diff options
Diffstat (limited to 'testing/web-platform/tests/fenced-frame')
36 files changed, 415 insertions, 524 deletions
diff --git a/testing/web-platform/tests/fenced-frame/automatic-beacon-anchor-click-handler.https.html b/testing/web-platform/tests/fenced-frame/automatic-beacon-anchor-click-handler.https.html index 8ee1cb517f..a451c48f73 100644 --- a/testing/web-platform/tests/fenced-frame/automatic-beacon-anchor-click-handler.https.html +++ b/testing/web-platform/tests/fenced-frame/automatic-beacon-anchor-click-handler.https.html @@ -16,7 +16,7 @@ promise_test(async(t) => { const actions = new test_driver.Actions(); const fencedframe = await attachFencedFrameContext( - {generator_api: 'fledge', automatic_beacon: true, + {generator_api: 'fledge', register_beacon: true, origin: get_host_info().HTTPS_REMOTE_ORIGIN}); const new_url = new URL("resources/dummy.html", location.href); let beacon_event = { diff --git a/testing/web-platform/tests/fenced-frame/automatic-beacon-click-handler.https.html b/testing/web-platform/tests/fenced-frame/automatic-beacon-click-handler.https.html index 31392fdb99..55f18fd42b 100644 --- a/testing/web-platform/tests/fenced-frame/automatic-beacon-click-handler.https.html +++ b/testing/web-platform/tests/fenced-frame/automatic-beacon-click-handler.https.html @@ -16,7 +16,7 @@ promise_test(async(t) => { const actions = new test_driver.Actions(); const fencedframe = await attachFencedFrameContext( - {generator_api: 'fledge', automatic_beacon: true, + {generator_api: 'fledge', register_beacon: true, origin: get_host_info().HTTPS_REMOTE_ORIGIN}); await fencedframe.execute(() => { diff --git a/testing/web-platform/tests/fenced-frame/automatic-beacon-component-ad.https.html b/testing/web-platform/tests/fenced-frame/automatic-beacon-component-ad.https.html index 1b1ef2798a..fffff548b4 100644 --- a/testing/web-platform/tests/fenced-frame/automatic-beacon-component-ad.https.html +++ b/testing/web-platform/tests/fenced-frame/automatic-beacon-component-ad.https.html @@ -17,7 +17,7 @@ promise_test(async(t) => { const actions = new test_driver.Actions(); const fencedframe = await attachFencedFrameContext({ generator_api: 'fledge', - automatic_beacon: true, + register_beacon: true, num_components: 1, // These headers will also be given to the component ad. headers: [["Allow-Fenced-Frame-Automatic-Beacons", "true"]] diff --git a/testing/web-platform/tests/fenced-frame/automatic-beacon-cross-origin-false.https.html b/testing/web-platform/tests/fenced-frame/automatic-beacon-cross-origin-false.https.html index 24440e4b67..a3627036fc 100644 --- a/testing/web-platform/tests/fenced-frame/automatic-beacon-cross-origin-false.https.html +++ b/testing/web-platform/tests/fenced-frame/automatic-beacon-cross-origin-false.https.html @@ -18,7 +18,7 @@ promise_test(async(t) => { const actions = new test_driver.Actions(); const fencedframe = await attachFencedFrameContext({ generator_api: 'fledge', - automatic_beacon: true, + register_beacon: true, }); const beacon_event = { eventType: "reserved.top_navigation_start", diff --git a/testing/web-platform/tests/fenced-frame/automatic-beacon-cross-origin-navigation.https.html b/testing/web-platform/tests/fenced-frame/automatic-beacon-cross-origin-navigation.https.html index c476e80443..7e974ad63e 100644 --- a/testing/web-platform/tests/fenced-frame/automatic-beacon-cross-origin-navigation.https.html +++ b/testing/web-platform/tests/fenced-frame/automatic-beacon-cross-origin-navigation.https.html @@ -17,7 +17,7 @@ promise_test(async(t) => { const actions = new test_driver.Actions(); const fencedframe = await attachFencedFrameContext({ generator_api: 'fledge', - automatic_beacon: true + register_beacon: true }); let beacon_event = { @@ -36,7 +36,7 @@ promise_test(async(t) => { .send(); const received_beacon_data = - await nextAutomaticBeacon(beacon_event.eventType, beacon_event.eventData); + await nextBeacon(beacon_event.eventType, beacon_event.eventData); }, 'Automatic beacon in a cross-origin subframe'); </script> </body> diff --git a/testing/web-platform/tests/fenced-frame/automatic-beacon-cross-origin-no-data.https.html b/testing/web-platform/tests/fenced-frame/automatic-beacon-cross-origin-no-data.https.html index dd00721dd8..887a06847f 100644 --- a/testing/web-platform/tests/fenced-frame/automatic-beacon-cross-origin-no-data.https.html +++ b/testing/web-platform/tests/fenced-frame/automatic-beacon-cross-origin-no-data.https.html @@ -17,7 +17,7 @@ promise_test(async(t) => { const actions = new test_driver.Actions(); const fencedframe = await attachFencedFrameContext({ generator_api: 'fledge', - automatic_beacon: true + register_beacon: true }); const new_url = new URL("resources/close.html", location.href); diff --git a/testing/web-platform/tests/fenced-frame/automatic-beacon-cross-origin-no-opt-in.https.html b/testing/web-platform/tests/fenced-frame/automatic-beacon-cross-origin-no-opt-in.https.html index fa19d17f89..f1817b76dd 100644 --- a/testing/web-platform/tests/fenced-frame/automatic-beacon-cross-origin-no-opt-in.https.html +++ b/testing/web-platform/tests/fenced-frame/automatic-beacon-cross-origin-no-opt-in.https.html @@ -17,7 +17,7 @@ promise_test(async(t) => { const actions = new test_driver.Actions(); const fencedframe = await attachFencedFrameContext({ generator_api: 'fledge', - automatic_beacon: true + register_beacon: true }); let beacon_event = { diff --git a/testing/web-platform/tests/fenced-frame/automatic-beacon-no-destination.https.html b/testing/web-platform/tests/fenced-frame/automatic-beacon-no-destination.https.html index 696c17f765..1779ba6573 100644 --- a/testing/web-platform/tests/fenced-frame/automatic-beacon-no-destination.https.html +++ b/testing/web-platform/tests/fenced-frame/automatic-beacon-no-destination.https.html @@ -17,7 +17,7 @@ promise_test(async (t) => { const actions = new test_driver.Actions(); const fencedframe = await attachFencedFrameContext({ generator_api: "fledge", - automatic_beacon: true, + register_beacon: true, origin: get_host_info().HTTPS_REMOTE_ORIGIN }); diff --git a/testing/web-platform/tests/fenced-frame/automatic-beacon-no-opt-in.https.html b/testing/web-platform/tests/fenced-frame/automatic-beacon-no-opt-in.https.html index 177a7c6a51..b6dac31dbd 100644 --- a/testing/web-platform/tests/fenced-frame/automatic-beacon-no-opt-in.https.html +++ b/testing/web-platform/tests/fenced-frame/automatic-beacon-no-opt-in.https.html @@ -17,7 +17,7 @@ promise_test(async (t) => { const actions = new test_driver.Actions(); const fencedframe = await attachFencedFrameContext({ generator_api: "fledge", - automatic_beacon: true, + register_beacon: true, }); const new_url = new URL("resources/dummy.html", location.href); diff --git a/testing/web-platform/tests/fenced-frame/automatic-beacon-two-events-clear.https.html b/testing/web-platform/tests/fenced-frame/automatic-beacon-two-events-clear.https.html index f759c0620b..ff35398105 100644 --- a/testing/web-platform/tests/fenced-frame/automatic-beacon-two-events-clear.https.html +++ b/testing/web-platform/tests/fenced-frame/automatic-beacon-two-events-clear.https.html @@ -16,7 +16,7 @@ promise_test(async(t) => { const actions = new test_driver.Actions(); const fencedframe = await attachFencedFrameContext( - {generator_api: 'fledge', automatic_beacon: true, + {generator_api: 'fledge', register_beacon: true, origin: get_host_info().HTTPS_REMOTE_ORIGIN}); let beacon_event = { diff --git a/testing/web-platform/tests/fenced-frame/automatic-beacon-two-events-persist.https.html b/testing/web-platform/tests/fenced-frame/automatic-beacon-two-events-persist.https.html index 906a7a0d9f..b9e582e43e 100644 --- a/testing/web-platform/tests/fenced-frame/automatic-beacon-two-events-persist.https.html +++ b/testing/web-platform/tests/fenced-frame/automatic-beacon-two-events-persist.https.html @@ -16,7 +16,7 @@ promise_test(async(t) => { const actions = new test_driver.Actions(); const fencedframe = await attachFencedFrameContext( - {generator_api: 'fledge', automatic_beacon: true, + {generator_api: 'fledge', register_beacon: true, origin: get_host_info().HTTPS_REMOTE_ORIGIN}); // `once` defaults to false. let beacon_event = { diff --git a/testing/web-platform/tests/fenced-frame/automatic-beacon-unfenced-top.https.html b/testing/web-platform/tests/fenced-frame/automatic-beacon-unfenced-top.https.html index 342e13321f..0a595c5260 100644 --- a/testing/web-platform/tests/fenced-frame/automatic-beacon-unfenced-top.https.html +++ b/testing/web-platform/tests/fenced-frame/automatic-beacon-unfenced-top.https.html @@ -26,7 +26,7 @@ async function init() { const actions = new test_driver.Actions(); const fencedframe = await attachFencedFrameContext( - {generator_api: 'fledge', automatic_beacon: true, + {generator_api: 'fledge', register_beacon: true, origin: get_host_info().HTTPS_REMOTE_ORIGIN}); const beacon_event = { diff --git a/testing/web-platform/tests/fenced-frame/automatic-beacon-use-ancestor-data.https.html b/testing/web-platform/tests/fenced-frame/automatic-beacon-use-ancestor-data.https.html index 39df6f5c73..c5169d4a47 100644 --- a/testing/web-platform/tests/fenced-frame/automatic-beacon-use-ancestor-data.https.html +++ b/testing/web-platform/tests/fenced-frame/automatic-beacon-use-ancestor-data.https.html @@ -15,7 +15,7 @@ promise_test(async(t) => { const actions = new test_driver.Actions(); const fencedframe = await attachFencedFrameContext({ generator_api: 'fledge', - automatic_beacon: true + register_beacon: true }); const new_url = new URL("resources/close.html", location.href); const beacon_data = "this is the beacon data"; @@ -56,7 +56,7 @@ promise_test(async(t) => { // have any beacon data set for `reserved.top_navigation_start`, even though // it does have beacon data set. const received_beacon_data = - await nextAutomaticBeacon(beacon_type, beacon_data); + await nextBeacon(beacon_type, beacon_data); }, 'Documents should use ancestor beacon data if not available'); </script> </body> diff --git a/testing/web-platform/tests/fenced-frame/can-load-api.https.html b/testing/web-platform/tests/fenced-frame/can-load-api.https.html index f9996dd5e9..3b47c87ac0 100644 --- a/testing/web-platform/tests/fenced-frame/can-load-api.https.html +++ b/testing/web-platform/tests/fenced-frame/can-load-api.https.html @@ -11,7 +11,7 @@ async function runTest(expected_result, generator_api, attribute_list, header_list, use_fencedframe=false) { const frame = use_fencedframe ? await attachFencedFrameContext({generator_api: generator_api, attributes:attribute_list, headers:header_list}) : - await attachIFrameContext({generator_api, generator_api, attributes:attribute_list, headers:header_list}); + await attachIFrameContext({generator_api: generator_api, attributes:attribute_list, headers:header_list}); await frame.execute(async (expected_result, attribute_list) => { assert_equals(navigator.canLoadAdAuctionFencedFrame(), expected_result, "A frame with attributes " + attribute_list + " should return " + diff --git a/testing/web-platform/tests/fenced-frame/csp-allowed-transparent.https.html b/testing/web-platform/tests/fenced-frame/csp-allowed-transparent.https.html new file mode 100644 index 0000000000..66259b3a1c --- /dev/null +++ b/testing/web-platform/tests/fenced-frame/csp-allowed-transparent.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<title>Test transparent fenced frame navigations with allowed CSP</title> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +<script src="/common/utils.js"></script> +<script src="resources/utils.js"></script> +<script src="/common/get-host-info.sub.js"></script> +<script src="/common/dispatcher/dispatcher.js"></script> + +<body> +<script> +const allowedCSPs = [ + "*", + "https://*:*", + get_host_info().HTTPS_ORIGIN, + 'https://' + get_host_info().ORIGINAL_HOST + ":*" +]; +allowedCSPs.forEach((csp) => { + promise_test(async() => { + const iframe = setupCSP(csp); + const key = token(); + + await iframe.execute(async (key) => { + window.addEventListener('securitypolicyviolation', function(e) { + // Write to the server even though the listener is in the same file in + // the test below. + writeValueToServer(key, e.violatedDirective + ";" + e.blockedURI); + }, {once: true}); + + const url = generateURL("/fenced-frame/resources/embeddee.html", [key]); + attachFencedFrame(url); + }, [key]); + + const result = await nextValueFromServer(key); + assert_equals(result, "PASS", + "The fenced frame should load for CSP fenced-frame-src " + csp); + }, "Fenced frame loaded for CSP fenced-frame-src " + csp); +}); +</script> +</body> diff --git a/testing/web-platform/tests/fenced-frame/csp-allowed.https.html b/testing/web-platform/tests/fenced-frame/csp-allowed.https.html index 8c002bc8a9..4b2fadd59e 100644 --- a/testing/web-platform/tests/fenced-frame/csp-allowed.https.html +++ b/testing/web-platform/tests/fenced-frame/csp-allowed.https.html @@ -4,24 +4,31 @@ <script src="/resources/testharnessreport.js"></script> <script src="/common/utils.js"></script> <script src="resources/utils.js"></script> +<script src="/common/dispatcher/dispatcher.js"></script> <body> <script> -for (const resolve_to_config of [true, false]) { - const allowedCSPs = ["*", "https:", "https://*:*"]; - allowedCSPs.forEach((csp) => { +const allowedCSPs = [ + "*", + "https:", + "https://*:*" +]; +allowedCSPs.forEach((csp) => { + for (const resolve_to_config of [true, false]) { promise_test(async() => { - setupCSP(csp); - + const iframe = setupCSP(csp); const key = token(); - window.addEventListener('securitypolicyviolation', function(e) { - // Write to the server even though the listener is in the same file in - // the test below. - writeValueToServer(key, e.violatedDirective + ";" + e.blockedURI); - }, {once: true}); - attachFencedFrame(await runSelectURL("resources/embeddee.html", - [key], resolve_to_config)); + await iframe.execute(async (key, resolve_to_config) => { + window.addEventListener('securitypolicyviolation', function(e) { + // Write to the server even though the listener is in the same file in + // the test below. + writeValueToServer(key, e.violatedDirective + ";" + e.blockedURI); + }, {once: true}); + + attachFencedFrame(await runSelectURL( + "/fenced-frame/resources/embeddee.html", [key], resolve_to_config)); + }, [key, resolve_to_config]); const result = await nextValueFromServer(key); assert_equals(result, "PASS", @@ -29,12 +36,13 @@ for (const resolve_to_config of [true, false]) { }, "Fenced frame loaded for CSP fenced-frame-src " + csp + " using " + (resolve_to_config ? "config" : "urn:uuid")); - promise_test(async() => { - setupCSP(csp); + } + promise_test(async() => { + const iframe = setupCSP(csp); + await iframe.execute(() => { assert_true(navigator.canLoadAdAuctionFencedFrame()); - }, "Opaque-ads can load API returns true for " + csp + " using " + - (resolve_to_config ? "config" : "urn:uuid")); - }); -} + }); + }, "Opaque-ads can load API returns true for " + csp); +}); </script> </body> diff --git a/testing/web-platform/tests/fenced-frame/csp-blocked-transparent.https.html b/testing/web-platform/tests/fenced-frame/csp-blocked-transparent.https.html new file mode 100644 index 0000000000..16a3d94fce --- /dev/null +++ b/testing/web-platform/tests/fenced-frame/csp-blocked-transparent.