-
Notifications
You must be signed in to change notification settings - Fork 3.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add tests for 'cross-origin-isolated' permission #24600
Add tests for 'cross-origin-isolated' permission #24600
Conversation
These are tests for whatwg/html#5435. @domenic @annevk what do you think about them? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM with nit.
At some point you'll want tests similar to those in https://github.com/web-platform-tests/wpt/tree/master/origin-isolation to test whether crossOriginIsolated
actually prevents WebAssembly.Module sharing and document.domain
setting, but that can be done separately.
html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html
Show resolved
Hide resolved
No existing tests are impacted by this change? I would have expected we'd have at least one test where we assert |
Currently I see 5 tests. https://github.com/web-platform-tests/wpt/search?q=crossOriginIsolated&unscoped_q=crossOriginIsolated None seems related to cross-origin nested frame. |
It seems like That would mean however that you cannot use data URL workers and shared memory. At least not until there is Permissions Policy for workers. |
That's true, thanks!
If the use-case is very important we could circumvent that. |
I don't think it's important enough to add exceptions for. |
Fixed html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html. |
Make sure self.crossOriginIsolated is affected by the permission.
html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html is flaky and that prevents me from landing this. I suspect that the flakiness is not related to this change, and I reverted the change to the file. |
Still LGTM, feel free to merge at will. But we should update html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html separately. Perhaps that will happen as part of your implementation work. |
} | ||
|
||
generateTest(ORIGIN, undefined, true); | ||
generateTest(ORIGIN, '*', true); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If this test is using the Permissions-Policy header, it should use the structured syntax for that --
The * case looks correct, but self
should be unquoted, as it's a SF-token, and "none"
should be ()
(empty list)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you! I will fix them.
- Fix WindowOrWorketGlobalScope.crossOriginIsolated behavior for workers. - For SharedWorkers and ServiceWorkers it always return false. See https://crbug.com/1131403 and https://crbug.com/1131404. - Rename ExecutionContext::IsCrossOriginIsolated to CrossOriginCapability. This is aligned with https://html.spec.whatwg.org/C/#concept-settings-object-cross-origin-isolated-capability. - Fix wpt/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html. I originally planned to do that in #24600 but I couldn't do that due to some flakiness. - Add more tests for workers in wpt/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html. Bug: 1115379, 1018680, 1131403, 1131404 Change-Id: I2afcb01403f67a11fd06aefde1238aba16b68f36
- Fix WindowOrWorketGlobalScope.crossOriginIsolated behavior for workers. - For SharedWorkers and ServiceWorkers it always return false. See https://crbug.com/1131403 and https://crbug.com/1131404. - Rename ExecutionContext::IsCrossOriginIsolated to CrossOriginCapability. This is aligned with https://html.spec.whatwg.org/C/#concept-settings-object-cross-origin-isolated-capability. - Fix wpt/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html. I originally planned to do that in #24600 but I couldn't do that due to some flakiness. - Add more tests for workers in wpt/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html. Bug: 1115379, 1018680, 1131403, 1131404 Change-Id: I2afcb01403f67a11fd06aefde1238aba16b68f36
- Fix WindowOrWorketGlobalScope.crossOriginIsolated behavior for workers. - For SharedWorkers and ServiceWorkers it always return false. See https://crbug.com/1131403 and https://crbug.com/1131404. - Rename ExecutionContext::IsCrossOriginIsolated to CrossOriginCapability. This is aligned with https://html.spec.whatwg.org/C/#concept-settings-object-cross-origin-isolated-capability. - Fix wpt/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html. I originally planned to do that in #24600 but I couldn't do that due to some flakiness. - Add more tests for workers in wpt/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html. Bug: 1115379, 1018680, 1131403, 1131404 Change-Id: I2afcb01403f67a11fd06aefde1238aba16b68f36
- Fix WindowOrWorketGlobalScope.crossOriginIsolated behavior for workers. - For SharedWorkers and ServiceWorkers it always return false. See https://crbug.com/1131403 and https://crbug.com/1131404. - Rename ExecutionContext::IsCrossOriginIsolated to CrossOriginCapability. This is aligned with https://html.spec.whatwg.org/C/#concept-settings-object-cross-origin-isolated-capability. - Fix wpt/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html. I originally planned to do that in #24600 but I couldn't do that due to some flakiness. - Add more tests for workers in wpt/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html. Bug: 1115379, 1018680, 1131403, 1131404 Change-Id: I2afcb01403f67a11fd06aefde1238aba16b68f36 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2416428 Commit-Queue: Yutaka Hirano <[email protected]> Reviewed-by: Domenic Denicola <[email protected]> Reviewed-by: Robert Flack <[email protected]> Reviewed-by: Hiroki Nakagawa <[email protected]> Cr-Commit-Position: refs/heads/master@{#810130}
