-
Notifications
You must be signed in to change notification settings - Fork 3.1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Worker: Add credentials tests for dedicated workers
This CL adds web-platform-tests for the "credentials" option of WorkerOptions: https://html.spec.whatwg.org/multipage/workers.html#workeroptions The current spec defines that the default value of this option is "omit", but there is an ongoing spec discussion to change it to "same-origin": whatwg/html#3656 This CL adds the tests based on the current spec, and a subsequent CL will update them based on the decision. Bug: 843875 Change-Id: I50eb0c7971587b9d84865498d67abef8ed2d8fc6
- Loading branch information
1 parent
b47939b
commit 2d956d9
Showing
3 changed files
with
90 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,78 @@ | ||
| <!DOCTYPE html> | ||
| <title>DedicatedWorker: WorkerOptions 'credentials'</title> | ||
| <script src="/resources/testharness.js"></script> | ||
| <script src="/resources/testharnessreport.js"></script> | ||
| <script> | ||
|
|
||
| // Determines the expected cookie value to be reported by a dedicated worker | ||
| // based on the given option. The worker reports an empty string as the actual | ||
| // cookie value if the cookie wasn't sent to the server. Otherwise, it's the | ||
| // value set by the headers file: | ||
| // "dedicated-worker-options-credentials.html.headers" | ||
| function DetermineExpectedCookieValue(options) { | ||
| // Classic script loading should always send credentials regardless of the | ||
| // 'credentials' option because the spec says the option takes effect only | ||
| // for module script loading. | ||
| if (options.type == 'classic') | ||
| return 'COOKIE_VALUE'; | ||
| assert_equals(options.type, 'module'); | ||
|
|
||
| if (!options.credentials || options.credentials == 'omit') | ||
| return ''; | ||
| if (options.credentials == 'same-origin' || options.credentials == 'include') | ||
| return 'COOKIE_VALUE'; | ||
| assert_unreached('Invalid credentials option was specified: ' + | ||
| options.credentials); | ||
| } | ||
|
|
||
| // Runs a credentials test with the given WorkerOptions. | ||
| async function runCredentialsTest(options) { | ||
| const worker = new Worker('resources/credentials.py', options); | ||
|
|
||
| // Wait until the worker sends the actual cookie value. | ||
| const msg_event = await new Promise(resolve => worker.onmessage = resolve); | ||
|
|
||
| const expectedCookieValue = DetermineExpectedCookieValue(options); | ||
| assert_equals(msg_event.data, expectedCookieValue); | ||
| } | ||
|
|
||
| // Tests for module scripts. | ||
|
|
||
| promise_test(() => runCredentialsTest({ type: 'module'}), | ||
| 'new Worker() with the default credentials option should not send ' + | ||
| 'the credentials'); | ||
|
|
||
| promise_test(() => runCredentialsTest({ credentials: 'omit', | ||
| type: 'module' }), | ||
| 'new Worker() with credentials=omit should not send the credentials'); | ||
|
|
||
| promise_test(() => runCredentialsTest({ credentials: 'same-origin', | ||
| type: 'module' }), | ||
| 'new Worker() with credentials=same-origin should send the credentials'); | ||
|
|
||
| promise_test(() => runCredentialsTest({ credentials: 'include', | ||
| type: 'module' }), | ||
| 'new Worker() with credentials=include should send the credentials'); | ||
|
|
||
| // Tests for classic scripts. | ||
|
|
||
| promise_test(() => runCredentialsTest({ type: 'classic' }), | ||
| 'new Worker() with type=classic should always send the credentials ' + | ||
| 'regardless of the credentials option (default).'); | ||
|
|
||
| promise_test(() => runCredentialsTest({ credentials: 'omit', | ||
| type: 'classic' }), | ||
| 'new Worker() with type=classic should always send the credentials ' + | ||
| 'regardless of the credentials option (omit).'); | ||
|
|
||
| promise_test(() => runCredentialsTest({ credentials: 'same-origin', | ||
| type: 'classic' }), | ||
| 'new Worker() with type=classic should always send the credentials ' + | ||
| 'regardless of the credentials option (same-origin).'); | ||
|
|
||
| promise_test(() => runCredentialsTest({ credentials: 'include', | ||
| type: 'classic' }), | ||
| 'new Worker() with type=classic should always send the credentials ' + | ||
| 'regardless of the credentials option (include).'); | ||
|
|
||
| </script> |
2 changes: 2 additions & 0 deletions
2
workers/modules/dedicated-worker-options-credentials.html.headers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,2 @@ | ||
| Set-Cookie: COOKIE_NAME=COOKIE_VALUE | ||
| Access-Control-Allow-Credentials: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| def main(request, response): | ||
| cookie = request.cookies.first("COOKIE_NAME", None) | ||
|
|
||
| response_headers = [("Content-Type", "text/javascript"), | ||
| ("Access-Control-Allow-Credentials", "true")] | ||
|
|
||
| cookie_value = ''; | ||
| if cookie: | ||
| cookie_value = cookie.value; | ||
| return (200, response_headers, "postMessage('"+cookie_value+"');") |