Add tests for 'cross-origin-isolated' permission #24600
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
wpt-pr-bot
requested review from
annevk,
arturjanc,
domenic,
foolip,
hemeryar,
jdm,
jgraham,
jugglinmike,
mikewest,
ParisMeuleman,
valenting,
zcorpan and
zqzhang
|
These are tests for whatwg/html#5435. @domenic @annevk what do you think about them? |
domenic
approved these changes
Jul 16, 2020
There was a problem hiding this comment.
LGTM with nit.
At some point you'll want tests similar to those in https://github.com/web-platform-tests/wpt/tree/master/origin-isolation to test whether crossOriginIsolated actually prevents WebAssembly.Module sharing and document.domain setting, but that can be done separately.
html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html
Show resolved
Hide resolved
|
No existing tests are impacted by this change? I would have expected we'd have at least one test where we assert |
|
Currently I see 5 tests. https://github.com/web-platform-tests/wpt/search?q=crossOriginIsolated&unscoped_q=crossOriginIsolated None seems related to cross-origin nested frame. |
|
It seems like That would mean however that you cannot use data URL workers and shared memory. At least not until there is Permissions Policy for workers. |
That's true, thanks!
If the use-case is very important we could circumvent that. |
|
I don't think it's important enough to add exceptions for. |
|
Fixed html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html. |
3 tasks
Make sure self.crossOriginIsolated is affected by the permission.
|
html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html is flaky and that prevents me from landing this. I suspect that the flakiness is not related to this change, and I reverted the change to the file. |
|
Still LGTM, feel free to merge at will. But we should update html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html separately. Perhaps that will happen as part of your implementation work. |
clelland
reviewed
Sep 2, 2020
| } | ||
|
|
||
| generateTest(ORIGIN, undefined, true); | ||
| generateTest(ORIGIN, '*', true); |
There was a problem hiding this comment.
If this test is using the Permissions-Policy header, it should use the structured syntax for that --
The * case looks correct, but self should be unquoted, as it's a SF-token, and "none" should be () (empty list)
There was a problem hiding this comment.
Thank you! I will fix them.
chromium-wpt-export-bot
pushed a commit
that referenced
this pull request
Sep 24, 2020
- Fix WindowOrWorketGlobalScope.crossOriginIsolated behavior for
workers.
- For SharedWorkers and ServiceWorkers it always return false. See
https://crbug.com/1131403 and https://crbug.com/1131404.
- Rename ExecutionContext::IsCrossOriginIsolated to
CrossOriginCapability. This is aligned with
https://html.spec.whatwg.org/C/#concept-settings-object-cross-origin-isolated-capability.
- Fix wpt/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html.
I originally planned to do that in
#24600 but I couldn't
do that due to some flakiness.
- Add more tests for workers in
wpt/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html.
Bug: 1115379, 1018680, 1131403, 1131404
Change-Id: I2afcb01403f67a11fd06aefde1238aba16b68f36
chromium-wpt-export-bot
pushed a commit
that referenced
this pull request
Sep 24, 2020
- Fix WindowOrWorketGlobalScope.crossOriginIsolated behavior for
workers.
- For SharedWorkers and ServiceWorkers it always return false. See
https://crbug.com/1131403 and https://crbug.com/1131404.
- Rename ExecutionContext::IsCrossOriginIsolated to
CrossOriginCapability. This is aligned with
https://html.spec.whatwg.org/C/#concept-settings-object-cross-origin-isolated-capability.
- Fix wpt/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html.
I originally planned to do that in
#24600 but I couldn't
do that due to some flakiness.
- Add more tests for workers in
wpt/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html.
Bug: 1115379, 1018680, 1131403, 1131404
Change-Id: I2afcb01403f67a11fd06aefde1238aba16b68f36
chromium-wpt-export-bot
pushed a commit
that referenced
this pull request
Sep 24, 2020
- Fix WindowOrWorketGlobalScope.crossOriginIsolated behavior for
workers.
- For SharedWorkers and ServiceWorkers it always return false. See
https://crbug.com/1131403 and https://crbug.com/1131404.
- Rename ExecutionContext::IsCrossOriginIsolated to
CrossOriginCapability. This is aligned with
https://html.spec.whatwg.org/C/#concept-settings-object-cross-origin-isolated-capability.
- Fix wpt/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html.
I originally planned to do that in
#24600 but I couldn't
do that due to some flakiness.
- Add more tests for workers in
wpt/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html.