- Fix WindowOrWorketGlobalScope.crossOriginIsolated behavior for workers. - For SharedWorkers and ServiceWorkers it always return false. See https://crbug.com/1131403 and https://crbug.com/1131404. - Rename ExecutionContext::IsCrossOriginIsolated to CrossOriginCapability. This is aligned with https://html.spec.whatwg.org/C/#concept-settings-object-cross-origin-isolated-capability. - Fix wpt/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html. I originally planned to do that in web-platform-tests/wpt#24600 but I couldn't do that due to some flakiness. - Add more tests for workers in wpt/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html. Bug: 1115379, 1018680, 1131403, 1131404 Change-Id: I2afcb01403f67a11fd06aefde1238aba16b68f36 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2416428 Commit-Queue: Yutaka Hirano <[email protected]> Reviewed-by: Domenic Denicola <[email protected]> Reviewed-by: Robert Flack <[email protected]> Reviewed-by: Hiroki Nakagawa <[email protected]> Cr-Commit-Position: refs/heads/master@{#810130}
- Fix WindowOrWorketGlobalScope.crossOriginIsolated behavior for workers. - For SharedWorkers and ServiceWorkers it always return false. See https://crbug.com/1131403 and https://crbug.com/1131404. - Rename ExecutionContext::IsCrossOriginIsolated to CrossOriginCapability. This is aligned with https://html.spec.whatwg.org/C/#concept-settings-object-cross-origin-isolated-capability. - Fix wpt/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html. I originally planned to do that in #24600 but I couldn't do that due to some flakiness. - Add more tests for workers in wpt/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html. Bug: 1115379, 1018680, 1131403, 1131404 Change-Id: I2afcb01403f67a11fd06aefde1238aba16b68f36 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2416428 Commit-Queue: Yutaka Hirano <[email protected]> Reviewed-by: Domenic Denicola <[email protected]> Reviewed-by: Robert Flack <[email protected]> Reviewed-by: Hiroki Nakagawa <[email protected]> Cr-Commit-Position: refs/heads/master@{#810130} Co-authored-by: Yutaka Hirano <[email protected]>
…n for workers, a=testonly Automatic update from web-platform-tests Refine crossOriginIsolated implementation for workers (#25748) - Fix WindowOrWorketGlobalScope.crossOriginIsolated behavior for workers. - For SharedWorkers and ServiceWorkers it always return false. See https://crbug.com/1131403 and https://crbug.com/1131404. - Rename ExecutionContext::IsCrossOriginIsolated to CrossOriginCapability. This is aligned with https://html.spec.whatwg.org/C/#concept-settings-object-cross-origin-isolated-capability. - Fix wpt/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html. I originally planned to do that in web-platform-tests/wpt#24600 but I couldn't do that due to some flakiness. - Add more tests for workers in wpt/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html. Bug: 1115379, 1018680, 1131403, 1131404 Change-Id: I2afcb01403f67a11fd06aefde1238aba16b68f36 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2416428 Commit-Queue: Yutaka Hirano <[email protected]> Reviewed-by: Domenic Denicola <[email protected]> Reviewed-by: Robert Flack <[email protected]> Reviewed-by: Hiroki Nakagawa <[email protected]> Cr-Commit-Position: refs/heads/master@{#810130} Co-authored-by: Yutaka Hirano <[email protected]> -- wpt-commits: ce281cc3f32d8e93ecbb33a51321d846ee2aae37 wpt-pr: 25748
…n for workers, a=testonly Automatic update from web-platform-tests Refine crossOriginIsolated implementation for workers (#25748) - Fix WindowOrWorketGlobalScope.crossOriginIsolated behavior for workers. - For SharedWorkers and ServiceWorkers it always return false. See https://crbug.com/1131403 and https://crbug.com/1131404. - Rename ExecutionContext::IsCrossOriginIsolated to CrossOriginCapability. This is aligned with https://html.spec.whatwg.org/C/#concept-settings-object-cross-origin-isolated-capability. - Fix wpt/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html. I originally planned to do that in web-platform-tests/wpt#24600 but I couldn't do that due to some flakiness. - Add more tests for workers in wpt/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html. Bug: 1115379, 1018680, 1131403, 1131404 Change-Id: I2afcb01403f67a11fd06aefde1238aba16b68f36 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2416428 Commit-Queue: Yutaka Hirano <yhiranochromium.org> Reviewed-by: Domenic Denicola <domenicchromium.org> Reviewed-by: Robert Flack <flackrchromium.org> Reviewed-by: Hiroki Nakagawa <nhirokichromium.org> Cr-Commit-Position: refs/heads/master{#810130} Co-authored-by: Yutaka Hirano <yhiranochromium.org> -- wpt-commits: ce281cc3f32d8e93ecbb33a51321d846ee2aae37 wpt-pr: 25748 UltraBlame original commit: 5f56ebdc5770a063488415b229752f7094dc4811
