summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/cookies/partitioned-cookies
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 00:47:55 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 00:47:55 +0000
commit26a029d407be480d791972afb5975cf62c9360a6 (patch)
treef435a8308119effd964b339f76abb83a57c29483 /testing/web-platform/tests/cookies/partitioned-cookies
parentInitial commit. (diff)
downloadfirefox-26a029d407be480d791972afb5975cf62c9360a6.tar.xz
firefox-26a029d407be480d791972afb5975cf62c9360a6.zip
Adding upstream version 124.0.1.upstream/124.0.1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'testing/web-platform/tests/cookies/partitioned-cookies')
-rw-r--r--testing/web-platform/tests/cookies/partitioned-cookies/partitioned-cookies.tentative.https.html72
-rw-r--r--testing/web-platform/tests/cookies/partitioned-cookies/resources/partitioned-cookies-cross-site-embed.html26
-rw-r--r--testing/web-platform/tests/cookies/partitioned-cookies/resources/partitioned-cookies-cross-site-window.html43
-rw-r--r--testing/web-platform/tests/cookies/partitioned-cookies/resources/test-helpers.js64
4 files changed, 205 insertions, 0 deletions
diff --git a/testing/web-platform/tests/cookies/partitioned-cookies/partitioned-cookies.tentative.https.html b/testing/web-platform/tests/cookies/partitioned-cookies/partitioned-cookies.tentative.https.html
new file mode 100644
index 0000000000..deab669101
--- /dev/null
+++ b/testing/web-platform/tests/cookies/partitioned-cookies/partitioned-cookies.tentative.https.html
@@ -0,0 +1,72 @@
+<!DOCTYPE html>
+<meta charset="utf-8"/>
+<meta name="timeout" content="long">
+<meta name="help" href="https://github.com/WICG/CHIPS#chips-cookies-having-independent-partitioned-state">
+<title>Test partitioned cookies</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="/cookies/resources/cookie-helper.sub.js"></script>
+<script src="/cookies/partitioned-cookies/resources/test-helpers.js"></script>
+
+<body>
+<script>
+
+document.body.onload = async () => {
+ // First, the test sets a SameSite=None;Partitioned; cookie.
+ const attributes = "Secure;Path=/;SameSite=None;Partitioned";
+ const httpCookieName = "__Host-pchttp";
+ await credFetch(
+ `${self.origin}/cookies/resources/set.py?${httpCookieName}=foobar;${
+ attributes}`);
+
+ // Set another partitioned cookie using document.cookie.
+ const domCookieName = "__Host-pcdom";
+ document.cookie = `${domCookieName}=foobar;${attributes}`;
+
+ // Set another partitioned cookie using the CookieStore API, if supported.
+ if (window.cookieStore) {
+ const cookieStoreCookieName = "__Host-pccookiestore";
+ await cookieStore.set({
+ name: cookieStoreCookieName,
+ value: "foobar",
+ path: "/",
+ sameSite: "none",
+ partitioned: true,
+ });
+ }
+
+ const cookieNames = getCookieNames();
+
+ // Verify that the cookies are sent in requests from this top-level site.
+ testHttpPartitionedCookies({
+ origin: self.origin,
+ cookieNames,
+ expectsCookie: true,
+ });
+
+ // Verify that the cookies are exposed to the DOM on this top-level site.
+ testDomPartitionedCookies({
+ cookieNames,
+ expectsCookie: true,
+ });
+ testCookieStorePartitionedCookies({
+ cookieNames,
+ expectsCookie: true,
+ });
+
+ // Open a cross-site window which will make a request to this window's origin.
+ // If partitioned cookies are disabled, then the cookies set above will still
+ // be accessible.
+ // If partitioned cookies are enabled, then the cookies should not be
+ // accessible to their origin in a window with a different top-level site.
+ const crossSiteUrl = new URL(
+ `./resources/partitioned-cookies-cross-site-window.html?origin=${
+ encodeURIComponent(self.origin)}`,
+ get_host_info().HTTPS_NOTSAMESITE_ORIGIN + self.location.pathname);
+ const popup = window.open(crossSiteUrl);
+ fetch_tests_from_window(popup);
+};
+
+</script>
+</body>
diff --git a/testing/web-platform/tests/cookies/partitioned-cookies/resources/partitioned-cookies-cross-site-embed.html b/testing/web-platform/tests/cookies/partitioned-cookies/resources/partitioned-cookies-cross-site-embed.html
new file mode 100644
index 0000000000..05a99626dc
--- /dev/null
+++ b/testing/web-platform/tests/cookies/partitioned-cookies/resources/partitioned-cookies-cross-site-embed.html
@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<meta charset="utf-8"/>
+<meta name="timeout" content="long">
+<title>Test site embedded in a cross-site context</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="/cookies/resources/cookie-helper.sub.js"></script>
+<script src="/cookies/partitioned-cookies/resources/test-helpers.js"></script>
+<body>
+<script>
+
+const cookieNames = getCookieNames();
+
+testDomPartitionedCookies({
+ cookieNames,
+ expectsCookie: false,
+});
+
+testCookieStorePartitionedCookies({
+ cookieNames,
+ expectsCookie: false,
+});
+
+</script>
+</body>
diff --git a/testing/web-platform/tests/cookies/partitioned-cookies/resources/partitioned-cookies-cross-site-window.html b/testing/web-platform/tests/cookies/partitioned-cookies/resources/partitioned-cookies-cross-site-window.html
new file mode 100644
index 0000000000..ca1a27c8a0
--- /dev/null
+++ b/testing/web-platform/tests/cookies/partitioned-cookies/resources/partitioned-cookies-cross-site-window.html
@@ -0,0 +1,43 @@
+<!DOCTYPE html>
+<meta charset="utf-8"/>
+<meta name="timeout" content="long">
+<title>Cross-site window</title>
+<script src="/resources/testharness.js"></script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="/cookies/resources/cookie-helper.sub.js"></script>
+<script src="/cookies/partitioned-cookies/resources/test-helpers.js"></script>
+
+<body>
+<script>
+
+let origin;
+
+// Test that parent window passed its origin in the URL parameters correctly.
