forked from chromium/chromium
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Reland "Origin policy: implement window.originPolicyIds"
This plumbs the origin policy IDs from the net-side OriginPolicyContents through to the renderer, where they get exposed on Window. This does not yet tackle WorkerGlobalScope, but it does add idlharness tests for it, which fail for now. This is a re-land of https://chromium-review.googlesource.com/c/chromium/src/+/2089994 which was reverted in https://chromium-review.googlesource.com/c/chromium/src/+/2093453. The re-land adds MSAN test expectations per https://crbug.com/856601. Bug: 1057123 Change-Id: I30053986f3dfc634399c8e0f3fc1578e062c67f0 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2095706 Auto-Submit: Domenic Denicola <domenic@chromium.org> Commit-Queue: Kinuko Yasuda <kinuko@chromium.org> Reviewed-by: Kinuko Yasuda <kinuko@chromium.org> Cr-Commit-Position: refs/heads/master@{#748551}
- Loading branch information
Showing
29 changed files
with
349 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
17 changes: 17 additions & 0 deletions
17
third_party/blink/web_tests/external/wpt/origin-policy/idlharness.any.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
// META: global=window,worker | ||
// META: script=/resources/WebIDLParser.js | ||
// META: script=/resources/idlharness.js | ||
|
||
'use strict'; | ||
|
||
idl_test( | ||
['origin-policy'], | ||
['html', 'dom'], | ||
idl_array => { | ||
if (self.Window) { | ||
idl_array.add_objects({ Window: ['self'] }); | ||
} else { | ||
idl_array.add_objects({ WorkerGlobalScope: ['self'] }); | ||
} | ||
} | ||
); |
17 changes: 17 additions & 0 deletions
17
..._party/blink/web_tests/external/wpt/origin-policy/ids/empty-ids-after-nonempty.https.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
<!DOCTYPE HTML> | ||
<meta charset="utf-8"> | ||
<title>Origin policy with empty-array "ids" member that occurs after a non-empty "ids" member must be ignored</title> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
<script src="../resources/origin-policy-test-runner.js"></script> | ||
|
||
<div id="log"></div> | ||
|
||
<script> | ||
"use strict"; | ||
runTestsInSubframe({ | ||
hostname: "op13", | ||
testJS: "../content-security/resources/allow-unsafe-eval.mjs", | ||
expectedIds: [] | ||
}); | ||
</script> |
17 changes: 17 additions & 0 deletions
17
third_party/blink/web_tests/external/wpt/origin-policy/ids/empty-ids.https.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
<!DOCTYPE HTML> | ||
<meta charset="utf-8"> | ||
<title>Origin policy with empty-array "ids" member must be ignored</title> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
<script src="../resources/origin-policy-test-runner.js"></script> | ||
|
||
<div id="log"></div> | ||
|
||
<script> | ||
"use strict"; | ||
runTestsInSubframe({ | ||
hostname: "op12", | ||
testJS: "../content-security/resources/allow-unsafe-eval.mjs", | ||
expectedIds: [] | ||
}); | ||
</script> |
25 changes: 25 additions & 0 deletions
25
third_party/blink/web_tests/external/wpt/origin-policy/ids/mix-of-ids.https.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
<!DOCTYPE HTML> | ||
<meta charset="utf-8"> | ||
<title>Origin policy must include valid IDs and exclude non-strings and invalid strings</title> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
<script src="../resources/origin-policy-test-runner.js"></script> | ||
|
||
<div id="log"></div> | ||
|
||
<script> | ||
"use strict"; | ||
runTestsInSubframe({ | ||
hostname: "op15", | ||
testJS: "../content-security/resources/disallow-unsafe-eval-disallow-images.mjs", | ||
expectedIds: [ | ||
"my-policy-1", | ||
"my-policy-2", | ||
"~", | ||
" ", | ||
"!\"#$%&'()*+,-./:;<=>?@{|}~", | ||
"azAZ", | ||
"my~policy" | ||
] | ||
}); | ||
</script> |
17 changes: 17 additions & 0 deletions
17
third_party/blink/web_tests/external/wpt/origin-policy/ids/no-ids.https.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
<!DOCTYPE HTML> | ||
<meta charset="utf-8"> | ||
<title>Origin policy with no "ids" member must be ignored</title> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
<script src="../resources/origin-policy-test-runner.js"></script> | ||
|
||
<div id="log"></div> | ||
|
||
<script> | ||
"use strict"; | ||
runTestsInSubframe({ | ||
hostname: "op11", | ||
testJS: "../content-security/resources/allow-unsafe-eval.mjs", | ||
expectedIds: [] | ||
}); | ||
</script> |
17 changes: 17 additions & 0 deletions
17
third_party/blink/web_tests/external/wpt/origin-policy/ids/non-array-id.https.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
<!DOCTYPE HTML> | ||
<meta charset="utf-8"> | ||
<title>Origin policy a non-array "ids" member must be ignored</title> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
