From 7f71421e614c3ade38f19ef4036fac563a84ca96 Mon Sep 17 00:00:00 2001 From: Uzlopak <5059100+Uzlopak@users.noreply.github.com> Date: Fri, 15 Aug 2025 00:21:44 +0000 Subject: [PATCH] chore: update WPT --- test/fixtures/wpt/common/get-host-info.sub.js | 2 + .../fixtures/wpt/eventsource/WEB_FEATURES.yml | 3 + ...versized-payload.tentative.https.window.js | 4 +- .../max-payload.tentative.https.window.js | 19 +- ...versized-payload.tentative.https.window.js | 20 +- .../fetch-later/resources/fetch-later.html | 6 - .../wpt/fetch/local-network-access/README.md | 4 +- .../iframe.tentative.https.window.js | 199 ++++++++++++++++++ .../navigate.tentative.https.window.js | 151 +++++++++++++ .../navigate.tentative.window.js | 154 ++++++++++++++ .../resources/iframer.html | 35 +++ .../resources/navigate.html | 9 + .../resources/openee.html | 7 + .../resources/support.sub.js | 65 ++++++ .../{cookie-store.idl => cookiestore.idl} | 2 +- .../wpt/interfaces/origin.tentative.idl | 16 ++ test/fixtures/wpt/resources/testharness.js | 191 ++++++++++++++++- ...ket-quota-indexeddb.tentative.https.any.js | 8 +- ...e-details-indexeddb.https.tentative.any.js | 2 +- ...ge-details-caches.tentative.https.sub.html | 74 ++++++- ...details-indexeddb.tentative.https.sub.html | 73 ++++++- ...s-service-workers.tentative.https.sub.html | 74 +++++++ ...ate-usage-details-caches-helper-frame.html | 25 ++- ...-usage-details-indexeddb-helper-frame.html | 23 ++ ...-details-service-workers-helper-frame.html | 23 ++ test/fixtures/wpt/websockets/WEB_FEATURES.yml | 3 + test/fixtures/wpt/xhr/WEB_FEATURES.yml | 3 + 27 files changed, 1151 insertions(+), 44 deletions(-) create mode 100644 test/fixtures/wpt/eventsource/WEB_FEATURES.yml create mode 100644 test/fixtures/wpt/fetch/local-network-access/iframe.tentative.https.window.js create mode 100644 test/fixtures/wpt/fetch/local-network-access/navigate.tentative.https.window.js create mode 100644 test/fixtures/wpt/fetch/local-network-access/navigate.tentative.window.js create mode 100644 test/fixtures/wpt/fetch/local-network-access/resources/iframer.html create mode 100644 test/fixtures/wpt/fetch/local-network-access/resources/navigate.html create mode 100644 test/fixtures/wpt/fetch/local-network-access/resources/openee.html rename test/fixtures/wpt/interfaces/{cookie-store.idl => cookiestore.idl} (97%) create mode 100644 test/fixtures/wpt/interfaces/origin.tentative.idl create mode 100644 test/fixtures/wpt/websockets/WEB_FEATURES.yml create mode 100644 test/fixtures/wpt/xhr/WEB_FEATURES.yml diff --git a/test/fixtures/wpt/common/get-host-info.sub.js b/test/fixtures/wpt/common/get-host-info.sub.js index f680cd8b199..42369c7370b 100644 --- a/test/fixtures/wpt/common/get-host-info.sub.js +++ b/test/fixtures/wpt/common/get-host-info.sub.js @@ -20,6 +20,7 @@ function get_host_info() { var REMOTE_HOST = (ORIGINAL_HOST === 'localhost') ? '127.0.0.1' : ('www1.' + ORIGINAL_HOST); var OTHER_HOST = '{{domains[www2]}}'; var NOTSAMESITE_HOST = (ORIGINAL_HOST === 'localhost') ? '127.0.0.1' : ('{{hosts[alt][]}}'); + var OTHER_NOTSAMESITE_HOST = '{{hosts[alt][www2]}}'; return { HTTP_PORT: HTTP_PORT, @@ -45,6 +46,7 @@ function get_host_info() { HTTPS_REMOTE_ORIGIN: 'https://' + REMOTE_HOST + HTTPS_PORT_ELIDED, HTTPS_REMOTE_ORIGIN_WITH_CREDS: 'https://foo:bar@' + REMOTE_HOST + HTTPS_PORT_ELIDED, HTTPS_NOTSAMESITE_ORIGIN: 'https://' + NOTSAMESITE_HOST + HTTPS_PORT_ELIDED, + HTTPS_OTHER_NOTSAMESITE_ORIGIN: 'https://' + OTHER_NOTSAMESITE_HOST + HTTPS_PORT_ELIDED, UNAUTHENTICATED_ORIGIN: 'http://' + OTHER_HOST + HTTP_PORT_ELIDED, AUTHENTICATED_ORIGIN: 'https://' + OTHER_HOST + HTTPS_PORT_ELIDED }; diff --git a/test/fixtures/wpt/eventsource/WEB_FEATURES.yml b/test/fixtures/wpt/eventsource/WEB_FEATURES.yml new file mode 100644 index 00000000000..3c883f82f76 --- /dev/null +++ b/test/fixtures/wpt/eventsource/WEB_FEATURES.yml @@ -0,0 +1,3 @@ +features: +- name: server-sent-events + files: "**" diff --git a/test/fixtures/wpt/fetch/fetch-later/quota/accumulated-oversized-payload.tentative.https.window.js b/test/fixtures/wpt/fetch/fetch-later/quota/accumulated-oversized-payload.tentative.https.window.js index 6439b392e2a..143546ff723 100644 --- a/test/fixtures/wpt/fetch/fetch-later/quota/accumulated-oversized-payload.tentative.https.window.js +++ b/test/fixtures/wpt/fetch/fetch-later/quota/accumulated-oversized-payload.tentative.https.window.js @@ -37,7 +37,7 @@ test( // Makes the 2nd call (POST) to the same reporting origin that sends // max bytes, which should be rejected. - assert_throws_dom('QuotaExceededError', () => { + assert_throws_quotaexceedederror(() => { fetchLater(requestUrl, { method: 'POST', signal: controller.signal, @@ -45,7 +45,7 @@ test( // Required, as the size of referrer also take up quota. referrer: '', }); - }); + }, null, null); // Makes the 3rd call (GET) to the same reporting origin, where its // request size is len(requestUrl) + headers, which should be accepted. diff --git a/test/fixtures/wpt/fetch/fetch-later/quota/max-payload.tentative.https.window.js b/test/fixtures/wpt/fetch/fetch-later/quota/max-payload.tentative.https.window.js index 8457060797a..aa797f13557 100644 --- a/test/fixtures/wpt/fetch/fetch-later/quota/max-payload.tentative.https.window.js +++ b/test/fixtures/wpt/fetch/fetch-later/quota/max-payload.tentative.https.window.js @@ -36,13 +36,14 @@ promise_test(async _ => { test(_ => { const uuid = token(); const requestUrl = generateSetBeaconURL(uuid, {host: HTTPS_ORIGIN}); - assert_throws_dom( - 'QuotaExceededError', - () => fetchLater(requestUrl, { - activateAfter: 0, - method: 'POST', - body: generatePayload( - getRemainingQuota(QUOTA_PER_ORIGIN, requestUrl, headers) + 1, - dataType), - })); + + assert_throws_quotaexceedederror(() => { + fetchLater(requestUrl, { + activateAfter: 0, + method: 'POST', + body: generatePayload( + getRemainingQuota(QUOTA_PER_ORIGIN, requestUrl, headers) + 1, + dataType), + }); + }, null, null); }, `fetchLater() rejects max+1 payload in a POST request body of ${dataType}.`); diff --git a/test/fixtures/wpt/fetch/fetch-later/quota/oversized-payload.tentative.https.window.js b/test/fixtures/wpt/fetch/fetch-later/quota/oversized-payload.tentative.https.window.js index 0036d040d8e..740f17ea24a 100644 --- a/test/fixtures/wpt/fetch/fetch-later/quota/oversized-payload.tentative.https.window.js +++ b/test/fixtures/wpt/fetch/fetch-later/quota/oversized-payload.tentative.https.window.js @@ -9,16 +9,16 @@ const OVERSIZED_REQUEST_BODY_SIZE = QUOTA_PER_ORIGIN + 1; for (const dataType in BeaconDataType) { // Test making a POST request with oversized payload, which should be rejected // by fetchLater API. - test( - () => assert_throws_dom( - 'QuotaExceededError', - () => fetchLater('/', { - activateAfter: 0, - method: 'POST', - body: makeBeaconData( - generatePayload(OVERSIZED_REQUEST_BODY_SIZE), dataType), - })), - `fetchLater() does not accept payload[size=${ + test(() => { + assert_throws_quotaexceedederror(() => { + fetchLater('/', { + activateAfter: 0, + method: 'POST', + body: makeBeaconData( + generatePayload(OVERSIZED_REQUEST_BODY_SIZE), dataType), + }); + }, null, null); + }, `fetchLater() does not accept payload[size=${ OVERSIZED_REQUEST_BODY_SIZE}] exceeding per-origin quota in a POST request body of ${ dataType}.`); } diff --git a/test/fixtures/wpt/fetch/fetch-later/resources/fetch-later.html b/test/fixtures/wpt/fetch/fetch-later/resources/fetch-later.html index 955f815d940..b295be116c7 100644 --- a/test/fixtures/wpt/fetch/fetch-later/resources/fetch-later.html +++ b/test/fixtures/wpt/fetch/fetch-later/resources/fetch-later.html @@ -30,12 +30,6 @@ fetchLater(TARGET_URL, REQUEST_INIT); postMessageBack({type: FetchLaterIframeMessageType.DONE}); } catch (e) { - if (e.name == "QuotaExceededError" && - e instanceof DOMException) { - // PostMessage is unable to serialize the QuotExceededError object. - // Therefore do basic checks here and pass error name if successful. - e = {name: e.name}; - } postMessageBack({type: FetchLaterIframeMessageType.ERROR, error: e}); } diff --git a/test/fixtures/wpt/fetch/local-network-access/README.md b/test/fixtures/wpt/fetch/local-network-access/README.md index 95066cdcd0b..d4945a0bfb2 100644 --- a/test/fixtures/wpt/fetch/local-network-access/README.md +++ b/test/fixtures/wpt/fetch/local-network-access/README.md @@ -5,7 +5,7 @@ the Fetch specification. See also: -* [Explainer](https://github.com/explainers-by-googlers/local-network-access) +* [Spec](https://wicg.github.io/local-network-access/) Local Network Access replaced [Private Network -Access](https://wicg.github.io/local-network-access/). +Access](https://wicg.github.io/private-network-access/). diff --git a/test/fixtures/wpt/fetch/local-network-access/iframe.tentative.https.window.js b/test/fixtures/wpt/fetch/local-network-access/iframe.tentative.https.window.js new file mode 100644 index 00000000000..d2b532aeae4 --- /dev/null +++ b/test/fixtures/wpt/fetch/local-network-access/iframe.tentative.https.window.js @@ -0,0 +1,199 @@ +// META: script=/common/subset-tests-by-key.js +// META: script=/common/dispatcher/dispatcher.js +// META: script=/common/utils.js +// META: script=/resources/testdriver.js +// META: script=/resources/testdriver-vendor.js +// META: script=resources/support.sub.js +// META: timeout=long +// META: variant=?include=from-loopback +// META: variant=?include=from-local +// META: variant=?include=from-public +// META: variant=?include=from-treat-as-public +// +// Spec: https://wicg.github.io/local-network-access/#integration-fetch +// +// These tests verify that secure contexts can navigate iframes to less-public +// address spaces iff the initiating document has been granted the LNA +// permission. +// +// This file covers only those tests that must execute in a secure context. + +setup(() => { + assert_true(window.isSecureContext); +}); + +// Source: secure loopback context. +// +// All iframe navigations unaffected by Local Network Access. + +subsetTestByKey( + 'from-loopback', promise_test, t => iframeTest(t, { + source: Server.HTTP_LOOPBACK, + target: Server.HTTPS_LOOPBACK, + expected: NavigationTestResult.SUCCESS, + }), + 'loopback to loopback: no permission required.'); + +subsetTestByKey( + 'from-loopback', promise_test, t => iframeTest(t, { + source: Server.HTTP_LOOPBACK, + target: Server.HTTPS_LOCAL, + expected: NavigationTestResult.SUCCESS, + }), + 'loopback to local: no permission required.'); + +subsetTestByKey( + 