…n for workers, a=testonly Automatic update from web-platform-tests Refine crossOriginIsolated implementation for workers (#25748) - Fix WindowOrWorketGlobalScope.crossOriginIsolated behavior for workers. - For SharedWorkers and ServiceWorkers it always return false. See https://crbug.com/1131403 and https://crbug.com/1131404. - Rename ExecutionContext::IsCrossOriginIsolated to CrossOriginCapability. This is aligned with https://html.spec.whatwg.org/C/#concept-settings-object-cross-origin-isolated-capability. - Fix wpt/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html. I originally planned to do that in web-platform-tests/wpt#24600 but I couldn't do that due to some flakiness. - Add more tests for workers in wpt/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html. Bug: 1115379, 1018680, 1131403, 1131404 Change-Id: I2afcb01403f67a11fd06aefde1238aba16b68f36 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2416428 Commit-Queue: Yutaka Hirano <yhiranochromium.org> Reviewed-by: Domenic Denicola <domenicchromium.org> Reviewed-by: Robert Flack <flackrchromium.org> Reviewed-by: Hiroki Nakagawa <nhirokichromium.org> Cr-Commit-Position: refs/heads/master{#810130} Co-authored-by: Yutaka Hirano <yhiranochromium.org> -- wpt-commits: ce281cc3f32d8e93ecbb33a51321d846ee2aae37 wpt-pr: 25748 UltraBlame original commit: 5f56ebdc5770a063488415b229752f7094dc4811
…n for workers, a=testonly Automatic update from web-platform-tests Refine crossOriginIsolated implementation for workers (#25748) - Fix WindowOrWorketGlobalScope.crossOriginIsolated behavior for workers. - For SharedWorkers and ServiceWorkers it always return false. See https://crbug.com/1131403 and https://crbug.com/1131404. - Rename ExecutionContext::IsCrossOriginIsolated to CrossOriginCapability. This is aligned with https://html.spec.whatwg.org/C/#concept-settings-object-cross-origin-isolated-capability. - Fix wpt/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html. I originally planned to do that in web-platform-tests/wpt#24600 but I couldn't do that due to some flakiness. - Add more tests for workers in wpt/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html. Bug: 1115379, 1018680, 1131403, 1131404 Change-Id: I2afcb01403f67a11fd06aefde1238aba16b68f36 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2416428 Commit-Queue: Yutaka Hirano <yhiranochromium.org> Reviewed-by: Domenic Denicola <domenicchromium.org> Reviewed-by: Robert Flack <flackrchromium.org> Reviewed-by: Hiroki Nakagawa <nhirokichromium.org> Cr-Commit-Position: refs/heads/master{#810130} Co-authored-by: Yutaka Hirano <yhiranochromium.org> -- wpt-commits: ce281cc3f32d8e93ecbb33a51321d846ee2aae37 wpt-pr: 25748 UltraBlame original commit: 5f56ebdc5770a063488415b229752f7094dc4811
…n for workers, a=testonly Automatic update from web-platform-tests Refine crossOriginIsolated implementation for workers (#25748) - Fix WindowOrWorketGlobalScope.crossOriginIsolated behavior for workers. - For SharedWorkers and ServiceWorkers it always return false. See https://crbug.com/1131403 and https://crbug.com/1131404. - Rename ExecutionContext::IsCrossOriginIsolated to CrossOriginCapability. This is aligned with https://html.spec.whatwg.org/C/#concept-settings-object-cross-origin-isolated-capability. - Fix wpt/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html. I originally planned to do that in web-platform-tests/wpt#24600 but I couldn't do that due to some flakiness. - Add more tests for workers in wpt/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html. Bug: 1115379, 1018680, 1131403, 1131404 Change-Id: I2afcb01403f67a11fd06aefde1238aba16b68f36 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2416428 Commit-Queue: Yutaka Hirano <[email protected]> Reviewed-by: Domenic Denicola <[email protected]> Reviewed-by: Robert Flack <[email protected]> Reviewed-by: Hiroki Nakagawa <[email protected]> Cr-Commit-Position: refs/heads/master@{#810130} Co-authored-by: Yutaka Hirano <[email protected]> -- wpt-commits: ce281cc3f32d8e93ecbb33a51321d846ee2aae37 wpt-pr: 25748
- Fix WindowOrWorketGlobalScope.crossOriginIsolated behavior for workers. - For SharedWorkers and ServiceWorkers it always return false. See https://crbug.com/1131403 and https://crbug.com/1131404. - Rename ExecutionContext::IsCrossOriginIsolated to CrossOriginCapability. This is aligned with https://html.spec.whatwg.org/C/#concept-settings-object-cross-origin-isolated-capability. - Fix wpt/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html. I originally planned to do that in web-platform-tests/wpt#24600 but I couldn't do that due to some flakiness. - Add more tests for workers in wpt/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html. Bug: 1115379, 1018680, 1131403, 1131404 Change-Id: I2afcb01403f67a11fd06aefde1238aba16b68f36 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2416428 Commit-Queue: Yutaka Hirano <[email protected]> Reviewed-by: Domenic Denicola <[email protected]> Reviewed-by: Robert Flack <[email protected]> Reviewed-by: Hiroki Nakagawa <[email protected]> Cr-Commit-Position: refs/heads/master@{#810130} GitOrigin-RevId: b9cd56c1c97be3bb4f542f25789cacfa76051e42
Make sure self.crossOriginIsolated is affected by the permission.