Changeset 233830 in webkit
- Timestamp:
- Jul 13, 2018 6:07:38 PM (6 years ago)
- Location:
- trunk/LayoutTests
- Files:
-
- 4 added
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r233829 r233830 1 2018-07-13 John Wilander <wilander@apple.com> 2 3 Flesh out WebSocket cookie tests to cover cookie policy for third-party resources 4 https://bugs.webkit.org/show_bug.cgi?id=187541 5 <rdar://problem/42048729> 6 7 Reviewed by Alex Christensen. 8 9 * http/tests/cookies/resources/cookie-utilities.js: 10 Added a function for setting a cookie in a WebSocket handshake. 11 * http/tests/websocket/tests/hybi/cookie_wsh.py: 12 (web_socket_do_extra_handshake): 13 Now sets the root path for new cookies so that they can be seen by 14 for example cookies/resources/echo-cookies.php. 15 * http/tests/websocket/tests/hybi/websocket-allowed-setting-cookie-as-third-party-expected.txt: Added. 16 * http/tests/websocket/tests/hybi/websocket-allowed-setting-cookie-as-third-party.html: Added. 17 * http/tests/websocket/tests/hybi/websocket-blocked-from-setting-cookie-as-third-party-expected.txt: Added. 18 * http/tests/websocket/tests/hybi/websocket-blocked-from-setting-cookie-as-third-party.html: Added. 19 * http/tests/websocket/tests/hybi/websocket-cookie-overwrite-behavior-expected.txt: 20 * http/tests/websocket/tests/hybi/websocket-cookie-overwrite-behavior.html: 21 Now tests under the condition where localhost as third-party is 22 allowed to set a new cookie as third party. It also makes sure to use 23 cookies with the path set to the root so that all cookies are visible. 24 1 25 2018-07-13 Youenn Fablet <youenn@apple.com> 2 26 -
trunk/LayoutTests/http/tests/cookies/resources/cookie-utilities.js
r230944 r233830 229 229 testFailed(`DOM cookie "${name}" should have value ${expectedValue}. Was ${value}.`); 230 230 } 231 232 function setCookieUsingWebSocketFromHost(host) 233 { 234 var promise = new Promise(resolve => { 235 var websocket = new WebSocket(`ws://${host}:8880/websocket/tests/hybi/cookie?set`); 236 websocket.onclose = () => resolve(); 237 }); 238 return promise; 239 } -
trunk/LayoutTests/http/tests/websocket/tests/hybi/cookie_wsh.py
r230052 r233830 1 1 # Copyright (C) 2014 Google Inc. All rights reserved. 2 # Copyright (C) 2018 Apple Inc. All rights reserved. 2 3 # 3 4 # Redistribution and use in source and binary forms, with or without … … 39 40 40 41 ONE_DAY_LIFE = 'Max-Age=86400' 42 ROOT_PATH = 'path=/' 41 43 42 44 if command == 'set': 43 _add_set_cookie(request, '; '.join(['foo=bar', ONE_DAY_LIFE ]))45 _add_set_cookie(request, '; '.join(['foo=bar', ONE_DAY_LIFE, ROOT_PATH])) 44 46 elif command == 'set_httponly': 45 47 _add_set_cookie(request, 46 '; '.join(['httpOnlyFoo=bar', ONE_DAY_LIFE, 'httpOnly']))48 '; '.join(['httpOnlyFoo=bar', ONE_DAY_LIFE, ROOT_PATH, 'httpOnly'])) 47 49 elif command == 'clear': 48 50 _add_set_cookie(request, 'foo=0; Max-Age=0') -
trunk/LayoutTests/http/tests/websocket/tests/hybi/websocket-cookie-overwrite-behavior-expected.txt
r230052 r233830 4 4 5 5 6 S ame origin WebSocket:7 PASS cookieValue is " foo=bar"6 Setting third-party cookie 'foo' through cross-origin WebSocket handshake and checking that it doesn't write first-party cookies. 7 PASS cookieValue is "" 8 8 9 Cross origin WebSocket: 10 PASS cookieValue is "" 9 Opening localhost third-party iframe to check its cookies. 11 10 PASS successfullyParsed is true 12 11 13 12 TEST COMPLETE 14 13 14 15 -------- 16 Frame: '<!--frame1-->' 17 -------- 18 Cookies are: setAsFirstParty = value foo = bar -