'from-loopback', promise_test, t => iframeTest(t, { + source: Server.HTTP_LOOPBACK, + target: Server.HTTPS_PUBLIC, + expected: NavigationTestResult.SUCCESS, + }), + 'loopback to public: no permission required.'); + +// Source: local secure context. +// +// All iframe navigations unaffected by Local Network Access. + +// Requests from the `local` address space to the `loopback` address space +// are not yet restricted by LNA. +subsetTestByKey( + 'from-local', promise_test, t => iframeTest(t, { + source: Server.HTTP_LOCAL, + target: Server.HTTPS_LOOPBACK, + expected: NavigationTestResult.SUCCESS, + }), + 'local to loopback: no permission required.'); + +subsetTestByKey( + 'from-local', promise_test, t => iframeTest(t, { + source: Server.HTTP_LOCAL, + target: Server.HTTPS_LOCAL, + expected: NavigationTestResult.SUCCESS, + }), + 'local to local: no permission required.'); + +subsetTestByKey( + 'from-local', promise_test, t => iframeTest(t, { + source: Server.HTTP_LOCAL, + target: Server.HTTPS_PUBLIC, + expected: NavigationTestResult.SUCCESS, + }), + 'local to public: no permission required.'); + + +// Generates tests of permission behavior for a single (source, target) pair. +// +// Scenarios: +// +// - parent (source) navigates child (target): +// - parent has been denied the LNA permission (failure) +// - parent has been granted the LNA permission (success) +// +function makePermissionTests({ + key, + sourceName, + sourceServer, + sourceTreatAsPublic, + targetName, + targetServer, +}) { + const prefix = `${sourceName} to ${targetName}: `; + + const source = { + server: sourceServer, + treatAsPublic: sourceTreatAsPublic, + }; + + promise_test( + t => iframeTest(t, { + source, + target: { + server: targetServer, + }, + expected: NavigationTestResult.FAILURE, + permission: 'denied', + }), + prefix + 'permission denied.'); + + promise_test( + t => iframeTest(t, { + source, + target: { + server: targetServer, + }, + expected: NavigationTestResult.SUCCESS, + permission: 'granted', + }), + prefix + 'success.'); +} + + +// Source: public secure context. +// +// iframe navigations to the loopback and local address spaces require the LNA +// permission. + +subsetTestByKey('from-public', makePermissionTests, { + sourceServer: Server.HTTPS_PUBLIC, + sourceName: 'public', + targetServer: Server.HTTPS_LOOPBACK, + targetName: 'loopback', +}); + +subsetTestByKey('from-public', makePermissionTests, { + sourceServer: Server.HTTPS_PUBLIC, + sourceName: 'public', + targetServer: Server.HTTPS_LOCAL, + targetName: 'local', +}); + +subsetTestByKey( + 'from-public', promise_test, t => iframeTest(t, { + source: Server.HTTPS_PUBLIC, + target: Server.HTTPS_PUBLIC, + expected: NavigationTestResult.SUCCESS, + }), + 'public to public: no permission required.'); + +// The following tests verify that `CSP: treat-as-public-address` makes +// documents behave as if they had been served from a public IP address. + +subsetTestByKey('from-treat-as-public', makePermissionTests, { + sourceServer: Server.HTTPS_LOOPBACK, + sourceTreatAsPublic: true, + sourceName: 'treat-as-public-address', + targetServer: Server.OTHER_HTTPS_LOOPBACK, + targetName: 'loopback', +}); + +subsetTestByKey( + 'from-treat-as-public', promise_test, + t => iframeTest(t, { + source: { + server: Server.HTTPS_LOOPBACK, + treatAsPublic: true, + }, + target: Server.HTTPS_LOOPBACK, + expected: NavigationTestResult.SUCCESS, + }), + 'treat-as-public-address to local (same-origin): no