Closed Bug 1624639 Opened 5 months ago Closed 3 months ago

[wpt-sync] Sync PR 22420 - UpgradeInsecureRequest: Add WPTs for static-import in dedicated/shared workers

Categories

(Core :: DOM: Security, task, P4)

task

Tracking

()

RESOLVED FIXED
mozilla77
Tracking Status
firefox77 --- fixed

People

(Reporter: mozilla.org, Unassigned)

References

()

Details

(Whiteboard: [wptsync downstream][domsecurity-backlog])

Sync web-platform-tests PR 22420 into mozilla-central (this bug is closed when the sync is complete).

PR: https://github.com/web-platform-tests/wpt/pull/22420
Details from upstream follow.

Eriko Kurimoto <elkurin@google.com> wrote:

UpgradeInsecureRequest: Add WPTs for static-import in dedicated/shared workers

This CL adds upgrade-insecure-request wpts to test static-import from
dedicated workers and shared workers.

The test scheme is implemented in the previous CL:
https://chromium-review.googlesource.com/c/chromium/src/+/2102036.
This CL only removes 'worker-import' and 'sharedworker-import' from
the excluded subresource list in spec.src.json and auto-generates tests.

Bug: 989399
Change-Id: I3b799d7743306a8b5fca0d7292360a88d9b36ded

Reviewed-on: https://chromium-review.googlesource.com/2117591
WPT-Export-Revision: 8d5cb7285859c3f3a144c1ab8570712a6c660dff

PR 22420 applied with additional changes from upstream: 451adc0f8a2a76b97c74ff3471b0e068164e9eb8
Component: web-platform-tests → DOM: Security
Product: Testing → Core
Whiteboard: [wptsync downstream] → [wptsync downstream][domsecurity-backlog]
Whiteboard: [wptsync downstream][domsecurity-backlog] → [wptsync downstream]
Whiteboard: [wptsync downstream] → [wptsync downstream][domsecurity-backlog]
Status: NEW → RESOLVED
Closed: 5 months ago
Resolution: --- → INVALID
Whiteboard: [wptsync downstream][domsecurity-backlog] → [wptsync downstream]
Status: RESOLVED → REOPENED
Resolution: INVALID → ---
Whiteboard: [wptsync downstream] → [wptsync downstream][domsecurity-backlog]

CI Results

Ran 13 Firefox configurations based on mozilla-central, and Firefox, Chrome, and Safari on GitHub CI

Total 60 tests

Status Summary

Firefox

OK : 14
PASS: 36[GitHub] 82[Gecko-android-em-7.0-x86_64-debug-geckoview, Gecko-android-em-7.0-x86_64-opt-geckoview, Gecko-linux1804-64-asan-opt, Gecko-linux1804-64-debug, Gecko-linux1804-64-opt, Gecko-linux1804-64-qr-debug, Gecko-linux1804-64-qr-opt, Gecko-windows10-64-debug, Gecko-windows10-64-opt, Gecko-windows10-64-qr-debug, Gecko-windows10-64-qr-opt, Gecko-windows7-32-debug, Gecko-windows7-32-opt]
FAIL: 48

