Closed Bug 1740441 Opened 3 years ago Closed 2 years ago

[wpt-sync] Sync PR 31578 - CSP: Do not strip non webby URL in reports.

Categories

(Core :: DOM: Security, task, P4)

Product:
Core
Component:
DOM: Security
Type:
task

Tracking

()

Status:
RESOLVED FIXED
Milestone:
96 Branch
Tracking Flags:
Tracking Status
firefox96 --- fixed

People

(Reporter: mozilla.org, Unassigned)

References

(
URL
)

Details

(Whiteboard: [wptsync downstream])

Sync web-platform-tests PR 31578 into mozilla-central (this bug is closed when the sync is complete).

PR: https://github.com/web-platform-tests/wpt/pull/31578
Details from upstream follow.

Arthur Sonzogni <arthursonzogni@chromium.org> wrote:

CSP: Do not strip non webby URL in reports.

In https://crbug.com/1264789, developers complained non HTTP/HTTPS URLs
are not included in reports.

The restriction was mostly introduced by:
https://codereview.chromium.org/2002943002
for convenience, in order to reuse KURL::StrippedForUseAsReferrer.

The drawback is that "webpack://node_modules/sample/script4.js" is
transformed into "webpack:", since its protocol is not http/https.

This patch removes this restriction, by rewritting our own version of
StrippedForUseAsReferrer, without the inconvenience.

Most importantly, this adds 14 WPT test cases.

Fixed:1264789
Bug:1264789
Change-Id: Ia967c3122915a37b119321bb327e6c969d649020
Reviewed-on: https://chromium-review.googlesource.com/3263879
WPT-Export-Revision: a86f36f8fcd7743aadce26fc30500dcbacf4cb6f

Component: web-platform-tests → DOM: Security
Product: Testing → Core
Whiteboard: [wptsync downstream] → [wptsync downstream][domsecurity-backlog]
PR 31578 applied with additional changes from upstream: 10674aea9e50cc0057270d6c64b2452dd5f12fe4
Whiteboard: [wptsync downstream][domsecurity-backlog] → [wptsync downstream error]
Whiteboard: [wptsync downstream error] → [wptsync downstream error][domsecurity-backlog]
Whiteboard: [wptsync downstream error][domsecurity-backlog] → [wptsync downstream]
Whiteboard: [wptsync downstream] → [wptsync downstream error]
Whiteboard: [wptsync downstream error] → [wptsync downstream]

CI Results

Ran 11 Firefox configurations based on mozilla-central, and Firefox, Chrome, and Safari on GitHub CI

Total 2 tests and 17 subtests

Status Summary

Firefox

OK : 1
PASS : 3
FAIL : 1
ERROR: 1

Chrome

OK : 2
PASS : 15
FAIL : 6

Safari

OK : 1
FAIL : 4
ERROR: 1

Links

Gecko CI (Treeherder)
GitHub PR Head
GitHub PR Base

Details

New Tests That Don't Pass

/content-security-policy/securitypolicyviolation/blockeduri-ws-wss-scheme.html
redirect: FAIL (Chrome: FAIL, Safari: FAIL)
/content-security-policy/securitypolicyviolation/source-file.html: ERROR (Chrome: OK, Safari: ERROR)

Pushed by wptsync@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/8ed8ed8df30e
[wpt PR 31578] - CSP: Do not strip non webby URL in reports., a=testonly
https://hg.mozilla.org/integration/autoland/rev/38a2d18f54f0
[wpt PR 31578] - Update wpt metadata, a=testonly

https://hg.mozilla.org/mozilla-central/rev/8ed8ed8df30e
https://hg.mozilla.org/mozilla-central/rev/38a2d18f54f0

Status: NEW → RESOLVED
Closed: 2 years ago
status-firefox96: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 96 Branch
You need to log in before you can comment on or make changes to this bug.