permission required.'); + +subsetTestByKey('from-treat-as-public', makePermissionTests, { + sourceServer: Server.HTTPS_LOOPBACK, + sourceTreatAsPublic: true, + sourceName: 'treat-as-public-address', + targetServer: Server.HTTPS_LOCAL, + targetName: 'local', +}); + +subsetTestByKey( + 'from-treat-as-public', promise_test, + t => iframeTest(t, { + source: { + server: Server.HTTPS_LOOPBACK, + treatAsPublic: true, + }, + target: Server.HTTPS_PUBLIC, + expected: NavigationTestResult.SUCCESS, + }), + 'treat-as-public-address to public: no permission required.'); diff --git a/test/fixtures/wpt/fetch/local-network-access/navigate.tentative.https.window.js b/test/fixtures/wpt/fetch/local-network-access/navigate.tentative.https.window.js new file mode 100644 index 00000000000..abdefb8cd7c --- /dev/null +++ b/test/fixtures/wpt/fetch/local-network-access/navigate.tentative.https.window.js @@ -0,0 +1,151 @@ +// META: script=/common/subset-tests-by-key.js +// META: script=/common/dispatcher/dispatcher.js +// META: script=/common/utils.js +// META: script=resources/support.sub.js +// META: timeout=long +// META: variant=?include=from-loopback +// META: variant=?include=from-local +// META: variant=?include=from-public +// META: variant=?include=from-treat-as-public +// +// These tests verify that secure contexts can make top-level navigations +// to less-public address spaces. These are not restricted under LNA. + +setup(() => { + assert_true(window.isSecureContext); +}); + +// Source: secure loopback context. +// +// All top-level navigations unaffected by Local Network Access. + +subsetTestByKey( + 'from-loopback', promise_test, t => navigateTest(t, { + source: Server.HTTPS_LOOPBACK, + target: Server.HTTPS_LOOPBACK, + expected: NavigationTestResult.SUCCESS, + }), + 'loopback to loopback: no permission required.'); + +subsetTestByKey( + 'from-loopback', promise_test, t => navigateTest(t, { + source: Server.HTTPS_LOOPBACK, + target: Server.HTTPS_LOCAL, + expected: NavigationTestResult.SUCCESS, + }), + 'loopback to local: no permission required.'); + +subsetTestByKey( + 'from-loopback', promise_test, t => navigateTest(t, { + source: Server.HTTPS_LOOPBACK, + target: Server.HTTPS_PUBLIC, + expected: NavigationTestResult.SUCCESS, + }), + 'loopback to public: no preflight required.'); + +// Source: secure local context. +// +// All top-level navigations unaffected by Local Network Access. + +subsetTestByKey( + 'from-local', promise_test, t => navigateTest(t, { + source: Server.HTTPS_LOCAL, + target: Server.HTTPS_LOOPBACK, + expected: NavigationTestResult.SUCCESS, + }), + 'local to loopback: no permission required.'); + +subsetTestByKey( + 'from-local', promise_test, t => navigateTest(t, { + source: Server.HTTPS_LOCAL, + target: Server.HTTPS_LOCAL, + expected: NavigationTestResult.SUCCESS, + }), + 'local to local: no permission required.'); + +subsetTestByKey( + 'from-local', promise_test, t => navigateTest(t, { + source: Server.HTTPS_LOCAL, + target: Server.HTTPS_PUBLIC, + expected: NavigationTestResult.SUCCESS, + }), + 'local to public: no permission required.'); + +// Source: secure public context. +// +// All top-level navigations unaffected by Local Network Access + +subsetTestByKey( + 'from-public', promise_test, t => navigateTest(t, { + source: Server.HTTPS_PUBLIC, + target: Server.HTTPS_LOOPBACK, + expected: NavigationTestResult.SUCCESS, + }), + 'public to loopback: no permission required.'); + +subsetTestByKey( + 