1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
|
// META: script=/common/get-host-info.sub.js
// META: script=/common/utils.js
// META: script=/common/dispatcher/dispatcher.js
// META: script=./credentialless/resources/common.js
// META: script=./resources/common.js
const cors_coep_headers = coep_require_corp + corp_cross_origin;
const same_origin = get_host_info().HTTPS_ORIGIN;
const cross_origin = get_host_info().HTTPS_REMOTE_ORIGIN;
const dedicatedWorkerPostMessage = `
self.addEventListener('message', (e) => {
e.data.port.postMessage(self.crossOriginIsolated);
});
`;
const postMessageIsWorkerCrossOriginIsolated = async (
test,
frame,
worker_url
) => {
const worker = new frame.contentWindow.Worker(worker_url);
const mc = new MessageChannel();
worker.postMessage({port: mc.port2}, [mc.port2]);
worker.onerror = test.unreached_func('cannot create dedicated worker');
return (await new Promise(r => mc.port1.onmessage = r)).data;
}
const isDataDedicatedWorkerCrossOriginIsolated = async (
test,
parent_headers
) => {
const [future_child, future_error] =
await createIsolatedFrame('', parent_headers);
future_error.then(test.unreached_func('cannot create isolated iframe'));
const child = await future_child;
add_completion_callback(() => child.remove());
const worker_url =
`data:application/javascript;base64,${btoa(dedicatedWorkerPostMessage)}`;
return postMessageIsWorkerCrossOriginIsolated(test, child, worker_url);
}
const isBlobURLDedicatedWorkerCrossOriginIsolated = async(
test,
parent_headers
) => {
const [future_child, future_error] =
await createIsolatedFrame("", parent_headers);
future_error.then(test.unreached_func('cannot create isolated iframe'));
const child = await future_child;
add_completion_callback(() => child.remove());
const blob =
new Blob([dedicatedWorkerPostMessage], {type: 'text/plaintext'});
const workerURL = URL.createObjectURL(blob);
return postMessageIsWorkerCrossOriginIsolated(test, child, workerURL)
}
const isHTTPSDedicatedWorkerCrossOriginIsolated = async(
test,
parent_headers
) => {
const [future_child, future_error] =
await createIsolatedFrame("", parent_headers);
future_error.then(test.unreached_func('cannot create isolated iframe'));
const child = await future_child;
add_completion_callback(() => child.remove());
const worker_token = token();
const workerURL =
`${executor_worker_path}${cors_coep_headers}&uuid=${worker_token}`;
const worker = new child.contentWindow.Worker(workerURL);
return IsCrossOriginIsolated(worker_token);
}
const sharedWorkerIsCrossOriginIsolated = async(
test,
withCoopCoep
) => {
const [worker, future_error] =
environments.shared_worker(withCoopCoep ? cors_coep_headers : "");
future_error.then(test.unreached_func('cannot create shared worker.'));
return IsCrossOriginIsolated(worker);
}
const serviceWorkerIsCrossOriginIsolated = async(
test,
withCoopCoep
) => {
const [worker, future_error] =
environments.service_worker(withCoopCoep ? cors_coep_headers : "");
future_error.then(test.unreached_func('cannot create service worker.'));
return IsCrossOriginIsolated(worker);
}
const dedicatedWorkerIsCrossOriginIsolated = async (
test,
scheme,
parent_permission_coi
) => {
let parent_headers = cors_coep_headers;
if (parent_permission_coi !== undefined) {
// Escape right parenthesis in WPT cors_coep_headers:
parent_permission_coi = parent_permission_coi.replace(')', '\\)');
parent_headers += `|header(permissions-policy,` +
`cross-origin-isolated=${parent_permission_coi})`;
}
switch (scheme) {
case 'https':
return isHTTPSDedicatedWorkerCrossOriginIsolated(test, parent_headers);
case 'data':
return isDataDedicatedWorkerCrossOriginIsolated(test, parent_headers);
case 'blob':
return isBlobURLDedicatedWorkerCrossOriginIsolated(test, parent_headers);
default:
assert_unreached("wrong scheme for dedicated worker test.");
}
}
const generate_shared_worker_test = async (withCoopCoep, expected) => {
promise_test_parallel(async (test) => {
const isCrossOriginIsolated =
await sharedWorkerIsCrossOriginIsolated(test, withCoopCoep);
assert_equals(isCrossOriginIsolated, expected)
}, `shared_worker (withCoopCoep: ${withCoopCoep}) ` +
`cross origin isolated permission test`);
}
const generate_dedicated_worker_test = async (
scheme,
parent_permission_coi,
expected
) => {
promise_test_parallel(async (test) => {
const isCrossOriginIsolated =
await dedicatedWorkerIsCrossOriginIsolated(test, scheme, parent_permission_coi);
assert_equals(isCrossOriginIsolated, expected)
}, `dedicated_worker (scheme: ${scheme}) cross origin ` +
`isolated (${parent_permission_coi}) permission test`);
}
const generate_service_worker_test = async (withCoopCoep, expected) => {
promise_test_parallel(async (test) => {
const isCrossOriginIsolated =
await serviceWorkerIsCrossOriginIsolated(test, withCoopCoep);
assert_equals(isCrossOriginIsolated, expected)
}, `service_worker (withCoopCoep: ${withCoopCoep}) ` +
`cross origin isolated permission test`);
}
generate_shared_worker_test(false, false);
generate_shared_worker_test(true, true);
generate_dedicated_worker_test('https', undefined, true);
generate_dedicated_worker_test('https', '*', true);
generate_dedicated_worker_test('https', 'self', true);
generate_dedicated_worker_test('https', '()', false);
generate_dedicated_worker_test('data', undefined, false);
generate_dedicated_worker_test('data', '*', false);
generate_dedicated_worker_test('data', 'self', false);
generate_dedicated_worker_test('blob', undefined, true);
generate_dedicated_worker_test('blob', '*', true);
generate_dedicated_worker_test('blob', 'self', true);
generate_dedicated_worker_test('blob', '()', false);
generate_service_worker_test(false, false);
generate_service_worker_test(true, true);
|
