summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/workers/modules/shared-worker-options-credentials.html
diff options
context:
space:
mode:
Diffstat (limited to 'testing/web-platform/tests/workers/modules/shared-worker-options-credentials.html')
-rw-r--r--testing/web-platform/tests/workers/modules/shared-worker-options-credentials.html309
1 files changed, 309 insertions, 0 deletions
diff --git a/testing/web-platform/tests/workers/modules/shared-worker-options-credentials.html b/testing/web-platform/tests/workers/modules/shared-worker-options-credentials.html
new file mode 100644
index 0000000000..221dd01a37
--- /dev/null
+++ b/testing/web-platform/tests/workers/modules/shared-worker-options-credentials.html
@@ -0,0 +1,309 @@
+<!DOCTYPE html>
+<title>SharedWorker: WorkerOptions 'credentials'</title>
+<meta name="timeout" content="long">
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/get-host-info.sub.js"></script>
+<script>
+host_info = get_host_info();
+
+// Determines the expected cookie value to be reported by a shared worker
+// based on the given option. The worker reports an empty string as the actual
+// cookie value if the cookie wasn't sent to the server. Otherwise, it's the
+// value set by the headers file:
+// "shared-worker-options-credentials.html.headers"
+function DetermineExpectedCookieValue(options, config) {
+ // Valid WorkerOptions and test config checking.
+ if (config.origin !== 'same' && config.origin !== 'remote')
+ assert_unreached('Invalid config.origin was specified: ' + config.origin);
+ if (options.credentials && options.credentials !== 'omit' &&
+ options.credentials !== 'same-origin' &&
+ options.credentials !== 'include') {
+ assert_unreached('Invalid credentials option was specified: ' +
+ options.credentials);
+ }
+ if (options.type !== 'classic' && options.type !== 'module')
+ assert_unreached('Invalid type option was specified: ' + options.type);
+
+ if (options.type === 'classic')
+ return (config.origin === 'same') ? '1' : '';
+
+ if (options.credentials === 'omit')
+ return '';
+ else if (options.credentials === 'include')
+ return '1';
+ else
+ return (config.origin === 'same') ? '1' : '';
+}
+
+// Runs a credentials test with the given WorkerOptions.
+//
+// |options| is a WorkerOptions dict.
+// |config| has options as follows:
+//
+// config = {
+// fetchType: 'top-level' or 'descendant-static' or 'descendant-dynamic'
+// origin: 'remote' or 'same'
+// };
+//
+// - |config.fetchType| indicates the type of script to load for the test.
+// - |config.origin| indicates same-origin-ness of the script to load.
+function credentials_test(options, config, description) {
+ promise_test(async () => {
+ let workerURL, origin = config.origin;
+ if (config.fetchType === 'top-level') {
+ workerURL = 'resources/postmessage-credentials.py';
+ } else if (config.fetchType === 'descendant-static') {
+ workerURL =
+ `resources/static-import-${origin}-origin-credentials-checker-worker.${origin === 'same' ? '' : 'sub.'}js`;
+ } else if (config.fetchType === 'descendant-dynamic') {
+ workerURL =
+ `resources/dynamic-import-${origin}-origin-credentials-checker-worker.${origin === 'same' ? '' : 'sub.'}js`;
+ } else {
+ assert_unreached('Invalid config.fetchType: ' + config.fetchType);
+ }
+
+ // Name idetically for each test cases so that it connects to the shared
+ // worker with specified type and credentials.
+ options.name = `${options.type}_${options.credentials || 'default'}_${config.fetchType}_${config.origin}`;
+
+ const worker = new SharedWorker(workerURL, options);
+
+ // Wait until the worker sends the actual cookie value.
+ const msg_event = await new Promise(resolve => worker.port.onmessage = resolve);
+
+ const expectedCookieValue = DetermineExpectedCookieValue(options, config);
+ assert_equals(msg_event.data, expectedCookieValue);
+ }, description);
+}
+
+function init() {
+ // Same-origin cookie is set up in the .headers file in this directory.
+ promise_test(async () => {
+ return fetch(
+ `${host_info.HTTP_REMOTE_ORIGIN}/cookies/resources/set-cookie.py?name=COOKIE_NAME&path=/workers/modules/`,
+ {
+ mode: 'no-cors',
+ credentials: 'include'
+ });
+ }, 'Test initialization: setting up cross-origin cookie');
+}
+
+init();
+
+// Tests for module workers.