Bug: 1115379, 1018680, 1131403, 1131404
Change-Id: I2afcb01403f67a11fd06aefde1238aba16b68f36
chromium-wpt-export-bot
pushed a commit
that referenced
this pull request
Sep 24, 2020
- Fix WindowOrWorketGlobalScope.crossOriginIsolated behavior for
workers.
- For SharedWorkers and ServiceWorkers it always return false. See
https://crbug.com/1131403 and https://crbug.com/1131404.
- Rename ExecutionContext::IsCrossOriginIsolated to
CrossOriginCapability. This is aligned with
https://html.spec.whatwg.org/C/#concept-settings-object-cross-origin-isolated-capability.
- Fix wpt/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html.
I originally planned to do that in
#24600 but I couldn't
do that due to some flakiness.
- Add more tests for workers in
wpt/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html.
Bug: 1115379, 1018680, 1131403, 1131404
Change-Id: I2afcb01403f67a11fd06aefde1238aba16b68f36
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2416428
Commit-Queue: Yutaka Hirano <yhirano@chromium.org>
Reviewed-by: Domenic Denicola <domenic@chromium.org>
Reviewed-by: Robert Flack <flackr@chromium.org>
Reviewed-by: Hiroki Nakagawa <nhiroki@chromium.org>
Cr-Commit-Position: refs/heads/master@{#810130}
blueboxd
pushed a commit
to blueboxd/chromium-legacy
that referenced
this pull request
Sep 24, 2020
- Fix WindowOrWorketGlobalScope.crossOriginIsolated behavior for
workers.
- For SharedWorkers and ServiceWorkers it always return false. See
https://crbug.com/1131403 and https://crbug.com/1131404.
- Rename ExecutionContext::IsCrossOriginIsolated to
CrossOriginCapability. This is aligned with
https://html.spec.whatwg.org/C/#concept-settings-object-cross-origin-isolated-capability.
- Fix wpt/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html.
I originally planned to do that in
web-platform-tests/wpt#24600 but I couldn't
do that due to some flakiness.
- Add more tests for workers in
wpt/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html.
Bug: 1115379, 1018680, 1131403, 1131404
Change-Id: I2afcb01403f67a11fd06aefde1238aba16b68f36
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2416428
Commit-Queue: Yutaka Hirano <yhirano@chromium.org>
Reviewed-by: Domenic Denicola <domenic@chromium.org>
Reviewed-by: Robert Flack <flackr@chromium.org>
Reviewed-by: Hiroki Nakagawa <nhiroki@chromium.org>
Cr-Commit-Position: refs/heads/master@{#810130}
stephenmcgruer
pushed a commit
that referenced
this pull request
Sep 24, 2020
- Fix WindowOrWorketGlobalScope.crossOriginIsolated behavior for
workers.
- For SharedWorkers and ServiceWorkers it always return false. See
https://crbug.com/1131403 and https://crbug.com/1131404.
- Rename ExecutionContext::IsCrossOriginIsolated to
CrossOriginCapability. This is aligned with
https://html.spec.whatwg.org/C/#concept-settings-object-cross-origin-isolated-capability.
- Fix wpt/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html.
I originally planned to do that in
#24600 but I couldn't
do that due to some flakiness.
- Add more tests for workers in
wpt/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html.
Bug: 1115379, 1018680, 1131403, 1131404
Change-Id: I2afcb01403f67a11fd06aefde1238aba16b68f36
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2416428
Commit-Queue: Yutaka Hirano <yhirano@chromium.org>
Reviewed-by: Domenic Denicola <domenic@chromium.org>
Reviewed-by: Robert Flack <flackr@chromium.org>
Reviewed-by: Hiroki Nakagawa <nhiroki@chromium.org>
Cr-Commit-Position: refs/heads/master@{#810130}
Co-authored-by: Yutaka Hirano <yhirano@chromium.org>
moz-v2v-gh
pushed a commit
to mozilla/gecko-dev
that referenced
this pull request
Sep 26, 2020
…n for workers, a=testonly
Automatic update from web-platform-tests
Refine crossOriginIsolated implementation for workers (#25748)
- Fix WindowOrWorketGlobalScope.crossOriginIsolated behavior for
workers.
- For SharedWorkers and ServiceWorkers it always return false. See
https://crbug.com/1131403 and https://crbug.com/1131404.
- Rename ExecutionContext::IsCrossOriginIsolated to
CrossOriginCapability. This is aligned with
https://html.spec.whatwg.org/C/#concept-settings-object-cross-origin-isolated-capability.
