[wpt-sync] Sync PR 17986 - Add cookie SameSite features to experimental web platform features
Categories
(Core :: Networking: Cookies, task, P5)
Tracking
()
Tracking | Status | |
---|---|---|
firefox70 | --- | fixed |
People
(Reporter: mozilla.org, Unassigned)
References
()
Details
(Whiteboard: [necko-triaged][wptsync downstream])
Sync web-platform-tests PR 17986 into mozilla-central (this bug is closed when the sync is complete).
PR: https://github.com/web-platform-tests/wpt/pull/17986
Details from upstream follow.
Lily Chen <chlily@chromium.org> wrote:
Add cookie SameSite features to experimental web platform features
SameSiteByDefaultCookies and CookiesWithoutSameSiteMustBeSecure,
as well as CookieDeprecationMessages can now be turned on by
running with command line flag
--enable-experimental-web-platform-features.
- SameSiteByDefaultCookies causes cookies that don't specify a
SameSite attribute to be treated as Lax, and introduces
SameSite=None to explicitly request cross-site use.- CookiesWithoutSameSiteMustBeSecure requires SameSite=None
cookies to be Secure, otherwise they are rejected.- CookieDeprecationMessages shows console messages when cookies
are not sent or saved due to either of the above SameSite
features.The web tests and browser tests run with experimental web
platform features enabled are also updated to reflect the new
behavior, including running on https because of the
CookiesWithoutSameSiteMustBeSecure restriction.This also adds SameSite=None test coverage to a couple
places that didn't already have it.Bug: 953306, 954551, 961439
Change-Id: I50ea7a6fb73969acf9ba3088310d7d246bc11a05
Reviewed-on: https://chromium-review.googlesource.com/1691522
WPT-Export-Revision: 9c62bf4baaabd716fc0a65a3985ff30c1350853e
Assignee | ||
Updated•5 years ago
|
Assignee | ||
Comment 1•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=1c3e9da69b371294ae0379a5408ee6a8e88b7477
Assignee | ||
Comment 2•5 years ago
|
||
Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=6bdd70f0292772448826561a0b7ae105828a1f09
Updated•5 years ago
|
Assignee | ||
Updated•5 years ago
|
Assignee | ||
Comment 3•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=d6c0b1ba6d0c8e2fe7855db86059f6c2e126b5e3
Assignee | ||
Comment 4•5 years ago
|
||
Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=a43eff58b3b285c3fab36854cb60ab43a11966ad
Updated•5 years ago
|
Assignee | ||
Updated•5 years ago
|
Updated•5 years ago
|
Assignee | ||
Comment 5•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=954d5a00ad4b7f78b652b5de2661c5f8c0376e21
Assignee | ||
Comment 6•5 years ago
|
||
Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=a5b577f1afaa6657287337cab21d16a4d128091d
Assignee | ||
Updated•5 years ago
|
Assignee | ||
Comment 7•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=0f39a3c49b4840c6322aaa5293eef2a371c14354
Assignee | ||
Comment 8•5 years ago
|
||
Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=2bb19406902a5d4f136f025652bea157e4853c65
Updated•5 years ago
|
Assignee | ||
Comment 9•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=6d145dc61d3e391d3d91df167a42203b6f0452da
Assignee | ||
Comment 10•5 years ago
|
||
Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=f31b4735c62aa86a13414e3c2744d734dacee5c4
Assignee | ||
Comment 11•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=eb55329d3e8ce498ae359ce5d7da76382e43f20d
Assignee | ||
Comment 12•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=e79fa085ec56be1ac22b19e5c55499ba4c428ebf
Assignee | ||
Comment 13•5 years ago
|
||
Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=eb3eeb1ff63a825d94f45471b7b4e8cba98cf4c0
Assignee | ||
