Closed Bug 1859008 Opened 1 year ago Closed 1 year ago

[wpt-sync] Sync PR 42534 - Shared Storage: Allow fetch/img header writes if permission on redirect

Categories

(Testing :: web-platform-tests, task, P4)

task

Tracking

(Not tracked)

RESOLVED INVALID

People

(Reporter: wpt-sync, Unassigned)

References

()

Details

(Whiteboard: [wptsync downstream])

Sync web-platform-tests PR 42534 into mozilla-central (this bug is closed when the sync is complete).

PR: https://github.com/web-platform-tests/wpt/pull/42534
Details from upstream follow.

Camillia Smith Barnes <cammie@chromium.org> wrote:

Shared Storage: Allow fetch/img header writes if permission on redirect

We correct the behavior of writing to shared storage from response
headers to match the spec with regard to how PermissionsPolicy
checks are handled.

Currently, if permission is revoked for any request in a redirect
chain, then no subsequent request in that chain can write to shared
storage from response headers.

This CL updates the behavior for fetch() and HTMLImageElement so
that, for redirect chains of requests that have opted-in via
sharedStorageWritable, each request in the chain has its
PermissionsPolicy checked independently of the others in the chain.

https://crrev.com/c/4935951 will do the same for HTMLIframeElement.

Bug:1218540,1489536
Change-Id: I3110a237fb7f960b91f5940a3309abc623e81dbc
Reviewed-on: https://chromium-review.googlesource.com/4911530
WPT-Export-Revision: 0ac44a4494d2cac8e339cb311a259b72819fba16

Status: NEW → RESOLVED
Closed: 1 year ago
Resolution: --- → INVALID
Whiteboard: [wptsync downstream] → [wptsync downstream error]
Whiteboard: [wptsync downstream error] → [wptsync downstream]

CI Results

Ran 9 Firefox configurations based on mozilla-central, and Firefox, Chrome, and Safari on GitHub CI

Total 2 tests and 2 subtests

Status Summary

Firefox

FAIL : 1
TIMEOUT: 4
NOTRUN : 1

Chrome

FAIL : 1
TIMEOUT: 4
NOTRUN : 1

Safari

FAIL : 1
TIMEOUT: 4
NOTRUN : 1

Links

Gecko CI (Treeherder)
GitHub PR Head
GitHub PR Base

Details

New Tests That Don't Pass

  • /shared-storage/shared-storage-writable-forbidden-header-tentative.https.html [wpt.fyi]: TIMEOUT (Chrome: TIMEOUT, Safari: TIMEOUT)
    • The 'Sec-Shared-Storage-Writable' header cannot successfully be added directly via a JS fetch request with mode cors.: TIMEOUT (Chrome: TIMEOUT, Safari: TIMEOUT)
    • The 'Sec-Shared-Storage-Writable' header cannot successfully be added directly via a JS fetch request with mode no-cors.: NOTRUN (Chrome: NOTRUN, Safari: NOTRUN)
  • /shared-storage/shared-storage-writable-multi-redirect.tentative.https.sub.html [wpt.fyi]: TIMEOUT (Chrome: TIMEOUT, Safari: TIMEOUT)
    • permissions policy header shared-storage=(self) allows the 'Shared-Storage-Writable' header to be sent for the redirect of a shared storage fetch request, where the redirect has a same-origin URL, even if an intermediate redirect has a cross-origin URL.: FAIL (Chrome: FAIL, Safari: FAIL)
    • permissions policy header shared-storage=(self) allows the 'Shared-Storage-Writable' header to be sent for the redirect of a shared storage image request, where the redirect has a same-origin URL, even if an intermediate redirect has a cross-origin URL.: TIMEOUT (Chrome: TIMEOUT, Safari: TIMEOUT)
Pushed by wptsync@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/455120fe60ff [wpt PR 42534] - Shared Storage: Allow fetch/img header writes if permission on redirect, a=testonly https://hg.mozilla.org/integration/autoland/rev/77202ae6a692 [wpt PR 42534] - Update wpt metadata, a=testonly
Pushed by wptsync@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/99574176c0ff [wpt PR 42534] - Shared Storage: Allow fetch/img header writes if permission on redirect, a=testonly https://hg.mozilla.org/integration/autoland/rev/85d08400a95d [wpt PR 42534] - Update wpt metadata, a=testonly
You need to log in before you can comment on or make changes to this bug.