Adding upstream version 124.0.1.upstream/124.0.1

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

7 files changed, 303 insertions, 0 deletions

diff --git a/testing/web-platform/tests/fetch/connection-pool/resources/network-partition-about-blank-checker.html b/testing/web-platform/tests/fetch/connection-pool/resources/network-partition-about-blank-checker.html
new file mode 100644
index 0000000000..7a8b613237
--- /dev/null
+++ b/testing/web-platform/tests/fetch/connection-pool/resources/network-partition-about-blank-checker.html
@@ -0,0 +1,35 @@
+<!doctype html>
+<html>
+<head>
+  <meta charset="utf-8">
+  <title>about:blank Network Partition Checker</title>
+  <meta name="help" href="https://fetch.spec.whatwg.org/#network-partition-keys">
+  <meta name="timeout" content="normal">
+</head>
+<body>
+<script>
+  async function fetch_and_reply() {
+    // Load about:blank in a new tab, and inject the network partition checking code into it.
+    var win;
+    try {
+      win = window.open();
+      var url = 'SUBRESOURCE_PREFIX:&dispatch=fetch_file&path=fetch/connection-pool/resources/network-partition-checker.html&sandbox=true';
+      var response = await fetch(url, {credentials: 'omit', mode: 'cors'});
+      win.document.write(await response.text());
+    } catch (e) {
+      win.close();
+      window.parent.postMessage({result: 'error', details: e.message}, '*');
+      return;
+    }
+
+    // Listen for first message from the new window and pass it back to the parent.
+    function message_listener(event) {
+      window.parent.postMessage(event.data, '*');
+      win.close();
+    }
+    window.addEventListener('message', message_listener, {once: true});
+  }
+  fetch_and_reply();
+</script>
+</body>
+</html>
diff --git a/testing/web-platform/tests/fetch/connection-pool/resources/network-partition-checker.html b/testing/web-platform/tests/fetch/connection-pool/resources/network-partition-checker.html
new file mode 100644
index 0000000000..b058f61124
--- /dev/null
+++ b/testing/web-platform/tests/fetch/connection-pool/resources/network-partition-checker.html
@@ -0,0 +1,30 @@
+<!doctype html>
+<html>
+<head>
+  <meta charset="utf-8">
+  <title>Network Partition Checker</title>
+  <meta name="help" href="https://fetch.spec.whatwg.org/#network-partition-keys">
+  <meta name="timeout" content="normal">
+  <script src="SUBRESOURCE_PREFIX:&dispatch=fetch_file&path=common/utils.js"></script>
+  <script src="SUBRESOURCE_PREFIX:&dispatch=fetch_file&path=resources/testharness.js"></script>
+  <script src="SUBRESOURCE_PREFIX:&dispatch=fetch_file&path=fetch/connection-pool/resources/network-partition-key.js"></script>
+</head>
+<body>
+<script>
+  async function fetch_and_reply() {
+    // If this is a top level window, report to the opener. Otherwise, this is an iframe,
+    // so report to the parent.
+    var report_to = window.opener;
+    if (!report_to)
+      report_to = window.parent;
+    try {
+       await check_partition_ids();
+       report_to.postMessage({result: 'success'}, '*');
+    } catch (e) {
+     report_to.postMessage({result: 'error', details: e.message}, '*');
+    }
+  }
+  fetch_and_reply();
+</script>
+</body>
+</html>
diff --git a/testing/web-platform/tests/fetch/connection-pool/resources/network-partition-iframe-checker.html b/testing/web-platform/tests/fetch/connection-pool/resources/network-partition-iframe-checker.html
new file mode 100644
index 0000000000..f76ed18447
--- /dev/null
+++ b/testing/web-platform/tests/fetch/connection-pool/resources/network-partition-iframe-checker.html
@@ -0,0 +1,22 @@
+<!doctype html>
+<html>
+<head>
+  <meta charset="utf-8">
+  <title>Iframe Network Partition Checker</title>
+  <meta name="help" href="https://fetch.spec.whatwg.org/#network-partition-keys">
+  <meta name="timeout" content="normal">
+  <script src="SUBRESOURCE_PREFIX:&dispatch=fetch_file&path=common/utils.js"></script>
+  <script src="SUBRESOURCE_PREFIX:&dispatch=fetch_file&path=resources/testharness.js"></script>
+  <script src="SUBRESOURCE_PREFIX:&dispatch=fetch_file&path=fetch/connection-pool/resources/network-partition-key.js"></script>
+</head>
+<body>
+<script>
+  // Listen for first message from the iframe, and pass it back to the opener.