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<title>Test transparent fenced frame navigations with blocked CSP</title> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +<script src="/common/utils.js"></script> +<script src="resources/utils.js"></script> +<script src="/common/get-host-info.sub.js"></script> +<script src="/common/dispatcher/dispatcher.js"></script> + +<body> +<script> +const blockedCSPs = [ + "none", + "https://localhost:80", + "https://*:80", + "https://localhost:*" +]; +blockedCSPs.forEach((csp) => { + promise_test(async() => { + const iframe = setupCSP(csp); + const key = token(); + const url = generateURL("/fenced-frame/resources/embeddee.html", [key]); + + await iframe.execute(async (key, url, csp) => { + let promise = new Promise((resolve) => { + window.addEventListener('securitypolicyviolation', function(e) { + resolve(e.violatedDirective + ";" + e.blockedURI); + }, {once: true}); + }); + + attachFencedFrame(url); + + await promise.then((result) => { + assert_equals(result, "fenced-frame-src;" + url, + "The fenced frame should not load for CSP fenced-frame-src " + csp); + }); + }, [key, url, csp]); + }, "Fenced frame loaded for CSP fenced-frame-src " + csp); +}); +</script> +</body> diff --git a/testing/web-platform/tests/fenced-frame/csp-blocked.https.html b/testing/web-platform/tests/fenced-frame/csp-blocked.https.html index 3826fdd7f4..197c624937 100644 --- a/testing/web-platform/tests/fenced-frame/csp-blocked.https.html +++ b/testing/web-platform/tests/fenced-frame/csp-blocked.https.html @@ -1,65 +1,83 @@ <!DOCTYPE html> <title>Test opaque fenced frame navigations with disallowed CSP blocked</title> +<meta name="timeout" content="long"> <script src="/resources/testharness.js"></script> <script src="/resources/testharnessreport.js"></script> <script src="/common/utils.js"></script> <script src="resources/utils.js"></script> +<script src="/common/dispatcher/dispatcher.js"></script> <body> <script> +const blockedCSPs = [ + "'none'", + "'self'", + "data:", + "https://*", + "https://*:80", + "https://b.test:*" +]; for (const resolve_to_config of [true, false]) { - const blockedCSPs = ["'none'", "'self'", "data:", "https://*", "https://*:80", - "https://b.test:*"]; blockedCSPs.forEach((csp) => { - promise_test(async() => { - setupCSP(csp); - + promise_test(async(t) => { + const iframe = setupCSP(csp); const key = token(); - window.addEventListener('securitypolicyviolation', function(e) { - // Write to the server even though the listener is in the same file in - // the test below. - writeValueToServer(key, e.violatedDirective + ";" + e.blockedURI); - }, {once: true}); - attachFencedFrame(await runSelectURL("resources/embeddee.html", - [key], resolve_to_config)); + await iframe.execute(async(key, resolve_to_config, csp) => { + let promise = new Promise((resolve) => { + window.addEventListener('securitypolicyviolation', function(e) { + resolve(e.violatedDirective + ";" + e.blockedURI); + }, {once: true}); + }); - const result = await nextValueFromServer(key); - assert_equals(result, "fenced-frame-src;", - "The fenced frame should not load for CSP fenced-frame-src " + csp); - }, "Fenced frame blocked for CSP fenced-frame-src " + csp + " using " + - (resolve_to_config ? "config" : "urn:uuid")); + attachFencedFrame(await runSelectURL( + "/fenced-frame/resources/embeddee.html", [key], resolve_to_config)); - promise_test(async() => { - setupCSP(csp); - assert_false(navigator.canLoadAdAuctionFencedFrame()); - }, "Opaque-ads can load API returns false for " + csp + " using " + + await promise.then((result) => { + assert_equals(result, "fenced-frame-src;", + "The fenced frame should not load for CSP fenced-frame-src " + + csp); + }); + }, [key, resolve_to_config, csp]); + }, "Fenced frame blocked for CSP fenced-frame-src " + csp + " using " + (resolve_to_config ? "config" : "urn:uuid")); }); - promise_test(async() => { - setupCSP("*", "'self'"); - + promise_test(async(t) => { + const iframe = setupCSP("*", "'self'"); const key = token(); - window.addEventListener('securitypolicyviolation', function(e) { - // Write to the server even though the listener is in the same file in - // the test below. - writeValueToServer(key, e.violatedDirective + ";" + e.blockedURI); - }, {once: true}); - attachFencedFrame(await runSelectURL("resources/embeddee.html", - [key], resolve_to_config)); + await iframe.execute(async(key, resolve_to_config) => { + window.addEventListener('securitypolicyviolation', function(e) { + // Write to the server even though the listener is in the same file in + // the test below. + writeValueToServer(key, e.violatedDirective + ";" + e.blockedURI); + }, {once: true}); + attachFencedFrame(await runSelectURL("resources/embeddee.html", + [key], resolve_to_config)); + }, [key, resolve_to_config]); const result = await nextValueFromServer(key); assert_equals(result, "fenced-frame-src;", "The fenced frame should not load for CSP frame-src 'self' even if " + "another CSP allows loading a fenced frame."); - // Test the canLoadOpaqueURL API to ensure it arrives at the same result. - assert_false(navigator.canLoadAdAuctionFencedFrame()); + await iframe.execute(() => { + // Test the canLoadOpaqueURL API to ensure it arrives at the same result. + assert_false(navigator.canLoadAdAuctionFencedFrame()); + }); }, "Fenced frame not loaded using " + (resolve_to_config ? "config" : "urn:uuid") + " if any of CSPs in place disallow loading"); } + +blockedCSPs.forEach((csp) => { + promise_test(async() => { + const iframe = setupCSP(csp); + await iframe.execute(() => { + assert_false(navigator.canLoadAdAuctionFencedFrame()); + }) + }, "Opaque-ads can load API returns false for " + csp); +}); </script> </body> diff --git a/testing/web-platform/tests/fenced-frame/csp-transparent-url.https.html b/testing/web-platform/tests/fenced-frame/csp-transparent-url.https.html deleted file mode 100644 index c1c815d49e..0000000000 --- a/testing/web-platform/tests/fenced-frame/csp-transparent-url.https.html +++ /dev/null @@ -1,53 +0,0 @@ -<!DOCTYPE html> -<title>Test transparent url navigated in fenced frame interacting with CSP</title> -<script src="/resources/testharness.js"></script> -<script src="/resources/testharnessreport.js"></script> -<script src="/common/utils.js"></script> -<script src="/common/dispatcher/dispatcher.js"></script> -<script src="resources/utils.js"></script> - -<body> -<script> -function setupCSP(csp) { - let meta = document.createElement('meta'); - meta.httpEquiv = "Content-Security-Policy"; - meta.content = "fenced-frame-src " + csp; - document.head.appendChild(meta); -} - -const allowedCSPs = ["*", "https:", "'self'"]; -allowedCSPs.forEach((csp) => { - promise_test(async(t) => { - setupCSP(csp); - - t.step_timeout(t.unreached_func( - "The fenced frame should load for CSP fenced-frame-src " + csp), 3000); - - const fencedframe = attachFencedFrameContext(); - await fencedframe.execute(() => {}); - }, "Fenced frame loaded for CSP fenced-frame-src " + csp); -}); - -const blockedCSPs = ["'none'"]; -blockedCSPs.forEach((csp) => { - promise_test(async(t) => { - setupCSP(csp); - - const csp_violation = new Promise(resolve => { - window.addEventListener("securitypolicyviolation", resolve); - }); - - const fencedframe = attachFencedFrameContext(); - - const fencedframe_loaded = fencedframe.execute(() => {}); - fencedframe_loaded.then(t.unreached_func( - "The fenced frame should not load for CSP fenced-frame-src " + csp)); - - const csp_violation_event = await csp_violation; - const remote_url = getRemoteContextURL(location.origin).toString(); - assert_true(csp_violation_event.blockedURI.includes(remote_url), - "blockedURI should include the url"); - }, "Fenced frame blocked for CSP fenced-frame-src " + csp); -}); -</script> -</body> diff --git a/testing/web-platform/tests/fenced-frame/disable-untrusted-network.https.html b/testing/web-platform/tests/fenced-frame/disable-untrusted-network.https.html deleted file mode 100644 index 726728e489..0000000000 --- a/testing/web-platform/tests/fenced-frame/disable-untrusted-network.https.html +++ /dev/null @@ -1,49 +0,0 @@ -<!DOCTYPE html> -<title>Test window.fence.disableUntrustedNetwork availability.