Closed Bug 1750566 Opened 3 years ago Closed 3 years ago

[wpt-sync] Sync PR 32413 - AnonymousIframe: Check FencedFrame Interaction (3/3)

Categories

(Core :: DOM: Core & HTML, task, P4)

Product:
Core
Component:
DOM: Core & HTML
Type:
task

Tracking

()

Status:
RESOLVED FIXED
Milestone:
99 Branch
Tracking Flags:
Tracking Status
firefox99 --- fixed

People

(Reporter: wpt-sync, Unassigned)

References

(Depends on 1 open bug,
URL
)

Details

(Whiteboard: [wptsync downstream])

Sync web-platform-tests PR 32413 into mozilla-central (this bug is closed when the sync is complete).

PR: https://github.com/web-platform-tests/wpt/pull/32413
Details from upstream follow.

Arthur Sonzogni <arthursonzogni@chromium.org> wrote:

AnonymousIframe: Check FencedFrame Interaction (3/3)

Add a WPT:
It shows you can bypass fencedframe using the anonymous one.


                         A (this document)
   ┌────────────────────────┴──┐
 ┌─┼──────────────────────┐    D  (anonymous-iframe)
 │ B (fenced-frame)       │    ^
 │ │                      │    |
 │ C (anonymous-iframe) -->----` (BroadcastChannel)
 └────────────────────────┘

Note that the mparch implementation is working correctly, because it
uses a different content::Page.

If the shadow-dom implementation ship, this would require finding a way to use a different nonce inside the fencedframe.

Bug: 1287458
Change-Id: I8282a8acf8a0c7bf938f54ca9c0abf04215ffc5b
Reviewed-on: https://chromium-review.googlesource.com/3395556
WPT-Export-Revision: 8cc25a434dae0e958d31294d8b88c059ef9c3641

Component: web-platform-tests → DOM: Core & HTML
Product: Testing → Core
PR 32413 applied with additional changes from upstream: 98cb58fbba1515a04e35f3ed124945356344d436, b3c2359068ef8723dd3e01cbdda743f867582f3b, 3da9d044be5abc2d9fb2fe9a26f3c9f0d995f76d, e17f062698e7d1f00509c839daba60bbb59f3d6d, fd94584fa639dc75113c872807fac50e45987953, 248be3f75e10a375b30bd03af0d5dd9b0d76b990

CI Results

Ran 11 Firefox configurations based on mozilla-central, and Firefox, and Chrome on GitHub CI

Total 8 tests and 1 subtests

Status Summary

Firefox

OK : 4[Gecko-android-em-7.0-x86_64-lite-qr-debug-geckoview, Gecko-android-em-7.0-x86_64-lite-qr-opt-geckoview, Gecko-android-em-7.0-x86_64-qr-debug-geckoview, Gecko-android-em-7.0-x86_64-qr-opt-geckoview, Gecko-linux1804-64-qr-debug, Gecko-linux1804-64-qr-opt, Gecko-linux1804-64-tsan-qr-opt, Gecko-windows10-32-2004-qr-debug, Gecko-windows10-32-2004-qr-opt, Gecko-windows10-64-2004-qr-debug, Gecko-windows10-64-2004-qr-opt] 6[GitHub]
PASS : 6[Gecko-android-em-7.0-x86_64-lite-qr-debug-geckoview, Gecko-android-em-7.0-x86_64-lite-qr-opt-geckoview, Gecko-android-em-7.0-x86_64-qr-debug-geckoview, Gecko-android-em-7.0-x86_64-qr-opt-geckoview, Gecko-linux1804-64-qr-debug, Gecko-linux1804-64-qr-opt, Gecko-linux1804-64-tsan-qr-opt, Gecko-windows10-32-2004-qr-debug, Gecko-windows10-32-2004-qr-opt, Gecko-windows10-64-2004-qr-debug, Gecko-windows10-64-2004-qr-opt] 8[GitHub]
FAIL : 14[Gecko-android-em-7.0-x86_64-lite-qr-debug-geckoview, Gecko-android-em-7.0-x86_64-lite-qr-opt-geckoview, Gecko-android-em-7.0-x86_64-qr-debug-geckoview, Gecko-android-em-7.0-x86_64-qr-opt-geckoview, Gecko-linux1804-64-qr-debug, Gecko-linux1804-64-qr-opt, Gecko-linux1804-64-tsan-qr-opt, Gecko-windows10-32-2004-qr-debug, Gecko-windows10-32-2004-qr-opt, Gecko-windows10-64-2004-qr-debug, Gecko-windows10-64-2004-qr-opt] 16[GitHub]
ERROR: 2

