Raise the bar for SharedArrayBuffer via postMessage() #4734
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
annevk
added
do not merge yet
annevk
commented
Jun 26, 2019
domenic
reviewed
Jul 2, 2019
annevk
commented
Jul 11, 2019
Closed
domenic
reviewed
Jul 11, 2019
annevk
added a commit
to web-platform-tests/wpt
that referenced
this pull request
Jul 12, 2019
annevk
added
needs tests
annevk
added a commit
to web-platform-tests/wpt
that referenced
this pull request
Jul 19, 2019
annevk
added a commit
to web-platform-tests/wpt
that referenced
this pull request
Jul 19, 2019
The original test could not work. This should be able to work and also adds COOP/COEP headers for future proofing. No browser passes still. For whatwg/html#4734.
annevk
added a commit
to web-platform-tests/wpt
that referenced
this pull request
Jul 19, 2019
|
I've updated OP with a number of tests of which some are landed. I made the decision to land test changes as this is a large undertaking that has multi-implementer buy-in and landing it all at once would it a lot more likely we'd miss important things. The changes should minimally disrupt existing coverage. I'll try to continue to keep OP up-to-date. |
moz-v2v-gh
pushed a commit
to mozilla/gecko-dev
that referenced
this pull request
Jul 31, 2019
…ffer success case revamp, a=testonly Automatic update from web-platform-tests HTML: BroadcastChannel and SharedArrayBuffer success case revamp The original test could not work. This should be able to work and also adds COOP/COEP headers for future proofing. No browser passes still. For whatwg/html#4734. -- wpt-commits: dedb45f5f20e0ac884ac59634cceb8659cdcff7d wpt-pr: 17760
xeonchen
pushed a commit
to xeonchen/gecko
that referenced
this pull request
Jul 31, 2019
…ffer success case revamp, a=testonly Automatic update from web-platform-tests HTML: BroadcastChannel and SharedArrayBuffer success case revamp The original test could not work. This should be able to work and also adds COOP/COEP headers for future proofing. No browser passes still. For whatwg/html#4734. -- wpt-commits: dedb45f5f20e0ac884ac59634cceb8659cdcff7d wpt-pr: 17760
annevk
added a commit
to web-platform-tests/wpt
that referenced
this pull request
Aug 6, 2019
annevk
added a commit
to web-platform-tests/wpt
that referenced
this pull request
Aug 6, 2019
16 tasks
annevk
commented
Aug 9, 2019
moz-v2v-gh
pushed a commit
to mozilla/gecko-dev
that referenced
this pull request
Aug 9, 2019
…djustments, a=testonly Automatic update from web-platform-tests HTML: SharedArrayBuffer infrastructure adjustments For whatwg/html#4734. -- wpt-commits: a140f239fa9dc4fc3db593b664064b65340e7d4b wpt-pr: 17761 --HG-- rename : testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/resources/broadcastchannel-iframe.html.headers => testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/resources/echo-iframe.html.headers rename : testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/resources/broadcastchannel-iframe.html.headers => testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/resources/echo-worker.js.headers rename : testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/broadcastchannel-success-and-failure.html => testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/broadcastchannel-success-and-failure.https.html rename : testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/identity-not-preserved.html => testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/identity-not-preserved.https.html rename : testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/no-transferring.html => testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/no-transferring.https.html rename : testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/resources/broadcastchannel-iframe.html.headers => testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/resources/broadcastchannel-sharedworker.js.headers rename : testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/resources/broadcastchannel-iframe.html.headers => testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/resources/broadcastchannel-worker.js.headers rename : testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/resources/broadcastchannel-iframe.html.headers => testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/resources/incrementer-worker-with-channel.js.headers rename : testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/resources/broadcastchannel-iframe.html.headers => testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/resources/incrementer-worker.js.headers rename : testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/resources/broadcastchannel-iframe.html.headers => testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/resources/nested-worker-success.js.headers rename : testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/resources/broadcastchannel-iframe.html.headers => testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/resources/serviceworker-failure.js.headers rename : testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/resources/broadcastchannel-iframe.html.headers => testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/resources/sharedworker-failure.js.headers rename : testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/serialization-via-history.html => testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/serialization-via-history.https.html rename : testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/window-domain-success.sub.html => testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/window-domain-success.https.sub.html rename : testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/window-iframe-messagechannel-success.html => testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/window-iframe-messagechannel-success.https.html rename : testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/window-messagechannel-success.html => testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/window-messagechannel-success.https.html rename : testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/window-sharedworker-failure.html => testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/window-sharedworker-failure.https.html rename : testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/window-similar-but-cross-origin-success.sub.html => testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/window-similar-but-cross-origin-success.https.sub.html rename : testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/window-simple-success.html => testing/web-platform/tests/html/infrastructure/safe-passing-of-structured-data/shared-array-buffers/window-simple-success.https.html
moz-v2v-gh
pushed a commit
to mozilla/gecko-dev
that referenced
this pull request
Aug 9, 2019
…er throws without COOP+COEP, a=testonly Automatic update from web-platform-tests HTML: ensure serializing SharedArrayBuffer throws without COOP+COEP For whatwg/html#4734. -- wpt-commits: aecedb53e28abad5432227e293dd016cfc46d4b7 wpt-pr: 17802
xeonchen
pushed a commit
to xeonchen/gecko
that referenced
this pull request
Aug 10, 2019
…djustments, a=testonly Automatic update from web-platform-tests HTML: SharedArrayBuffer infrastructure adjustments For whatwg/html#4734. -- wpt-commits: a140f239fa9dc4fc3db593b664064b65340e7d4b wpt-pr: 17761
xeonchen
pushed a commit
to xeonchen/gecko
that referenced
this pull request
Aug 10, 2019
…er throws without COOP+COEP, a=testonly Automatic update from web-platform-tests HTML: ensure serializing SharedArrayBuffer throws without COOP+COEP For whatwg/html#4734. -- wpt-commits: aecedb53e28abad5432227e293dd016cfc46d4b7 wpt-pr: 17802
This comment has been minimized.
