From 086c044dc34dfc0f74fbe41f4ecb402b2cd34884 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Fri, 19 Apr 2024 03:13:33 +0200 Subject: Merging upstream version 125.0.1. Signed-off-by: Daniel Baumann --- ...-dedicated-worker.tentative.sub.https.window.js | 8 ++++ .../resources/bless_cross_site_permissions.html | 17 ++++++++ .../resources/embedded_responder.js | 2 +- .../resources/embedded_worker.js | 17 -------- .../resources/embedded_worker.py | 31 ++++++++++++++ .../storage-access-api/resources/get_cookies.py | 10 +++++ .../storage-access-api/resources/set_cookies.py | 10 +++++ .../resources/shared-worker-cookies.py | 37 +++++++++++++++++ .../resources/shared-worker-relay.js | 10 +++++ ...torage-access-beyond-cookies-iframe-iframe.html | 46 +++++++++++++++------ .../storage-access-beyond-cookies-iframe.sub.html | 34 ++++++++++----- ....BroadcastChannel.tentative.sub.https.window.js | 5 ++- ...kies.SharedWorker.tentative.sub.https.window.js | 48 ++++++++++++++++++++++ ...okies.blobStorage.tentative.sub.https.window.js | 5 ++- ...nd-cookies.caches.tentative.sub.https.window.js | 5 ++- ...d-cookies.cookies.tentative.sub.https.window.js | 5 ++- ...-cookies.estimate.tentative.sub.https.window.js | 5 ++- ...kies.getDirectory.tentative.sub.https.window.js | 5 ++- ...cookies.indexedDB.tentative.sub.https.window.js | 5 ++- ...kies.localStorage.tentative.sub.https.window.js | 5 ++- ...ond-cookies.locks.tentative.sub.https.window.js | 5 ++- ...yond-cookies.none.tentative.sub.https.window.js | 5 ++- ...es.sessionStorage.tentative.sub.https.window.js | 5 ++- 23 files changed, 273 insertions(+), 52 deletions(-) create mode 100644 testing/web-platform/tests/storage-access-api/resources/bless_cross_site_permissions.html delete mode 100644 testing/web-platform/tests/storage-access-api/resources/embedded_worker.js create mode 100644 testing/web-platform/tests/storage-access-api/resources/embedded_worker.py create mode 100644 testing/web-platform/tests/storage-access-api/resources/get_cookies.py create mode 100644 testing/web-platform/tests/storage-access-api/resources/set_cookies.py create mode 100644 testing/web-platform/tests/storage-access-api/resources/shared-worker-cookies.py create mode 100644 testing/web-platform/tests/storage-access-api/resources/shared-worker-relay.js create mode 100644 testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.SharedWorker.tentative.sub.https.window.js (limited to 'testing/web-platform/tests/storage-access-api') diff --git a/testing/web-platform/tests/storage-access-api/requestStorageAccess-dedicated-worker.tentative.sub.https.window.js b/testing/web-platform/tests/storage-access-api/requestStorageAccess-dedicated-worker.tentative.sub.https.window.js index f2d766575d..6c3d616e26 100644 --- a/testing/web-platform/tests/storage-access-api/requestStorageAccess-dedicated-worker.tentative.sub.https.window.js +++ b/testing/web-platform/tests/storage-access-api/requestStorageAccess-dedicated-worker.tentative.sub.https.window.js @@ -37,6 +37,9 @@ await StartDedicatedWorker(frame); + assert_true(cookieStringHasCookie("cookie", "unpartitioned", + await MessageWorker(frame, {command: "load"})), + "Worker's load was credentialed."); assert_true(cookieStringHasCookie("cookie", "unpartitioned", await MessageWorker(frame, {command: "fetch", url: altRootEchoCookies})), "Worker's fetch is credentialed."); @@ -47,8 +50,13 @@ await SetFirstPartyCookieAndUnsetStorageAccessPermission(altRoot); const frame = await SetUpResponderFrame(t, altRootResponder); + assert_false(await FrameHasStorageAccess(frame), "frame lacks storage access before request."); + assert_false(await HasUnpartitionedCookie(frame), "frame lacks access to cookies before request."); await StartDedicatedWorker(frame); + assert_false(cookieStringHasCookie("cookie", "unpartitioned", + await MessageWorker(frame, {command: "load"})), + "Worker's load was uncredentialed."); assert_false(cookieStringHasCookie("cookie", "unpartitioned", await MessageWorker(frame, {command: "fetch", url: altRootEchoCookies})), "Worker's first fetch is uncredentialed."); diff --git a/testing/web-platform/tests/storage-access-api/resources/bless_cross_site_permissions.html b/testing/web-platform/tests/storage-access-api/resources/bless_cross_site_permissions.html new file mode 100644 index 0000000000..c3c5b6c0b0 --- /dev/null +++ b/testing/web-platform/tests/storage-access-api/resources/bless_cross_site_permissions.html @@ -0,0 +1,17 @@ + + + + + + + diff --git a/testing/web-platform/tests/storage-access-api/resources/embedded_responder.js b/testing/web-platform/tests/storage-access-api/resources/embedded_responder.js index bc13c7e7e8..228a262f16 100644 --- a/testing/web-platform/tests/storage-access-api/resources/embedded_responder.js +++ b/testing/web-platform/tests/storage-access-api/resources/embedded_responder.js @@ -79,7 +79,7 @@ window.addEventListener("message", async (event) => { reply(await fetch(event.data.url, {mode: 'no-cors', credentials: 'include'}).then((resp) => resp.text())); break; case "start_dedicated_worker": - worker = new Worker("embedded_worker.js"); + worker = new Worker("embedded_worker.py"); reply(undefined); break; case "message_worker": { diff --git a/testing/web-platform/tests/storage-access-api/resources/embedded_worker.js b/testing/web-platform/tests/storage-access-api/resources/embedded_worker.js deleted file mode 100644 index f3a0fb257a..0000000000 --- a/testing/web-platform/tests/storage-access-api/resources/embedded_worker.js +++ /dev/null @@ -1,17 +0,0 @@ -"use strict"; - -self.onmessage = async (message) => { - function reply(data) { - self.postMessage({data}); - } - - switch (message.data.command) { - case "fetch": { - const response = await fetch(message.data.url, {mode: 'cors', credentials: 'include'}) - .then((resp) => resp.text()); - reply(response); - break; - } - default: - } -}; diff --git a/testing/web-platform/tests/storage-access-api/resources/embedded_worker.py b/testing/web-platform/tests/storage-access-api/resources/embedded_worker.py new file mode 100644 index 0000000000..0aa457657f --- /dev/null +++ b/testing/web-platform/tests/storage-access-api/resources/embedded_worker.py @@ -0,0 +1,31 @@ +from cookies.resources.helpers import setNoCacheAndCORSHeaders + +# This worker messages how many connections have been made and checks what cookies are available. +def main(request, response): + headers = setNoCacheAndCORSHeaders(request, response) + headers[0] = (b"Content-Type", b"text/javascript") + cookie_header = request.headers.get(b"Cookie", b"") + document = b""" +"use strict"; + +self.onmessage = async (message) => { + function reply(data) { + self.postMessage({data}); + } + + switch (message.data.command) { + case "fetch": { + const response = await fetch(message.data.url, {mode: 'cors', credentials: 'include'}) + .then((resp) => resp.text()); + reply(response); + break; + } + case "load": { + reply(\"""" + cookie_header + b""""); + break; + } + default: + } +}; +""" + return headers, document diff --git a/testing/web-platform/tests/storage-access-api/resources/get_cookies.py b/testing/web-platform/tests/storage-access-api/resources/get_cookies.py new file mode 100644 index 0000000000..07e8c2dae3 --- /dev/null +++ b/testing/web-platform/tests/storage-access-api/resources/get_cookies.py @@ -0,0 +1,10 @@ +import json +from cookies.resources.helpers import makeCookieHeader, readCookies, setNoCacheAndCORSHeaders + +from wptserve.utils import isomorphic_decode + +def main(request, response): + headers = setNoCacheAndCORSHeaders(request, response) + cookies = readCookies(request) + decoded_cookies = {isomorphic_decode(key): isomorphic_decode(val) for key, val in cookies.items()} + return headers, json.dumps(decoded_cookies) \ No newline at end of file diff --git a/testing/web-platform/tests/storage-access-api/resources/set_cookies.py b/testing/web-platform/tests/storage-access-api/resources/set_cookies.py new file mode 100644 index 0000000000..fe182dd00c --- /dev/null +++ b/testing/web-platform/tests/storage-access-api/resources/set_cookies.py @@ -0,0 +1,10 @@ +from cookies.resources.helpers import makeCookieHeader, setNoCacheAndCORSHeaders + +def main(request, response): + headers = setNoCacheAndCORSHeaders(request, response) + headers[0] = (b"Content-Type", b"text/html; charset=utf-8") + headers.append(makeCookieHeader(b"samesite_strict", b"test", {b"SameSite":b"Strict", b"path":b"/", b"Secure":b""})) + headers.append(makeCookieHeader(b"samesite_lax", b"test", {b"SameSite":b"Lax", b"path":b"/", b"Secure":b""})) + headers.append(makeCookieHeader(b"samesite_none", b"test", {b"SameSite":b"None", b"path":b"/", b"Secure":b""})) + document = b"" + return headers, document