summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/websockets/cookies
diff options
context:
space:
mode:
Diffstat (limited to 'testing/web-platform/tests/websockets/cookies')
-rw-r--r--testing/web-platform/tests/websockets/cookies/001.html28
-rw-r--r--testing/web-platform/tests/websockets/cookies/002.html26
-rw-r--r--testing/web-platform/tests/websockets/cookies/003.html34
-rw-r--r--testing/web-platform/tests/websockets/cookies/004.html31
-rw-r--r--testing/web-platform/tests/websockets/cookies/005.html35
-rw-r--r--testing/web-platform/tests/websockets/cookies/006.html35
-rw-r--r--testing/web-platform/tests/websockets/cookies/007.html36
-rw-r--r--testing/web-platform/tests/websockets/cookies/support/set-cookie.py7
-rw-r--r--testing/web-platform/tests/websockets/cookies/support/websocket-cookies-helper.sub.js57
-rw-r--r--testing/web-platform/tests/websockets/cookies/third-party-cookie-accepted.https.html25
10 files changed, 314 insertions, 0 deletions
diff --git a/testing/web-platform/tests/websockets/cookies/001.html b/testing/web-platform/tests/websockets/cookies/001.html
new file mode 100644
index 0000000000..c43947fa87
--- /dev/null
+++ b/testing/web-platform/tests/websockets/cookies/001.html
@@ -0,0 +1,28 @@
+<!doctype html>
+<title>WebSockets: Cookie in request</title>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src=../constants.sub.js></script>
+<meta name="variant" content="">
+<meta name="variant" content="?wss&wpt_flags=https">
+<meta name="variant" content="?wpt_flags=h2">
+<div id=log></div>
+<script>
+var cookie_id = ((new Date())-0) + '.' + Math.random();
+async_test(function(t) {
+ if (window.WebSocket) {
+ document.cookie = 'ws_test_'+cookie_id+'=test; Path=/';
+ }
+ t.add_cleanup(function() {
+ // remove cookie
+ document.cookie = 'ws_test_'+cookie_id+'=; Path=/; Expires=Sun, 06 Nov 1994 08:49:37 GMT';
+ });
+ var ws = new WebSocket(SCHEME_DOMAIN_PORT+'/echo-cookie');
+ ws.onmessage = t.step_func(function(e) {
+ assert_regexp_match(e.data, new RegExp('ws_test_'+cookie_id+'=test'));
+ ws.close();
+ t.done();
+ });
+ ws.onerror = ws.onclose = t.step_func(function(e) {assert_unreached(e.type)});
+});
+</script>
diff --git a/testing/web-platform/tests/websockets/cookies/002.html b/testing/web-platform/tests/websockets/cookies/002.html
new file mode 100644
index 0000000000..1a5e03e335
--- /dev/null
+++ b/testing/web-platform/tests/websockets/cookies/002.html
@@ -0,0 +1,26 @@
+<!doctype html>
+<title>WebSockets: Set-Cookie in response</title>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src=../constants.sub.js></script>
+<meta name="variant" content="">
+<meta name="variant" content="?wss&wpt_flags=https">
+<meta name="variant" content="?wpt_flags=h2">
+<div id=log></div>
+<script>
+var cookie_id = ((new Date())-0) + '.' + Math.random();
+async_test(function(t) {
+ t.add_cleanup(function() {
+ // remove cookie
+ document.cookie = 'ws_test_'+cookie_id+'=; Path=/; Expires=Sun, 06 Nov 1994 08:49:37 GMT';
+ });
+ var ws = new WebSocket(SCHEME_DOMAIN_PORT+'/set-cookie?'+cookie_id);
+ ws.onopen = t.step_func(function(e) {
+ assert_regexp_match(document.cookie, new RegExp('ws_test_'+cookie_id+'=test'));
+ ws.close();
+ ws.onclose = null;
+ t.done();
+ });
+ ws.onerror = ws.onclose = t.step_func(function(e) {assert_unreached(e.type)});
+});
+</script>
diff --git a/testing/web-platform/tests/websockets/cookies/003.html b/testing/web-platform/tests/websockets/cookies/003.html
new file mode 100644
index 0000000000..2af4735402
--- /dev/null
+++ b/testing/web-platform/tests/websockets/cookies/003.html
@@ -0,0 +1,34 @@
+<!doctype html>
+<title>WebSockets: sending HttpOnly cookies in ws request</title>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src=../constants.sub.js></script>
+<meta name="variant" content="">
+<meta name="variant" content="?wss&wpt_flags=https">
+<meta name="variant" content="?wpt_flags=h2">
