[wpt-sync] Sync PR 42534 - Shared Storage: Allow fetch/img header writes if permission on redirect
Categories
(Testing :: web-platform-tests, task, P4)
Tracking
(Not tracked)
People
(Reporter: wpt-sync, Unassigned)
References
()
Details
(Whiteboard: [wptsync downstream])
Sync web-platform-tests PR 42534 into mozilla-central (this bug is closed when the sync is complete).
PR: https://github.com/web-platform-tests/wpt/pull/42534
Details from upstream follow.
Camillia Smith Barnes <cammie@chromium.org> wrote:
Shared Storage: Allow fetch/img header writes if permission on redirect
We correct the behavior of writing to shared storage from response
headers to match the spec with regard to howPermissionsPolicy
checks are handled.Currently, if permission is revoked for any request in a redirect
chain, then no subsequent request in that chain can write to shared
storage from response headers.This CL updates the behavior for
fetch()
andHTMLImageElement
so
that, for redirect chains of requests that have opted-in via
sharedStorageWritable
, each request in the chain has its
PermissionsPolicy
checked independently of the others in the chain.https://crrev.com/c/4935951 will do the same for
HTMLIframeElement
.Bug:1218540,1489536
Change-Id: I3110a237fb7f960b91f5940a3309abc623e81dbc
Reviewed-on: https://chromium-review.googlesource.com/4911530
WPT-Export-Revision: 0ac44a4494d2cac8e339cb311a259b72819fba16
Assignee | ||
Updated•1 year ago
|
Assignee | ||
Updated•1 year ago
|
Assignee | ||
Updated•1 year ago
|
Assignee | ||
Comment 1•1 year ago
|
||
Assignee | ||
Comment 2•1 year ago
|
||
CI Results
Ran 9 Firefox configurations based on mozilla-central, and Firefox, Chrome, and Safari on GitHub CI
Total 2 tests and 2 subtests
Status Summary
Firefox
FAIL
: 1
TIMEOUT
: 4
NOTRUN
: 1
Chrome
FAIL
: 1
TIMEOUT
: 4
NOTRUN
: 1
Safari
FAIL
: 1
TIMEOUT
: 4
NOTRUN
: 1
Links
Gecko CI (Treeherder)
GitHub PR Head
GitHub PR Base
Details
New Tests That Don't Pass
- /shared-storage/shared-storage-writable-forbidden-header-tentative.https.html [wpt.fyi]:
TIMEOUT
(Chrome:TIMEOUT
, Safari:TIMEOUT
)- The 'Sec-Shared-Storage-Writable' header cannot successfully be added directly via a JS fetch request with mode cors.:
TIMEOUT
(Chrome:TIMEOUT
, Safari:TIMEOUT
) - The 'Sec-Shared-Storage-Writable' header cannot successfully be added directly via a JS fetch request with mode no-cors.:
NOTRUN
(Chrome:NOTRUN
, Safari:NOTRUN
)
- The 'Sec-Shared-Storage-Writable' header cannot successfully be added directly via a JS fetch request with mode cors.:
- /shared-storage/shared-storage-writable-multi-redirect.tentative.https.sub.html [wpt.fyi]:
TIMEOUT
(Chrome:TIMEOUT
, Safari:TIMEOUT
)- permissions policy header shared-storage=(self) allows the 'Shared-Storage-Writable' header to be sent for the redirect of a shared storage fetch request, where the redirect has a same-origin URL, even if an intermediate redirect has a cross-origin URL.:
FAIL
(Chrome:FAIL
, Safari:FAIL
) - permissions policy header shared-storage=(self) allows the 'Shared-Storage-Writable' header to be sent for the redirect of a shared storage image request, where the redirect has a same-origin URL, even if an intermediate redirect has a cross-origin URL.:
TIMEOUT
(Chrome:TIMEOUT
, Safari:TIMEOUT
)
- permissions policy header shared-storage=(self) allows the 'Shared-Storage-Writable' header to be sent for the redirect of a shared storage fetch request, where the redirect has a same-origin URL, even if an intermediate redirect has a cross-origin URL.:
Comment 5•11 months ago
|
||
bugherder |
Description
•