Adding upstream version 124.0.1.upstream/124.0.1

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

4 files changed, 205 insertions, 0 deletions

diff --git a/testing/web-platform/tests/cookies/partitioned-cookies/partitioned-cookies.tentative.https.html b/testing/web-platform/tests/cookies/partitioned-cookies/partitioned-cookies.tentative.https.html
new file mode 100644
index 0000000000..deab669101
--- /dev/null
+++ b/testing/web-platform/tests/cookies/partitioned-cookies/partitioned-cookies.tentative.https.html
@@ -0,0 +1,72 @@
+<!DOCTYPE html>
+<meta charset="utf-8"/>
+<meta name="timeout" content="long">
+<meta name="help" href="https://github.com/WICG/CHIPS#chips-cookies-having-independent-partitioned-state">
+<title>Test partitioned cookies</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="/cookies/resources/cookie-helper.sub.js"></script>
+<script src="/cookies/partitioned-cookies/resources/test-helpers.js"></script>
+
+<body>
+<script>
+
+document.body.onload = async () => {
+  // First, the test sets a SameSite=None;Partitioned; cookie.
+  const attributes = "Secure;Path=/;SameSite=None;Partitioned";
+  const httpCookieName = "__Host-pchttp";
+  await credFetch(
+      `${self.origin}/cookies/resources/set.py?${httpCookieName}=foobar;${
+          attributes}`);
+
+  // Set another partitioned cookie using document.cookie.
+  const domCookieName = "__Host-pcdom";
+  document.cookie = `${domCookieName}=foobar;${attributes}`;
+
+  // Set another partitioned cookie using the CookieStore API, if supported.
+  if (window.cookieStore) {
+    const cookieStoreCookieName = "__Host-pccookiestore";
+    await cookieStore.set({
+      name: cookieStoreCookieName,
+      value: "foobar",
+      path: "/",
+      sameSite: "none",
+      partitioned: true,
+    });
+  }
+
+  const cookieNames = getCookieNames();
+
+  // Verify that the cookies are sent in requests from this top-level site.
+  testHttpPartitionedCookies({
+    origin: self.origin,
+    cookieNames,
+    expectsCookie: true,
+  });
+
+  // Verify that the cookies are exposed to the DOM on this top-level site.
+  testDomPartitionedCookies({
+    cookieNames,
+    expectsCookie: true,
+  });
+  testCookieStorePartitionedCookies({
+    cookieNames,
+    expectsCookie: true,
+  });
+
+  // Open a cross-site window which will make a request to this window's origin.
+  // If partitioned cookies are disabled, then the cookies set above will still
+  // be accessible.
+  // If partitioned cookies are enabled, then the cookies should not be
+  // accessible to their origin in a window with a different top-level site.
+  const crossSiteUrl = new URL(
+      `./resources/partitioned-cookies-cross-site-window.html?origin=${
+          encodeURIComponent(self.origin)}`,
+      get_host_info().HTTPS_NOTSAMESITE_ORIGIN + self.location.pathname);
+  const popup = window.open(crossSiteUrl);
+  fetch_tests_from_window(popup);
+};
+
+</script>
+</body>
diff --git a/testing/web-platform/tests/cookies/partitioned-cookies/resources/partitioned-cookies-cross-site-embed.html b/testing/web-platform/tests/cookies/partitioned-cookies/resources/partitioned-cookies-cross-site-embed.html
new file mode 100644
index 0000000000..05a99626dc
--- /dev/null
+++ b/testing/web-platform/tests/cookies/partitioned-cookies/resources/partitioned-cookies-cross-site-embed.html
@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<meta charset="utf-8"/>
+<meta name="timeout" content="long">
+<title>Test site embedded in a cross-site context</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="/cookies/resources/cookie-helper.sub.js"></script>
+<script src="/cookies/partitioned-cookies/resources/test-helpers.js"></script>
+<body>
+<script>
+
+const cookieNames = getCookieNames();
+
+testDomPartitionedCookies({
+  cookieNames,
+  expectsCookie: false,
+});
+
+testCookieStorePartitionedCookies({
+  cookieNames,
+  expectsCookie: false,
+});
+
+</script>
+</body>
diff --git a/testing/web-platform/tests/cookies/partitioned-cookies/resources/partitioned-cookies-cross-site-window.html b/testing/web-platform/tests/cookies/partitioned-cookies/resources/partitioned-cookies-cross-site-window.html
new file mode 100644
