Closed Bug 1738383 Opened 3 years ago Closed 3 years ago

[wpt-sync] Sync PR 31430 - Reland "Fetch: Plumb request initiator through passthrough service workers."

Categories

(Core :: DOM: Service Workers, task, P4)

Product:
Core
Component:
DOM: Service Workers
Type:
task

Tracking

()

Status:
RESOLVED FIXED
Milestone:
96 Branch
Tracking Flags:
Tracking Status
firefox96 --- fixed

People

(Reporter: wpt-sync, Unassigned)

References

(
URL
)

Details

(Whiteboard: [wptsync downstream])

Sync web-platform-tests PR 31430 into mozilla-central (this bug is closed when the sync is complete).

PR: https://github.com/web-platform-tests/wpt/pull/31430
Details from upstream follow.

Ben Kelly <wanderview@chromium.org> wrote:

Reland "Fetch: Plumb request initiator through passthrough service workers."

This is a reland of da0a6501cf321579bd46a27ff9fba1bb8ea910bb

Original change's description:

Fetch: Plumb request initiator through passthrough service workers.

This CL contains essentially two changes:

  1. The request initiator origin is plumbed through service workers
    that do fetch(evt.request). In addition to plumbing, this
    requires changes to how we validate navigation requests in the
    CorsURLLoaderFactory.
  2. Tracks the original destination of a request passed through a
    service worker. This is then used in the network service to force
    SameSite=Lax cookies to treat the request as a main frame navigation
    where appropriate.

For more detailed information about these changes please see the
internal design doc at:

https://docs.google.com/document/d/1KZscujuV7bCFEnzJW-0DaCPU-I40RJimQKoCcI0umTQ/edit?usp=sharing

In addition, there is some discussion of these features in the following
spec issues:

https://github.com/whatwg/fetch/issues/1321
https://github.com/whatwg/fetch/issues/1327

The test includes WPT tests that verify navigation headers and SameSite
cookies. Note, chrome has a couple expected failures in the SameSite
cookie tests because of the "lax-allowing-unsafe" intervention that is
currently enabled. See:

https://source.chromium.org/chromium/chromium/src/+/main:third_party/blink/web_tests/TestExpectations;l=4635;drc=e8133cbf2469adb99c6610483ab78bcfb8cc4c76

Bug: 1115847,1241188
Change-Id: I7e236fa20aeabb705aef40fcf8d5c36da6d2798c
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3115917
Reviewed-by: Matt Menke \<mmenke@chromium.org>
Reviewed-by: Yutaka Hirano \<yhirano@chromium.org>
Reviewed-by: Nasko Oskov \<nasko@chromium.org>
Reviewed-by: Łukasz Anforowicz \<lukasza@chromium.org>
Commit-Queue: Ben Kelly \<wanderview@chromium.org>
Cr-Commit-Position: refs/heads/main@{#936029}

Bug: 1115847,1241188
Change-Id: Ia26acbdd0d7ce6583d9a44f83ed086708657b8bd

Reviewed-on: https://chromium-review.googlesource.com/3251368
WPT-Export-Revision: 9086eb9449ecad8800be9ebbfa3bdf7b5e6f88b9

Component: web-platform-tests → DOM: Service Workers
Product: Testing → Core

CI Results

Ran 11 Firefox configurations based on mozilla-central, and Firefox, Chrome, and Safari on GitHub CI

Total 14 tests and 10 subtests

Status Summary

Firefox

OK : 13
PASS : 328
FAIL : 20
TIMEOUT: 2
NOTRUN : 25

Chrome

OK : 14
PASS : 352
FAIL : 22

Safari

OK : 13
PASS : 319
FAIL : 54
TIMEOUT: 2

Links

Gecko CI (Treeherder)
GitHub PR Head
GitHub PR Base

Details

Firefox-only Failures

/service-workers/service-worker/fetch-csp.https.html
Verify CSP control of fetch() in a Service Worker: FAIL
/service-workers/service-worker/same-site-cookies.https.html: TIMEOUT
same-origin, window.open with passthrough: TIMEOUT
same-origin, window.open with change-request: NOTRUN
same-site, window.open with no service worker: NOTRUN
same-site, window.open with fallback: NOTRUN
same-site, window.open with passthrough: NOTRUN
same-site, window.open with change-request: NOTRUN
same-origin, form post with no service worker: NOTRUN
same-origin, form post with fallback: NOTRUN
same-origin, form post with passthrough: NOTRUN
same-origin, form post with change-request: NOTRUN
same-site, form post with no service worker: NOTRUN
same-site, form post with fallback: NOTRUN
same-site, form post with passthrough: NOTRUN
same-site, form post with change-request: NOTRUN
Cleanup service workers: NOTRUN