</title> -<script src="/resources/testharness.js"></script> -<script src="/resources/testharnessreport.js"></script> -<script src="/common/utils.js"></script> -<script src="/common/dispatcher/dispatcher.js"></script> -<script src="resources/utils.js"></script> - -<body> -<script> -promise_test(async(t) => { - const fencedframe = await attachFencedFrameContext(); - await fencedframe.execute(async () => { - const cross_origin_fenced_frame = await attachFencedFrameContext({ - origin: get_host_info().HTTPS_REMOTE_ORIGIN}); - await cross_origin_fenced_frame.execute(async () => { - const promise = window.fence.disableUntrustedNetwork(); - assert_true(typeof promise.then != 'undefined'); - await promise; - }); - - const same_origin_iframe = await attachIFrameContext(); - await same_origin_iframe.execute(async () => { - const promise = window.fence.disableUntrustedNetwork(); - assert_true(typeof promise.then != 'undefined'); - await promise; - }); - - const cross_origin_iframe = await attachIFrameContext({ - origin: get_host_info().HTTPS_REMOTE_ORIGIN}); - await cross_origin_iframe.execute(async () => { - try { - const promise = window.fence.disableUntrustedNetwork(); - await promise; - assert_unreached( - 'disableUntrustedNetwork should fail when not same-origin to the ' - + 'mapped url.'); - } catch (e) { - assert_equals(e.name, 'TypeError'); - } - }); - - const promise = window.fence.disableUntrustedNetwork(); - assert_true(typeof promise.then != 'undefined'); - await promise; - }); -}, 'window.fence.disableUntrustedNetwork availability'); -</script> -</body> diff --git a/testing/web-platform/tests/fenced-frame/notify-event-iframe.https.html b/testing/web-platform/tests/fenced-frame/notify-event-iframe.https.html index 854db2f303..1f8e1b8a32 100644 --- a/testing/web-platform/tests/fenced-frame/notify-event-iframe.https.html +++ b/testing/web-platform/tests/fenced-frame/notify-event-iframe.https.html @@ -1,4 +1,5 @@ <!DOCTYPE html> +<meta name="timeout" content="long"> <script src="/resources/testharness.js"></script> <script src="/resources/testharnessreport.js"></script> <script src="/resources/testdriver.js"></script> @@ -20,8 +21,10 @@ fencedframe.element.addEventListener('fencedtreeclick', () => notified = true); await fencedframe.execute(async (frame_type) => { - window.addEventListener('message', (event) => { - window.click_error = event.data; + window.click_error = new Promise((resolve, reject) => { + window.addEventListener('message', (event) => { + resolve(event.data); + }); }); let iframe = null; @@ -53,9 +56,10 @@ await multiClick(10, 10, fencedframe.element); // Ensure the correct exception was thrown. - await fencedframe.execute(() => { - assert_equals(window.click_error.name, 'SecurityError'); - assert_equals(window.click_error.message, + await fencedframe.execute(async () => { + let err = await window.click_error; + assert_equals(err.name, 'SecurityError'); + assert_equals(err.message, "Failed to execute 'notifyEvent' on 'Fence': notifyEvent is only available in fenced frame roots."); }); @@ -73,8 +77,10 @@ }, "Test that fenced frame notifyEvent() fails in a nested cross-origin iframe."); promise_test(async (t) => { - window.addEventListener('message', (event) => { - window.click_error = event.data; + window.click_error = new Promise((resolve, reject) => { + window.addEventListener('message', (event) => { + resolve(event.data); + }); }); const urn_iframe = await attachIFrameContext( @@ -94,8 +100,9 @@ await multiClick(10, 10, urn_iframe.element); - assert_equals(window.click_error.name, 'SecurityError'); - assert_equals(window.click_error.message, + let err = await window.click_error + assert_equals(err.name, 'SecurityError'); + assert_equals(err.message, "Failed to execute 'notifyEvent' on 'Fence': notifyEvent is only available in fenced frame roots."); }, "Test that notifyEvent() fails in a URN iframe."); </script> diff --git a/testing/web-platform/tests/fenced-frame/report-event-reserved-event.https.html b/testing/web-platform/tests/fenced-frame/report-event-reserved-event.https.html index 0a541bb0c5..6baa3cedea 100644 --- a/testing/web-platform/tests/fenced-frame/report-event-reserved-event.https.html +++ b/testing/web-platform/tests/fenced-frame/report-event-reserved-event.https.html @@ -11,7 +11,7 @@ promise_test(async(t) => { const fencedframe = await attachFencedFrameContext({ generator_api: "fledge", - automatic_beacon: true, + register_beacon: true, }); const new_url = new URL("resources/dummy.html", location.href); const beacon_data = "This is the beacon data!"; @@ -31,7 +31,7 @@ promise_test(async(t) => { const timeout = new Promise(resolve => t.step_timeout(resolve, 1000)); const result = await Promise.race( - [nextAutomaticBeacon(beacon_type, beacon_data), timeout]); + [nextBeacon(beacon_type, beacon_data), timeout]); assert_true(typeof result === "undefined", "A beacon should not have been sent."); diff --git a/testing/web-platform/tests/fenced-frame/report-event.https.html b/testing/web-platform/tests/fenced-frame/report-event.https.html new file mode 100644 index 0000000000..c06765b8f9 --- /dev/null +++ b/testing/web-platform/tests/fenced-frame/report-event.https.html @@ -0,0 +1,42 @@ +<!DOCTYPE html> +<title>Test that window.fence.reportEvent() succeeds in a fenced frame.</title> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +<script src="/common/utils.js"></script> +<script src="/common/dispatcher/dispatcher.js"></script> +<script src="resources/utils.js"></script> + +<body> + <script> + promise_test(async(t) => { + const fencedframe = await attachFencedFrameContext({generator_api: 'fledge', + register_beacon: true}); + + // This page will call reportEvent twice: Once for an enum event, and once + // for a custom URL event. Both beacons are expected to send successfully. + await fencedframe.execute(() => { + const destination_enum_event = { + eventType: 'click', + eventData: 'enum', + destination: ['buyer'] + } + window.fence.reportEvent(destination_enum_event); + + const destination_url = new URL(BEACON_URL + "?type=url", + get_host_info().HTTPS_ORIGIN); + + const destination_url_event = { + destinationURL: destination_url + } + window.fence.reportEvent(destination_url_event); + }); + + let enum_data = await nextBeacon('click', 'enum'); + assert_equals(enum_data, location.origin); + + let url_data = await nextBeacon('url', '<No data>'); + assert_equals(url_data, '<No data>'); + + }, 'Test that window.fence.reportEvent() succeeds in a fenced frame.'); + </script> + </body>