+
+credentials_test(
+ { type: 'module' },
+ { fetchType: 'top-level', origin: 'same' },
+ 'new SharedWorker() with type=module and default credentials option ' +
+ 'should behave as credentials=same-origin and send the credentials');
+
+credentials_test(
+ { credentials: 'omit', type: 'module' },
+ { fetchType: 'top-level', origin: 'same' },
+ 'new SharedWorker() with type=module and credentials=omit should not ' +
+ 'send the credentials');
+
+credentials_test(
+ { credentials: 'same-origin', type: 'module' },
+ { fetchType: 'top-level', origin: 'same' },
+ 'new SharedWorker() with type=module and credentials=same-origin should ' +
+ 'send the credentials');
+
+credentials_test(
+ { credentials: 'include', type: 'module' },
+ { fetchType: 'top-level', origin: 'same' },
+ 'new SharedWorker() with type=module and credentials=include should send ' +
+ 'the credentials');
+
+// Tests for module worker static imports.
+
+credentials_test(
+ { type: 'module' },
+ { fetchType: 'descendant-static', origin: 'same' },
+ 'new SharedWorker() with type=module and default credentials option ' +
+ 'should behave as credentials=same-origin and send the credentials for ' +
+ 'same-origin static imports');
+
+credentials_test(
+ { credentials: 'omit', type: 'module' },
+ { fetchType: 'descendant-static', origin: 'same' },
+ 'new SharedWorker() with type=module and credentials=omit should not ' +
+ 'send the credentials for same-origin static imports');
+
+credentials_test(
+ { credentials: 'same-origin', type: 'module' },
+ { fetchType: 'descendant-static', origin: 'same' },
+ 'new SharedWorker() with type=module and credentials=same-origin should ' +
+ 'send the credentials for same-origin static imports');
+
+credentials_test(
+ { credentials: 'include', type: 'module' },
+ { fetchType: 'descendant-static', origin: 'same' },
+ 'new SharedWorker() with type=module and credentials=include should send ' +
+ 'the credentials for same-origin static imports');
+
+credentials_test(
+ { type: 'module' },
+ { fetchType: 'descendant-static', origin: 'remote' },
+ 'new SharedWorker() with type=module and default credentials option ' +
+ 'should behave as credentials=same-origin and not send the credentials ' +
+ 'for cross-origin static imports');
+
+credentials_test(
+ { credentials: 'omit', type: 'module' },
+ { fetchType: 'descendant-static', origin: 'remote' },
+ 'new SharedWorker() with type=module and credentials=omit should not ' +
+ 'send the credentials for cross-origin static imports');
+
+credentials_test(
+ { credentials: 'same-origin', type: 'module' },
+ { fetchType: 'descendant-static', origin: 'remote' },
+ 'new SharedWorker() with type=module and credentials=same-origin should ' +
+ 'not send the credentials for cross-origin static imports');
+
+credentials_test(
+ { credentials: 'include', type: 'module' },
+ { fetchType: 'descendant-static', origin: 'remote' },
+ 'new SharedWorker() with type=module and credentials=include should send ' +
+ 'the credentials for cross-origin static imports');
+
+// Tests for module worker dynamic imports.
+
+credentials_test(
+ { type: 'module' },
+ { fetchType: 'descendant-dynamic', origin: 'same' },
+ 'new SharedWorker() with type=module and default credentials option ' +
+ 'should behave as credentials=same-origin and send the credentials for ' +
+ 'same-origin dynamic imports');
+
+credentials_test(
+ { credentials: 'omit', type: 'module' },
+ { fetchType: 'descendant-dynamic', origin: 'same' },
+ 'new SharedWorker() with type=module and credentials=omit should not ' +
+ 'send the credentials for same-origin dynamic imports');
+
+credentials_test(
+ { credentials: 'same-origin', type: 'module' },
+ { fetchType: 'descendant-dynamic', origin: 'same' },
+ 'new SharedWorker() with type=module and credentials=same-origin should ' +
+ 'send the credentials for same-origin dynamic imports');
+
+credentials_test(
+ { credentials: 'include', type: 'module' },
+ { fetchType: 'descendant-dynamic', origin: 'same' },
+ 'new SharedWorker() with type=module and credentials=include should send ' +
+ 'the credentials for same-origin dynamic imports');
+
+credentials_test(
+ { type: 'module'},
+ { fetchType: 'descendant-dynamic', origin: 'remote' },
+ 'new SharedWorker() with type=module and default credentials option ' +
+ 'should behave as credentials=same-origin and not send the credentials ' +
+ 'for cross-origin dynamic imports');
+
+credentials_test(
+ { credentials: 'omit', type: 'module' },
+ { fetchType: 'descendant-dynamic', origin: 'remote' },
+ 'new SharedWorker() with type=module and credentials=omit should not ' +
+ 'send the credentials for cross-origin dynamic imports');
+
+credentials_test(
+ { credentials: 'same-origin', type: 'module' },
+ { fetchType: 'descendant-dynamic', origin: 'remote' },
+ 'new SharedWorker() with type=module and credentials=same-origin should ' +
+ 'not send the credentials for cross-origin dynamic imports');
+
+credentials_test(
+ { credentials: 'include', type: 'module' },
+ { fetchType: 'descendant-dynamic', origin: 'remote' },
+ 'new SharedWorker() with type=module and credentials=include should send ' +
+ 'the credentials for cross-origin dynamic imports');
+
+// Tests for classic workers.