+test(() => {
+ assert_true(window.location.search.startsWith("?origin="));
+ origin = decodeURIComponent(window.location.search.slice(
+ window.location.search.indexOf("?origin=") + 8));
+}, "Cross-site window opened correctly");
+
+// Test that the request to the parent window's origin does not contain the
+// partitioned cookie.
+testHttpPartitionedCookies({
+ origin,
+ cookieNames: getCookieNames(),
+ expectsCookie: false,
+});
+
+// Create a cross-site <iframe> which embeds the cookies' origin into this
+// page.
+const iframe = document.createElement("iframe");
+const url = new URL(
+ "/cookies/partitioned-cookies/resources/" +
+ "partitioned-cookies-cross-site-embed.html",
+ origin);
+iframe.src = String(url);
+document.body.appendChild(iframe);
+
+fetch_tests_from_window(iframe.contentWindow);
+
+</script>
+</body>
diff --git a/testing/web-platform/tests/cookies/partitioned-cookies/resources/test-helpers.js b/testing/web-platform/tests/cookies/partitioned-cookies/resources/test-helpers.js
new file mode 100644
index 0000000000..0ecaa63c39
--- /dev/null
+++ b/testing/web-platform/tests/cookies/partitioned-cookies/resources/test-helpers.js
@@ -0,0 +1,64 @@
+// Test that a partitioned cookie set by |origin| with name |cookieName| is
+// or is not sent in a request to |origin|.
+//
+// If |expectsCookie| is true, then the test cookie should be present in the
+// request.
+function testHttpPartitionedCookies({origin, cookieNames, expectsCookie}) {
+ promise_test(async () => {
+ const resp = await credFetch(`${origin}/cookies/resources/list.py`);
+ const cookies = await resp.json();
+ for (const cookieName of cookieNames) {
+ assert_equals(
+ cookies.hasOwnProperty(cookieName), expectsCookie,
+ getPartitionedCookieAssertDesc(expectsCookie, cookieName));
+ }
+ }, getPartitionedCookieTestName(expectsCookie, "HTTP"));
+}
+
+function getPartitionedCookieTestName(expectsCookie, cookieType) {
+ if (expectsCookie) {
+ return "Partitioned cookies accessible on the top-level site they are " +
+ `created in via ${cookieType}`;
+ }
+ return "Partitioned cookies are not accessible on a different top-level " +
+ `site via ${cookieType}`;
+}
+
+function getPartitionedCookieAssertDesc(expectsCookie, cookieName) {
+ if (expectsCookie) {
+ return `Expected ${cookieName} to be available on the top-level site it ` +
+ "was created in";
+ }
+ return `Expected ${cookieName} to not be available on a different ` +
+ "top-level site";
+}
+
+function testDomPartitionedCookies({cookieNames, expectsCookie}) {
+ test(() => {
+ for (const cookieName of cookieNames) {
+ assert_equals(
+ document.cookie.includes(cookieName), expectsCookie,
+ getPartitionedCookieAssertDesc(expectsCookie, cookieName));
+ }
+ }, getPartitionedCookieTestName(expectsCookie, "DOM"));
+}
+
+function testCookieStorePartitionedCookies({cookieNames, expectsCookie}) {
+ if (!window.cookieStore) return;
+ promise_test(async () => {
+ const cookies = await cookieStore.getAll({partitioned: true});
+ for (const cookieName of cookieNames) {
+ assert_equals(
+ !!cookies.find(c => c.name === cookieName), expectsCookie,
+ getPartitionedCookieAssertDesc(expectsCookie, cookieName));
+ }
+ }, getPartitionedCookieTestName(expectsCookie, "CookieStore"));
+}
+
+function getCookieNames() {
+ const cookieNames = ["__Host-pchttp", "__Host-pcdom"];
+ if (window.cookieStore) {
+ cookieNames.push("__Host-pccookiestore");
+ }
+ return cookieNames;
+}