<script src="../resources/origin-policy-test-runner.js"></script> | ||
|
||
<div id="log"></div> | ||
|
||
<script> | ||
"use strict"; | ||
runTestsInSubframe({ | ||
hostname: "op14", | ||
testJS: "../content-security/resources/allow-unsafe-eval.mjs", | ||
expectedIds: [] | ||
}); | ||
</script> |
14 changes: 14 additions & 0 deletions
14
third_party/blink/web_tests/external/wpt/origin-policy/ids/same-object-returned.https.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
<!DOCTYPE HTML> | ||
<meta charset="utf-8"> | ||
<title>originPolicyIds must return the same object each time</title> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
|
||
<script> | ||
"use strict"; | ||
test(() => { | ||
// Failing this test is a common failure mode for FrozenArray attributes, | ||
// so let's be sure implementations get it right. | ||
assert_equals(window.originPolicyIds, window.originPolicyIds); | ||
}); | ||
</script> |
16 changes: 16 additions & 0 deletions
16
third_party/blink/web_tests/external/wpt/origin-policy/ids/still-present-in-http.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
<!DOCTYPE HTML> | ||
<meta charset="utf-8"> | ||
<title>originPolicyIds must return an empty array in http: pages</title> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
|
||
<script> | ||
"use strict"; | ||
test(() => { | ||
assert_equals(location.protocol, "http:"); | ||
}, "Prerequisite check: running on HTTP, not HTTPS"); | ||
|
||
test(() => { | ||
assert_array_equals(window.originPolicyIds, []); | ||
}, "The attribute is still present and returns an empty frozen array"); | ||
</script> |
20 changes: 20 additions & 0 deletions
20
third_party/blink/web_tests/external/wpt/origin-policy/ids/two-ids.https.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
<!DOCTYPE HTML> | ||
<meta charset="utf-8"> | ||
<title>Origin policy second "ids" member must take precedence</title> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
<script src="../resources/origin-policy-test-runner.js"></script> | ||
|
||
<div id="log"></div> | ||
|
||
<script> | ||
"use strict"; | ||
runTestsInSubframe({ | ||
hostname: "op16", | ||
testJS: "../content-security/resources/disallow-unsafe-eval-disallow-images.mjs", | ||
expectedIds: [ | ||
"3", | ||
"4" | ||
] | ||
}); | ||
</script> |
7 changes: 7 additions & 0 deletions
7
third_party/blink/web_tests/external/wpt/origin-policy/policies/op11 no-ids.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
{ | ||
"content_security": { | ||
"policies": [ | ||
"script-src 'self' 'unsafe-inline'" | ||
] | ||
} | ||
} |
8 changes: 8 additions & 0 deletions
8
third_party/blink/web_tests/external/wpt/origin-policy/policies/op12 empty-ids.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
{ | ||
"ids": [], | ||
"content_security": { | ||
"policies": [ | ||
"script-src 'self' 'unsafe-inline'" | ||
] | ||
} | ||
} |
11 changes: 11 additions & 0 deletions
11
...ty/blink/web_tests/external/wpt/origin-policy/policies/op13 empty-ids-after-nonempty.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
{ | ||
"ids": [ | ||
"this should be overwritten by the subsequent one" | ||
], | ||
"ids": [], | ||
"content_security": { | ||
"policies": [ | ||
"script-src 'self' 'unsafe-inline'" | ||
] | ||
} | ||
} |
8 changes: 8 additions & 0 deletions
8
third_party/blink/web_tests/external/wpt/origin-policy/policies/op14 non-array-id.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
{ | ||
"ids": "this is not an array", | ||
"content_security": { | ||
"policies": [ | ||
"script-src 'self' 'unsafe-inline'" | ||
] | ||
} | ||
} |
28 changes: 28 additions & 0 deletions
28
third_party/blink/web_tests/external/wpt/origin-policy/policies/op15 mix-of-ids.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
{ | ||
"ids": [ | ||
"my-policy-1", | ||
["my-policy-array"], | ||
5, | ||
null, | ||
{ "id": "my-policy-object" }, | ||
"my-policy-2", | ||
true, | ||
"~", | ||
" ", | ||
"\u0000", | ||
"\t", | ||
"my\tpolicy", | ||
"!\"#$%&'()*+,-./:;<=>?@{|}~", | ||
"my\u007Fpolicy", | ||
"azAZ", | ||
"my\u0080policy", | ||
"my~policy", | ||
"my\u1234policy" | ||
], | ||
"content_security": { | ||
"policies": [ | ||
"script-src 'self' 'unsafe-inline'", | ||
"img-src 'none'" | ||
] | ||
} | ||
} |
16 changes: 16 additions & 0 deletions
16
third_party/blink/web_tests/external/wpt/origin-policy/policies/op16 two-ids.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
{ | ||
"ids": [ | ||
"1", | ||
"2" | ||
], | ||
"ids": [ | ||
"3", | ||
"4" | ||
], | ||
"content_security": { | ||
"policies": [ | ||
"script-src 'self' 'unsafe-inline'", | ||
"img-src 'none'" | ||
] | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.