diff --git a/testing/web-platform/tests/storage-access-api/resources/shared-worker-cookies.py b/testing/web-platform/tests/storage-access-api/resources/shared-worker-cookies.py new file mode 100644 index 0000000000..9307c4112c --- /dev/null +++ b/testing/web-platform/tests/storage-access-api/resources/shared-worker-cookies.py @@ -0,0 +1,37 @@ +from cookies.resources.helpers import makeCookieHeader, readCookies, setNoCacheAndCORSHeaders + +# This worker messages how many connections have been made and checks what cookies are available. +def main(request, response): + headers = setNoCacheAndCORSHeaders(request, response) + headers[0] = (b"Content-Type", b"text/javascript") + cookies = readCookies(request) + message = b"ReadOnLoad:" + if b"samesite_strict" in cookies: + message += b"Strict" + if b"samesite_lax" in cookies: + message += b"Lax" + if b"samesite_none" in cookies: + message += b"None" + document = b""" +let connection_count = 0; +self.onconnect = (e) => { + connection_count++; + fetch("/storage-access-api/resources/get_cookies.py", {credentials: 'include'}).then((resp) => { + resp.json().then((cookies) => { + let message = \"""" + message + b""",ReadOnFetch:"; + if (cookies.hasOwnProperty("samesite_strict")) { + message += "Strict"; + } + if (cookies.hasOwnProperty("samesite_lax")) { + message += "Lax"; + } + if (cookies.hasOwnProperty("samesite_none")) { + message += "None"; + } + message += ",ConnectionsMade:" + connection_count; + e.ports[0].postMessage(message); + }); + }); +} +""" + return headers, document \ No newline at end of file diff --git a/testing/web-platform/tests/storage-access-api/resources/shared-worker-relay.js b/testing/web-platform/tests/storage-access-api/resources/shared-worker-relay.js new file mode 100644 index 0000000000..c94acefec9 --- /dev/null +++ b/testing/web-platform/tests/storage-access-api/resources/shared-worker-relay.js @@ -0,0 +1,10 @@ +// This worker relays any messages received to the first connection. +let port; +self.onconnect = (e) => { + if (port == undefined) { + port = e.ports[0]; + } + e.ports[0].onmessage = (e) => { + port.postMessage(e.data); + } +} diff --git a/testing/web-platform/tests/storage-access-api/resources/storage-access-beyond-cookies-iframe-iframe.html b/testing/web-platform/tests/storage-access-api/resources/storage-access-beyond-cookies-iframe-iframe.html index ffb419f799..2d5e22fa71 100644 --- a/testing/web-platform/tests/storage-access-api/resources/storage-access-beyond-cookies-iframe-iframe.html +++ b/testing/web-platform/tests/storage-access-api/resources/storage-access-beyond-cookies-iframe-iframe.html @@ -17,7 +17,7 @@ case "none": { let couldRequestStorageAccessForNone = true; try { - await document.requestStorageAccess({}); + await test_driver.bless("fake user interaction", () => document.requestStorageAccess({})); } catch (_) { couldRequestStorageAccessForNone = false; } @@ -26,7 +26,7 @@ } let couldRequestStorageAccessForAllFalse = true; try { - await document.requestStorageAccess({all:false}); + await test_driver.bless("fake user interaction", () => document.requestStorageAccess({all:false})); } catch (_) { couldRequestStorageAccessForAllFalse = false; } @@ -44,7 +44,7 @@ if (hasUnpartitionedCookieAccess || document.cookie.includes("test="+id)) { message = "First-party cookies should not be readable before handle is loaded."; } - await document.requestStorageAccess({cookies: true}); + await test_driver.bless("fake user interaction", () => document.requestStorageAccess({cookies: true})); hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess(); if (!hasUnpartitionedCookieAccess || !document.cookie.includes("test="+id)) { message = "First-party cookies should be readable if cookies were requested."; @@ -52,7 +52,7 @@ break; } case "sessionStorage": { - const handle = await document.requestStorageAccess({sessionStorage: true}); + const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({sessionStorage: true})); let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess(); if (hasUnpartitionedCookieAccess) { message = "First-party cookies should not be readable if not requested."; @@ -77,7 +77,7 @@ break; } case "localStorage": { - const handle = await document.requestStorageAccess({localStorage: true}); + const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({localStorage: true})); let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess(); if (hasUnpartitionedCookieAccess) { message = "First-party cookies should not be readable if not requested."; @@ -102,7 +102,7 @@ break; } case "indexedDB": { - const handle = await document.requestStorageAccess({indexedDB: true}); + const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({indexedDB: true})); let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess(); if (hasUnpartitionedCookieAccess) { message = "First-party cookies should not be readable if not requested."; @@ -119,7 +119,7 @@ break; } case "locks": { - const handle = await document.requestStorageAccess({locks: true}); + const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({locks: true})); let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess(); if (hasUnpartitionedCookieAccess) { message = "First-party cookies should not be readable if not requested."; @@ -136,7 +136,7 @@ break; } case "caches": { - const handle = await document.requestStorageAccess({caches: true}); + const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({caches: true})); let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess(); if (hasUnpartitionedCookieAccess) { message = "First-party cookies should not be readable if not requested."; @@ -153,7 +153,7 @@ break; } case "getDirectory": { - const handle = await document.requestStorageAccess({getDirectory: true}); + const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({getDirectory: true})); let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess(); if (hasUnpartitionedCookieAccess) { message = "First-party cookies should not be readable if not requested."; @@ -172,7 +172,7 @@ break; } case "estimate": { - const handle = await document.requestStorageAccess({estimate: true}); + const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({estimate: true})); let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess(); if (hasUnpartitionedCookieAccess) { message = "First-party cookies should not be readable if not requested."; @@ -188,7 +188,7 @@ break; } case "blobStorage": { - const handle = await document.requestStorageAccess({createObjectURL: true, revokeObjectURL: true}); + const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({createObjectURL: true, revokeObjectURL: true})); let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess(); if (hasUnpartitionedCookieAccess) { message = "First-party cookies should not be readable if not requested."; @@ -230,7 +230,7 @@ break; } case "BroadcastChannel": { - const handle = await document.requestStorageAccess({BroadcastChannel: true}); + const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({BroadcastChannel: true})); let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess(); if (hasUnpartitionedCookieAccess) { message = "First-party cookies should not be readable if not requested."; @@ -243,6 +243,26 @@ local_channel.close(); break; } + case "SharedWorker": { + const local_shared_worker = new SharedWorker("/storage-access-api/resources/shared-worker-relay.js", id); + local_shared_worker.port.start(); + local_shared_worker.port.postMessage("Same-origin local access"); + const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({SharedWorker: true})); + let couldRequestAllCookies = true; + try { + handle.SharedWorker("/storage-access-api/resources/shared-worker-relay.js", {name: id, sameSiteCookies: 'all'}); + } catch (_) { + couldRequestAllCookies = false; + } + if (couldRequestAllCookies) { + message = "Shared Workers in a third-party context should not be able to request SameSite cookies."; + } + handle.SharedWorker("/storage-access-api/resources/shared-worker-cookies.py", id).port.start(); + const handle_shared_worker = handle.SharedWorker("/storage-access-api/resources/shared-worker-relay.js", {name: id, sameSiteCookies: 'none'}); + handle_shared_worker.port.start(); + handle_shared_worker.port.postMessage("Same-origin handle access"); + break; + } default: { message = "Unexpected type " + type; break; @@ -254,6 +274,6 @@ // Step 7 (storage-access-api/storage-access-beyond-cookies.{}.tentative.sub.https.html) await MaybeSetStorageAccess("*", "*", "allowed"); await test_driver.set_permission({ name: 'storage-access' }, 'prompt'); - window.top.postMessage(message, "*"); + window.top.postMessage({type: "result", message: message}, "*"); })(); diff --git a/testing/web-platform/tests/storage-access-api/resources/storage-access-beyond-cookies-iframe.sub.html b/testing/web-platform/tests/storage-access-api/resources/storage-access-beyond-cookies-iframe.sub.html index 8c30973416..a9247a0002 100644 --- a/testing/web-platform/tests/storage-access-api/resources/storage-access-beyond-cookies-iframe.sub.html +++ b/testing/web-platform/tests/storage-access-api/resources/storage-access-beyond-cookies-iframe.sub.html @@ -5,7 +5,10 @@ diff --git a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.BroadcastChannel.tentative.sub.https.window.js b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.BroadcastChannel.tentative.sub.https.window.js index d709cdcd10..feb268b4b8 100644 --- a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.BroadcastChannel.tentative.sub.https.window.js +++ b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.BroadcastChannel.tentative.sub.https.window.js @@ -17,8 +17,11 @@ async_test(t => { let broadcasts = []; // Step 1 window.addEventListener("message", t.step_func(e => { + if (e.data.type != "result") { + return; + } // Step 8 - assert_equals(e.data, "HasAccess for BroadcastChannel", "Storage Access API should be accessible and return first-party data"); + assert_equals(e.data.message, "HasAccess for BroadcastChannel", "Storage Access API should be accessible and return first-party data"); assert_array_equals(broadcasts, ["Same-origin handle access"], "Should have only seen same-origin handle broadcasts"); t.done(); })); diff --git a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.SharedWorker.tentative.sub.https.window.js b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.SharedWorker.tentative.sub.https.window.js new file mode 100644 index 0000000000..ed4f25517f --- /dev/null +++ b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.SharedWorker.tentative.sub.https.window.js @@ -0,0 +1,48 @@ +// META: script=/resources/testdriver.js +// META: script=/resources/testdriver-vendor.js + +'use strict'; + +// Here's the set-up for this test: +// Step 1 (top-frame) Set up fallback failure listener for if the handle cannot be used. +// Step 2 (top-frame) Set up relay worker to expect "Same-origin handle access". +// Step 3 (top-frame) Set cookies and embed an iframe that's cross-site with top-frame. +// Step 4 (sub-frame) Try to use storage access API to access shared worker. +// Step 5 (sub-frame) Embed an iframe that's same-origin with top-frame. +// Step 6 (sub-sub-frame) Try to use storage access API to access first-party shared worker. +// Step 7 (sub-sub-frame) Send "HasAccess for SharedWorker" message to top-frame. +// Step 8 (top-frame) Set up cookie worker to expect it's already opened. +// TODO(crbug.com/1484966): Verify access to cookies in shared workers. + +async_test(t => { + // Step 1 + window.addEventListener("message", t.step_func(e => { + if (e.data.type != "result") { + return; + } + assert_equals(e.data.message, "HasAccess for SharedWorker", "Storage Access API should be accessible and return first-party data"); + })); + + // Step 2 + const id = Date.now(); + const relay_worker = new SharedWorker("/storage-access-api/resources/shared-worker-relay.js", {name: id, sameSiteCookies: 'none'}); + relay_worker.port.onmessage = t.step_func(e => { + assert_equals(e.data, "Same-origin handle access", "Relay worker should divert messages here"); + // Step 8 + const cookie_worker = new SharedWorker("/storage-access-api/resources/shared-worker-cookies.py", {name: id, sameSiteCookies: 'none'}); + cookie_worker.port.onmessage = t.step_func(e => { + assert_equals(e.data, "ReadOnLoad:None,ReadOnFetch:None,ConnectionsMade:2", "Worker should already have been opened and only see SameSite=None cookies"); + test_driver.delete_all_cookies().then(t.step_func(() => { + t.done(); + })); + }); + }); + + // Step 3 + const cookie_set_window = window.open("/storage-access-api/resources/set_cookies.py"); + cookie_set_window.onload = t.step_func(_ => { + let iframe = document.createElement("iframe"); + iframe.src = "https://{{hosts[alt][]}}:{{ports[https][0]}}/storage-access-api/resources/storage-access-beyond-cookies-iframe.sub.html?type=SharedWorker&id="+id; + document.body.appendChild(iframe); + }); +}, "Verify StorageAccessAPIBeyondCookies for Shared Worker"); diff --git a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.blobStorage.tentative.sub.https.window.js b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.blobStorage.tentative.sub.https.window.js index 6ef0bd08d4..cc2785b6fa 100644 --- a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.blobStorage.tentative.sub.https.window.js +++ b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.blobStorage.tentative.sub.https.window.js @@ -16,8 +16,11 @@ async_test(t => { // Step 1 window.addEventListener("message", t.step_func(e => { + if (e.data.type != "result") { + return; + } // Step 8 - assert_equals(e.data, "HasAccess for blobStorage", "Storage Access API should be accessible and return first-party data"); + assert_equals(e.data.message, "HasAccess for blobStorage", "Storage Access API should be accessible and return first-party data"); t.done(); })); diff --git a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.caches.tentative.sub.https.window.js b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.caches.tentative.sub.https.window.js index dda1e54565..7907084e63 100644 --- a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.caches.tentative.sub.https.window.js +++ b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.caches.tentative.sub.https.window.js @@ -16,8 +16,11 @@ async_test(t => { // Step 1 window.addEventListener("message", t.step_func(e => { + if (e.data.type != "result") { + return; + } // Step 8 - assert_equals(e.data, "HasAccess for caches", "Storage Access API should be accessible and return first-party data"); + assert_equals(e.data.message, "HasAccess for caches", "Storage Access API should be accessible and return first-party data"); t.done(); })); diff --git a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.cookies.tentative.sub.https.window.js b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.cookies.tentative.sub.https.window.js index c352ab2935..1ff00fa919 100644 --- a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.cookies.tentative.sub.https.window.js +++ b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.cookies.tentative.sub.https.window.js @@ -16,8 +16,11 @@ async_test(t => { // Step 1 window.addEventListener("message", t.step_func(e => { + if (e.data.type != "result") { + return; + } // Step 8 - assert_equals(e.data, "HasAccess for cookies", "Storage Access API should be accessible and return first-party data"); + assert_equals(e.data.message, "HasAccess for cookies", "Storage Access API should be accessible and return first-party data"); test_driver.delete_all_cookies().then(t.step_func(() => { t.done(); })); diff --git a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.estimate.tentative.sub.https.window.js b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.estimate.tentative.sub.https.window.js index 2e9f6eed12..fb15dfee09 100644 --- a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.estimate.tentative.sub.https.window.js +++ b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.estimate.tentative.sub.https.window.js @@ -18,8 +18,11 @@ async_test(t => { // Step 1 window.addEventListener("message", t.step_func(e => { + if (e.data.type != "result") { + return; + } // Step 8 - assert_equals(e.data, "HasAccess for estimate", "Storage Access API should be accessible and return first-party data"); + assert_equals(e.data.message, "HasAccess for estimate", "Storage Access API should be accessible and return first-party data"); caches.delete(id).then(() => { t.done(); }); diff --git a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.getDirectory.tentative.sub.https.window.js b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.getDirectory.tentative.sub.https.window.js index 5038afc969..b3b8f7e8e2 100644 --- a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.getDirectory.tentative.sub.https.window.js +++ b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.getDirectory.tentative.sub.https.window.js @@ -16,8 +16,11 @@ async_test(t => { // Step 1 window.addEventListener("message", t.step_func(e => { + if (e.data.type != "result") { + return; + } // Step 8 - assert_equals(e.data, "HasAccess for getDirectory", "Storage Access API should be accessible and return first-party data"); + assert_equals(e.data.message, "HasAccess for getDirectory", "Storage Access API should be accessible and return first-party data"); t.done(); })); diff --git a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.indexedDB.tentative.sub.https.window.js b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.indexedDB.tentative.sub.https.window.js index 18c4317bbe..8e9420da0d 100644 --- a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.indexedDB.tentative.sub.https.window.js +++ b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.indexedDB.tentative.sub.https.window.js @@ -16,8 +16,11 @@ async_test(t => { // Step 1 window.addEventListener("message", t.step_func(e => { + if (e.data.type != "result") { + return; + } // Step 8 - assert_equals(e.data, "HasAccess for indexedDB", "Storage Access API should be accessible and return first-party data"); + assert_equals(e.data.message, "HasAccess for indexedDB", "Storage Access API should be accessible and return first-party data"); t.done(); })); diff --git a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.localStorage.tentative.sub.https.window.js b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.localStorage.tentative.sub.https.window.js index 6243cb1fa8..8002131779 100644 --- a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.localStorage.tentative.sub.https.window.js +++ b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.localStorage.tentative.sub.https.window.js @@ -16,7 +16,10 @@ async_test(t => { // Step 1 window.addEventListener("message", t.step_func(e => { - assert_equals(e.data, "HasAccess for localStorage", "Storage Access API should be accessible and return first-party data"); + if (e.data.type != "result") { + return; + } + assert_equals(e.data.message, "HasAccess for localStorage", "Storage Access API should be accessible and return first-party data"); window.localStorage.setItem("window_event", id); })); diff --git a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.locks.tentative.sub.https.window.js b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.locks.tentative.sub.https.window.js index 83aa28c018..ed7d6ea484 100644 --- a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.locks.tentative.sub.https.window.js +++ b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.locks.tentative.sub.https.window.js @@ -16,8 +16,11 @@ async_test(t => { // Step 1 window.addEventListener("message", t.step_func(e => { + if (e.data.type != "result") { + return; + } // Step 8 - assert_equals(e.data, "HasAccess for locks", "Storage Access API should be accessible and return first-party data"); + assert_equals(e.data.message, "HasAccess for locks", "Storage Access API should be accessible and return first-party data"); t.done(); })); diff --git a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.none.tentative.sub.https.window.js b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.none.tentative.sub.https.window.js index 3715fdf39e..ba5ea3279d 100644 --- a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.none.tentative.sub.https.window.js +++ b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.none.tentative.sub.https.window.js @@ -17,7 +17,10 @@ async_test(t => { // Step 1 window.addEventListener("message", t.step_func(e => { // Step 8 - assert_equals(e.data, "HasAccess for none", "Storage Access API should not allow access for empty requests."); + if (e.data.type != "result") { + return; + } + assert_equals(e.data.message, "HasAccess for none", "Storage Access API should not allow access for empty requests."); t.done(); })); diff --git a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.sessionStorage.tentative.sub.https.window.js b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.sessionStorage.tentative.sub.https.window.js index 1b12f133b2..93b243f6c1 100644 --- a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.sessionStorage.tentative.sub.https.window.js +++ b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.sessionStorage.tentative.sub.https.window.js @@ -16,7 +16,10 @@ async_test(t => { // Step 1 window.addEventListener("message", t.step_func(e => { - assert_equals(e.data, "HasAccess for sessionStorage", "Storage Access API should be accessible and return first-party data"); + if (e.data.type != "result") { + return; + } + assert_equals(e.data.message, "HasAccess for sessionStorage", "Storage Access API should be accessible and return first-party data"); window.sessionStorage.setItem("window_event", id); })); -- cgit v1.2.3