\ No newline at end of file diff --git a/testing/web-platform/tests/fenced-frame/resources/automatic-beacon-helper.js b/testing/web-platform/tests/fenced-frame/resources/automatic-beacon-helper.js index d0a4133e84..8286c94fec 100644 --- a/testing/web-platform/tests/fenced-frame/resources/automatic-beacon-helper.js +++ b/testing/web-platform/tests/fenced-frame/resources/automatic-beacon-helper.js @@ -92,13 +92,12 @@ async function setupAutomaticBeacon( async function verifyBeaconData( event_type, event_data, expected_success = true, t) { if (expected_success) { - const beacon_initiator_origin = - await nextAutomaticBeacon(event_type, event_data); + const beacon_initiator_origin = await nextBeacon(event_type, event_data); assert_equals(beacon_initiator_origin, get_host_info().HTTPS_ORIGIN); } else { const timeout = new Promise(r => t.step_timeout(r, 1000)); - const result = await Promise.race( - [nextAutomaticBeacon(event_type, event_data), timeout]); + const result = + await Promise.race([nextBeacon(event_type, event_data), timeout]); assert_true(typeof result === 'undefined'); } } diff --git a/testing/web-platform/tests/fenced-frame/resources/automatic-beacon-store.py b/testing/web-platform/tests/fenced-frame/resources/automatic-beacon-store.py deleted file mode 100644 index ba1b73201b..0000000000 --- a/testing/web-platform/tests/fenced-frame/resources/automatic-beacon-store.py +++ /dev/null @@ -1,44 +0,0 @@ -""" -Automatic beacon store server. - -- When a request body is specified, stores the data in the body and serves a 200 - response without body. -- When a request body is not specified, serves a 200 response whose body - contains the stored value from the automatic beacon. Since the data is stored - using a hash of the data as the key, it expects an `expected_body` query - parameter to know what key to look up. If the stored value doesn't exist, - serves a 200 response with an empty body. -""" -import uuid -import hashlib - -NO_DATA_STRING = b"<No data>" -NOT_SET_STRING = b"<Not set>" - -# The server stash requires a uuid to store data. Use a hash of the automatic -# beacon data as the uuid to store and retrieve the data. -def string_to_uuid(input): - hash_value = hashlib.md5(str(input).encode("UTF-8")).hexdigest() - return str(uuid.UUID(hex=hash_value)) - -def main(request, response): - stash = request.server.stash; - event_type = request.GET.first(b"type", NO_DATA_STRING) - - # The stash is accessed concurrently by many clients. A lock is used to - # avoid interleaved read/write from different clients. - with stash.lock: - # Requests with a body imply they were sent as an automatic beacon. Note - # that this only stores the most recent beacon that was sent. - if request.method == "POST": - request_body = request.body or NO_DATA_STRING - request_headers = request.headers.get("Origin") or NO_DATA_STRING - stash.put(string_to_uuid(event_type + request_body), - request_headers) - return (200, [], b"") - - # Requests without a body imply they were sent as the request from - # nextAutomaticBeacon(). - expected_body = request.GET.first(b"expected_body", NO_DATA_STRING) - data = stash.take(string_to_uuid(event_type + expected_body)) or NOT_SET_STRING - return(200, [], data) diff --git a/testing/web-platform/tests/fenced-frame/resources/automatic-beacon-unfenced-page.html b/testing/web-platform/tests/fenced-frame/resources/automatic-beacon-unfenced-page.html index 4ce7e0d78a..7f17c1a904 100644 --- a/testing/web-platform/tests/fenced-frame/resources/automatic-beacon-unfenced-page.html +++ b/testing/web-platform/tests/fenced-frame/resources/automatic-beacon-unfenced-page.html @@ -13,7 +13,7 @@ // '../automatic-beacon-unfenced-top.https.html'. An automatic beacon will // have been sent as a result of the navigation. const beacon_data = "This is the beacon data!"; - const beacon_initiator_origin = await nextAutomaticBeacon( + const beacon_initiator_origin = await nextBeacon( "reserved.top_navigation_commit", beacon_data); assert_equals(beacon_initiator_origin, get_host_info().HTTPS_ORIGIN); }); diff --git a/testing/web-platform/tests/fenced-frame/resources/beacon-store.py b/testing/web-platform/tests/fenced-frame/resources/beacon-store.py new file mode 100644 index 0000000000..4c89687f4a --- /dev/null +++ b/testing/web-platform/tests/fenced-frame/resources/beacon-store.py @@ -0,0 +1,56 @@ +""" +Event beacon store server. + +- When a request body is specified, stores the data in the body for the 'type' + specified in the query parameters and serves a 200 response without body. +- When a request body is not specified and the request is not served with an + 'expected_body' parameter, stores an empty body for the 'type' specified in + the query parameters and serves a 200 response without body. +- When a request body is not specified and the request is served with an + 'expected_body' parameter, serves a 200 response whose body contains the + stored value from the automatic beacon. Since the data is stored using a hash + of the data as the key, it uses the `expected_body` query parameter to know + what key to look up. If the stored value doesn't exist, serves a 200 response + with an empty body. +""" +import uuid +import hashlib + +NO_DATA_STRING = b"<No data>" +NOT_SET_STRING = b"<Not set>" + +# The server stash requires a uuid to store data. Use a hash of the automatic +# beacon data as the uuid to store and retrieve the data. +def string_to_uuid(input): + hash_value = hashlib.md5(str(input).encode("UTF-8")).hexdigest() + return str(uuid.UUID(hex=hash_value)) + +def main(request, response): + stash = request.server.stash; + event_type = request.GET.first(b"type", NO_DATA_STRING) + + # The stash is accessed concurrently by many clients. A lock is used to + # avoid interleaved read/write from different clients. + with stash.lock: + # GET requests with an 'expected_body' parameter imply they were sent as + # the request from nextBeacon(). + if request.method == "GET" and b"expected_body" in request.GET: + expected_body = request.GET.first(b"expected_body", NO_DATA_STRING) + data = stash.take(string_to_uuid(event_type + expected_body)) or NOT_SET_STRING + return (200, [], data) + + # Requests with a body imply they were sent as a reporting beacon + # (either through reportEvent() or through an automatic beacon). + if request.method == "POST" and event_type: + request_body = request.body or NO_DATA_STRING + request_headers = request.headers.get("Origin") or NO_DATA_STRING + stash.put(string_to_uuid(event_type + request_body), + request_headers) + return (200, [], b"") + # GET requests without an 'expected_body' parameter imply they were sent + # as a destination URL reporting beacon. + if request.method == "GET" and event_type: + stash.put(string_to_uuid(event_type + NO_DATA_STRING), NO_DATA_STRING) + return (200, [], b"") + + return (400, [], u"") diff --git a/testing/web-platform/tests/fenced-frame/resources/fledge-bidding-logic.py b/testing/web-platform/tests/fenced-frame/resources/fledge-bidding-logic.py index c91b31fd02..9acab47203 100644 --- a/testing/web-platform/tests/fenced-frame/resources/fledge-bidding-logic.py +++ b/testing/web-platform/tests/fenced-frame/resources/fledge-bidding-logic.py @@ -17,7 +17,7 @@ def main(request, response): # Parse URL params. requested_size = request.GET.first(b"requested-size", None) ad_with_size = request.GET.first(b"ad-with-size", None) - automatic_beacon = request.GET.first(b"automatic-beacon", None) + beacon = request.GET.first(b"beacon", None) # Use URL params to modify Javascript. requested_size_check = '' @@ -53,15 +53,18 @@ def main(request, response): ) register_ad_beacon = '' - if automatic_beacon is not None: + if beacon is not None: register_ad_beacon = ( '''registerAdBeacon({ 'reserved.top_navigation_start': browserSignals.interestGroupOwner + - '/fenced-frame/resources/automatic-beacon-store.py?type=reserved.top_navigation_start', + '/fenced-frame/resources/beacon-store.py?type=reserved.top_navigation_start', 'reserved.top_navigation_commit': browserSignals.interestGroupOwner + - '/fenced-frame/resources/automatic-beacon-store.py?type=reserved.top_navigation_commit', + '/fenced-frame/resources/beacon-store.py?type=reserved.top_navigation_commit', + 'click': + browserSignals.interestGroupOwner + + '/fenced-frame/resources/beacon-store.py?type=click', }); ''' ) diff --git a/testing/web-platform/tests/fenced-frame/resources/shared-worker.js b/testing/web-platform/tests/fenced-frame/resources/shared-worker.js new file mode 100644 index 0000000000..ac59fe6498 --- /dev/null +++ b/testing/web-platform/tests/fenced-frame/resources/shared-worker.js @@ -0,0 +1,14 @@ +// This is loaded as a SharedWorker in a WPT. When postMessaged to, forwards +// that message to all registered ports through a postMessage call. +const ports = []; + +onconnect = function (event) { + const port = event.ports[0]; + ports.push(port); + + port.onmessage = async function(e) { + ports.forEach(curPort => { + curPort.postMessage(e.data); + }); + } +} diff --git a/testing/web-platform/tests/fenced-frame/resources/unreached.https.html b/testing/web-platform/tests/fenced-frame/resources/unreached.https.html deleted file mode 100644 index bd389ec4fb..0000000000 --- a/testing/web-platform/tests/fenced-frame/resources/unreached.https.html +++ /dev/null @@ -1,15 +0,0 @@ -<!DOCTYPE html> -<title>File used to assert that navigations do not succeed.