComponent('ws_test_'+cookie_id+'=; Path=/; HttpOnly; Expires=Sun, 06 Nov 1994 08:49:37 GMT');
+    iframe.onload = done;
+  });
+  var url = SCHEME_DOMAIN_PORT+'/set-cookie_http?'+cookie_id;
+  var ws = new WebSocket(url);
+  ws.onopen = t.step_func(function(e) {
+    ws.close();
+    ws.onclose = null;
+    assert_false(new RegExp('ws_test_'+cookie_id+'=test').test(document.cookie));
+    t.done();
+  });
+  ws.onerror = ws.onclose = t.step_func(function(e) {assert_unreached(e.type)});
+  document.body.appendChild(iframe);
+});
+</script>
diff --git a/testing/web-platform/tests/websockets/cookies/005.html b/testing/web-platform/tests/websockets/cookies/005.html
new file mode 100644
index 0000000000..8940d95127
--- /dev/null
+++ b/testing/web-platform/tests/websockets/cookies/005.html
@@ -0,0 +1,35 @@
+<!doctype html>
+<title>WebSockets: setting HttpOnly cookies in ws response, checking ws request</title>
+<meta name=timeout content=long>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src=../constants.sub.js></script>
+<meta name="variant" content="">
+<meta name="variant" content="?wss&wpt_flags=https">
+<div id=log></div>
+<script>
+setup({explicit_done:true})
+var cookie_id = ((new Date())-0) + '.' + Math.random();
+
+var t = async_test(function(t) {
+  var iframe = document.createElement('iframe');
+  t.add_cleanup(function() {
+    // remove cookie
+    iframe.src = 'support/set-cookie.py?'+encodeURIComponent('ws_test_'+cookie_id+'=; Path=/; HttpOnly; Expires=Sun, 06 Nov 1994 08:49:37 GMT');
+    iframe.onload = done;
+  });
+  var ws = new WebSocket(SCHEME_DOMAIN_PORT+'/set-cookie_http?'+cookie_id);
+  ws.onopen = t.step_func(function(e) {
+    var ws2 = new WebSocket(SCHEME_DOMAIN_PORT+'/echo-cookie');
+    ws2.onmessage = t.step_func(function(e) {
+      ws.close();
+      ws.onclose = null;
+      ws2.close();
+      assert_regexp_match(e.data, new RegExp('ws_test_'+cookie_id+'=test'));
+      t.done();
+    });
+  });
+  ws.onerror = ws.onclose = t.step_func(function(e) {assert_unreached(e.type)});
+  document.body.appendChild(iframe);
+})
+</script>
diff --git a/testing/web-platform/tests/websockets/cookies/006.html b/testing/web-platform/tests/websockets/cookies/006.html
new file mode 100644
index 0000000000..3c74363a43
--- /dev/null
+++ b/testing/web-platform/tests/websockets/cookies/006.html
@@ -0,0 +1,35 @@
+<!doctype html>
+<title>WebSockets: setting Secure cookie with document.cookie, checking ws request</title>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src=../constants.sub.js></script>
+<meta name="variant" content="">
+<meta name="variant" content="?wss&wpt_flags=https">
+<meta name="variant" content="?wpt_flags=h2">
+<div id=log></div>
+<script>
+var cookie_id = ((new Date())-0) + '.' + Math.random();
+async_test(function(t) {
+  if (window.WebSocket) {
+    document.cookie = 'ws_test_'+cookie_id+'=test; Path=/; Secure';
+  }
+  t.add_cleanup(function() {
+    // remove cookie
+    document.cookie = 'ws_test_'+cookie_id+'=; Path=/; Secure; Expires=Sun, 06 Nov 1994 08:49:37 GMT';
+  });
+  var ws = new WebSocket(SCHEME_DOMAIN_PORT+'/echo-cookie');
+  ws.onmessage = t.step_func(function(e) {
+    ws.close();
+    var cookie_was_seen = e.data.indexOf('ws_test_'+cookie_id+'=test') != -1;
+    if (SCHEME_DOMAIN_PORT.substr(0,3) == 'wss') {
+      assert_true(cookie_was_seen,
+                  'cookie should have been visible to wss');
+    } else {
+      assert_false(cookie_was_seen,
+                   'cookie should not have been visible to ws');
+    }
+    t.done();
+  })
+  ws.onerror = ws.onclose = t.step_func(function(e) {assert_unreached(e.type)});
+});
+</script>
diff --git a/testing/web-platform/tests/websockets/cookies/007.html b/testing/web-platform/tests/websockets/cookies/007.html
new file mode 100644
index 0000000000..2c214a1dbb
--- /dev/null
+++ b/testing/web-platform/tests/websockets/cookies/007.html
@@ -0,0 +1,36 @@
+<!doctype html>
+<title>WebSockets: when to process set-cookie fields in ws response</title>
+<meta name=timeout content=long>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src=../constants.sub.js></script>
+<meta name="variant" content="">
+<meta name="variant" content="?wss&wpt_flags=https">
+<meta name="variant" content="?wpt_flags=h2">
+<div id=log></div>
+<script>
+var cookie_id = ((new Date())-0) + '.' + Math.random();
+async_test(function(t) {
+  t.add_cleanup(function() {
+    // remove cookie
+    document.cookie = 'ws_test_'+cookie_id+'; Path=/; Expires=Sun, 06 Nov 1994 08:49:37 GMT';
+  });
+  var ws = new WebSocket(SCHEME_DOMAIN_PORT+'/set-cookie?'+cookie_id);
+  ws.onopen = t.step_func(function(e) {
+    ws.close();
+    ws.onclose = null;
+    assert_regexp_match(document.cookie, new RegExp('ws_test_'+cookie_id+'=test'));