+<div id=log></div>
+<script>
+setup({explicit_done:true})
+var cookie_id = ((new Date())-0) + '.' + Math.random();
+
+var t = async_test(function(t) {
+ var iframe = document.createElement('iframe');
+ t.add_cleanup(function() {
+ // remove cookie
+ iframe.src = 'support/set-cookie.py?'+encodeURIComponent('ws_test_'+cookie_id+'=; Path=/; HttpOnly; Expires=Sun, 06 Nov 1994 08:49:37 GMT');
+ iframe.onload = done;
+ });
+ iframe.src = 'support/set-cookie.py?'+encodeURIComponent('ws_test_'+cookie_id+'=test; Path=/; HttpOnly');
+ iframe.onload = t.step_func(function() {
+ var ws = new WebSocket(SCHEME_DOMAIN_PORT+'/echo-cookie');
+ ws.onmessage = t.step_func(function(e) {
+ ws.close();
+ ws.onclose = null;
+ assert_regexp_match(e.data, new RegExp('ws_test_'+cookie_id+'=test'));
+ t.done();
+ });
+ ws.onerror = ws.onclose = t.step_func(function(e) {assert_unreached(e.type)});
+ });
+ document.body.appendChild(iframe);
+});
+</script>
diff --git a/testing/web-platform/tests/websockets/cookies/004.html b/testing/web-platform/tests/websockets/cookies/004.html
new file mode 100644
index 0000000000..efc3a9f84d
--- /dev/null
+++ b/testing/web-platform/tests/websockets/cookies/004.html
@@ -0,0 +1,31 @@
+<!doctype html>
+<title>WebSockets: setting HttpOnly cookies in ws response, checking document.cookie</title>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src=../constants.sub.js></script>
+<meta name="variant" content="">
+<meta name="variant" content="?wss&wpt_flags=https">
+<div id=log></div>
+<script>
+setup({explicit_done:true})
+var cookie_id = ((new Date())-0) + '.' + Math.random();
+
+var t = async_test(function(t) {
+ var iframe = document.createElement('iframe');
+ t.add_cleanup(function() {
+ // remove cookie
+ iframe.src = 'support/set-cookie.py?'+encodeURIComponent('ws_test_'+cookie_id+'=; Path=/; HttpOnly; Expires=Sun, 06 Nov 1994 08:49:37 GMT');
+ iframe.onload = done;
+ });
+ var url = SCHEME_DOMAIN_PORT+'/set-cookie_http?'+cookie_id;
+ var ws = new WebSocket(url);
+ ws.onopen = t.step_func(function(e) {
+ ws.close();
+ ws.onclose = null;
+ assert_false(new RegExp('ws_test_'+cookie_id+'=test').test(document.cookie));
+ t.done();
+ });
+ ws.onerror = ws.onclose = t.step_func(function(e) {assert_unreached(e.type)});
+ document.body.appendChild(iframe);
+});
+</script>
diff --git a/testing/web-platform/tests/websockets/cookies/005.html b/testing/web-platform/tests/websockets/cookies/005.html
new file mode 100644
index 0000000000..8940d95127
--- /dev/null
+++ b/testing/web-platform/tests/websockets/cookies/005.html
@@ -0,0 +1,35 @@
+<!doctype html>
+<title>WebSockets: setting HttpOnly cookies in ws response, checking ws request</title>
+<meta name=timeout content=long>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src=../constants.sub.js></script>
+<meta name="variant" content="">
+<meta name="variant" content="?wss&wpt_flags=https">
+<div id=log></div>
+<script>
+setup({explicit_done:true})
+var cookie_id = ((new Date())-0) + '.' + Math.random();
+
+var t = async_test(function(t) {
+ var iframe = document.createElement('iframe');
+ t.add_cleanup(function() {
+ // remove cookie
+ iframe.src = 'support/set-cookie.py?'+encodeURIComponent('ws_test_'+cookie_id+'=; Path=/; HttpOnly; Expires=Sun, 06 Nov 1994 08:49:37 GMT');
+ iframe.onload = done;
+ });
+ var ws = new WebSocket(SCHEME_DOMAIN_PORT+'/set-cookie_http?'+cookie_id);
+ ws.onopen = t.step_func(function(e) {
+ var ws2 = new WebSocket(SCHEME_DOMAIN_PORT+'/echo-cookie');
+ ws2.onmessage = t.step_func(function(e) {
+ ws.close();
+ ws.onclose = null;
+ ws2.close();
+ assert_regexp_match(e.data, new RegExp('ws_test_'+cookie_id+'=test'));
+ t.done();
+ });
+ });
+ ws.onerror = ws.onclose = t.step_func(function(e) {assert_unreached(e.type)});
+ document.body.appendChild(iframe);
+})
+</script>