New Tests That Don't Pass

/service-workers/service-worker/fetch-csp.https.html
Verify CSP control of fetch() in a Service Worker: FAIL (Chrome: PASS, Safari: PASS)
/service-workers/service-worker/navigation-headers.https.html
GET Navigation, same-origin with navpreload service worker sets correct origin and referer headers.: FAIL (Chrome: PASS, Safari: FAIL)
POST Navigation, same-site with passthrough service worker sets correct origin and referer headers.: FAIL (Chrome: FAIL, Safari: PASS)
GET Navigation, same-site with navpreload service worker sets correct origin and referer headers.: FAIL (Chrome: PASS, Safari: FAIL)
POST Navigation, cross-site with passthrough service worker sets correct origin and referer headers.: FAIL (Chrome: FAIL, Safari: PASS)
GET Navigation, cross-site with navpreload service worker sets correct origin and referer headers.: FAIL (Chrome: PASS, Safari: FAIL)
GET Navigation, same-origin with passthrough service worker sets correct sec-fetch headers.: FAIL (Chrome: FAIL, Safari: FAIL)
POST Navigation, same-origin with passthrough service worker sets correct sec-fetch headers.: FAIL (Chrome: FAIL, Safari: FAIL)
GET Navigation, same-origin with navpreload service worker sets correct sec-fetch headers.: FAIL (Chrome: PASS, Safari: FAIL)
GET Navigation, same-site with passthrough service worker sets correct sec-fetch headers.: FAIL (Chrome: FAIL, Safari: FAIL)
POST Navigation, same-site with passthrough service worker sets correct sec-fetch headers.: FAIL (Chrome: FAIL, Safari: FAIL)
GET Navigation, same-site with navpreload service worker sets correct sec-fetch headers.: FAIL (Chrome: PASS, Safari: FAIL)
GET Navigation, cross-site with passthrough service worker sets correct sec-fetch headers.: FAIL (Chrome: FAIL, Safari: FAIL)
POST Navigation, cross-site with passthrough service worker sets correct sec-fetch headers.: FAIL (Chrome: FAIL, Safari: FAIL)
GET Navigation, cross-site with navpreload service worker sets correct sec-fetch headers.: FAIL (Chrome: PASS, Safari: FAIL)
/service-workers/service-worker/navigation-redirect-resolution.https.html
test relative opaqueredirect: FAIL (Chrome: FAIL, Safari: PASS)
test relative opaqueredirect with CacheStorage: FAIL (Chrome: FAIL, Safari: PASS)
test relative opaqueredirect with clone: FAIL (Chrome: FAIL, Safari: PASS)
/service-workers/service-worker/next-hop-protocol.https.html
nextHopProtocol reports H1 correctly when routed via a service worker.: FAIL (Chrome: PASS, Safari: FAIL)
nextHopProtocol reports H2 correctly when routed via a service worker.: FAIL (Chrome: FAIL, Safari: FAIL)
/service-workers/service-worker/same-site-cookies.https.html: TIMEOUT (Chrome: OK, Safari: OK)
same-origin, window.open with passthrough: TIMEOUT (Chrome: PASS, Safari: PASS)
same-origin, window.open with change-request: NOTRUN (Chrome: PASS, Safari: PASS)
same-origin, window.open with navpreload: NOTRUN (Chrome: PASS, Safari: FAIL)
same-site, window.open with no service worker: NOTRUN (Chrome: PASS, Safari: PASS)
same-site, window.open with fallback: NOTRUN (Chrome: PASS, Safari: PASS)
same-site, window.open with passthrough: NOTRUN (Chrome: PASS, Safari: PASS)
same-site, window.open with change-request: NOTRUN (Chrome: PASS, Safari: PASS)
same-site, window.open with navpreload: NOTRUN (Chrome: PASS, Safari: FAIL)
cross-site, window.open with no service worker: NOTRUN (Chrome: PASS, Safari: FAIL)
cross-site, window.open with fallback: NOTRUN (Chrome: PASS, Safari: FAIL)
cross-site, window.open with passthrough: NOTRUN (Chrome: FAIL, Safari: FAIL)
cross-site, window.open with change-request: NOTRUN (Chrome: PASS, Safari: FAIL)
cross-site, window.open with navpreload: NOTRUN (Chrome: PASS, Safari: FAIL)
same-origin, form post with no service worker: NOTRUN (Chrome: PASS, Safari: PASS)
same-origin, form post with fallback: NOTRUN (Chrome: PASS, Safari: PASS)
same-origin, form post with passthrough: NOTRUN (Chrome: PASS, Safari: PASS)
same-origin, form post with change-request: NOTRUN (Chrome: PASS, Safari: PASS)
same-site, form post with no service worker: NOTRUN (Chrome: PASS, Safari: PASS)
same-site, form post with fallback: NOTRUN (Chrome: PASS, Safari: PASS)
same-site, form post with passthrough: NOTRUN (Chrome: PASS, Safari: PASS)
same-site, form post with change-request: NOTRUN (Chrome: PASS, Safari: PASS)
cross-site, form post with no service worker: NOTRUN (Chrome: FAIL, Safari: FAIL)
cross-site, form post with fallback: NOTRUN (Chrome: FAIL, Safari: FAIL)
cross-site, form post with passthrough: NOTRUN (Chrome: FAIL, Safari: FAIL)
cross-site, form post with change-request: NOTRUN (Chrome: PASS, Safari: FAIL)
Cleanup service workers: NOTRUN (Chrome: PASS, Safari: PASS)

Pushed by wptsync@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/c4b5aadbff90 [wpt PR 31430] - Reland "Fetch: Plumb request initiator through passthrough service workers.", a=testonly https://hg.mozilla.org/integration/autoland/rev/598b9a40bdeb [wpt PR 31430] - Update wpt metadata, a=testonly

https://hg.mozilla.org/mozilla-central/rev/c4b5aadbff90
https://hg.mozilla.org/mozilla-central/rev/598b9a40bdeb

Status: NEW → RESOLVED
Closed: 3 years ago
status-firefox96: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 96 Branch
You need to log in before you can comment on or make changes to this bug.