'from-public', promise_test, t => navigateTest(t, { + source: Server.HTTPS_PUBLIC, + target: Server.HTTPS_LOCAL, + expected: NavigationTestResult.SUCCESS, + }), + 'public to local: no permission required.'); + +subsetTestByKey( + 'from-public', promise_test, t => navigateTest(t, { + source: Server.HTTPS_PUBLIC, + target: Server.HTTPS_PUBLIC, + expected: NavigationTestResult.SUCCESS, + }), + 'public to public: no permission required.'); + +// The following tests verify that `CSP: treat-as-public-address` makes +// documents behave as if they had been served from a public IP address. + +subsetTestByKey( + 'from-treat-as-public', promise_test, + t => navigateTest(t, { + source: { + server: Server.HTTPS_LOOPBACK, + treatAsPublic: true, + }, + target: Server.OTHER_HTTPS_LOOPBACK, + expected: NavigationTestResult.SUCCESS, + }), + 'treat-as-public-address to loopback: no permission required.'); + +subsetTestByKey( + 'from-treat-as-public', promise_test, + t => navigateTest(t, { + source: { + server: Server.HTTPS_LOOPBACK, + treatAsPublic: true, + }, + target: Server.HTTPS_LOOPBACK, + expected: NavigationTestResult.SUCCESS, + }), + 'treat-as-public-address to loopback (same-origin): no permission required.'); + +subsetTestByKey( + 'from-treat-as-public', promise_test, + t => navigateTest(t, { + source: { + server: Server.HTTPS_LOOPBACK, + treatAsPublic: true, + }, + target: Server.HTTPS_LOCAL, + expected: NavigationTestResult.SUCCESS, + }), + 'treat-as-public-address to local: no permission required.'); + +subsetTestByKey( + 'from-treat-as-public', promise_test, + t => navigateTest(t, { + source: { + server: Server.HTTPS_LOOPBACK, + treatAsPublic: true, + }, + target: Server.HTTPS_PUBLIC, + expected: NavigationTestResult.SUCCESS, + }), + 'treat-as-public-address to public: no permission required.'); diff --git a/test/fixtures/wpt/fetch/local-network-access/navigate.tentative.window.js b/test/fixtures/wpt/fetch/local-network-access/navigate.tentative.window.js new file mode 100644 index 00000000000..4186bad5899 --- /dev/null +++ b/test/fixtures/wpt/fetch/local-network-access/navigate.tentative.window.js @@ -0,0 +1,154 @@ +// META: script=/common/subset-tests-by-key.js +// META: script=/common/dispatcher/dispatcher.js +// META: script=/common/utils.js +// META: script=resources/support.sub.js +// META: timeout=long +// META: variant=?include=from-loopback +// META: variant=?include=from-local +// META: variant=?include=from-public +// META: variant=?include=from-treat-as-public +// +// These tests verify that nonsecure contexts can make top-level navigations +// to less-public address spaces. These are not restricted under LNA. +// +// This file covers only those tests that must execute in a non secure context. +// Other tests are defined in: navigate.tentative.https.window.js + +setup(() => { + assert_false(window.isSecureContext); +}); + +// Source: nonsecure loopback context. +// +// All top-level navigations unaffected by Local Network Access. + +subsetTestByKey( + 'from-loopback', promise_test, t => navigateTest(t, { + source: Server.HTTP_LOOPBACK, + target: Server.HTTP_LOOPBACK, + expected: NavigationTestResult.SUCCESS, + }), + 'loopback to loopback: no permission required.'); + +subsetTestByKey( + 'from-loopback', promise_test, t => navigateTest(t, { + source: Server.HTTP_LOOPBACK, + target: Server.HTTP_LOCAL, + expected: NavigationTestResult.SUCCESS, + }), + 'loopback to local: no permission required.'); + +subsetTestByKey( + 