diff --git a/testing/web-platform/tests/websockets/cookies/006.html b/testing/web-platform/tests/websockets/cookies/006.html
new file mode 100644
index 0000000000..3c74363a43
--- /dev/null
+++ b/testing/web-platform/tests/websockets/cookies/006.html
@@ -0,0 +1,35 @@
+<!doctype html>
+<title>WebSockets: setting Secure cookie with document.cookie, checking ws request</title>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src=../constants.sub.js></script>
+<meta name="variant" content="">
+<meta name="variant" content="?wss&wpt_flags=https">
+<meta name="variant" content="?wpt_flags=h2">
+<div id=log></div>
+<script>
+var cookie_id = ((new Date())-0) + '.' + Math.random();
+async_test(function(t) {
+ if (window.WebSocket) {
+ document.cookie = 'ws_test_'+cookie_id+'=test; Path=/; Secure';
+ }
+ t.add_cleanup(function() {
+ // remove cookie
+ document.cookie = 'ws_test_'+cookie_id+'=; Path=/; Secure; Expires=Sun, 06 Nov 1994 08:49:37 GMT';
+ });
+ var ws = new WebSocket(SCHEME_DOMAIN_PORT+'/echo-cookie');
+ ws.onmessage = t.step_func(function(e) {
+ ws.close();
+ var cookie_was_seen = e.data.indexOf('ws_test_'+cookie_id+'=test') != -1;
+ if (SCHEME_DOMAIN_PORT.substr(0,3) == 'wss') {
+ assert_true(cookie_was_seen,
+ 'cookie should have been visible to wss');
+ } else {
+ assert_false(cookie_was_seen,
+ 'cookie should not have been visible to ws');
+ }
+ t.done();
+ })
+ ws.onerror = ws.onclose = t.step_func(function(e) {assert_unreached(e.type)});
+});
+</script>
diff --git a/testing/web-platform/tests/websockets/cookies/007.html b/testing/web-platform/tests/websockets/cookies/007.html
new file mode 100644
index 0000000000..2c214a1dbb
--- /dev/null
+++ b/testing/web-platform/tests/websockets/cookies/007.html
@@ -0,0 +1,36 @@
+<!doctype html>
+<title>WebSockets: when to process set-cookie fields in ws response</title>
+<meta name=timeout content=long>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src=../constants.sub.js></script>
+<meta name="variant" content="">
+<meta name="variant" content="?wss&wpt_flags=https">
+<meta name="variant" content="?wpt_flags=h2">
+<div id=log></div>
+<script>
+var cookie_id = ((new Date())-0) + '.' + Math.random();
+async_test(function(t) {
+ t.add_cleanup(function() {
+ // remove cookie
+ document.cookie = 'ws_test_'+cookie_id+'; Path=/; Expires=Sun, 06 Nov 1994 08:49:37 GMT';
+ });
+ var ws = new WebSocket(SCHEME_DOMAIN_PORT+'/set-cookie?'+cookie_id);
+ ws.onopen = t.step_func(function(e) {
+ ws.close();
+ ws.onclose = null;
+ assert_regexp_match(document.cookie, new RegExp('ws_test_'+cookie_id+'=test'));
+ t.done();
+ });
+ ws.onerror = ws.onclose = t.step_func(function() {assert_unreached()});
+
+ // sleep for 2 seconds with sync xhr
+ var sleep = new XMLHttpRequest();
+ sleep.open('GET', '/common/blank.html?pipe=trickle(d2)', false);
+ sleep.send(null);
+
+ if (new RegExp('ws_test_'+cookie_id+'=test').test(document.cookie)) {
+ assert_unreached('cookie was set during script execution');
+ }
+});
+</script>
diff --git a/testing/web-platform/tests/websockets/cookies/support/set-cookie.py b/testing/web-platform/tests/websockets/cookies/support/set-cookie.py
new file mode 100644
index 0000000000..71cd8bca60
--- /dev/null
+++ b/testing/web-platform/tests/websockets/cookies/support/set-cookie.py
@@ -0,0 +1,7 @@
+from urllib.parse import unquote
+
+from wptserve.utils import isomorphic_encode
+
+def main(request, response):
+ response.headers.set(b'Set-Cookie', isomorphic_encode(unquote(request.url_parts.query)))
+ return [(b"Content-Type", b"text/plain")], b""
diff --git a/testing/web-platform/tests/websockets/cookies/support/websocket-cookies-helper.sub.js b/testing/web-platform/tests/websockets/cookies/support/websocket-cookies-helper.sub.js
new file mode 100644
index 0000000000..a7fae2551e
--- /dev/null
+++ b/testing/web-platform/tests/websockets/cookies/support/websocket-cookies-helper.sub.js
@@ -0,0 +1,57 @@
+// Set up global variables.