</title> - -<script src="/resources/testharness.js"></script> -<script src="/resources/testharnessreport.js"></script> -<script src="utils.js"></script> -<script src="/common/get-host-info.sub.js"></script> - -<body> -<script> - promise_test(async(t) => { - assert_unreached('This navigation should not have succeeded.'); - }); -</script> -</body> diff --git a/testing/web-platform/tests/fenced-frame/resources/utils.js b/testing/web-platform/tests/fenced-frame/resources/utils.js index d6cca91437..462bda37fc 100644 --- a/testing/web-platform/tests/fenced-frame/resources/utils.js +++ b/testing/web-platform/tests/fenced-frame/resources/utils.js @@ -1,5 +1,5 @@ const STORE_URL = '/fenced-frame/resources/key-value-store.py'; -const BEACON_URL = '/fenced-frame/resources/automatic-beacon-store.py'; +const BEACON_URL = '/fenced-frame/resources/beacon-store.py'; const REMOTE_EXECUTOR_URL = '/fenced-frame/resources/remote-context-executor.https.html'; // If your test needs to modify FLEDGE bidding or decision logic, you should @@ -78,7 +78,7 @@ async function runSelectURL(href, keylist = [], resolve_to_config = false) { async function generateURNFromFledgeRawURL( href, nested_urls, resolve_to_config = false, ad_with_size = false, - requested_size = null, automatic_beacon = false) { + requested_size = null, register_beacon = false) { const bidding_token = token(); const seller_token = token(); @@ -88,16 +88,19 @@ async function generateURNFromFledgeRawURL( { renderURL: url } }); - let interestGroup = - { - name: 'testAd1', - owner: location.origin, - biddingLogicURL: new URL(FLEDGE_BIDDING_URL, location.origin), - ads: [{renderURL: href, bid: 1}], - userBiddingSignals: {biddingToken: bidding_token}, - trustedBiddingSignalsKeys: ['key1'], - adComponents: ad_components_list, - }; + let interestGroup = { + name: 'testAd1', + owner: location.origin, + biddingLogicURL: new URL(FLEDGE_BIDDING_URL, location.origin), + ads: [{ + renderURL: href, + bid: 1, + allowedReportingOrigins: [location.origin], + }], + userBiddingSignals: {biddingToken: bidding_token}, + trustedBiddingSignalsKeys: ['key1'], + adComponents: ad_components_list, + }; let biddingURLParams = new URLSearchParams(interestGroup.biddingLogicURL.search); @@ -106,8 +109,8 @@ async function generateURNFromFledgeRawURL( 'requested-size', requested_size[0] + '-' + requested_size[1]); if (ad_with_size) biddingURLParams.set('ad-with-size', 1); - if (automatic_beacon) - biddingURLParams.set('automatic-beacon', 1); + if (register_beacon) + biddingURLParams.set('beacon', 1); interestGroup.biddingLogicURL.search = biddingURLParams; if (ad_with_size) { @@ -158,16 +161,16 @@ async function generateURNFromFledgeRawURL( // frame config. // @param {boolean} [ad_with_size = false] - Determines whether the auction is // run with ad sizes specified. -// @param {boolean} [automatic_beacon = false] - If true, FLEDGE logic will -// register an automatic beacon +// @param {boolean} [register_beacon = false] - If true, FLEDGE logic will +// register reporting beacons // after completion. async function generateURNFromFledge( href, keylist, nested_urls = [], resolve_to_config = false, - ad_with_size = false, requested_size = null, automatic_beacon = false) { + ad_with_size = false, requested_size = null, register_beacon = false) { const full_url = generateURL(href, keylist); return generateURNFromFledgeRawURL( full_url, nested_urls, resolve_to_config, ad_with_size, requested_size, - automatic_beacon); + register_beacon); } // Extracts a list of UUIDs from the from the current page's URL. @@ -279,7 +282,7 @@ function attachContext(object_constructor, html, headers, origin) { // 2. crbug.com/1394559: unfenced-top.https.html async function attachOpaqueContext( generator_api, resolve_to_config, ad_with_size, requested_size, - automatic_beacon, object_constructor, html, headers, origin, + register_beacon, object_constructor, html, headers, origin, num_components) { const [uuid, url] = generateRemoteContextURL(headers, origin); @@ -298,7 +301,7 @@ async function attachOpaqueContext( generator_api == 'fledge' ? generateURNFromFledge( url, [], components_list, resolve_to_config, ad_with_size, - requested_size, automatic_beacon) : + requested_size, register_beacon) : runSelectURL(url, [], resolve_to_config)); const object = object_constructor(id); return buildRemoteContextForObject(object, uuid, html); @@ -306,13 +309,12 @@ async function attachOpaqueContext( function attachPotentiallyOpaqueContext( generator_api, resolve_to_config, ad_with_size, requested_size, - automatic_beacon, frame_constructor, html, headers, origin, - num_components) { + register_beacon, frame_constructor, html, headers, origin, num_components) { generator_api = generator_api.toLowerCase(); if (generator_api == 'fledge' || generator_api == 'sharedstorage') { return attachOpaqueContext( generator_api, resolve_to_config, ad_with_size, requested_size, - automatic_beacon, frame_constructor, html, headers, origin, + register_beacon, frame_constructor, html, headers, origin, num_components); } else { return attachContext(frame_constructor, html, headers, origin); @@ -321,7 +323,7 @@ function attachPotentiallyOpaqueContext( function attachFrameContext( element_name, generator_api, resolve_to_config, ad_with_size, - requested_size, automatic_beacon, html, headers, attributes, origin, + requested_size, register_beacon, html, headers, attributes, origin, num_components) { frame_constructor = (id) => { frame = document.createElement(element_name); @@ -341,7 +343,7 @@ function attachFrameContext( }; return attachPotentiallyOpaqueContext( generator_api, resolve_to_config, ad_with_size, requested_size, - automatic_beacon, frame_constructor, html, headers, origin, + register_beacon, frame_constructor, html, headers, origin, num_components); } @@ -350,7 +352,7 @@ function replaceFrameContext(frame_proxy, { resolve_to_config = false, ad_with_size = false, requested_size = null, - automatic_beacon = false, + register_beacon = false, html = '', headers = [], origin = '' @@ -368,15 +370,15 @@ function replaceFrameContext(frame_proxy, { }; return attachPotentiallyOpaqueContext( generator_api, resolve_to_config, ad_with_size, requested_size, - automatic_beacon, frame_constructor, html, headers, origin); + register_beacon, frame_constructor, html, headers, origin); } -// Attach a fenced frame that waits for scripts to execute. -// Takes as input a(n optional) dictionary of configs: +// Attach a fenced frame that waits for scripts to execute. Takes as input a(n +// optional) dictionary of configs: // - generator_api: the name of the API that should generate the urn/config. // Supports (case-insensitive) "fledge" and "sharedstorage", or any other -// value as a default. -// If you generate a urn, then you need to await the result of this function. +// value as a default. If you generate a urn, then you need to await the +// result of this function. // - resolve_to_config: whether a config should be used. (currently only works // for FLEDGE and sharedStorage generator_api) // - ad_with_size: whether an ad auction is run with size specified for the ads @@ -385,22 +387,22 @@ function replaceFrameContext(frame_proxy, { // requestedSize