This comment has been minimized.
annevk
force-pushed
the
annevk/postmessage-sab
branch
from
b465512
to
c772611
Compare
|
I would be okay with the [SecureContext] restriction. I don't think Firefox currently has that, but we could add it. On the other hand it might be useful to have available always as then you don't need to check |
|
Sorry, but I think this will need rebasing now that 0221df8 got merged. I'll try to review anyway. I asked around internally for I do think the equivalent getter for origin isolation should follow whatever pattern we choose here. |
domenic
reviewed
Jun 26, 2020
source
Outdated
| true.</p> | ||
|
|
||
| <p class="XXX">This really ought to be set when the agent cluster is created, which requires a | ||
| redesign of this section.</p> |
There was a problem hiding this comment.
It's not clear to me whether this will ever be possible. Fetches require fetch clients (ESOs). So we need to create the ESO/realm/global object before doing the fetch. And we should put all realms into agents, so we need to create the agent and its corresponding agent cluster before the fetch.
I think this is OK as-is, and we should delete the XXX. It seems similar to how various properties of the WorkerGlobalScope (and thus, the values returned by the ESO algorithms) are only set after the fetch. It's OK, as long as no code runs.
There was a problem hiding this comment.
Why wouldn't it use outside settings? Note that for security reasons browsers would not be able to implement this approach as it would not properly process-isolate the worker (using a cross-origin isolated process that is).
There was a problem hiding this comment.
You're right; the fetch client is outside settings. Ugh, this would be a painful redesign; we'd need to split up fetching the scripts (doable before creating the global) from creating the scripts (doable only after the global exists). Alright, this XXX should stay, I concede.
There was a problem hiding this comment.
It would be particularly bad for modules, because parsing requires a realm to exist, but you need to parse before you can continue fetching dependencies. So we'd need to split it up into something like
- Fetch top-level source text. (Technically all we need are the headers.... maybe stop at getting the response.)
- Create the realm
- Create top-level script
- Fetch and create dependency scripts
Funnnnn.
A top-level navigation response with Cross-Origin-Opener-Policy set to same-origin and Cross-Origin-Embedder-Policy set to require-corp will create a cross-origin isolated browsing context group. And all agent clusters therein will be cross-origin isolated as well (shared and service workers can still not be, as they sit on the side). This change also: * Gates SharedArrayBuffer exposure behind that primitive for web compatibility reasons. * Gates SharedArrayBuffer sharing behind that primitive. * Exposes it through self.crossOriginIsolated. * Makes document.domain return before it mutates the origin. * Makes agent clusters keyed on origin. Tests: * web-platform-tests/wpt#17719 * web-platform-tests/wpt#17760 * web-platform-tests/wpt#17761 * web-platform-tests/wpt#17802 * web-platform-tests/wpt#17909 * web-platform-tests/wpt#18543 * web-platform-tests/wpt#20116 * web-platform-tests/wpt#22358 Closes #4732. Closes #5122. Closes #5444. Follow-up: #5435.
annevk
force-pushed
the
annevk/postmessage-sab
branch
from
a27a45d
to
50ebcb4
Compare
|
I squashed and then rebased and there were no issues. Somewhat strange. I'll work on some fixups now. |
annevk
removed
the
do not merge yet
domenic
approved these changes
Jul 6, 2020
|
Oh wait, given the wording in tc39/ecma262#1903 I guess it's solely up to the host, not the implementation. So this is all good. |
i3roly
pushed a commit
to i3roly/firefox-dynasty
that referenced
this pull request
Jun 1, 2024
…ffer success case revamp, a=testonly Automatic update from web-platform-tests HTML: BroadcastChannel and SharedArrayBuffer success case revamp The original test could not work. This should be able to work and also adds COOP/COEP headers for future proofing. No browser passes still. For whatwg/html#4734. -- wpt-commits: dedb45f5f20e0ac884ac59634cceb8659cdcff7d wpt-pr: 17760
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This depends on the work to add Cross-Origin-Opener-Policy and Cross-Origin-Embedder-Policy. It specifies how postMessage() is affected when both those headers are set for the agent clusters they impact.
Closes #4732.
(See WHATWG Working Mode: Changes for more details.)
/browsers.html ( diff )
/origin.html ( diff )
/structured-data.html ( diff )
/webappapis.html ( diff )
/workers.html ( diff )