+  function message_listener(event) {
+    window.opener.postMessage(event.data, '*');
+  }
+  window.addEventListener('message', message_listener, {once: 'true'});
+</script>
+<iframe src="SUBRESOURCE_PREFIX:&dispatch=fetch_file&path=fetch/connection-pool/resources/network-partition-checker.html"></iframe>
+</body>
+</html>
diff --git a/testing/web-platform/tests/fetch/connection-pool/resources/network-partition-key.js b/testing/web-platform/tests/fetch/connection-pool/resources/network-partition-key.js
new file mode 100644
index 0000000000..bd66109380
--- /dev/null
+++ b/testing/web-platform/tests/fetch/connection-pool/resources/network-partition-key.js
@@ -0,0 +1,47 @@
+// Runs multiple fetches that validate connections see only a single partition_id.
+// Requests are run in parallel so that they use multiple connections to maximize the
+// chance of exercising all matching connections in the connection pool. Only returns
+// once all requests have completed to make cleaning up server state non-racy.
+function check_partition_ids(location) {
+  const NUM_FETCHES = 20;
+
+  var base_url = 'SUBRESOURCE_PREFIX:&dispatch=check_partition';
+
+  // Not a perfect parse of the query string, but good enough for this test.
+  var include_credentials = base_url.search('include_credentials=true') != -1;
+  var exclude_credentials = base_url.search('include_credentials=false') != -1;
+  if (include_credentials != !exclude_credentials)
+    throw new Exception('Credentials mode not specified');
+
+
+  // Run NUM_FETCHES in parallel.
+  var fetches = [];
+  for (i = 0; i < NUM_FETCHES; ++i) {
+    var fetch_params = {
+      credentials: 'omit',
+      mode: 'cors',
+      headers: {
+        'Header-To-Force-CORS': 'cors'
+      },
+    };
+
+    // Use a unique URL for each request, in case the caching layer serializes multiple
+    // requests for the same URL.
+    var url = `${base_url}&${token()}`;
+
+    fetches.push(fetch(url, fetch_params).then(
+        function (response) {
+          return response.text().then(function(text) {
+            assert_equals(text, 'ok', `Socket unexpectedly reused`);
+          });
+        }));
+  }
+
+  // Wait for all promises to complete.
+  return Promise.allSettled(fetches).then(function (results) {
+    results.forEach(function (result) {
+      if (result.status != 'fulfilled')
+        throw result.reason;
+    });
+  });
+}
diff --git a/testing/web-platform/tests/fetch/connection-pool/resources/network-partition-key.py b/testing/web-platform/tests/fetch/connection-pool/resources/network-partition-key.py
new file mode 100644
index 0000000000..32fe4999b7
--- /dev/null
+++ b/testing/web-platform/tests/fetch/connection-pool/resources/network-partition-key.py
@@ -0,0 +1,130 @@
+import mimetypes
+import os
+
+from wptserve.utils import isomorphic_decode, isomorphic_encode
+
+# Test server that tracks the last partition_id was used with each connection for each uuid, and
+# lets consumers query if multiple different partition_ids have been been used for any socket.
+#
+# Server assumes that ports aren't reused, so a client address and a server port uniquely identify
+# a connection. If that constraint is ever violated, the test will be flaky. No sockets being
+# closed for the duration of the test is sufficient to ensure that, though even if sockets are
+# closed, the OS should generally prefer to use new ports for new connections, if any are
+# available.
