Closed Bug 1761405 Opened 2 years ago Closed 2 years ago

[wpt-sync] Sync PR 33366 - Add WPTs for Early Hints preload is disallowed by document's CSP

Categories

(Testing :: web-platform-tests, task, P4)

task

Tracking

(firefox100 fixed)

RESOLVED FIXED
100 Branch
Tracking Status
firefox100 --- fixed

People

(Reporter: wpt-sync, Unassigned)

References

()

Details

(Whiteboard: [wptsync downstream])

Sync web-platform-tests PR 33366 into mozilla-central (this bug is closed when the sync is complete).

PR: https://github.com/web-platform-tests/wpt/pull/33366
Details from upstream follow.

Kenichi Ishibashi <bashi@chromium.org> wrote:

Add WPTs for Early Hints preload is disallowed by document's CSP

The test scenario is:

  • The test page sends an Early Hints containing cross origin preload
    with/without CSP. The preload request is delayed until the document
    is loaded.
  • The document later sets CSP to disallow the preload.

The expectation is that the preload should be denied by CSP.

Bug: 1305896
Change-Id: Ia23ac612a485793568a4f78d740f832a424f6564

Reviewed-on: https://chromium-review.googlesource.com/3551777
WPT-Export-Revision: 565ed8c5155aead352cc9446b6b4b9d436819678

Whiteboard: [wptsync downstream] → [wptsync downstream error]
Whiteboard: [wptsync downstream error] → [wptsync downstream]
PR 33366 applied with additional changes from upstream: 850fd2b4dbf5c21ebb649f6d889caa140b8b29db, 7ac35957bff8a4a7fb47999f721eff20e0e76208

CI Results

Ran 11 Firefox configurations based on mozilla-central, and Firefox, Chrome, and Safari on GitHub CI

Total 26 tests and 1 subtests

Status Summary

Firefox

OK : 24[Gecko-android-em-7.0-x86_64-lite-qr-debug-geckoview, Gecko-android-em-7.0-x86_64-lite-qr-opt-geckoview, Gecko-android-em-7.0-x86_64-qr-debug-geckoview, Gecko-android-em-7.0-x86_64-qr-opt-geckoview, Gecko-linux1804-64-qr-debug, Gecko-linux1804-64-qr-opt, Gecko-linux1804-64-tsan-qr-opt, Gecko-windows10-32-2004-qr-debug, Gecko-windows10-32-2004-qr-opt, Gecko-windows10-64-2004-qr-debug, Gecko-windows10-64-2004-qr-opt] 26[GitHub]
PASS : 10
FAIL : 14[Gecko-android-em-7.0-x86_64-lite-qr-debug-geckoview, Gecko-android-em-7.0-x86_64-lite-qr-opt-geckoview, Gecko-android-em-7.0-x86_64-qr-debug-geckoview, Gecko-android-em-7.0-x86_64-qr-opt-geckoview, Gecko-linux1804-64-qr-debug, Gecko-linux1804-64-qr-opt, Gecko-linux1804-64-tsan-qr-opt, Gecko-windows10-32-2004-qr-debug, Gecko-windows10-32-2004-qr-opt, Gecko-windows10-64-2004-qr-debug, Gecko-windows10-64-2004-qr-opt] 16[GitHub]

Chrome

OK : 2
PASS : 1
FAIL : 1
ERROR: 24

Safari

OK : 14
PASS : 4
FAIL : 10
ERROR: 12

Links

Gecko CI (Treeherder)
GitHub PR Head
GitHub PR Base

Details

New Tests That Don't Pass

/loading/early-hints/404-with-early-hints.h2.window.html
404 with an early hints preload.: FAIL (Safari: FAIL)
/loading/early-hints/csp-early-hints-absent-final-absent.h2.window.html
Early Hints CSP: Early Hints policy = absent, final response policy = absent.: FAIL (Safari: FAIL)
/loading/early-hints/csp-early-hints-absent-final-allowed.h2.window.html
Early Hints CSP: Early Hints policy = absent, final response policy = allowed.: FAIL (Safari: FAIL)
/loading/early-hints/csp-early-hints-allowed-final-absent.h2.window.html
Early Hints CSP: Early Hints policy = allowed, final response policy = absent.: FAIL (Safari: FAIL)
/loading/early-hints/csp-early-hints-allowed-final-allowed.h2.window.html
Early Hints CSP: Early Hints policy = allowed, final response policy = allowed.: FAIL (Safari: FAIL)
/loading/early-hints/multiple-early-hints-responses.h2.window.html
Only the first early hints response is processed: FAIL
/loading/early-hints/preload-in-flight-when-consumed.h2.window.html
Early hints preload is in-flight when consumed.: FAIL (Safari: FAIL)
/loading/early-hints/preload-initiator-type.h2.window.html
Ensure initiatorType is set to 'early-hints': FAIL
/loading/early-hints/redirect-same-origin.h2.window.html
Redirect to the same origin keeps early hints preload: FAIL (Safari: FAIL)
/loading/early-hints/referrer-policy-no-referrer.h2.window.html
Referrer policy: no-referrer: FAIL
/loading/early-hints/referrer-policy-origin-when-cross-origin.h2.window.html
Referrer policy: origin-when-cross-origin: FAIL
/loading/early-hints/referrer-policy-origin.h2.window.html
Referrer policy: origin: FAIL
/loading/early-hints/referrer-policy-same-origin.h2.window.html
Referrer policy: same-origin: FAIL
/loading/early-hints/referrer-policy-unsafe-url.h2.window.html
Referrer policy: unsafe-url: FAIL (Chrome: FAIL)
/loading/early-hints/redirect-cross-origin-between-early-hints.h2.window.html
Early hints -> cross origin redirect -> early hints -> final response.: FAIL
/loading/early-hints/redirect-same-origin-between-early-hints.h2.window.html
Early hints -> same origin redirect -> early hints -> final response.: FAIL

Pushed by wptsync@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/7a792348ed0a
[wpt PR 33366] - Add WPTs for Early Hints preload is disallowed by document's CSP, a=testonly
https://hg.mozilla.org/integration/autoland/rev/217d0db954b1
[wpt PR 33366] - Update wpt metadata, a=testonly
Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → 100 Branch
You need to log in before you can comment on or make changes to this bug.