[wpt-sync] Sync PR 45813 - [shared storage] For cross-origin worklet, don't expose error after prefs check
Categories
(Testing :: web-platform-tests, task, P4)
Tracking
(firefox127 fixed)
Tracking | Status | |
---|---|---|
firefox127 | --- | fixed |
People
(Reporter: wpt-sync, Unassigned)
References
()
Details
(Whiteboard: [wptsync downstream])
Sync web-platform-tests PR 45813 into mozilla-central (this bug is closed when the sync is complete).
PR: https://github.com/web-platform-tests/wpt/pull/45813
Details from upstream follow.
Yao Xiao <yaoxia@chromium.org> wrote:
[shared storage] For cross-origin worklet, don't expose error after prefs check
For cross-origin worklet, don't expose error encountered at/after
the user preferences check, as it could leak the user preferences
for the worklet origin to the worklet creator context.For createWorklet(), since there are more async operations after
the prefs check before returning (e.g. network request can fail
and expose an error), we intercept and modify the callback
response before returning.For selectURL()/run(), since all the checks are synchronous, we
could simply move the user preference check to the place right
before returning.Bug: 335839125
Change-Id: I19bdd2ecab062ee51897321240194ce6b88d24bb
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5469020
Reviewed-by: Cammie Smith Barnes \<cammie@chromium.org>
Commit-Queue: Cammie Smith Barnes \<cammie@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1290805}
Assignee | ||
Comment 1•2 months ago
|
||
Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=f4f488e10f6f3477f3e06139fb3d6646a1f9d53b
Assignee | ||
Comment 2•2 months ago
|
||
Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=fb01ed100dd20aa0ea67e02f874dca4b34b03a46
Assignee | ||
Comment 3•2 months ago
|
||
CI Results
Ran 9 Firefox configurations based on mozilla-central, and Firefox, Chrome, and Safari on GitHub CI
Total 4 tests and 1 subtests
Status Summary
Firefox
OK
: 4
FAIL
: 4
Chrome
OK
: 4
FAIL
: 4
Safari
OK
: 4
FAIL
: 4
Links
Gecko CI (Treeherder)
GitHub PR Head
GitHub PR Base
Details
New Tests That Don't Pass
- /shared-storage/cross-origin-create-worklet-unrevealed-failure-false-shared-storage-cross-origin-worklet-allowed.tentative.https.sub.html [wpt.fyi]:
OK
[GitHub
],SKIP
[Gecko-android-em-7.0-x86_64-lite-qr-opt-geckoview
,Gecko-android-em-7.0-x86_64-qr-debug-geckoview
,Gecko-android-em-7.0-x86_64-qr-opt-geckoview
,Gecko-linux1804-64-qr-debug
,Gecko-linux1804-64-qr-opt
,Gecko-windows11-32-2009-qr-debug
,Gecko-windows11-32-2009-qr-opt
,Gecko-windows11-64-2009-qr-debug
,Gecko-windows11-64-2009-qr-opt
] (Chrome:OK
, Safari:OK
)- createWorklet() with cross-origin module script and credentials "include", and with the Shared-Storage-Cross-Origin-Worklet-Allowed response header value set to false (?0):
FAIL
(Chrome:FAIL
, Safari:FAIL
)
- createWorklet() with cross-origin module script and credentials "include", and with the Shared-Storage-Cross-Origin-Worklet-Allowed response header value set to false (?0):
- /shared-storage/cross-origin-create-worklet-unrevealed-failure-missing-access-control-allow-credentials.tentative.https.sub.html [wpt.fyi]:
OK
[GitHub
],SKIP
[Gecko-android-em-7.0-x86_64-lite-qr-opt-geckoview
,Gecko-android-em-7.0-x86_64-qr-debug-geckoview
,Gecko-android-em-7.0-x86_64-qr-opt-geckoview
,Gecko-linux1804-64-qr-debug
,Gecko-linux1804-64-qr-opt
,Gecko-windows11-32-2009-qr-debug
,Gecko-windows11-32-2009-qr-opt
,Gecko-windows11-64-2009-qr-debug
,Gecko-windows11-64-2009-qr-opt
] (Chrome:OK
, Safari:OK
)- createWorklet() with cross-origin module script and credentials "include", and without the Access-Control-Allow-Credentials response header:
FAIL
(Chrome:FAIL
, Safari:FAIL
)
- createWorklet() with cross-origin module script and credentials "include", and without the Access-Control-Allow-Credentials response header:
- /shared-storage/cross-origin-create-worklet-unrevealed-failure-missing-access-control-allow-origin.tentative.https.sub.html [wpt.fyi]:
OK
[GitHub
],SKIP
[Gecko-android-em-7.0-x86_64-lite-qr-opt-geckoview