- Fix wpt/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html.
I originally planned to do that in
web-platform-tests/wpt#24600 but I couldn't
do that due to some flakiness.
- Add more tests for workers in
wpt/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html.
Bug: 1115379, 1018680, 1131403, 1131404
Change-Id: I2afcb01403f67a11fd06aefde1238aba16b68f36
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2416428
Commit-Queue: Yutaka Hirano <yhirano@chromium.org>
Reviewed-by: Domenic Denicola <domenic@chromium.org>
Reviewed-by: Robert Flack <flackr@chromium.org>
Reviewed-by: Hiroki Nakagawa <nhiroki@chromium.org>
Cr-Commit-Position: refs/heads/master@{#810130}
Co-authored-by: Yutaka Hirano <yhirano@chromium.org>
--
wpt-commits: ce281cc3f32d8e93ecbb33a51321d846ee2aae37
wpt-pr: 25748
gecko-dev-updater
pushed a commit
to marco-c/gecko-dev-wordified-and-comments-removed
that referenced
this pull request
Sep 28, 2020
…n for workers, a=testonly
Automatic update from web-platform-tests
Refine crossOriginIsolated implementation for workers (#25748)
- Fix WindowOrWorketGlobalScope.crossOriginIsolated behavior for
workers.
- For SharedWorkers and ServiceWorkers it always return false. See
https://crbug.com/1131403 and https://crbug.com/1131404.
- Rename ExecutionContext::IsCrossOriginIsolated to
CrossOriginCapability. This is aligned with
https://html.spec.whatwg.org/C/#concept-settings-object-cross-origin-isolated-capability.
- Fix wpt/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html.
I originally planned to do that in
web-platform-tests/wpt#24600 but I couldn't
do that due to some flakiness.
- Add more tests for workers in
wpt/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html.
Bug: 1115379, 1018680, 1131403, 1131404
Change-Id: I2afcb01403f67a11fd06aefde1238aba16b68f36
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2416428
Commit-Queue: Yutaka Hirano <yhiranochromium.org>
Reviewed-by: Domenic Denicola <domenicchromium.org>
Reviewed-by: Robert Flack <flackrchromium.org>
Reviewed-by: Hiroki Nakagawa <nhirokichromium.org>
Cr-Commit-Position: refs/heads/master{#810130}
Co-authored-by: Yutaka Hirano <yhiranochromium.org>
--
wpt-commits: ce281cc3f32d8e93ecbb33a51321d846ee2aae37
wpt-pr: 25748
UltraBlame original commit: 5f56ebdc5770a063488415b229752f7094dc4811
gecko-dev-updater
pushed a commit
to marco-c/gecko-dev-comments-removed
that referenced
this pull request
Sep 28, 2020
…n for workers, a=testonly
Automatic update from web-platform-tests
Refine crossOriginIsolated implementation for workers (#25748)
- Fix WindowOrWorketGlobalScope.crossOriginIsolated behavior for
workers.
- For SharedWorkers and ServiceWorkers it always return false. See
https://crbug.com/1131403 and https://crbug.com/1131404.
- Rename ExecutionContext::IsCrossOriginIsolated to
CrossOriginCapability. This is aligned with
https://html.spec.whatwg.org/C/#concept-settings-object-cross-origin-isolated-capability.
- Fix wpt/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html.
I originally planned to do that in
web-platform-tests/wpt#24600 but I couldn't
do that due to some flakiness.
- Add more tests for workers in
wpt/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html.
Bug: 1115379, 1018680, 1131403, 1131404
Change-Id: I2afcb01403f67a11fd06aefde1238aba16b68f36
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2416428
Commit-Queue: Yutaka Hirano <yhiranochromium.org>
Reviewed-by: Domenic Denicola <domenicchromium.org>
Reviewed-by: Robert Flack <flackrchromium.org>
Reviewed-by: Hiroki Nakagawa <nhirokichromium.org>
Cr-Commit-Position: refs/heads/master{#810130}
Co-authored-by: Yutaka Hirano <yhiranochromium.org>
--
wpt-commits: ce281cc3f32d8e93ecbb33a51321d846ee2aae37
wpt-pr: 25748
UltraBlame original commit: 5f56ebdc5770a063488415b229752f7094dc4811
gecko-dev-updater
pushed a commit
to marco-c/gecko-dev-wordified
that referenced
this pull request
Sep 28, 2020
…n for workers, a=testonly
Automatic update from web-platform-tests
Refine crossOriginIsolated implementation for workers (#25748)
- Fix WindowOrWorketGlobalScope.crossOriginIsolated behavior for
workers.