+// TODO(domfarolino): Maybe move classic worker tests up a directory?
+
+credentials_test(
+ { type: 'classic' },
+ { fetchType: 'top-level', origin: 'same' },
+ 'new SharedWorker() with type=classic should always send the credentials ' +
+ 'regardless of the credentials option (default).');
+
+credentials_test(
+ { credentials: 'omit', type: 'classic' },
+ { fetchType: 'top-level', origin: 'same' },
+ 'new SharedWorker() with type=classic should always send the credentials ' +
+ 'regardless of the credentials option (omit).');
+
+credentials_test(
+ { credentials: 'same-origin', type: 'classic' },
+ { fetchType: 'top-level', origin: 'same' },
+ 'new SharedWorker() with type=classic should always send the credentials ' +
+ 'regardless of the credentials option (same-origin).');
+
+credentials_test(
+ { credentials: 'include', type: 'classic' },
+ { fetchType: 'top-level', origin: 'same' },
+ 'new SharedWorker() with type=classic should always send the credentials ' +
+ 'regardless of the credentials option (include).');
+
+// Tests for classic worker dynamic imports.
+
+credentials_test(
+ { type: 'classic' },
+ { fetchType: 'descendant-dynamic', origin: 'same' },
+ 'new SharedWorker() with type=classic should always send the credentials ' +
+ 'for same-origin dynamic imports regardless of the credentials option ' +
+ '(default).');
+
+credentials_test(
+ { credentials: 'omit', type: 'classic' },
+ { fetchType: 'descendant-dynamic', origin: 'same' },
+ 'new SharedWorker() with type=classic should always send the credentials ' +
+ 'for same-origin dynamic imports regardless of the credentials option ' +
+ '(omit).');
+
+credentials_test(
+ { credentials: 'same-origin', type: 'classic' },
+ { fetchType: 'descendant-dynamic', origin: 'same' },
+ 'new SharedWorker() with type=classic should always send the credentials ' +
+ 'for same-origin dynamic imports regardless of the credentials option ' +
+ '(same-origin).');
+
+credentials_test(
+ { credentials: 'include', type: 'classic' },
+ { fetchType: 'descendant-dynamic', origin: 'same' },
+ 'new SharedWorker() with type=classic should always send the credentials ' +
+ 'for same-origin dynamic imports regardless of the credentials option ' +
+ '(include).');
+
+credentials_test(
+ { type: 'classic' },
+ { fetchType: 'descendant-dynamic', origin: 'remote' },
+ 'new SharedWorker() with type=classic should never send the credentials ' +
+ 'for cross-origin dynamic imports regardless of the credentials option ' +
+ '(default).');
+
+credentials_test(
+ { credentials: 'omit', type: 'classic' },
+ { fetchType: 'descendant-dynamic', origin: 'remote' },
+ 'new SharedWorker() with type=classic should never send the credentials ' +
+ 'for cross-origin dynamic imports regardless of the credentials option ' +
+ '(omit).');
+
+credentials_test(
+ { credentials: 'same-origin', type: 'classic' },
+ { fetchType: 'descendant-dynamic', origin: 'remote' },
+ 'new SharedWorker() with type=classic should never send the credentials ' +
+ 'for cross-origin dynamic imports regardless of the credentials option ' +
+ '(same-origin).');
+
+credentials_test(
+ { credentials: 'include', type: 'classic' },
+ { fetchType: 'descendant-dynamic', origin: 'remote' },
+ 'new SharedWorker() with type=classic should never send the credentials ' +
+ 'for cross-origin dynamic imports regardless of the credentials option ' +
+ '(include).');
+
+</script>
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-12 18:40:44 +0000