trunk/LayoutTests/http/tests/websocket/tests/hybi/websocket-cookie-overwrite-behavior.html
r230052 r233830 3 3 <head> 4 4 <script src="../../../../js-test-resources/js-test.js"></script> 5 <script src="../../../cookies/resources/cookie-utilities.js"></script> 5 6 <script> 6 7 window.jsTestIsAsync = true; … … 10 11 function clearCookie() 11 12 { 12 document.cookie = "foo=0; Max-Age=0"; // The key "foo" must match the key used in the WebSocket Set-Cookie header. 13 } 14 15 function setCookieFromHost(host) 16 { 17 var promise = new Promise(resolve => { 18 var websocket = new WebSocket(`ws://${host}:8880/websocket/tests/hybi/cookie?set`); 19 websocket.onclose = () => resolve(); 20 }); 21 return promise; 13 document.cookie = "foo=0; Max-Age=0; path=/"; // The key "foo" must match the key used in the WebSocket Set-Cookie header. 22 14 } 23 15 … … 30 22 { 31 23 clearCookie(); 32 document.cookie = "foo=should_be_overwritten_by_websocket_set_cookie ";33 await setCookie FromHost("127.0.0.1");24 document.cookie = "foo=should_be_overwritten_by_websocket_set_cookie; path=/"; 25 await setCookieUsingWebSocketFromHost("127.0.0.1"); 34 26 cookieValue = echoCookie(); 35 27 shouldBeEqualToString("cookieValue", "foo=bar"); … … 39 31 { 40 32 clearCookie(); 41 await setCookie FromHost("localhost");33 await setCookieUsingWebSocketFromHost("localhost"); 42 34 cookieValue = echoCookie(); 43 35 shouldBeEmptyString("cookieValue"); … … 46 38 async function runTests() 47 39 { 48 debug("Same origin WebSocket:"); 49 await testSameOriginCookie(); 50 debug("<br>Cross origin WebSocket:"); 51 await testCrossOriginCookie(); 52 finishJSTest(); 40 switch (document.location.hash) { 41 case "": 42 await testSameOriginCookie(); 43 // Test that a third-party without pre-existing cookies does not write first-party cookies. 44 await testCrossOriginCookie(); 45 // Navigate to localhost to set first-party cookie 'setAsFirstParty'. 46 document.location.href = "http://localhost:8000/websocket/tests/hybi/websocket-cookie-overwrite-behavior.html#setCookieAsFirstParty"; 47 break; 48 case "#setCookieAsFirstParty": 49 await setCookie("setAsFirstParty", "value"); 50 // Navigate back to 127.0.0.1 to test third-party cookie. 51 document.location.href = "http://127.0.0.1:8000/websocket/tests/hybi/websocket-cookie-overwrite-behavior.html#didSetCookieAsFirstParty"; 52 break; 53 case "#didSetCookieAsFirstParty": 54 testRunner.dumpChildFramesAsText(); 55 // Test that a third-party with a pre-existing cookie does not write first-party cookies. 56 debug("Setting third-party cookie 'foo' through cross-origin WebSocket handshake and checking that it doesn't write first-party cookies."); 57 await testCrossOriginCookie(); 58 let iframeElement = document.createElement("iframe"); 59 iframeElement.src = "http://localhost:8000/cookies/resources/echo-cookies.php"; 60 iframeElement.onload = finishJSTest; 61 debug("<br>Opening localhost third-party iframe to check its cookies."); 62 document.body.appendChild(iframeElement); 63 break; 64 } 53 65 } 54 66 </script>
Note: See TracChangeset
for help on using the changeset viewer.