-
Notifications
You must be signed in to change notification settings - Fork 3.1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[ResourceTiming] Update TAO-crossorigin-port.sub.html with new style (#…
…28936) This change rewrites (and renames) the above test to conform to the new style we're introducing to Resource Timing Web Platform Tests. See wpt/resource-timing/CodingingConventions.md for what the new style prescribes. Bug: 1171767 Change-Id: I84df93ab1165ab1e315dc406144791be3b1a5b28 GithubIssue: w3c/resource-timing#254 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2881945 Reviewed-by: Yoav Weiss <[email protected]> Commit-Queue: Tom McKee <[email protected]> Cr-Commit-Position: refs/heads/master@{#883661} Co-authored-by: Tom McKee <[email protected]>
- Loading branch information
1 parent
1942e78
commit 0c65de8
Showing
4 changed files
with
75 additions
and
25 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
<!DOCTYPE html> | ||
<html> | ||
<head> | ||
<meta charset="utf-8" /> | ||
<title>TAO - port mismatch must fail the check</title> | ||
<link rel="author" title="Google" href="http://www.google.com/" /> | ||
<link rel="help" href="https://www.w3.org/TR/resource-timing-2/#sec-timing-allow-origin"/> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
<script src="/common/get-host-info.sub.js"></script> | ||
<script src="resources/entry-invariants.js"></script> | ||
<script> | ||
|
||
const {ORIGINAL_HOST, PORT, PORT2} = get_host_info(); | ||
|
||
// The main page is being requested on the default port (PORT), while the | ||
// subresource will be requested on a separate port (PORT2). The response will | ||
// have a Timing-Allow-Origin header value with the second port so this page's | ||
// origin should not be a match. | ||
const port_mismatch_url = `${location.protocol}//${ORIGINAL_HOST}:${PORT2}` + | ||
`/resource-timing/resources/TAOResponse.py?` + | ||
`tao=origin_port_${PORT2}`; | ||
attribute_test( | ||
fetch, port_mismatch_url, invariants.assert_tao_failure_resource, | ||
"A port mismatch must fail the TAO check"); | ||
|
||
// The same URL as above except the Timing-Allow-Origin header will have the | ||
// same port as this page's origin. Therefore, this page's origin will match | ||
// the Timing-Allow-Origin header's value. Therefore, the subresource's timings | ||
// must be exposed. | ||
const port_match_url = `${location.protocol}//${ORIGINAL_HOST}:${PORT2}` + | ||
`/resource-timing/resources/TAOResponse.py?` + | ||
`tao=origin_port_${PORT}`; | ||
attribute_test( | ||
fetch, port_match_url, invariants.assert_tao_pass_no_redirect, | ||
"An identical port must pass the TAO check"); | ||
|
||
</script> | ||
</head> | ||
<body> | ||
<h1>Description</h1> | ||
<p>This test validates that for a cross origin resource with different ports, | ||
the timing allow check algorithm will fail when the value of | ||
Timing-Allow-Origin value has the right host but the wrong port in it.</p> | ||
</body> | ||
</html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters