Changeset 106906 in webkit


Ignore:
Timestamp:
Feb 6, 2012 10:33:38 PM (12 years ago)
Author:
abarth@webkit.org
Message:

http/tests/security/xssAuditor/cookie-injection.html is flaky
https://bugs.webkit.org/show_bug.cgi?id=77908

Reviewed by Eric Seidel.

Before this patch, the output of this test depended on the state of the
global cookie store. When running tests in parallel, the cookie store
is shared by multiple tests, and so its state varies from run to run.

This patch changes this test to look only for the specific cookie used
by this test, which should make the test more reliable when run in
parallel with other tests.

  • http/tests/security/xssAuditor/cookie-injection-expected.txt:
  • http/tests/security/xssAuditor/resources/echo-intertag.pl:
  • platform/chromium/test_expectations.txt:
Location:
trunk/LayoutTests
Files:
5 edited

Legend:

Unmodified
Added
Removed
  • trunk/LayoutTests/ChangeLog

    r106902 r106906  
     12012-02-06  Adam Barth  <abarth@webkit.org>
     2
     3        http/tests/security/xssAuditor/cookie-injection.html is flaky
     4        https://bugs.webkit.org/show_bug.cgi?id=77908
     5
     6        Reviewed by Eric Seidel.
     7
     8        Before this patch, the output of this test depended on the state of the
     9        global cookie store.  When running tests in parallel, the cookie store
     10        is shared by multiple tests, and so its state varies from run to run.
     11
     12        This patch changes this test to look only for the specific cookie used
     13        by this test, which should make the test more reliable when run in
     14        parallel with other tests.
     15
     16        * http/tests/security/xssAuditor/cookie-injection-expected.txt:
     17        * http/tests/security/xssAuditor/resources/echo-intertag.pl:
     18        * platform/chromium/test_expectations.txt:
     19
    1202012-02-06  Hayato Ito  <hayato@chromium.org>
    221
  • trunk/LayoutTests/http/tests/security/xssAuditor/cookie-injection-expected.txt

    r104803 r106906  
    11CONSOLE MESSAGE: Refused to execute a JavaScript script. Source code of script found within request.
    22
    3 ALERT: cookie:
     3ALERT: PASS
    44
  • trunk/LayoutTests/http/tests/security/xssAuditor/cookie-injection.html

    r78776 r106906  
    1010</head>
    1111<body>
    12 <iframe src="http://localhost:8000/security/xssAuditor/resources/echo-intertag.pl?alert-cookie=1&q=<meta%20http-equiv=%22Set-Cookie%22%20content=%22testcookie=FAIL%22%20/>"></iframe>
     12<iframe src="http://localhost:8000/security/xssAuditor/resources/echo-intertag.pl?alert-cookie=1&q=<meta%20http-equiv=%22Set-Cookie%22%20content=%22xssAuditorTestCookie=FAIL%22%20/>"></iframe>
    1313</iframe>
    1414</body>
  • trunk/LayoutTests/http/tests/security/xssAuditor/resources/echo-intertag.pl

    r95774 r106906  
    4949}
    5050if ($cgi->param('alert-cookie')) {
    51     print "<script>alert('cookie: ' + document.cookie); document.cookie = 'testcookie=remove; max-age=-1';</script>\n";
     51    print "<script>if (/xssAuditorTestCookie/.test(document.cookie)) { alert('FAIL: ' + document.cookie); document.cookie = 'xssAuditorTestCookie=remove; max-age=-1'; } else alert('PASS');</script>\n";
    5252}
    5353print "</body>\n";
  • trunk/LayoutTests/platform/chromium/test_expectations.txt

    r106897 r106906  
    770770BUGCR39423 : security/block-test.html = TIMEOUT
    771771
     772BUGCR20345 : http/tests/security/cross-frame-access-getOwnPropertyDescriptor.html = TEXT
     773BUGWK42769 : http/tests/security/401-logout/401-logout.php = TIMEOUT
     774
     775BUGCR42044 WIN : http/tests/security/xss-DENIED-mime-type-execute-as-html.html = PASS TIMEOUT
     776BUGDPRANKE WIN : http/tests/security/credentials-in-referer.html = PASS TIMEOUT
     777BUGCR24182 WIN RELEASE : http/tests/security/cross-origin-css.html = PASS TIMEOUT
    772778// Flaky: fails about 5% of the time.
    773779BUGCR31342 WIN RELEASE : security/block-test-no-port.html = PASS TEXT
    774 
    775 BUGCR20345 : http/tests/security/cross-frame-access-getOwnPropertyDescriptor.html = TEXT
    776 BUGCR42044 WIN : http/tests/security/xss-DENIED-mime-type-execute-as-html.html = PASS TIMEOUT
    777 BUGWK42769 : http/tests/security/401-logout/401-logout.php = TIMEOUT
    778 BUGDPRANKE WIN : http/tests/security/credentials-in-referer.html = PASS TIMEOUT
    779 BUGWK70298 : http/tests/security/xssAuditor/cookie-injection.html = TEXT PASS
    780 BUGCR24182 WIN RELEASE : http/tests/security/cross-origin-css.html = PASS TIMEOUT
    781780
    782781// -----------------------------------------------------------------
Note: See TracChangeset for help on using the changeset viewer.