in the FLEDGE auction config. This is different from // ad_with_size, which refers to size information provided alongside the ads // themselves. -// - automatic_beacon: If true and generator_api = "fledge", an automatic beacon -// will be registered for a top-level navigation after the FLEDGE auction -// completes. +// - register_beacon: If true and generator_api = "fledge", an automatic beacon +// and a destination URL reportEvent() beacon will be registered after the +// FLEDGE auction completes. // - html: extra HTML source code to inject into the loaded frame // - headers: an array of header pairs [[key, value], ...] // - attributes: an array of attribute pairs to set on the frame [[key, value], -// ...] -// - origin: origin of the url, default to location.origin if not set -// Returns a proxy that acts like the frame HTML element, but with an extra -// function `execute`. See `attachFrameContext` or the README for more details. +// ...] +// - origin: origin of the url, default to location.origin if not set. Returns a +// proxy that acts like the frame HTML element, but with an extra function +// `execute`. See `attachFrameContext` or the README for more details. function attachFencedFrameContext({ generator_api = '', resolve_to_config = false, ad_with_size = false, requested_size = null, - automatic_beacon = false, + register_beacon = false, html = '', headers = [], attributes = [], @@ -409,7 +411,7 @@ function attachFencedFrameContext({ } = {}) { return attachFrameContext( 'fencedframe', generator_api, resolve_to_config, ad_with_size, - requested_size, automatic_beacon, html, headers, attributes, origin, + requested_size, register_beacon, html, headers, attributes, origin, num_components); } @@ -417,7 +419,7 @@ function attachFencedFrameContext({ // See `attachFencedFrameContext` for more details. function attachIFrameContext({ generator_api = '', - automatic_beacon = false, + register_beacon = false, html = '', headers = [], attributes = [], @@ -426,8 +428,8 @@ function attachIFrameContext({ } = {}) { return attachFrameContext( 'iframe', generator_api, resolve_to_config = false, ad_with_size = false, - requested_size = null, automatic_beacon, html, headers, attributes, - origin, num_components); + requested_size = null, register_beacon, html, headers, attributes, origin, + num_components); } // Open a window that waits for scripts to execute. @@ -563,9 +565,9 @@ async function nextValueFromServer(key) { } } -// Checks the automatic beacon data server to see if it has received an -// automatic beacon with a given event type and body. -async function readAutomaticBeaconDataFromServer(event_type, expected_body) { +// Checks the beacon data server to see if it has received a beacon with a given +// event type and body. +async function readBeaconDataFromServer(event_type, expected_body) { let serverURL = `${BEACON_URL}`; const response = await fetch(serverURL + "?" + new URLSearchParams({ type: event_type, @@ -586,11 +588,11 @@ async function readAutomaticBeaconDataFromServer(event_type, expected_body) { // available on the server. The server uses a hash of the concatenated event // type and beacon data as the key when storing the beacon in the database. To // retrieve it, we need to supply the endpoint with both pieces of information. -async function nextAutomaticBeacon(event_type, expected_body) { +async function nextBeacon(event_type, expected_body) { while (true) { // Fetches the test result from the server. - const { status, value } = - await readAutomaticBeaconDataFromServer(event_type, expected_body); + const {status, value} = + await readBeaconDataFromServer(event_type, expected_body); if (!status) { // The test result has not been stored yet. Retry after a while. await new Promise(resolve => setTimeout(resolve, 20)); @@ -639,17 +641,16 @@ function createLocalSource(key, url) { } function setupCSP(csp, second_csp=null) { - let meta = document.createElement('meta'); - meta.httpEquiv = "Content-Security-Policy"; - meta.content = "fenced-frame-src " + csp; - document.head.appendChild(meta); + let headers = []; + headers.push(["Content-Security-Policy", "fenced-frame-src " + csp]); if (second_csp != null) { - let second_meta = document.createElement('meta'); - second_meta.httpEquiv = "Content-Security-Policy"; - second_meta.content = "frame-src " + second_csp; - document.head.appendChild(second_meta); + headers.push(["Content-Security-Policy", "frame-src " + second_csp]); } + + const iframe = attachIFrameContext({headers: headers}); + + return iframe; } // Clicking in WPT tends to be flaky (https://crbug.com/1066891), so you may diff --git a/testing/web-platform/tests/fenced-frame/revoke-nested-fenced-frame-in-iframe-navigation.https.html b/testing/web-platform/tests/fenced-frame/revoke-nested-fenced-frame-in-iframe-navigation.https.html deleted file mode 100644 index 3a44c3c2f4..0000000000 --- a/testing/web-platform/tests/fenced-frame/revoke-nested-fenced-frame-in-iframe-navigation.https.html +++ /dev/null @@ -1,75 +0,0 @@ -<!DOCTYPE html> -<title>Test that window.fence.disableUntrustedNetwork disables - embedder-initiated navigation of FF -> IF -> FF.</title> -<meta name="timeout" content="long"> -<script src="/resources/testharness.js"></script> -<script src="/resources/testharnessreport.js"></script> -<script src="/common/utils.js"></script> -<script src="/common/dispatcher/dispatcher.js"></script> -<script src="resources/utils.js"></script> - -<body> -<script> - -// Run a test with a fenced frame nested in an iframe nested in a fenced frame. -// If `should_disable_network` is true, window.fence.disableUntrustedNetwork -// will be called before creating the nested fenced frame. -// If `use_urn_iframe` is true, the nested iframe will be a urn iframe. -async function ff_if_ff_test(t, should_disable_network, use_urn_iframe, should_succeed) { -const fencedframe = await attachFencedFrameContext({generator_api: 'sharedstorage'}); - const navigation_promise = - fencedframe.execute(async (should_disable_network, use_urn_iframe) => { - let args = {}; - if (use_urn_iframe) { - args = {generator_api: 'sharedstorage'}; - } - const nested_iframe = await attachIFrameContext(args); - await nested_iframe.execute(() => {}); - if (should_disable_network) { - await window.fence.disableUntrustedNetwork(); - } - return nested_iframe.execute(async () => { - const nested_fenced_frame = await attachFencedFrameContext({ - generator_api: 'sharedstorage'}); - return nested_fenced_frame.execute(() => { return 'nav success'; }); - }); - }, - [should_disable_network, use_urn_iframe]); - if (should_succeed) { - const result = await navigation_promise; - assert_equals(result, 'nav success'); - } else { - const result = await Promise.race([navigation_promise, - new Promise((resolve, reject) => t.step_timeout( - () => resolve('timeout'), 1000)) - ]); - assert_equals(result, 'timeout'); - } -} - -promise_test(async(t) => { - await ff_if_ff_test(t, /*should_disable_network=*/false, - /*use_urn_iframe=*/false, - /*should_succeed=*/true); -}, 'FF->IF->FF navigation works'); - -promise_test(async(t) => { - await ff_if_ff_test(t, /*should_disable_network=*/false, - /*use_urn_iframe=*/true, - /*should_succeed=*/true); -}, 'FF->UIF->FF navigation works'); - -promise_test(async(t) => { - await ff_if_ff_test(t, /*should_disable_network=*/true, - /*use_urn_iframe=*/false, - /*should_succeed=*/false); -}, 'window.fence.disableUntrustedNetwork disables FF->IF->FF navigation'); - -promise_test(async(t) => { - await ff_if_ff_test(t, /*should_disable_network=*/true, - /*use_urn_iframe=*/true, - /*should_succeed=*/false); -}, 'window.fence.disableUntrustedNetwork disables FF->UF->FF navigation'); - -</script> -</body> diff --git a/testing/web-platform/tests/fenced-frame/revoke-nested-fenced-frame-navigation.https.html b/testing/web-platform/tests/fenced-frame/revoke-nested-fenced-frame-navigation.https.html deleted file mode 100644 index b80350a588..0000000000 --- a/testing/web-platform/tests/fenced-frame/revoke-nested-fenced-frame-navigation.https.html +++ /dev/null @@ -1,50 +0,0 @@ -<!DOCTYPE html> -<title>Test that window.fence.disableUntrustedNetwork disables - embedder-initiated navigation of nested fenced frames.