Comment 14•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=01c6b7b97554d0eb7ac8e96debb3d05fd8e87f9f
Assignee | ||
Comment 15•5 years ago
|
||
Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=2baa1941da8075d39f119e74c33916d4b686b077
Assignee | ||
Comment 16•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=83c56a4abb20638bd808723ec18597d865c0284b
Assignee | ||
Comment 17•5 years ago
|
||
Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=df6429e175c5e7aec5c576ee2449d1650382cd09
Assignee | ||
Comment 18•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=44e3de06e67f5ed3fe4b7abc7a15c28bf3d91f96
Assignee | ||
Comment 19•5 years ago
|
||
Ran 34 tests and 267[android-em-7.0-x86_64-debug-geckoview,android-em-7.0-x86_64-opt-geckoview], 261[linux32-shippable-opt,linux64-asan-opt,linux64-debug,linux64-opt,linux64-qr-debug,linux64-qr-opt,linux64-shippable-opt,linux64-shippable-qr-opt,windows10-64-debug,windows10-64-opt,windows10-64-qr-debug,windows10-64-qr-opt,windows10-64-shippable-opt,windows10-64-shippable-qr-opt,windows7-32-debug,windows7-32-opt,windows7-32-shippable-opt] subtests OK : 32 PASS : 223 FAIL : 38 TIMEOUT: 4[android-em-7.0-x86_64-debug-geckoview,android-em-7.0-x86_64-opt-geckoview] ERROR : 2[linux32-shippable-opt,linux64-asan-opt,linux64-debug,linux64-opt,linux64-qr-debug,linux64-qr-opt,linux64-shippable-opt,linux64-shippable-qr-opt,windows10-64-debug,windows10-64-opt,windows10-64-qr-debug,windows10-64-qr-opt,windows10-64-shippable-opt,windows10-64-shippable-qr-opt,windows7-32-debug,windows7-32-opt,windows7-32-shippable-opt] NOTRUN : 4[android-em-7.0-x86_64-debug-geckoview,android-em-7.0-x86_64-opt-geckoview] New tests that have failures or other problems: /cookies/samesite/fetch.https.html Cross-site fetches are cross-site: FAIL Cross-site redirecting to cross-site fetches are cross-site: FAIL Cross-site redirecting to same-host fetches are strictly same-site: FAIL Cross-site redirecting to subdomain fetches are strictly same-site: FAIL Same-host redirecting to cross-site fetches are cross-site: FAIL Subdomain redirecting to cross-site fetches are cross-site: FAIL /cookies/samesite/fetch.https.html?legacy-samesite Cross-site redirecting to same-host fetches are strictly same-site: FAIL Cross-site redirecting to subdomain fetches are strictly same-site: FAIL /cookies/samesite/form-get-blank.https.html Cross-site redirecting to same-host top-level form GETs are strictly same-site: FAIL Cross-site redirecting to subdomain top-level form GETs are strictly same-site: FAIL /cookies/samesite/form-get-blank.https.html?legacy-samesite Cross-site redirecting to same-host top-level form GETs are strictly same-site: FAIL Cross-site redirecting to subdomain top-level form GETs are strictly same-site: FAIL /cookies/samesite/form-post-blank-reload.https.html: TIMEOUT[android-em-7.0-x86_64-debug-geckoview,android-em-7.0-x86_64-opt-geckoview], ERROR[linux32-shippable-opt,linux64-asan-opt,linux64-debug,linux64-opt,linux64-qr-debug,linux64-qr-opt,linux64-shippable-opt,linux64-shippable-qr-opt,windows10-64-debug,windows10-64-opt,windows10-64-qr-debug,windows10-64-qr-opt,windows10-64-shippable-opt,windows10-64-shippable-qr-opt,windows7-32-debug,windows7-32-opt,windows7-32-shippable-opt] Reloaded cross-site top-level form POSTs are not same-site: NOTRUN[android-em-7.0-x86_64-debug-geckoview,android-em-7.0-x86_64-opt-geckoview] Reloaded same-host top-level form POSTs are strictly same-site: TIMEOUT[android-em-7.0-x86_64-debug-geckoview,android-em-7.0-x86_64-opt-geckoview] Reloaded subdomain top-level form POSTs are strictly same-site: NOTRUN[android-em-7.0-x86_64-debug-geckoview,android-em-7.0-x86_64-opt-geckoview] /cookies/samesite/form-post-blank-reload.https.html?legacy-samesite: TIMEOUT[android-em-7.0-x86_64-debug-geckoview,android-em-7.0-x86_64-opt-geckoview], ERROR[linux32-shippable-opt,linux64-asan-opt,linux64-debug,linux64-opt,linux64-qr-debug,linux64-qr-opt,linux64-shippable-opt,linux64-shippable-qr-opt,windows10-64-debug,windows10-64-opt,windows10-64-qr-debug,windows10-64-qr-opt,windows10-64-shippable-opt,windows10-64-shippable-qr-opt,windows7-32-debug,windows7-32-opt,windows7-32-shippable-opt] Reloaded cross-site top-level form POSTs are not same-site: NOTRUN[android-em-7.0-x86_64-debug-geckoview,android-em-7.0-x86_64-opt-geckoview] Reloaded same-host top-level form POSTs are strictly same-site: TIMEOUT[android-em-7.0-x86_64-debug-geckoview,android-em-7.0-x86_64-opt-geckoview] Reloaded subdomain top-level form POSTs are strictly same-site: NOTRUN[android-em-7.0-x86_64-debug-geckoview,android-em-7.0-x86_64-opt-geckoview] /cookies/samesite/form-post-blank.https.html Cross-site redirecting to cross-site top-level form POSTs are cross-site: FAIL Cross-site redirecting to same-host top-level form POSTs are strictly same-site: FAIL Cross-site redirecting to subdomain top-level form POSTs are strictly same-site: FAIL Cross-site top-level form POSTs are cross-site: FAIL Same-host redirecting to cross-site top-level form POSTs are cross-site: FAIL Subdomain redirecting to cross-site top-level form POSTs are cross-site: FAIL /cookies/samesite/form-post-blank.https.html?legacy-samesite Cross-site redirecting to same-host top-level form POSTs are strictly same-site: FAIL Cross-site redirecting to subdomain top-level form POSTs are strictly same-site: FAIL /cookies/samesite/iframe-reload.https.html Reloaded cross-site fetches are cross-site: FAIL /cookies/samesite/iframe.https.html Cross-site fetches are cross-site: FAIL Cross-site redirecting to cross-site fetches are cross-site: FAIL Cross-site redirecting to same-host fetches are strictly same-site: FAIL Cross-site redirecting to subdomain fetches are strictly same-site: FAIL Same-host redirecting to cross-site fetches are cross-site: FAIL Subdomain redirecting to cross-site fetches are cross-site: FAIL /cookies/samesite/iframe.https.html?legacy-samesite Cross-site redirecting to same-host fetches are strictly same-site: FAIL Cross-site redirecting to subdomain fetches are strictly same-site: FAIL /cookies/samesite/img.https.html Cross-site images are cross-site: FAIL Cross-site redirecting to cross-site images are cross-site: FAIL Cross-site redirecting to same-host images are strictly same-site: FAIL Cross-site redirecting to subdomain images are strictly same-site: FAIL Same-host redirecting to cross-site images are cross-site: FAIL Subdomain redirecting to cross-site images are cross-site: FAIL /cookies/samesite/img.https.html?legacy-samesite Cross-site redirecting to same-host images are strictly same-site: FAIL Cross-site redirecting to subdomain images are strictly same-site: FAIL /cookies/samesite/setcookie-lax.https.html Cross-site window shouldn't be able to set `SameSite=Lax` or `SameSite=Strict` cookies.: FAIL
Assignee | ||
Comment 20•5 years ago
|
||
Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=72ea9a28d6de42823753cf302d5c08cf608de479
Comment 21•5 years ago
|
||
Pushed by wptsync@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/e0a7d47faddb [wpt PR 17986] - Add cookie SameSite features to experimental web platform features, a=testonly https://hg.mozilla.org/integration/mozilla-inbound/rev/a2a802a992a0 [wpt PR 17986] - Update wpt metadata, a=testonly
Comment 22•5 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/e0a7d47faddb
https://hg.mozilla.org/mozilla-central/rev/a2a802a992a0
Description
•