- For SharedWorkers and ServiceWorkers it always return false. See
https://crbug.com/1131403 and https://crbug.com/1131404.
- Rename ExecutionContext::IsCrossOriginIsolated to
CrossOriginCapability. This is aligned with
https://html.spec.whatwg.org/C/#concept-settings-object-cross-origin-isolated-capability.
- Fix wpt/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html.
I originally planned to do that in
web-platform-tests/wpt#24600 but I couldn't
do that due to some flakiness.
- Add more tests for workers in
wpt/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html.
Bug: 1115379, 1018680, 1131403, 1131404
Change-Id: I2afcb01403f67a11fd06aefde1238aba16b68f36
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2416428
Commit-Queue: Yutaka Hirano <yhiranochromium.org>
Reviewed-by: Domenic Denicola <domenicchromium.org>
Reviewed-by: Robert Flack <flackrchromium.org>
Reviewed-by: Hiroki Nakagawa <nhirokichromium.org>
Cr-Commit-Position: refs/heads/master{#810130}
Co-authored-by: Yutaka Hirano <yhiranochromium.org>
--
wpt-commits: ce281cc3f32d8e93ecbb33a51321d846ee2aae37
wpt-pr: 25748
UltraBlame original commit: 5f56ebdc5770a063488415b229752f7094dc4811
sidvishnoi
pushed a commit
to sidvishnoi/gecko-webmonetization
that referenced
this pull request
Oct 1, 2020
…n for workers, a=testonly
Automatic update from web-platform-tests
Refine crossOriginIsolated implementation for workers (#25748)
- Fix WindowOrWorketGlobalScope.crossOriginIsolated behavior for
workers.
- For SharedWorkers and ServiceWorkers it always return false. See
https://crbug.com/1131403 and https://crbug.com/1131404.
- Rename ExecutionContext::IsCrossOriginIsolated to
CrossOriginCapability. This is aligned with
https://html.spec.whatwg.org/C/#concept-settings-object-cross-origin-isolated-capability.
- Fix wpt/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html.
I originally planned to do that in
web-platform-tests/wpt#24600 but I couldn't
do that due to some flakiness.
- Add more tests for workers in
wpt/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html.
Bug: 1115379, 1018680, 1131403, 1131404
Change-Id: I2afcb01403f67a11fd06aefde1238aba16b68f36
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2416428
Commit-Queue: Yutaka Hirano <yhirano@chromium.org>
Reviewed-by: Domenic Denicola <domenic@chromium.org>
Reviewed-by: Robert Flack <flackr@chromium.org>
Reviewed-by: Hiroki Nakagawa <nhiroki@chromium.org>
Cr-Commit-Position: refs/heads/master@{#810130}
Co-authored-by: Yutaka Hirano <yhirano@chromium.org>
--
wpt-commits: ce281cc3f32d8e93ecbb33a51321d846ee2aae37
wpt-pr: 25748
mjfroman
pushed a commit
to mjfroman/moz-libwebrtc-third-party
that referenced
this pull request
Oct 14, 2022
- Fix WindowOrWorketGlobalScope.crossOriginIsolated behavior for
workers.
- For SharedWorkers and ServiceWorkers it always return false. See
https://crbug.com/1131403 and https://crbug.com/1131404.
- Rename ExecutionContext::IsCrossOriginIsolated to
CrossOriginCapability. This is aligned with
https://html.spec.whatwg.org/C/#concept-settings-object-cross-origin-isolated-capability.
- Fix wpt/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/blob-data.https.html.
I originally planned to do that in
web-platform-tests/wpt#24600 but I couldn't
do that due to some flakiness.
- Add more tests for workers in
wpt/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html.
Bug: 1115379, 1018680, 1131403, 1131404
Change-Id: I2afcb01403f67a11fd06aefde1238aba16b68f36
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2416428
Commit-Queue: Yutaka Hirano <yhirano@chromium.org>
Reviewed-by: Domenic Denicola <domenic@chromium.org>
Reviewed-by: Robert Flack <flackr@chromium.org>
Reviewed-by: Hiroki Nakagawa <nhiroki@chromium.org>
Cr-Commit-Position: refs/heads/master@{#810130}
GitOrigin-RevId: b9cd56c1c97be3bb4f542f25789cacfa76051e42
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Make sure self.crossOriginIsolated is affected by the permission.