</title> -<meta name="timeout" content="long"> -<script src="/resources/testharness.js"></script> -<script src="/resources/testharnessreport.js"></script> -<script src="/common/utils.js"></script> -<script src="/common/dispatcher/dispatcher.js"></script> -<script src="resources/utils.js"></script> - -<body> -<script> - -// Run a test with a fenced frame nested in a fenced frame. -// If `should_disable_network` is true, window.fence.disableUntrustedNetwork -// will be called before creating the nested fenced frame. -async function ff_ff_test(t, should_disable_network, should_succeed) { - const fencedframe = await attachFencedFrameContext(); - const navigation_promise = - fencedframe.execute(async (should_disable_network) => { - if (should_disable_network) { - await window.fence.disableUntrustedNetwork(); - } - const nested_fenced_frame = await attachFencedFrameContext(); - return nested_fenced_frame.execute(() => { return 'nav success'; }); }, - [should_disable_network]); - if (should_succeed) { - const result = await navigation_promise; - assert_equals(result, 'nav success'); - } else { - const result = await Promise.race([ - navigation_promise, - new Promise((resolve, reject) => t.step_timeout( - () => resolve('timeout'), 2000))]); - assert_equals(result, 'timeout'); - } -} - -promise_test(async(t) => { - await ff_ff_test(t, /*should_disable_network=*/false, - /*should_succeed=*/true); -}, 'FF->FF navigation works'); - -promise_test(async(t) => { - await ff_ff_test(t, /*should_disable_network=*/true, - /*should_succeed=*/false); -}, 'window.fence.disableUntrustedNetwork disables FF->FF navigation'); - -</script> -</body> diff --git a/testing/web-platform/tests/fenced-frame/revoke-popup.https.html b/testing/web-platform/tests/fenced-frame/revoke-popup.https.html deleted file mode 100644 index e4a2bb26ad..0000000000 --- a/testing/web-platform/tests/fenced-frame/revoke-popup.https.html +++ /dev/null @@ -1,47 +0,0 @@ -<!DOCTYPE html> -<title>Test that window.fence.disableUntrustedNetwork disables - popup navigations.</title> -<meta name="timeout" content="long"> -<script src="/resources/testharness.js"></script> -<script src="/resources/testharnessreport.js"></script> -<script src="/common/utils.js"></script> -<script src="/common/dispatcher/dispatcher.js"></script> -<script src="resources/utils.js"></script> -<script src="/resources/testdriver.js"></script> -<script src="/resources/testdriver-actions.js"></script> -<script src="/resources/testdriver-vendor.js"></script> - -<body> -<script> - -promise_test(async(t) => { - const fencedframe = await attachFencedFrameContext({generator_api: 'fledge'}); - await fencedframe.execute(() => {}); - - const actions = new test_driver.Actions(); - await actions.setContext(window) - .pointerMove(0, 0, {origin: fencedframe.element}) - .pointerDown() - .pointerUp() - .send(); - - await fencedframe.execute(async () => { - await window.fence.disableUntrustedNetwork(); - // After disabling network, popup navigations should not work. - assert_true(navigator.userActivation.isActive, - 'The frame should have user activation.'); - window.popup = attachWindowContext(); - }); - - const result = await Promise.race([ - fencedframe.execute(async () => { - return await window.popup.execute(() => { return 'popup_loaded'; }); - }), - new Promise((resolve) => t.step_timeout( - () => resolve('timeout'), 2000)) - ]); - assert_equals(result, 'timeout'); -}, 'window.fence.disableUntrustedNetwork disables popup navigations'); - -</script> -</body> diff --git a/testing/web-platform/tests/fenced-frame/revoke-unfenced-top-navigation.https.html b/testing/web-platform/tests/fenced-frame/revoke-unfenced-top-navigation.https.html deleted file mode 100644 index 873404768f..0000000000 --- a/testing/web-platform/tests/fenced-frame/revoke-unfenced-top-navigation.https.html +++ /dev/null @@ -1,47 +0,0 @@ -<!DOCTYPE html> -<title>Test that window.fence.disableUntrustedNetwork disables - _unfencedTop navigations.</title> -<meta name="timeout" content="long"> -<script src="/resources/testharness.js"></script> -<script src="/resources/testharnessreport.js"></script> -<script src="/common/utils.js"></script> -<script src="/common/dispatcher/dispatcher.js"></script> -<script src="resources/utils.js"></script> -<script src="/resources/testdriver.js"></script> -<script src="/resources/testdriver-actions.js"></script> -<script src="/resources/testdriver-vendor.js"></script> - -<body> -<script> - -promise_test(async(t) => { - const fencedframe = await attachFencedFrameContext({generator_api: 'fledge'}); - await fencedframe.execute(() => {}); - - const actions = new test_driver.Actions(); - await actions.setContext(window) - .pointerMove(0, 0, {origin: fencedframe.element}) - .pointerDown() - .pointerUp() - .send(); - - const destination_url = new URL('resources/unreached.https.html', location.href); - fencedframe.execute(async (url) => { - await window.fence.disableUntrustedNetwork(); - // After disabling network, _unfencedTop navigations should not work. - assert_true(navigator.userActivation.isActive, - 'The frame should have user activation.') - const result = window.open(url, '_unfencedTop'); - assert_equals(result, null, '_unfencedTop did not return a window.'); - }, [destination_url]); - - // Wait a few seconds. - await new Promise((resolve, reject) => - t.step_timeout(() => resolve('timeout'), 3000)); - - // Confirm that the fenced frame is still there. - await fencedframe.execute(() => {}); -}, 'window.fence.disableUntrustedNetwork disables _unfencedTop navigations'); - -</script> -</body> diff --git a/testing/web-platform/tests/fenced-frame/shared-workers.https.html b/testing/web-platform/tests/fenced-frame/shared-workers.https.html new file mode 100644 index 0000000000..0e08d6857f --- /dev/null +++ b/testing/web-platform/tests/fenced-frame/shared-workers.https.html @@ -0,0 +1,42 @@ + +<!DOCTYPE html> +<title>Test shared workers aren't shared across fenced frame boundaries.</title> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +<script src="/common/utils.js"></script> +<script src="/common/dispatcher/dispatcher.js"></script> +<script src="resources/utils.js"></script> +<body> +<script> +promise_test(async(t) => { + const fencedframe = await attachFencedFrameContext(); + const worker = new SharedWorker( + "/fenced-frame/resources/shared-worker.js"); + + const messagePromise = new Promise((resolve, reject) => { + worker.port.onmessage = evt => { + // The main frame should not get a postMessage from the fenced frame's + // SharedWorker, even though the main frame and fenced frame are + // same-origin to each other. + reject(); + }; + }); + await fencedframe.execute(async () => { + // The worker will take anything postMessaged to it and postMessage it to + // all registered ports. + const worker = new SharedWorker( + "/fenced-frame/resources/shared-worker.js"); + worker.port.postMessage("message"); + await new Promise((resolve) => { + // Sanity check that the postMessage() is making to the fenced frame. + worker.port.onmessage = evt => { + resolve(); + }; + }); + }); + const timeout = new Promise(r => t.step_timeout(r, 1000)); + await Promise.race([messagePromise, timeout]); + +}, 'Shared workers should not be shared across fenced frame boundaries'); +</script> +</body> |