'from-loopback', promise_test, t => navigateTest(t, { + source: Server.HTTP_LOOPBACK, + target: Server.HTTP_PUBLIC, + expected: NavigationTestResult.SUCCESS, + }), + 'loopback to public: no preflight required.'); + +// Source: secure local context. +// +// All top-level navigations unaffected by Local Network Access. + +subsetTestByKey( + 'from-local', promise_test, t => navigateTest(t, { + source: Server.HTTP_LOCAL, + target: Server.HTTP_LOOPBACK, + expected: NavigationTestResult.SUCCESS, + }), + 'local to loopback: no permission required.'); + +subsetTestByKey( + 'from-local', promise_test, t => navigateTest(t, { + source: Server.HTTP_LOCAL, + target: Server.HTTP_LOCAL, + expected: NavigationTestResult.SUCCESS, + }), + 'local to local: no permission required.'); + +subsetTestByKey( + 'from-local', promise_test, t => navigateTest(t, { + source: Server.HTTP_LOCAL, + target: Server.HTTP_PUBLIC, + expected: NavigationTestResult.SUCCESS, + }), + 'local to public: no permission required.'); + +// Source: secure public context. +// +// All top-level navigations unaffected by Local Network Access + +subsetTestByKey( + 'from-public', promise_test, t => navigateTest(t, { + source: Server.HTTP_PUBLIC, + target: Server.HTTP_LOOPBACK, + expected: NavigationTestResult.SUCCESS, + }), + 'public to loopback: no permission required.'); + +subsetTestByKey( + 'from-public', promise_test, t => navigateTest(t, { + source: Server.HTTP_PUBLIC, + target: Server.HTTP_LOCAL, + expected: NavigationTestResult.SUCCESS, + }), + 'public to local: no permission required.'); + +subsetTestByKey( + 'from-public', promise_test, t => navigateTest(t, { + source: Server.HTTP_PUBLIC, + target: Server.HTTP_PUBLIC, + expected: NavigationTestResult.SUCCESS, + }), + 'public to public: no permission required.'); + +// The following tests verify that `CSP: treat-as-public-address` makes +// documents behave as if they had been served from a public IP address. + +subsetTestByKey( + 'from-treat-as-public', promise_test, + t => navigateTest(t, { + source: { + server: Server.HTTP_LOOPBACK, + treatAsPublic: true, + }, + target: Server.OTHER_HTTP_LOOPBACK, + expected: NavigationTestResult.SUCCESS, + }), + 'treat-as-public-address to loopback: no permission required.'); + +subsetTestByKey( + 'from-treat-as-public', promise_test, + t => navigateTest(t, { + source: { + server: Server.HTTP_LOOPBACK, + treatAsPublic: true, + }, + target: Server.HTTP_LOOPBACK, + expected: NavigationTestResult.SUCCESS, + }), + 'treat-as-public-address to loopback (same-origin): no permission required.'); + +subsetTestByKey( + 'from-treat-as-public', promise_test, + t => navigateTest(t, { + source: { + server: Server.HTTP_LOOPBACK, + treatAsPublic: true, + }, + target: Server.HTTP_LOCAL, + expected: NavigationTestResult.SUCCESS, + }), + 'treat-as-public-address to local: no permission required.'); + +subsetTestByKey( + 'from-treat-as-public', promise_test, + t => navigateTest(t, { + source: { + server: Server.HTTP_LOOPBACK, + treatAsPublic: true, + }, + target: Server.HTTP_PUBLIC, + expected: NavigationTestResult.SUCCESS, + }), + 'treat-as-public-address to public: no permission required.'); diff --git a/test/fixtures/wpt/fetch/local-network-access/resources/iframer.html b/test/fixtures/wpt/fetch/local-network-access/resources/iframer.html new file mode 100644 index 00000000000..ede09bc6b0a --- /dev/null +++ b/test/fixtures/wpt/fetch/local-network-access/resources/iframer.html @@ -0,0 +1,35 @@ + + +