summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/fetch/private-network-access/service-worker-fetch.tentative.https.window.js
diff options
context:
space:
mode:
Diffstat (limited to 'testing/web-platform/tests/fetch/private-network-access/service-worker-fetch.tentative.https.window.js')
-rw-r--r--testing/web-platform/tests/fetch/private-network-access/service-worker-fetch.tentative.https.window.js235
1 files changed, 235 insertions, 0 deletions
diff --git a/testing/web-platform/tests/fetch/private-network-access/service-worker-fetch.tentative.https.window.js b/testing/web-platform/tests/fetch/private-network-access/service-worker-fetch.tentative.https.window.js
new file mode 100644
index 0000000000..cb6d1f79b0
--- /dev/null
+++ b/testing/web-platform/tests/fetch/private-network-access/service-worker-fetch.tentative.https.window.js
@@ -0,0 +1,235 @@
+// META: script=/common/utils.js
+// META: script=resources/support.sub.js
+// META: script=/common/subset-tests.js
+// META: variant=?1-8
+// META: variant=?9-last
+//
+// Spec: https://wicg.github.io/private-network-access/#integration-fetch
+//
+// These tests check that fetches from within `ServiceWorker` scripts are
+// subject to Private Network Access checks, just like fetches from within
+// documents.
+
+// Results that may be expected in tests.
+const TestResult = {
+ SUCCESS: { ok: true, body: "success" },
+ FAILURE: { error: "TypeError" },
+};
+
+async function makeTest(t, { source, target, expected }) {
+ const bridgeUrl = resolveUrl(
+ "resources/service-worker-bridge.html",
+ sourceResolveOptions({ server: source.server }));
+
+ const scriptUrl =
+ resolveUrl("resources/service-worker.js", sourceResolveOptions(source));
+
+ const realTargetUrl = preflightUrl(target);
+
+ // Fetch a URL within the service worker's scope, but tell it which URL to
+ // really fetch.
+ const targetUrl = new URL("service-worker-proxy", scriptUrl);
+ targetUrl.searchParams.append("proxied-url", realTargetUrl.href);
+
+ const iframe = await appendIframe(t, document, bridgeUrl);
+
+ const request = (message) => {
+ const reply = futureMessage();
+ iframe.contentWindow.postMessage(message, "*");
+ return reply;
+ };
+
+ {
+ const { error, loaded } = await request({
+ action: "register",
+ url: scriptUrl.href,
+ });
+
+ assert_equals(error, undefined, "register error");
+ assert_true(loaded, "response loaded");
+ }
+
+ try {
+ const { controlled, numControllerChanges } = await request({
+ action: "wait",
+ numControllerChanges: 1,
+ });
+
+ assert_equals(numControllerChanges, 1, "controller change");
+ assert_true(controlled, "bridge script is controlled");
+
+ const { error, ok, body } = await request({
+ action: "fetch",
+ url: targetUrl.href,
+ });
+
+ assert_equals(error, expected.error, "fetch error");
+ assert_equals(ok, expected.ok, "response ok");
+ assert_equals(body, expected.body, "response body");
+ } finally {
+ // Always unregister the service worker.
+ const { error, unregistered } = await request({
+ action: "unregister",
+ scope: new URL("./", scriptUrl).href,
+ });
+
+ assert_equals(error, undefined, "unregister error");
+ assert_true(unregistered, "unregistered");
+ }
+}
+
+subsetTest(promise_test, t => makeTest(t, {
+ source: { server: Server.HTTPS_LOCAL },
+ target: { server: Server.HTTPS_LOCAL },
+ expected: TestResult.SUCCESS,
+}), "local to local: success.");
+
+subsetTest(promise_test, t => makeTest(t, {
+ source: { server: Server.HTTPS_PRIVATE },
+ target: {
+ server: Server.HTTPS_LOCAL,
+ behavior: { response: ResponseBehavior.allowCrossOrigin() },
+ },
+ expected: TestResult.FAILURE,
+}), "private to local: failed preflight.");
+
+subsetTest(promise_test, t => makeTest(t, {
+ source: { server: Server.HTTPS_PRIVATE },
+ target: {
+ server: Server.HTTPS_LOCAL,