+def main(request, response):
+    response.headers.set(b"Cache-Control", b"no-store")
+    dispatch = request.GET.first(b"dispatch", None)
+    uuid = request.GET.first(b"uuid", None)
+    partition_id = request.GET.first(b"partition_id", None)
+
+    if not uuid or not dispatch or not partition_id:
+        return simple_response(request, response, 404, b"Not found", b"Invalid query parameters")
+
+    # Unless nocheck_partition is true, check partition_id against server_state, and update server_state.
+    stash = request.server.stash
+    test_failed = False
+    request_count = 0;
+    connection_count = 0;
+    if request.GET.first(b"nocheck_partition", None) != b"True":
+        # Need to grab the lock to access the Stash, since requests are made in parallel.
+        with stash.lock:
+            # Don't use server hostname here, since H2 allows multiple hosts to reuse a connection.
+            # Server IP is not currently available, unfortunately.
+            address_key = isomorphic_encode(str(request.client_address) + u"|" + str(request.url_parts.port))
+            server_state = stash.take(uuid) or {b"test_failed": False,
+              b"request_count": 0, b"connection_count": 0}
+            request_count = server_state[b"request_count"]
+            request_count += 1
+            server_state[b"request_count"] = request_count
+            if address_key in server_state:
+                if server_state[address_key] != partition_id:
+                    server_state[b"test_failed"] = True
+            else:
+                connection_count = server_state[b"connection_count"]
+                connection_count += 1
+                server_state[b"connection_count"] = connection_count
+            server_state[address_key] = partition_id
+            test_failed = server_state[b"test_failed"]
+            stash.put(uuid, server_state)
+
+    origin = request.headers.get(b"Origin")
+    if origin:
+        response.headers.set(b"Access-Control-Allow-Origin", origin)
+        response.headers.set(b"Access-Control-Allow-Credentials", b"true")
+
+    if request.method == u"OPTIONS":
+        return handle_preflight(request, response)
+
+    if dispatch == b"fetch_file":
+        return handle_fetch_file(request, response, partition_id, uuid)
+
+    if dispatch == b"check_partition":
+        status = request.GET.first(b"status", 200)
+        if test_failed:
+            return simple_response(request, response, status, b"OK", b"Multiple partition IDs used on a socket")
+        body = b"ok"
+        if request.GET.first(b"addcounter", False):
+            body += (". Request was sent " + str(request_count) + " times. " +
+             str(connection_count) + " connections were created.").encode('utf-8')
+        return simple_response(request, response, status, b"OK", body)
+
+    if dispatch == b"clean_up":
+        stash.take(uuid)
+        if test_failed:
+            return simple_response(request, response, 200, b"OK", b"Test failed, but cleanup completed.")
+        return simple_response(request, response, 200, b"OK", b"cleanup complete")
+
+    return simple_response(request, response, 404, b"Not Found", b"Unrecognized dispatch parameter: " + dispatch)
+
+def handle_preflight(request, response):
+    response.status = (200, b"OK")
+    response.headers.set(b"Access-Control-Allow-Methods", b"GET")
+    response.headers.set(b"Access-Control-Allow-Headers", b"header-to-force-cors")
+    response.headers.set(b"Access-Control-Max-Age", b"86400")
+    return b"Preflight request"
+
+def simple_response(request, response, status_code, status_message, body, content_type=b"text/plain"):
+    response.status = (status_code, status_message)
+    response.headers.set(b"Content-Type", content_type)
+    return body
+
+def handle_fetch_file(request, response, partition_id, uuid):
+    subresource_origin = request.GET.first(b"subresource_origin", None)
+    rel_path = request.GET.first(b"path", None)
+
+    # This needs to be passed on to subresources so they all have access to it.
+    include_credentials = request.GET.first(b"include_credentials", None)
+    if not subresource_origin or not rel_path or not include_credentials:
+        return simple_response(request, response, 404, b"Not found", b"Invalid query parameters")
+
+    cur_path = os.path.realpath(isomorphic_decode(__file__))
+    base_path = os.path.abspath(os.path.join(os.path.dirname(cur_path), os.pardir, os.pardir, os.pardir))
+    path = os.path.abspath(os.path.join(base_path, isomorphic_decode(rel_path)))
+
+    # Basic security check.
