Changeset 253683 in webkit

Timestamp:

Dec 18, 2019 7:48:59 AM (4 years ago)

Author:

Chris Dumez

Message:

Re-sync web-platform-tests/common from upstream
​https://bugs.webkit.org/show_bug.cgi?id=205342

Reviewed by Frédéric Wang.

Re-sync web-platform-tests/common from upstream e9d489f3377139a1d54b.

LayoutTests/imported/w3c:

• web-platform-tests/common/*: Updated.

LayoutTests:

• canvas/philip/tests/2d.drawImage.incomplete.emptysrc-expected.txt:
• canvas/philip/tests/2d.drawImage.incomplete.emptysrc.html:
• canvas/philip/tests/2d.drawImage.incomplete.nosrc-expected.txt:
• canvas/philip/tests/2d.drawImage.incomplete.nosrc.html:
• canvas/philip/tests/2d.drawImage.incomplete.removedsrc-expected.txt:
• canvas/philip/tests/2d.drawImage.incomplete.removedsrc.html:
• canvas/philip/tests/2d.pattern.image.incomplete.emptysrc-expected.txt:
• canvas/philip/tests/2d.pattern.image.incomplete.emptysrc.html:
• canvas/philip/tests/2d.pattern.image.incomplete.removedsrc-expected.txt:
• canvas/philip/tests/2d.pattern.image.incomplete.removedsrc.html:
• http/wpt/2dcontext/imagebitmap/createImageBitmap-sizing.html:
• http/wpt/2dcontext/imagebitmap/drawImage-ImageBitmap.html:

Location:

trunk/LayoutTests

Files:

• ChangeLog (modified) (1 diff)
• canvas/philip/tests/2d.drawImage.incomplete.emptysrc-expected.txt (modified) (1 diff)
• canvas/philip/tests/2d.drawImage.incomplete.emptysrc.html (modified) (1 diff)
• canvas/philip/tests/2d.drawImage.incomplete.nosrc-expected.txt (modified) (1 diff)
• canvas/philip/tests/2d.drawImage.incomplete.nosrc.html (modified) (1 diff)
• canvas/philip/tests/2d.drawImage.incomplete.removedsrc-expected.txt (modified) (1 diff)
• canvas/philip/tests/2d.drawImage.incomplete.removedsrc.html (modified) (1 diff)
• canvas/philip/tests/2d.pattern.image.incomplete.emptysrc-expected.txt (modified) (1 diff)
• canvas/philip/tests/2d.pattern.image.incomplete.emptysrc.html (modified) (1 diff)
• canvas/philip/tests/2d.pattern.image.incomplete.removedsrc-expected.txt (modified) (1 diff)
• canvas/philip/tests/2d.pattern.image.incomplete.removedsrc.html (modified) (1 diff)
• http/wpt/2dcontext/imagebitmap/createImageBitmap-sizing.html (modified) (1 diff)
• http/wpt/2dcontext/imagebitmap/drawImage-ImageBitmap.html (modified) (1 diff)
• imported/w3c/ChangeLog (modified) (1 diff)
• imported/w3c/web-platform-tests/common/README.md (added)
• imported/w3c/web-platform-tests/common/canvas-frame.css (deleted)
• imported/w3c/web-platform-tests/common/canvas-frame.css.headers (deleted)
• imported/w3c/web-platform-tests/common/canvas-index.css (deleted)
• imported/w3c/web-platform-tests/common/canvas-index.css.headers (deleted)
• imported/w3c/web-platform-tests/common/canvas-spec.css (deleted)
• imported/w3c/web-platform-tests/common/canvas-spec.css.headers (deleted)
• imported/w3c/web-platform-tests/common/canvas-tests.css (deleted)
• imported/w3c/web-platform-tests/common/canvas-tests.css.headers (deleted)
• imported/w3c/web-platform-tests/common/canvas-tests.js (deleted)
• imported/w3c/web-platform-tests/common/css-paint-tests.js.headers (deleted)
• imported/w3c/web-platform-tests/common/css-red.txt (deleted)
• imported/w3c/web-platform-tests/common/entities.json (deleted)
• imported/w3c/web-platform-tests/common/form-submission.py (deleted)
• imported/w3c/web-platform-tests/common/get-host-info.sub.js (modified) (1 diff)
• imported/w3c/web-platform-tests/common/namespaces.js (deleted)
• imported/w3c/web-platform-tests/common/security-features/README.md (modified) (3 diffs)
• imported/w3c/web-platform-tests/common/security-features/resources/common.js (deleted)
• imported/w3c/web-platform-tests/common/security-features/resources/common.sub.js (modified) (15 diffs)
• imported/w3c/web-platform-tests/common/security-features/resources/common.sub.js.headers (added)
• imported/w3c/web-platform-tests/common/security-features/resources/w3c-import.log (modified) (1 diff)
• imported/w3c/web-platform-tests/common/security-features/scope/template/document.html.template (modified) (1 diff)
• imported/w3c/web-platform-tests/common/security-features/scope/template/w3c-import.log (modified) (1 diff)
• imported/w3c/web-platform-tests/common/security-features/scope/template/worker.js.template (added)
• imported/w3c/web-platform-tests/common/security-features/scope/w3c-import.log (modified) (1 diff)
• imported/w3c/web-platform-tests/common/security-features/scope/worker.py (added)
• imported/w3c/web-platform-tests/common/security-features/subresource/subresource.py (modified) (3 diffs)
• imported/w3c/web-platform-tests/common/security-features/tools/format_spec_src_json.py (added)
• imported/w3c/web-platform-tests/common/security-features/tools/generate.py (modified) (10 diffs)
• imported/w3c/web-platform-tests/common/security-features/tools/spec_validator.py (added)
• imported/w3c/web-platform-tests/common/security-features/tools/template/test.debug.html.template (modified) (2 diffs)
• imported/w3c/web-platform-tests/common/security-features/tools/template/test.release.html.template (modified) (1 diff)
• imported/w3c/web-platform-tests/common/security-features/tools/util.py (modified) (3 diffs)
• imported/w3c/web-platform-tests/common/security-features/tools/w3c-import.log (modified) (1 diff)
• imported/w3c/web-platform-tests/common/sleep.py (deleted)
• imported/w3c/web-platform-tests/common/w3c-import.log (modified) (3 diffs)
• imported/w3c/web-platform-tests/common/worklet-reftest.js.headers (moved) (moved from trunk/LayoutTests/imported/w3c/web-platform-tests/common/canvas-tests.js.headers)
• imported/w3c/web-platform-tests/html/semantics/document-metadata/the-style-element/style-error-01-expected.txt (modified) (1 diff)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2019-12-18  Chris Dumez  <cdumez@apple.com>
+
+        Re-sync web-platform-tests/common from upstream
+        https://bugs.webkit.org/show_bug.cgi?id=205342
+
+        Reviewed by Frédéric Wang.
+
+        Re-sync web-platform-tests/common from upstream e9d489f3377139a1d54b.
+
+        * canvas/philip/tests/2d.drawImage.incomplete.emptysrc-expected.txt:
+        * canvas/philip/tests/2d.drawImage.incomplete.emptysrc.html:
+        * canvas/philip/tests/2d.drawImage.incomplete.nosrc-expected.txt:
+        * canvas/philip/tests/2d.drawImage.incomplete.nosrc.html:
+        * canvas/philip/tests/2d.drawImage.incomplete.removedsrc-expected.txt:
+        * canvas/philip/tests/2d.drawImage.incomplete.removedsrc.html:
+        * canvas/philip/tests/2d.pattern.image.incomplete.emptysrc-expected.txt:
+        * canvas/philip/tests/2d.pattern.image.incomplete.emptysrc.html:
+        * canvas/philip/tests/2d.pattern.image.incomplete.removedsrc-expected.txt:
+        * canvas/philip/tests/2d.pattern.image.incomplete.removedsrc.html:
+        * http/wpt/2dcontext/imagebitmap/createImageBitmap-sizing.html:
+        * http/wpt/2dcontext/imagebitmap/drawImage-ImageBitmap.html:
+
 2019-12-18  Antoine Quint  <graouts@apple.com>
 

trunk/LayoutTests/canvas/philip/tests/2d.drawImage.incomplete.emptysrc-expected.txt

@@ -1 +1 @@
 2d.drawImage.incomplete.emptysrc
-
 Actual output:
-
 Expected output:
-
-
-
 