+(_ => {
+ var HOST = '{{host}}';
+ var CROSS_ORIGIN_HOST = '{{hosts[alt][]}}';
+ var WSS_PORT = ':{{ports[wss][0]}}';
+ var HTTPS_PORT = ':{{ports[https][0]}}';
+
+ window.WSS_ORIGIN = 'wss://' + HOST + WSS_PORT;
+ window.WSS_CROSS_SITE_ORIGIN = 'wss://' + CROSS_ORIGIN_HOST + WSS_PORT;
+ window.HTTPS_ORIGIN = 'https://' + HOST + HTTPS_PORT;
+ window.HTTPS_CROSS_SITE_ORIGIN = 'https://' + CROSS_ORIGIN_HOST + HTTPS_PORT;
+})();
+
+// Sets a cookie with each SameSite option.
+function setSameSiteCookies(origin, value) {
+ return new Promise(resolve => {
+ const ws = new WebSocket(origin + '/set-cookies-samesite?value=' + value);
+ ws.onopen = () => {
+ ws.close();
+ };
+ ws.onclose = resolve;
+ });
+}
+
+// Clears cookies set by setSameSiteCookies().
+function clearSameSiteCookies(origin) {
+ return new Promise(resolve => {
+ const ws = new WebSocket(origin + '/set-cookies-samesite?clear');
+ ws.onopen = () => ws.close();
+ ws.onclose = resolve;
+ });
+}
+
+// Gets value of Cookie header sent in request.
+function connectAndGetRequestCookiesFrom(origin) {
+ return new Promise((resolve, reject) => {
+ var ws = new WebSocket(origin + '/echo-cookie');
+ ws.onmessage = evt => {
+ var cookies = evt.data
+ resolve(cookies);
+ ws.onerror = undefined;
+ ws.onclose = undefined;
+ };
+ ws.onerror = () => reject('Unexpected error event');
+ ws.onclose = evt => reject('Unexpected close event: ' + JSON.stringify(evt));
+ });
+}
+
+// Assert that a given cookie is or is not present in the string |cookies|.
+function assertCookie(cookies, name, value, present) {
+ var assertion = present ? assert_true : assert_false;
+ var description = name + '=' + value + ' cookie is' +
+ (present ? ' ' : ' not ') + 'present.';
+ var re = new RegExp('(?:^|; )' + name + '=' + value + '(?:$|;)');
+ assertion(re.test(cookies), description);
+}
+
diff --git a/testing/web-platform/tests/websockets/cookies/third-party-cookie-accepted.https.html b/testing/web-platform/tests/websockets/cookies/third-party-cookie-accepted.https.html
new file mode 100644
index 0000000000..208d297016
--- /dev/null
+++ b/testing/web-platform/tests/websockets/cookies/third-party-cookie-accepted.https.html
@@ -0,0 +1,25 @@
+<!DOCTYPE html>
+<meta charset="utf-8"/>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="support/websocket-cookies-helper.sub.js"></script>
+<script>
+promise_test(() => {
+ var value = '' + Math.random();
+ var origin = WSS_CROSS_SITE_ORIGIN;
+ return setSameSiteCookies(origin, value).then(
+ () => { return connectAndGetRequestCookiesFrom(origin); }
+ ).then(
+ cookies => {
+ assert_not_equals(cookies, '(none)', 'request should contain cookies.');
+ // SameSite cookies are blocked.
+ assertCookie(cookies, 'samesite-unspecified', value, false /* present */);
+ assertCookie(cookies, 'samesite-lax', value, false /* present */);
+ assertCookie(cookies, 'samesite-strict', value, false /* present */);
+ // SameSite=None third-party cookie is not blocked.
+ assertCookie(cookies, 'samesite-none', value, true /* present */);
+ return clearSameSiteCookies(origin);
+ }
+ );
+}, 'Test that third-party cookies are accepted for WebSockets.');
+</script>