+    if not path.startswith(base_path):
+        return simple_response(request, response, 404, b"Not found", b"Invalid path")
+
+    sandbox = request.GET.first(b"sandbox", None)
+    if sandbox == b"true":
+        response.headers.set(b"Content-Security-Policy", b"sandbox allow-scripts")
+
+    file = open(path, mode="rb")
+    body = file.read()
+    file.close()
+
+    subresource_path = b"/" + isomorphic_encode(os.path.relpath(isomorphic_decode(__file__), base_path)).replace(b'\\', b'/')
+    subresource_params = b"?partition_id=" + partition_id + b"&uuid=" + uuid + b"&subresource_origin=" + subresource_origin + b"&include_credentials=" + include_credentials
+    body = body.replace(b"SUBRESOURCE_PREFIX:", subresource_origin + subresource_path + subresource_params)
+
+    other_origin = request.GET.first(b"other_origin", None)
+    if other_origin:
+        body = body.replace(b"OTHER_PREFIX:", other_origin + subresource_path + subresource_params)
+
+    mimetypes.init()
+    mimetype_pair = mimetypes.guess_type(path)
+    mimetype = mimetype_pair[0]
+
+    if mimetype == None or mimetype_pair[1] != None:
+        return simple_response(request, response, 500, b"Server Error", b"Unknown MIME type")
+    return simple_response(request, response, 200, b"OK", body, mimetype)
diff --git a/testing/web-platform/tests/fetch/connection-pool/resources/network-partition-worker-checker.html b/testing/web-platform/tests/fetch/connection-pool/resources/network-partition-worker-checker.html
new file mode 100644
index 0000000000..e6b7ea7673
--- /dev/null
+++ b/testing/web-platform/tests/fetch/connection-pool/resources/network-partition-worker-checker.html
@@ -0,0 +1,24 @@
+<!doctype html>
+<html>
+<head>
+  <meta charset="utf-8">
+  <title>Worker Network Partition Checker</title>
+  <meta name="help" href="https://fetch.spec.whatwg.org/#network-partition-keys">
+  <meta name="timeout" content="normal">
+  <script src="SUBRESOURCE_PREFIX:&dispatch=fetch_file&path=common/utils.js"></script>
+  <script src="SUBRESOURCE_PREFIX:&dispatch=fetch_file&path=resources/testharness.js"></script>
+  <script src="SUBRESOURCE_PREFIX:&dispatch=fetch_file&path=fetch/connection-pool/resources/network-partition-key.js"></script>
+</head>
+<body>
+<script>
+    // Workers must be same origin as the page loading them, but it's simpler to reuse the
+    // OTHER_PREFIX mechanism in the Python code than to craft the URL in Javascript here.
+    var worker = new Worker('OTHER_PREFIX:&dispatch=fetch_file&path=fetch/connection-pool/resources/network-partition-worker.js');
+    function message_listener(event) {
+      window.opener.postMessage(event.data, '*');
+      worker.terminate();
+    }
+    worker.addEventListener('message', message_listener);
+</script>
+</body>
+</html>
diff --git a/testing/web-platform/tests/fetch/connection-pool/resources/network-partition-worker.js b/testing/web-platform/tests/fetch/connection-pool/resources/network-partition-worker.js
new file mode 100644
index 0000000000..1745edfacb
--- /dev/null
+++ b/testing/web-platform/tests/fetch/connection-pool/resources/network-partition-worker.js
@@ -0,0 +1,15 @@
+// This tests the partition key of fetches to subresouce_origin made by the worker and
+// imported scripts from subresource_origin.
+importScripts('SUBRESOURCE_PREFIX:&dispatch=fetch_file&path=common/utils.js');
+importScripts('SUBRESOURCE_PREFIX:&dispatch=fetch_file&path=resources/testharness.js');
+importScripts('SUBRESOURCE_PREFIX:&dispatch=fetch_file&path=fetch/connection-pool/resources/network-partition-key.js');
+
+async function fetch_and_reply() {
+  try {
+     await check_partition_ids();
+     self.postMessage({result: 'success'});
+  } catch (e) {
+    self.postMessage({result: 'error', details: e.message});
+  }
+}
+fetch_and_reply();