Closed Bug 1656692 Opened 5 years ago Closed 5 years ago

[wpt-sync] Sync PR 24842 - Reland "Origin isolation: a new strategy for window.originIsolationRestricted"

Categories

(Testing :: web-platform-tests, task, P4)

Product:
Testing
Component:
web-platform-tests
Type:
task

Tracking

(firefox81 fixed)

Status:
RESOLVED FIXED
Milestone:
81 Branch
Tracking Flags:
Tracking Status
firefox81 --- fixed

People

(Reporter: wpt-sync, Unassigned)

References

(
URL
)

Details

(Whiteboard: [wptsync downstream])

Sync web-platform-tests PR 24842 into mozilla-central (this bug is closed when the sync is complete).

PR: https://github.com/web-platform-tests/wpt/pull/24842
Details from upstream follow.

Domenic Denicola <domenic@chromium.org> wrote:

Reland "Origin isolation: a new strategy for window.originIsolationRestricted"

This is a reland of 7ac0b9ed68d57270b680e39b9e21e1ede1b8c774

Navigation test flakiness continues, so relanding.

Original change's description:

Origin isolation: a new strategy for window.originIsolationRestricted

In https://chromium-review.googlesource.com/c/chromium/src/+/2243994 I
introduced an implementation for window.originIsolationRestricted which
pipes the isolation state from NavigationRequest to the navigated-to
LocalDOMWindow. However, this does not work for the case of the initial
about:blank, where no navigation is performed. Furthermore, it does not
match the spec, where the Window property just reflects an agent
cluster-wide property.

This CL introduces an alternate approach, more similar to what is done
for self.crossOriginIsolated in
https://chromium-review.googlesource.com/c/chromium/src/+/2247463, which
is another agent cluster-wide value. The origin isolation state is
stored in the renderer-side Agent class. Then the LocalDOMWindow getter
can just pick it up from the surrounding agent, as in the spec. Note
that unlike the implementation for self.crossOriginIsolated, the value
is per-Agent instead of static (process-wide).

Currently the value is set several times per agent (roughly once on
every navigation). This is redundant, but we don't yet have a good place
to set it once (i.e., we don't have a browser-side "time of agent
creation"). If that gets fixed, we can likely stop piping the value
through navigation params. See
https://docs.google.com/document/d/1MTnmyWAoAIKDH4yWaRthIUdi05MsjlML8gctvKP7-h8/edit
for discussions around fixing that.

This fixes the issue with about:blank iframes embedded in origin-isolated
pages reporting false, because the agent's origin-isolated boolean was
previously set to true by the containing frame.

This does not yet fix the issue with data: URLs reporting false, tested in
external/wpt/origin-isolation/getter-special-cases/data-url.https.html.
However, that will be doable as a followup, by changing the
navigation-time computation to pass true for them instead of false.
(Currently it passes false because data: URLs don't get their own
process, but it should pass true because they do get their own agent
cluster.)

Bug: 1095653
Change-Id: I8dfa8fc4a4766efc0611d43a255673662c422776
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2300237
Commit-Queue: Domenic Denicola \<domenic@chromium.org>
Reviewed-by: Charlie Reis \<creis@chromium.org>
Reviewed-by: Daniel Cheng \<dcheng@chromium.org>
Cr-Commit-Position: refs/heads/master@{#793799}

Bug: 1095653
Change-Id: Ib061cd0832353bee4f77219628534b64d7a3637e

Reviewed-on: https://chromium-review.googlesource.com/2333750
WPT-Export-Revision: a7e1d5695d1234c153815e6a7aec011c82e48586

CI Results

Ran 12 Firefox configurations based on mozilla-central, and Firefox, Chrome, and Safari on GitHub CI

Total 1 tests and 9 subtests

Status Summary

Firefox

ERROR : 1
NOTRUN: 9

Chrome

OK : 1
PASS : 8
FAIL : 1

Safari

OK : 1
PASS : 2
FAIL : 7

Links

Gecko CI (Treeherder)
GitHub PR Head
GitHub PR Base

Details

Firefox-only Failures

/origin-isolation/about-blank.https.sub.html: ERROR
parent to about:blank: setting document.domain must give sync access: NOTRUN
parent to about:blank: message event must occur: NOTRUN

New Tests That Don't Pass

/origin-isolation/about-blank.https.sub.html: ERROR (Chrome: OK, Safari: OK)
about:blank to child2: messageerror event must occur: NOTRUN (Chrome: PASS, Safari: FAIL)
about:blank: originIsolationRestricted must equal true: NOTRUN (Chrome: FAIL, Safari: FAIL)
parent to about:blank: setting document.domain must give sync access: NOTRUN (Chrome: PASS, Safari: PASS)
parent: originIsolationRestricted must equal true: NOTRUN (Chrome: PASS, Safari: FAIL)
parent to about:blank: message event must occur: NOTRUN (Chrome: PASS, Safari: PASS)
about:blank to child2: setting document.domain must not give sync access: NOTRUN (Chrome: PASS, Safari: FAIL)
child2: originIsolationRestricted must equal false: NOTRUN (Chrome: PASS, Safari: FAIL)
child2 to about:blank: setting document.domain must not give sync access: NOTRUN (Chrome: PASS, Safari: FAIL)
child2 to about:blank: messageerror event must occur: NOTRUN (Chrome: PASS, Safari: FAIL)

Pushed by wptsync@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/783aac94d5c8 [wpt PR 24842] - Reland "Origin isolation: a new strategy for window.originIsolationRestricted", a=testonly
Pushed by wptsync@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/c82049810012 [wpt PR 24842] - Reland "Origin isolation: a new strategy for window.originIsolationRestricted", a=testonly

https://hg.mozilla.org/mozilla-central/rev/c82049810012

Status: NEW → RESOLVED
Closed: 5 years ago
status-firefox81: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 81 Branch
Regressions: 1659308
You need to log in before you can comment on or make changes to this bug.