Chrome

OK : 6
PASS : 8
FAIL : 16
ERROR: 2

Links

Gecko CI (Treeherder)
GitHub PR Head
GitHub PR Base

Details

New Tests That Don't Pass

/html/cross-origin-embedder-policy/anonymous-iframe/anonymous-iframe-popup.tentative.https.window.html
Cross-origin popup from normal/anonymous iframes.: FAIL (Chrome: FAIL)
Same-origin popup from normal/anonymous iframes.: FAIL (Chrome: FAIL)
/html/cross-origin-embedder-policy/anonymous-iframe/cookie.tentative.https.window.html
Anonymous same-origin iframe is loaded without credentials: FAIL (Chrome: FAIL)
Anonymous cross-origin iframe is loaded without credentials: FAIL (Chrome: FAIL)
same_origin anonymous iframe can't send same_origin credentials: FAIL (Chrome: FAIL)
same_origin anonymous iframe can't send cross_origin credentials: FAIL (Chrome: FAIL)
cross_origin anonymous iframe can't send cross_origin credentials: FAIL (Chrome: FAIL)
cross_origin anonymous iframe can't send same_origin credentials: FAIL (Chrome: FAIL)
same_origin anonymous iframe can't send same_origin credentials on child iframe: FAIL (Chrome: FAIL)
same_origin anonymous iframe can't send cross_origin credentials on child iframe: FAIL (Chrome: FAIL)
cross_origin anonymous iframe can't send cross_origin credentials on child iframe: FAIL (Chrome: FAIL)
cross_origin anonymous iframe can't send same_origin credentials on child iframe: FAIL (Chrome: FAIL)
/html/cross-origin-embedder-policy/anonymous-iframe/fenced-frame-bypass.tentative.https.window.html: ERROR (Chrome: ERROR)
/html/cross-origin-embedder-policy/anonymous-iframe/fenced-frame.tentative.https.window.html: ERROR (Chrome: ERROR)
/html/cross-origin-embedder-policy/anonymous-iframe/local-storage.tentative.https.window.html
same_origin anonymous iframe can't access the localStorage: FAIL (Chrome: FAIL)
cross_origin anonymous iframe can't access the localStorage: FAIL (Chrome: FAIL)
/html/cross-origin-embedder-policy/anonymous-iframe/session-storage.tentative.https.window.html
same_origin anonymous iframe can't access the sessionStorage: FAIL (Chrome: FAIL)
/html/cross-origin-embedder-policy/anonymous-iframe/web-lock.tentative.https.window.html
web-lock: FAIL (Chrome: FAIL)

Pushed by wptsync@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/c29d7175489e [wpt PR 32413] - AnonymousIframe: Check FencedFrame Interaction (3/3), a=testonly https://hg.mozilla.org/integration/autoland/rev/ed55927df9cf [wpt PR 32413] - Update wpt metadata, a=testonly
Pushed by wptsync@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/b5704301d77a [wpt PR 32413] - AnonymousIframe: Check FencedFrame Interaction (3/3), a=testonly https://hg.mozilla.org/integration/autoland/rev/ea3828995df5 [wpt PR 32413] - Update wpt metadata, a=testonly

https://hg.mozilla.org/mozilla-central/rev/b5704301d77a
https://hg.mozilla.org/mozilla-central/rev/ea3828995df5

Status: NEW → RESOLVED
Closed: 3 years ago
status-firefox99: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 99 Branch
You need to log in before you can comment on or make changes to this bug.