Closed Bug 1464525 Opened 2 years ago Closed 2 years ago

[wpt-sync] Sync PR 11171 - Cross-Origin-Resource-Policy tests

Categories

(Core :: DOM: Core & HTML, enhancement, P4)

enhancement

Tracking

()

RESOLVED FIXED
mozilla63
Tracking Status
firefox63 --- fixed

People

(Reporter: mozilla.org, Unassigned)

References

()

Details

(Whiteboard: [wptsync downstream])

Sync web-platform-tests PR 11171 into mozilla-central (this bug is closed when the sync is complete).

PR: https://github.com/w3c/web-platform-tests/pull/11171
Details from upstream follow.

Youenn Fablet <youennf@gmail.com> wrote:
>  Cross-Origin-Resource-Policy tests
>  
>  These are initial tests targeting https://github.com/whatwg/fetch/pull/733
>  These are based on https://bugs.webkit.org/show_bug.cgi?id=185840.
Component: web-platform-tests → DOM
Product: Testing → Core
Ran 238 tests and 2246[linux32-debug,linux64-debug], 2247[linux32-opt,linux64-opt] subtests
OK     : 234[linux32-debug,linux64-debug], 235[linux32-opt,linux64-opt]
PASS   : 1876[linux32-debug,linux64-debug], 1877[linux32-opt,linux64-opt]
FAIL   : 365
TIMEOUT: 7

Existing tests that now have a worse result (e.g. they used to PASS and now FAIL):
/html/browsers/origin/relaxing-the-same-origin-restriction/document_domain_setter.html
    failed setting of document.domain: FAIL

New tests that have failures or other problems:
/fetch/cross-origin-resource-policy/fetch-in-iframe.html
    Cross-origin fetch in a cross origin iframe load fails if the server blocks cross-origin loads with a 'Cross-Origin-Resource-Policy: same-origin' response header.: FAIL
    Cross-origin fetch in a cross origin iframe load fails if the server blocks cross-origin loads with a 'Cross-Origin-Resource-Policy: same-site' response header.: FAIL
    Cross-origin fetch in a data: iframe load fails if the server blocks cross-origin loads with a 'Cross-Origin-Resource-Policy: same-origin' response header.: FAIL
    Cross-origin fetch in a data: iframe load fails if the server blocks cross-origin loads with a 'Cross-Origin-Resource-Policy: same-site' response header.: FAIL
/fetch/cross-origin-resource-policy/fetch.html
    Cross-origin no-cors fetch to a same-site URL with a 'Cross-Origin-Resource-Policy: same-origin' response header.: FAIL
    Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' redirect response header.: FAIL
    Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' response header after a redirection.: FAIL
    Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' response header.: FAIL
    Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-site' response header.: FAIL
    Valid cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-site' response header.: FAIL
/fetch/cross-origin-resource-policy/iframe-loads.html
    Load an iframe that has Cross-Origin-Resource-Policy header: FAIL
/fetch/cross-origin-resource-policy/image-loads.html
    Cross-origin no-cors image load with a 'Cross-Origin-Resource-Policy: same-origin' response header.: FAIL
    Cross-origin no-cors image load with a 'Cross-Origin-Resource-Policy: same-site' response header.: FAIL
/fetch/cross-origin-resource-policy/script-loads.html
    Cross-origin no-cors script load with a 'Cross-Origin-Resource-Policy: same-origin' response header.: FAIL
    Cross-origin no-cors script load with a 'Cross-Origin-Resource-Policy: same-site' response header.: FAIL
/service-workers/service-worker/fetch-canvas-tainting-video.https.html
    url "https://web-platform.test:8443/service-workers/service-worker/resources/fetch-access-control.py?VIDEO&mode=cors&credentials=same-origin&url=https%3A%2F%2Fwww1.web-platform.test%3A8443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3FVIDEO%26ACAOrigin%3Dhttps%3A%2F%2Fweb-platform.test%3A8443" with crossOrigin "" should be NOT_TAINTED: FAIL
    url "https://www1.web-platform.test:8443/service-workers/service-worker/resources/fetch-access-control.py?VIDEO&mode=cors&credentials=same-origin&url=https%3A%2F%2Fwww1.web-platform.test%3A8443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3FVIDEO%26ACAOrigin%3Dhttps%3A%2F%2Fweb-platform.test%3A8443" with crossOrigin "" should be NOT_TAINTED: FAIL

Tests that are disabled for instability:
/service-workers/service-worker/clients-get-cross-origin.https.html: [linux32-debug,linux64-debug]
/xhr/event-upload-progress-crossorigin.htm
Pushed by james@hoppipolla.co.uk:
https://hg.mozilla.org/integration/mozilla-inbound/rev/2d3d375085ab
[wpt PR 11171] - Cross-Origin-Resource-Policy tests, a=testonly
https://hg.mozilla.org/integration/mozilla-inbound/rev/918b83dd7b01
[wpt PR 11171] - Update wpt metadata, a=testonly
https://hg.mozilla.org/mozilla-central/rev/2d3d375085ab
https://hg.mozilla.org/mozilla-central/rev/918b83dd7b01
Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla63
Component: DOM → DOM: Core & HTML
You need to log in before you can comment on or make changes to this bug.