,Gecko-android-em-7.0-x86_64-qr-debug-geckoview
,Gecko-android-em-7.0-x86_64-qr-opt-geckoview
,Gecko-linux1804-64-qr-debug
,Gecko-linux1804-64-qr-opt
,Gecko-windows11-32-2009-qr-debug
,Gecko-windows11-32-2009-qr-opt
,Gecko-windows11-64-2009-qr-debug
,Gecko-windows11-64-2009-qr-opt
] (Chrome:OK
, Safari:OK
)- createWorklet() with cross-origin module script and credentials "include", and without the Access-Control-Allow-Origin response header:
FAIL
(Chrome:FAIL
, Safari:FAIL
)
- createWorklet() with cross-origin module script and credentials "include", and without the Access-Control-Allow-Origin response header:
- /shared-storage/cross-origin-create-worklet-unrevealed-failure-missing-shared-storage-cross-origin-worklet-allowed.tentative.https.sub.html [wpt.fyi]:
OK
[GitHub
],SKIP
[Gecko-android-em-7.0-x86_64-lite-qr-opt-geckoview
,Gecko-android-em-7.0-x86_64-qr-debug-geckoview
,Gecko-android-em-7.0-x86_64-qr-opt-geckoview
,Gecko-linux1804-64-qr-debug
,Gecko-linux1804-64-qr-opt
,Gecko-windows11-32-2009-qr-debug
,Gecko-windows11-32-2009-qr-opt
,Gecko-windows11-64-2009-qr-debug
,Gecko-windows11-64-2009-qr-opt
] (Chrome:OK
, Safari:OK
)- createWorklet() with cross-origin module script and credentials "include", and without the Shared-Storage-Cross-Origin-Worklet-Allowed response header:
FAIL
(Chrome:FAIL
, Safari:FAIL
)
- createWorklet() with cross-origin module script and credentials "include", and without the Shared-Storage-Cross-Origin-Worklet-Allowed response header:
Tests Disabled in Gecko Infrastructure
- /shared-storage/cross-origin-create-worklet-unrevealed-failure-false-shared-storage-cross-origin-worklet-allowed.tentative.https.sub.html [wpt.fyi]:
OK
[GitHub
],SKIP
[Gecko-android-em-7.0-x86_64-lite-qr-opt-geckoview
,Gecko-android-em-7.0-x86_64-qr-debug-geckoview
,Gecko-android-em-7.0-x86_64-qr-opt-geckoview
,Gecko-linux1804-64-qr-debug
,Gecko-linux1804-64-qr-opt
,Gecko-windows11-32-2009-qr-debug
,Gecko-windows11-32-2009-qr-opt
,Gecko-windows11-64-2009-qr-debug
,Gecko-windows11-64-2009-qr-opt
] (Chrome:OK
, Safari:OK
) - /shared-storage/cross-origin-create-worklet-unrevealed-failure-missing-access-control-allow-credentials.tentative.https.sub.html [wpt.fyi]:
OK
[GitHub
],SKIP
[Gecko-android-em-7.0-x86_64-lite-qr-opt-geckoview
,Gecko-android-em-7.0-x86_64-qr-debug-geckoview
,Gecko-android-em-7.0-x86_64-qr-opt-geckoview
,Gecko-linux1804-64-qr-debug
,Gecko-linux1804-64-qr-opt
,Gecko-windows11-32-2009-qr-debug
,Gecko-windows11-32-2009-qr-opt
,Gecko-windows11-64-2009-qr-debug
,Gecko-windows11-64-2009-qr-opt
] (Chrome:OK
, Safari:OK
) - /shared-storage/cross-origin-create-worklet-unrevealed-failure-missing-access-control-allow-origin.tentative.https.sub.html [wpt.fyi]:
OK
[GitHub
],SKIP
[Gecko-android-em-7.0-x86_64-lite-qr-opt-geckoview
,Gecko-android-em-7.0-x86_64-qr-debug-geckoview
,Gecko-android-em-7.0-x86_64-qr-opt-geckoview
,Gecko-linux1804-64-qr-debug
,Gecko-linux1804-64-qr-opt
,Gecko-windows11-32-2009-qr-debug
,Gecko-windows11-32-2009-qr-opt
,Gecko-windows11-64-2009-qr-debug
,Gecko-windows11-64-2009-qr-opt
] (Chrome:OK
, Safari:OK
) - /shared-storage/cross-origin-create-worklet-unrevealed-failure-missing-shared-storage-cross-origin-worklet-allowed.tentative.https.sub.html [wpt.fyi]:
OK
[GitHub
],SKIP
[Gecko-android-em-7.0-x86_64-lite-qr-opt-geckoview
,Gecko-android-em-7.0-x86_64-qr-debug-geckoview
,Gecko-android-em-7.0-x86_64-qr-opt-geckoview
,Gecko-linux1804-64-qr-debug
,Gecko-linux1804-64-qr-opt
,Gecko-windows11-32-2009-qr-debug
,Gecko-windows11-32-2009-qr-opt
,Gecko-windows11-64-2009-qr-debug
,Gecko-windows11-64-2009-qr-opt
] (Chrome:OK
, Safari:OK
)
Pushed by wptsync@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/a6b08832e4d7 [wpt PR 45813] - [shared storage] For cross-origin worklet, don't expose error after prefs check, a=testonly https://hg.mozilla.org/integration/autoland/rev/751b5da2fe3d [wpt PR 45813] - Update wpt metadata, a=testonly
Comment 5•2 months ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/a6b08832e4d7
https://hg.mozilla.org/mozilla-central/rev/751b5da2fe3d
Description
•