Chrome

OK : 14
PASS: 84

Safari

OK : 14
PASS: 36
FAIL: 48

Links

Gecko CI (Treeherder)
GitHub PR Head
GitHub PR Base

Details

New Tests That Don't Pass

/upgrade-insecure-requests/gen/top.http-rp/upgrade/worker-import.https.html
Upgrade-Insecure-Requests: Expects allowed for worker-import to cross-http-downgrade origin and no-redirect redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for worker-import to same-http-downgrade origin and no-redirect redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for worker-import to cross-http-downgrade origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for worker-import to same-https origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for worker-import to same-http-downgrade origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for worker-import to cross-https origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
/upgrade-insecure-requests/gen/srcdoc-inherit.meta/upgrade/worker-import.https.html
Upgrade-Insecure-Requests: Expects allowed for worker-import to cross-http-downgrade origin and no-redirect redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for worker-import to same-http-downgrade origin and no-redirect redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for worker-import to cross-http-downgrade origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for worker-import to same-https origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for worker-import to same-http-downgrade origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for worker-import to cross-https origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
/upgrade-insecure-requests/gen/top.meta/upgrade/worker-import.https.html
Upgrade-Insecure-Requests: Expects allowed for worker-import to cross-http-downgrade origin and no-redirect redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for worker-import to same-http-downgrade origin and no-redirect redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for worker-import to cross-http-downgrade origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for worker-import to same-https origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for worker-import to same-http-downgrade origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for worker-import to cross-https origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
/upgrade-insecure-requests/gen/top.http-rp/upgrade/sharedworker-import.https.html
Upgrade-Insecure-Requests: Expects allowed for sharedworker-import to cross-http-downgrade origin and no-redirect redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for sharedworker-import to same-http-downgrade origin and no-redirect redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for sharedworker-import to same-http-downgrade origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for sharedworker-import to cross-http-downgrade origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for sharedworker-import to same-https origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for sharedworker-import to cross-https origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
/upgrade-insecure-requests/gen/top.meta/upgrade/sharedworker-import.https.html
Upgrade-Insecure-Requests: Expects allowed for sharedworker-import to cross-http-downgrade origin and no-redirect redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for sharedworker-import to same-http-downgrade origin and no-redirect redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for sharedworker-import to same-http-downgrade origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for sharedworker-import to cross-http-downgrade origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for sharedworker-import to same-https origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for sharedworker-import to cross-https origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
/upgrade-insecure-requests/gen/iframe-blank-inherit.meta/upgrade/worker-import.https.html
Upgrade-Insecure-Requests: Expects allowed for worker-import to cross-http-downgrade origin and no-redirect redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for worker-import to same-http-downgrade origin and no-redirect redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for worker-import to cross-http-downgrade origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for worker-import to same-https origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for worker-import to same-http-downgrade origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for worker-import to cross-https origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
/upgrade-insecure-requests/gen/iframe-blank-inherit.meta/upgrade/sharedworker-import.https.html
Upgrade-Insecure-Requests: Expects allowed for sharedworker-import to cross-http-downgrade origin and no-redirect redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for sharedworker-import to same-http-downgrade origin and no-redirect redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for sharedworker-import to same-http-downgrade origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for sharedworker-import to cross-http-downgrade origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for sharedworker-import to same-https origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for sharedworker-import to cross-https origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
/upgrade-insecure-requests/gen/srcdoc-inherit.meta/upgrade/sharedworker-import.https.html
Upgrade-Insecure-Requests: Expects allowed for sharedworker-import to cross-http-downgrade origin and no-redirect redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for sharedworker-import to same-http-downgrade origin and no-redirect redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for sharedworker-import to same-http-downgrade origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for sharedworker-import to cross-http-downgrade origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for sharedworker-import to same-https origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)
Upgrade-Insecure-Requests: Expects allowed for sharedworker-import to cross-https origin and downgrade redirection from https context.: FAIL (Chrome: PASS, Safari: FAIL)

Pushed by wptsync@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/a443c75e0008
[wpt PR 22420] - UpgradeInsecureRequest: Add WPTs for static-import in dedicated/shared workers, a=testonly
https://hg.mozilla.org/integration/autoland/rev/29dc91bbd90b
[wpt PR 22420] - Update wpt metadata, a=testonly
Pushed by archaeopteryx@coole-files.de:
https://hg.mozilla.org/integration/autoland/rev/c8a73e5e6175
[wpt PR 22420] - UpgradeInsecureRequest: Add WPTs for static-import in dedicated/shared workers, a=testonly
https://hg.mozilla.org/integration/autoland/rev/281803e90f21
[wpt PR 22420] - Update wpt metadata, a=testonly
Status: REOPENED → RESOLVED
Closed: 5 months ago3 months ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla77
You need to log in before you can comment on or make changes to this bug.