+ behavior: {
+ preflight: PreflightBehavior.success(token()),
+ response: ResponseBehavior.allowCrossOrigin(),
+ },
+ },
+ expected: TestResult.SUCCESS,
+}), "private to local: success.");
+
+subsetTest(promise_test, t => makeTest(t, {
+ source: { server: Server.HTTPS_PRIVATE },
+ target: { server: Server.HTTPS_PRIVATE },
+ expected: TestResult.SUCCESS,
+}), "private to private: success.");
+
+subsetTest(promise_test, t => makeTest(t, {
+ source: { server: Server.HTTPS_PUBLIC },
+ target: {
+ server: Server.HTTPS_LOCAL,
+ behavior: { response: ResponseBehavior.allowCrossOrigin() },
+ },
+ expected: TestResult.FAILURE,
+}), "public to local: failed preflight.");
+
+subsetTest(promise_test, t => makeTest(t, {
+ source: { server: Server.HTTPS_PUBLIC },
+ target: {
+ server: Server.HTTPS_LOCAL,
+ behavior: {
+ preflight: PreflightBehavior.success(token()),
+ response: ResponseBehavior.allowCrossOrigin(),
+ },
+ },
+ expected: TestResult.SUCCESS,
+}), "public to local: success.");
+
+subsetTest(promise_test, t => makeTest(t, {
+ source: { server: Server.HTTPS_PUBLIC },
+ target: {
+ server: Server.HTTPS_PRIVATE,
+ behavior: { response: ResponseBehavior.allowCrossOrigin() },
+ },
+ expected: TestResult.FAILURE,
+}), "public to private: failed preflight.");
+
+subsetTest(promise_test, t => makeTest(t, {
+ source: { server: Server.HTTPS_PUBLIC },
+ target: {
+ server: Server.HTTPS_PRIVATE,
+ behavior: {
+ preflight: PreflightBehavior.success(token()),
+ response: ResponseBehavior.allowCrossOrigin(),
+ },
+ },
+ expected: TestResult.SUCCESS,
+}), "public to private: success.");
+
+subsetTest(promise_test, t => makeTest(t, {
+ source: { server: Server.HTTPS_PUBLIC },
+ target: { server: Server.HTTPS_PUBLIC },
+ expected: TestResult.SUCCESS,
+}), "public to public: success.");
+
+subsetTest(promise_test, t => makeTest(t, {
+ source: {
+ server: Server.HTTPS_LOCAL,
+ treatAsPublic: true,
+ },
+ target: {
+ server: Server.OTHER_HTTPS_LOCAL,
+ behavior: { response: ResponseBehavior.allowCrossOrigin() },
+ },
+ expected: TestResult.FAILURE,
+}), "treat-as-public to local: failed preflight.");
+
+subsetTest(promise_test, t => makeTest(t, {
+ source: {
+ server: Server.HTTPS_LOCAL,
+ treatAsPublic: true,
+ },
+ target: {
+ server: Server.OTHER_HTTPS_LOCAL,
+ behavior: {
+ preflight: PreflightBehavior.success(token()),
+ response: ResponseBehavior.allowCrossOrigin(),
+ },
+ },
+ expected: TestResult.SUCCESS,
+}), "treat-as-public to local: success.");
+
+subsetTest(promise_test, t => makeTest(t, {
+ source: {
+ server: Server.HTTPS_LOCAL,
+ treatAsPublic: true,
+ },
+ target: { server: Server.HTTPS_LOCAL },
+ expected: TestResult.SUCCESS,
+}), "treat-as-public to local (same-origin): no preflight required.");
+
+subsetTest(promise_test, t => makeTest(t, {
+ source: {
+ server: Server.HTTPS_LOCAL,
+ treatAsPublic: true,
+ },
+ target: {
+ server: Server.HTTPS_PRIVATE,
+ behavior: { response: ResponseBehavior.allowCrossOrigin() },
+ },
+ expected: TestResult.FAILURE,
+}), "treat-as-public to private: failed preflight.");
+
+subsetTest(promise_test, t => makeTest(t, {
+ source: {
+ server: Server.HTTPS_LOCAL,
+ treatAsPublic: true,
+ },
+ target: {
+ server: Server.HTTPS_PRIVATE,
+ behavior: {
+ preflight: PreflightBehavior.success(token()),
+ response: ResponseBehavior.allowCrossOrigin(),
+ },
+ },
+ expected: TestResult.SUCCESS,
+}), "treat-as-public to private: success.");
+
+subsetTest(promise_test, t => makeTest(t, {
+ source: {
+ server: Server.HTTPS_LOCAL,
+ treatAsPublic: true,
+ },
+ target: {
+ server: Server.HTTPS_PUBLIC,
+ behavior: { response: ResponseBehavior.allowCrossOrigin() },
+ },
+ expected: TestResult.SUCCESS,
+}), "treat-as-public to public: success.");
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-10 02:57:59 +0000