+    t.done();
+  });
+  ws.onerror = ws.onclose = t.step_func(function() {assert_unreached()});
+
+  // sleep for 2 seconds with sync xhr
+  var sleep = new XMLHttpRequest();
+  sleep.open('GET', '/common/blank.html?pipe=trickle(d2)', false);
+  sleep.send(null);
+
+  if (new RegExp('ws_test_'+cookie_id+'=test').test(document.cookie)) {
+    assert_unreached('cookie was set during script execution');
+  }
+});
+</script>
diff --git a/testing/web-platform/tests/websockets/cookies/support/set-cookie.py b/testing/web-platform/tests/websockets/cookies/support/set-cookie.py
new file mode 100644
index 0000000000..71cd8bca60
--- /dev/null
+++ b/testing/web-platform/tests/websockets/cookies/support/set-cookie.py
@@ -0,0 +1,7 @@
+from urllib.parse import unquote
+
+from wptserve.utils import isomorphic_encode
+
+def main(request, response):
+    response.headers.set(b'Set-Cookie', isomorphic_encode(unquote(request.url_parts.query)))
+    return [(b"Content-Type", b"text/plain")], b""
diff --git a/testing/web-platform/tests/websockets/cookies/support/websocket-cookies-helper.sub.js b/testing/web-platform/tests/websockets/cookies/support/websocket-cookies-helper.sub.js
new file mode 100644
index 0000000000..a7fae2551e
--- /dev/null
+++ b/testing/web-platform/tests/websockets/cookies/support/websocket-cookies-helper.sub.js
@@ -0,0 +1,57 @@
+// Set up global variables.
+(_ => {
+  var HOST = '{{host}}';
+  var CROSS_ORIGIN_HOST = '{{hosts[alt][]}}';
+  var WSS_PORT = ':{{ports[wss][0]}}';
+  var HTTPS_PORT = ':{{ports[https][0]}}';
+
+  window.WSS_ORIGIN = 'wss://' + HOST + WSS_PORT;
+  window.WSS_CROSS_SITE_ORIGIN = 'wss://' + CROSS_ORIGIN_HOST + WSS_PORT;
+  window.HTTPS_ORIGIN = 'https://' + HOST + HTTPS_PORT;
+  window.HTTPS_CROSS_SITE_ORIGIN = 'https://' + CROSS_ORIGIN_HOST + HTTPS_PORT;
+})();
+
+// Sets a cookie with each SameSite option.
+function setSameSiteCookies(origin, value) {
+  return new Promise(resolve => {
+    const ws = new WebSocket(origin + '/set-cookies-samesite?value=' + value);
+    ws.onopen = () => {
+      ws.close();
+    };
+    ws.onclose = resolve;
+  });
+}
+
+// Clears cookies set by setSameSiteCookies().
+function clearSameSiteCookies(origin) {
+  return new Promise(resolve => {
+    const ws = new WebSocket(origin + '/set-cookies-samesite?clear');
+    ws.onopen = () => ws.close();
+    ws.onclose = resolve;
+  });
+}
+
+// Gets value of Cookie header sent in request.
+function connectAndGetRequestCookiesFrom(origin) {
+  return new Promise((resolve, reject) => {
+      var ws = new WebSocket(origin + '/echo-cookie');
+      ws.onmessage = evt => {
+          var cookies = evt.data
+          resolve(cookies);
+          ws.onerror = undefined;
+          ws.onclose = undefined;
+      };
+      ws.onerror = () => reject('Unexpected error event');
+      ws.onclose = evt => reject('Unexpected close event: ' + JSON.stringify(evt));
+  });
+}
+
+// Assert that a given cookie is or is not present in the string |cookies|.
+function assertCookie(cookies, name, value, present) {
+  var assertion = present ? assert_true : assert_false;
+  var description = name + '=' + value + ' cookie is' +
+                    (present ? ' ' : ' not ') + 'present.';
+  var re = new RegExp('(?:^|; )' + name + '=' + value + '(?:$|;)');
+  assertion(re.test(cookies), description);
+}
+
diff --git a/testing/web-platform/tests/websockets/cookies/third-party-cookie-accepted.https.html b/testing/web-platform/tests/websockets/cookies/third-party-cookie-accepted.https.html
new file mode 100644
index 0000000000..208d297016
--- /dev/null
+++ b/testing/web-platform/tests/websockets/cookies/third-party-cookie-accepted.https.html
@@ -0,0 +1,25 @@
+<!DOCTYPE html>
+<meta charset="utf-8"/>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="support/websocket-cookies-helper.sub.js"></script>
+<script>
+promise_test(() => {
+  var value = '' + Math.random();
+  var origin = WSS_CROSS_SITE_ORIGIN;
+  return setSameSiteCookies(origin, value).then(
+    () => { return connectAndGetRequestCookiesFrom(origin); }
+  ).then(
+    cookies => {
+      assert_not_equals(cookies, '(none)', 'request should contain cookies.');
+      // SameSite cookies are blocked.
+      assertCookie(cookies, 'samesite-unspecified', value, false /* present */);
+      assertCookie(cookies, 'samesite-lax', value, false /* present */);
+      assertCookie(cookies, 'samesite-strict', value, false /* present */);
+      // SameSite=None third-party cookie is not blocked.
+      assertCookie(cookies, 'samesite-none', value, true /* present */);
+      return clearSameSiteCookies(origin);
+    }
+  );
+}, 'Test that third-party cookies are accepted for WebSockets.');
+</script>
-- 
cgit v1.2.3