Closed
Bug 1436245
Opened 6 years ago
Closed 6 years ago
Various CSP web-platform-tests are going to permafail when Gecko 60 merges to Beta on 2018-03-01
Categories
(Core :: DOM: Security, defect, P1)
Core
DOM: Security
Tracking
()
VERIFIED
FIXED
mozilla60
| Tracking | Status | |
|---|---|---|
| firefox-esr52 | --- | unaffected |
| firefox58 | --- | unaffected |
| firefox59 | --- | unaffected |
| firefox60 | + | verified |
People
(Reporter: RyanVM, Assigned: ckerschb)
References
Details
(Whiteboard: [domsecurity-active])
Attachments
(1 file, 1 obsolete file)
|
47.43 KB,
patch
|
RyanVM
:
review+
|
Details | Diff | Splinter Review |
Looks like these tests were recently added in bug 1435337. Hopefully just a pref needing to be forced on? https://treeherder.mozilla.org/logviewer.html#?job_id=160713552&repo=try https://treeherder.mozilla.org/logviewer.html#?job_id=160713472&repo=try TEST-UNEXPECTED-TIMEOUT | /content-security-policy/reporting/report-original-url.sub.html | Direct block, same-origin = full URL in report - Test timed out TEST-UNEXPECTED-TIMEOUT | /content-security-policy/reporting/report-original-url.sub.html | Block after redirect, same-origin = original URL in report - Test timed out TEST-UNEXPECTED-TIMEOUT | /content-security-policy/reporting/report-original-url.sub.html | Block after redirect, cross-origin = original URL in report - Test timed out TEST-UNEXPECTED-TIMEOUT | /content-security-policy/reporting-api/reporting-api-report-only-sends-reports-on-violation.https.sub.html | Event is fired - Test timed out TEST-UNEXPECTED-TIMEOUT | /content-security-policy/reporting-api/reporting-api-report-only-sends-reports-on-violation.https.sub.html | expected OK TEST-UNEXPECTED-TIMEOUT | /content-security-policy/reporting-api/reporting-api-report-to-overrides-report-uri-1.https.sub.html | Event is fired - Test timed out TEST-UNEXPECTED-TIMEOUT | /content-security-policy/reporting-api/reporting-api-report-to-overrides-report-uri-1.https.sub.html | expected OK TEST-UNEXPECTED-TIMEOUT | /content-security-policy/reporting-api/reporting-api-report-to-overrides-report-uri-2.https.sub.html | Event is fired - Test timed out TEST-UNEXPECTED-TIMEOUT | /content-security-policy/reporting-api/reporting-api-report-to-overrides-report-uri-2.https.sub.html | expected OK TEST-UNEXPECTED-TIMEOUT | /content-security-policy/reporting-api/reporting-api-sends-reports-on-violation.https.sub.html | Event is fired - Test timed out TEST-UNEXPECTED-TIMEOUT | /content-security-policy/reporting-api/reporting-api-sends-reports-on-violation.https.sub.html | expected OK TEST-UNEXPECTED-TIMEOUT | /content-security-policy/reporting-api/reporting-api-works-on-frame-src.https.sub.html | Event is fired - Test timed out TEST-UNEXPECTED-TIMEOUT | /content-security-policy/reporting-api/reporting-api-works-on-frame-src.https.sub.html | expected OK
Flags: needinfo?(ckerschb)
|
Assignee | |
Updated•6 years ago
|
Assignee: nobody → ckerschb
Flags: needinfo?(ckerschb)
Priority: -- → P1
Whiteboard: [domsecurity-active]
|
|
Assignee | |
Comment 1•6 years ago
|
||
Ryan, tested locally by flipping the pref security.csp.enable_violation_events to false within all.js. Do we need more testing or are we good to check those updates in?
Attachment #8949022 -
Flags: review?(ryanvm)
|
|
Assignee | |
Updated•6 years ago
|
Status: NEW → ASSIGNED
|
Reporter | |
Comment 2•6 years ago
|
||
Sounds fine to me - the only question I have is whether it makes more sense to set this pref at the directory level instead of on the individual tests, which would avoid any surprises from future upstream updates. WDYT?
|
|
Assignee | |
Comment 3•6 years ago
|
||
(In reply to Ryan VanderMeulen [:RyanVM] from comment #2) > Sounds fine to me - the only question I have is whether it makes more sense > to set this pref at the directory level instead of on the individual tests, > which would avoid any surprises from future upstream updates. WDYT? Actually I was thinking about that and would prefer that solution but didn't know if it's possible or not. How do I do that?
|
|
Reporter | |
Comment 4•6 years ago
|
||
Set it in __dir__.ini instead, similar to the one below. https://searchfox.org/mozilla-central/source/testing/web-platform/meta/css/css-scoping-1/__dir__.ini
|
|
Assignee | |
Comment 5•6 years ago
|
||
That should do the trick for all CSP wpt tests.
Attachment #8949022 -
Attachment is obsolete: true
Attachment #8949022 -
Flags: review?(ryanvm)
Attachment #8949147 -
Flags: review?(ryanvm)
|
|
Reporter | |
Comment 6•6 years ago
|
||
Comment on attachment 8949147 [details] [diff] [review] bug_1436245_fix_csp_wpt_tests.patch Assuming you've verified this locally, lgtm!
Attachment #8949147 -
Flags: review?(ryanvm) → review+
|
|
Assignee | |
Comment 7•6 years ago
|
||
(In reply to Ryan VanderMeulen [:RyanVM] from comment #6) > Assuming you've verified this locally, lgtm! I cherry picked several tests and ran them locally.
Keywords: checkin-needed
Pushed by ryanvm@gmail.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/c358f1f20f8a Flip pref explicitly for CSP security policy violation events for newly pulled wpt tests. r=ryanvm
Keywords: checkin-needed
|
||
Comment 9•6 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/c358f1f20f8a
Status: ASSIGNED → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla60
You need to log in
before you can comment on or make changes to this bug.
Description
•