index 0000000000..ca1a27c8a0
--- /dev/null
+++ b/testing/web-platform/tests/cookies/partitioned-cookies/resources/partitioned-cookies-cross-site-window.html
@@ -0,0 +1,43 @@
+<!DOCTYPE html>
+<meta charset="utf-8"/>
+<meta name="timeout" content="long">
+<title>Cross-site window</title>
+<script src="/resources/testharness.js"></script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="/cookies/resources/cookie-helper.sub.js"></script>
+<script src="/cookies/partitioned-cookies/resources/test-helpers.js"></script>
+
+<body>
+<script>
+
+let origin;
+
+// Test that parent window passed its origin in the URL parameters correctly.
+test(() => {
+  assert_true(window.location.search.startsWith("?origin="));
+  origin = decodeURIComponent(window.location.search.slice(
+      window.location.search.indexOf("?origin=") + 8));
+}, "Cross-site window opened correctly");
+
+// Test that the request to the parent window's origin does not contain the
+// partitioned cookie.
+testHttpPartitionedCookies({
+  origin,
+  cookieNames: getCookieNames(),
+  expectsCookie: false,
+});
+
+// Create a cross-site <iframe> which embeds the cookies' origin into this
+// page.
+const iframe = document.createElement("iframe");
+const url = new URL(
+    "/cookies/partitioned-cookies/resources/" +
+        "partitioned-cookies-cross-site-embed.html",
+    origin);
+iframe.src = String(url);
+document.body.appendChild(iframe);
+
+fetch_tests_from_window(iframe.contentWindow);
+
+</script>
+</body>
diff --git a/testing/web-platform/tests/cookies/partitioned-cookies/resources/test-helpers.js b/testing/web-platform/tests/cookies/partitioned-cookies/resources/test-helpers.js
new file mode 100644
index 0000000000..0ecaa63c39
--- /dev/null
+++ b/testing/web-platform/tests/cookies/partitioned-cookies/resources/test-helpers.js
@@ -0,0 +1,64 @@
+// Test that a partitioned cookie set by |origin| with name |cookieName| is
+// or is not sent in a request to |origin|.
+//
+// If |expectsCookie| is true, then the test cookie should be present in the
+// request.
+function testHttpPartitionedCookies({origin, cookieNames, expectsCookie}) {
+  promise_test(async () => {
+    const resp = await credFetch(`${origin}/cookies/resources/list.py`);
+    const cookies = await resp.json();
+    for (const cookieName of cookieNames) {
+      assert_equals(
+          cookies.hasOwnProperty(cookieName), expectsCookie,
+          getPartitionedCookieAssertDesc(expectsCookie, cookieName));
+    }
+  }, getPartitionedCookieTestName(expectsCookie, "HTTP"));
+}
+
+function getPartitionedCookieTestName(expectsCookie, cookieType) {
+  if (expectsCookie) {
+    return "Partitioned cookies accessible on the top-level site they are " +
+        `created in via ${cookieType}`;
+  }
+  return "Partitioned cookies are not accessible on a different top-level " +
+      `site via ${cookieType}`;
+}
+
+function getPartitionedCookieAssertDesc(expectsCookie, cookieName) {
+  if (expectsCookie) {
+    return `Expected ${cookieName} to be available on the top-level site it ` +
+        "was created in";
+  }
+  return `Expected ${cookieName} to not be available on a different ` +
+      "top-level site";
+}
+
+function testDomPartitionedCookies({cookieNames, expectsCookie}) {
+  test(() => {
+    for (const cookieName of cookieNames) {
+      assert_equals(
+          document.cookie.includes(cookieName), expectsCookie,
+          getPartitionedCookieAssertDesc(expectsCookie, cookieName));
+    }
+  }, getPartitionedCookieTestName(expectsCookie, "DOM"));
+}
+
+function testCookieStorePartitionedCookies({cookieNames, expectsCookie}) {
+  if (!window.cookieStore) return;
+  promise_test(async () => {
+    const cookies = await cookieStore.getAll({partitioned: true});
+    for (const cookieName of cookieNames) {
+      assert_equals(
+          !!cookies.find(c => c.name === cookieName), expectsCookie,
+          getPartitionedCookieAssertDesc(expectsCookie, cookieName));
+    }
+  }, getPartitionedCookieTestName(expectsCookie, "CookieStore"));
+}
+
+function getCookieNames() {
+  const cookieNames = ["__Host-pchttp", "__Host-pcdom"];
+  if (window.cookieStore) {
+    cookieNames.push("__Host-pccookiestore");
+  }
+  return cookieNames;
+}