From fbaf0bb26397aa498eb9156f06d5a6fe34dd7dd8 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Fri, 19 Apr 2024 03:14:29 +0200 Subject: Merging upstream version 125.0.1. Signed-off-by: Daniel Baumann --- .../third-party-cookies/resources/test-helpers.js | 27 +++++++++- .../third-party-cookies-cross-site-embedder.html | 49 +++++++++++++++++ ...hird-party-cookies-cross-site-popup-opener.html | 53 ++++++++++++++++++ ...hird-party-cookies-cross-site-popup-verify.html | 40 ++++++++++++++ .../third-party-cookies-cross-site-popup.html | 32 +++++++++++ .../third-party-cookies-cross-site-window.html | 62 ---------------------- 6 files changed, 199 insertions(+), 64 deletions(-) create mode 100644 testing/web-platform/tests/cookies/third-party-cookies/resources/third-party-cookies-cross-site-embedder.html create mode 100644 testing/web-platform/tests/cookies/third-party-cookies/resources/third-party-cookies-cross-site-popup-opener.html create mode 100644 testing/web-platform/tests/cookies/third-party-cookies/resources/third-party-cookies-cross-site-popup-verify.html create mode 100644 testing/web-platform/tests/cookies/third-party-cookies/resources/third-party-cookies-cross-site-popup.html delete mode 100644 testing/web-platform/tests/cookies/third-party-cookies/resources/third-party-cookies-cross-site-window.html (limited to 'testing/web-platform/tests/cookies/third-party-cookies/resources') diff --git a/testing/web-platform/tests/cookies/third-party-cookies/resources/test-helpers.js b/testing/web-platform/tests/cookies/third-party-cookies/resources/test-helpers.js index 2ae2c46a37..c76ac71616 100644 --- a/testing/web-platform/tests/cookies/third-party-cookies/resources/test-helpers.js +++ b/testing/web-platform/tests/cookies/third-party-cookies/resources/test-helpers.js @@ -1,10 +1,10 @@ function testHttpCookies({desc, origin, cookieNames, expectsCookie}) { promise_test(async () => { - await assertOriginCanAccessCookies({origin, cookieNames, expectsCookie}); + await assertHttpOriginCanAccessCookies({ origin, cookieNames, expectsCookie }); }, getCookieTestName(expectsCookie, desc, "HTTP")); } -async function assertOriginCanAccessCookies({ +async function assertHttpOriginCanAccessCookies({ origin, cookieNames, expectsCookie, @@ -18,6 +18,29 @@ async function assertOriginCanAccessCookies({ } } +async function assertThirdPartyHttpCookies({ desc, origin, cookieNames, expectsCookie }) { + // Test that these cookies are not available on cross-site subresource requests to the + // origin that set them. + testHttpCookies({ + desc, + origin, + cookieNames, + expectsCookie, + }); + + promise_test(async () => { + const thirdPartyHttpCookie = "3P_http" + await credFetch( + `${origin}/cookies/resources/set.py?${thirdPartyHttpCookie}=foobar;` + + "Secure;Path=/;SameSite=None"); + await assertHttpOriginCanAccessCookies({ + origin, + cookieNames: [thirdPartyHttpCookie], + expectsCookie, + }); + }, desc + ": Cross site window setting HTTP cookies"); +} + function testDomCookies({desc, cookieNames, expectsCookie}) { test(() => { assertDomCanAccessCookie(cookieNames, expectsCookie); diff --git a/testing/web-platform/tests/cookies/third-party-cookies/resources/third-party-cookies-cross-site-embedder.html b/testing/web-platform/tests/cookies/third-party-cookies/resources/third-party-cookies-cross-site-embedder.html new file mode 100644 index 0000000000..ec25902a91 --- /dev/null +++ b/testing/web-platform/tests/cookies/third-party-cookies/resources/third-party-cookies-cross-site-embedder.html @@ -0,0 +1,49 @@ + + + +Window embedding a cross-site embed + + + + + + + + diff --git a/testing/web-platform/tests/cookies/third-party-cookies/resources/third-party-cookies-cross-site-popup-opener.html b/testing/web-platform/tests/cookies/third-party-cookies/resources/third-party-cookies-cross-site-popup-opener.html new file mode 100644 index 0000000000..a09b07e5b7 --- /dev/null +++ b/testing/web-platform/tests/cookies/third-party-cookies/resources/third-party-cookies-cross-site-popup-opener.html @@ -0,0 +1,53 @@ + + + +Window that opens a popup in a cross-site context + + + + + + + + + + diff --git a/testing/web-platform/tests/cookies/third-party-cookies/resources/third-party-cookies-cross-site-popup-verify.html b/testing/web-platform/tests/cookies/third-party-cookies/resources/third-party-cookies-cross-site-popup-verify.html new file mode 100644 index 0000000000..6deb88b5d0 --- /dev/null +++ b/testing/web-platform/tests/cookies/third-party-cookies/resources/third-party-cookies-cross-site-popup-verify.html @@ -0,0 +1,40 @@ + + + +Verifies heuristics enabled by popup + + + + + + + + diff --git a/testing/web-platform/tests/cookies/third-party-cookies/resources/third-party-cookies-cross-site-popup.html b/testing/web-platform/tests/cookies/third-party-cookies/resources/third-party-cookies-cross-site-popup.html new file mode 100644 index 0000000000..7addc7943c --- /dev/null +++ b/testing/web-platform/tests/cookies/third-party-cookies/resources/third-party-cookies-cross-site-popup.html @@ -0,0 +1,32 @@ + + + +Cross-site popup + + + + + + + + + + + + diff --git a/testing/web-platform/tests/cookies/third-party-cookies/resources/third-party-cookies-cross-site-window.html b/testing/web-platform/tests/cookies/third-party-cookies/resources/third-party-cookies-cross-site-window.html deleted file mode 100644 index 99418a6749..0000000000 --- a/testing/web-platform/tests/cookies/third-party-cookies/resources/third-party-cookies-cross-site-window.html +++ /dev/null @@ -1,62 +0,0 @@ - - - -Cross-site window - - - - - - - - -- cgit v1.2.3