 

trunk/LayoutTests/canvas/philip/tests/2d.drawImage.incomplete.emptysrc.html

@@ -4 +4 @@
 <script src="../../../resources/testharness.js"></script>
 <script src="../../../resources/testharnessreport.js"></script>
-<script src="../../../imported/w3c/web-platform-tests/common/canvas-tests.js"></script>
-<link rel="stylesheet" href="/common/canvas-tests.css">
+<script src="../../../imported/w3c/web-platform-tests/2dcontext/resources/canvas-tests.js"></script>
+<link rel="stylesheet" href="../../../imported/w3c/web-platform-tests/2dcontext/resources/canvas-tests.css">
 <body class="show_output">
 

trunk/LayoutTests/canvas/philip/tests/2d.drawImage.incomplete.nosrc-expected.txt

@@ -1 +1 @@
 2d.drawImage.incomplete.nosrc
-
 Actual output:
-
 Expected output:
-
-
 
 

trunk/LayoutTests/canvas/philip/tests/2d.drawImage.incomplete.nosrc.html

@@ -4 +4 @@
 <script src="../../../resources/testharness.js"></script>
 <script src="../../../resources/testharnessreport.js"></script>
-<script src="../../../imported/w3c/web-platform-tests/common/canvas-tests.js"></script>
-<link rel="stylesheet" href="/common/canvas-tests.css">
+<script src="../../../imported/w3c/web-platform-tests/2dcontext/resources/canvas-tests.js"></script>
+<link rel="stylesheet" href="../../../imported/w3c/web-platform-tests/2dcontext/resources/canvas-tests.css">
 <body class="show_output">
 

trunk/LayoutTests/canvas/philip/tests/2d.drawImage.incomplete.removedsrc-expected.txt

@@ -1 +1 @@
 2d.drawImage.incomplete.removedsrc
-
 Actual output:
-
 Expected output:
-
-
-
 
 

trunk/LayoutTests/canvas/philip/tests/2d.drawImage.incomplete.removedsrc.html

@@ -4 +4 @@
 <script src="../../../resources/testharness.js"></script>
 <script src="../../../resources/testharnessreport.js"></script>
-<script src="../../../imported/w3c/web-platform-tests/common/canvas-tests.js"></script>
-<link rel="stylesheet" href="/common/canvas-tests.css">
+<script src="../../../imported/w3c/web-platform-tests/2dcontext/resources/canvas-tests.js"></script>
+<link rel="stylesheet" href="../../../imported/w3c/web-platform-tests/2dcontext/resources/canvas-tests.css">
 <body class="show_output">
 

trunk/LayoutTests/canvas/philip/tests/2d.pattern.image.incomplete.emptysrc-expected.txt

@@ -1 +1 @@
 2d.pattern.image.incomplete.emptysrc
-
 Actual output:
-
- 
 
 PASS Canvas test: 2d.pattern.image.incomplete.emptysrc 

trunk/LayoutTests/canvas/philip/tests/2d.pattern.image.incomplete.emptysrc.html

@@ -4 +4 @@
 <script src="../../../resources/testharness.js"></script>
 <script src="../../../resources/testharnessreport.js"></script>
-<script src="../../../imported/w3c/web-platform-tests/common/canvas-tests.js"></script>
-<link rel="stylesheet" href="/common/canvas-tests.css">
+<script src="../../../imported/w3c/web-platform-tests/2dcontext/resources/canvas-tests.js"></script>
+<link rel="stylesheet" href="../../../imported/w3c/web-platform-tests/2dcontext/resources/canvas-tests.css">
 <body class="show_output">
 

trunk/LayoutTests/canvas/philip/tests/2d.pattern.image.incomplete.removedsrc-expected.txt

@@ -1 +1 @@
 2d.pattern.image.incomplete.removedsrc
-
 Actual output:
-
- 
 
 PASS Canvas test: 2d.pattern.image.incomplete.removedsrc 

trunk/LayoutTests/canvas/philip/tests/2d.pattern.image.incomplete.removedsrc.html

@@ -4 +4 @@
 <script src="../../../resources/testharness.js"></script>
 <script src="../../../resources/testharnessreport.js"></script>
-<script src="../../../imported/w3c/web-platform-tests/common/canvas-tests.js"></script>
-<link rel="stylesheet" href="/common/canvas-tests.css">
+<script src="../../../imported/w3c/web-platform-tests/2dcontext/resources/canvas-tests.js"></script>
+<link rel="stylesheet" href="../../../imported/w3c/web-platform-tests/2dcontext/resources/canvas-tests.css">
 <body class="show_output">
 

trunk/LayoutTests/http/wpt/2dcontext/imagebitmap/createImageBitmap-sizing.html

@@ -4 +4 @@
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
-<script src="/common/canvas-tests.js"></script>
+<script src="/2dcontext/resources/canvas-tests.js"></script>
 <script src="common.js"></script>
 <link rel="stylesheet" href="/common/canvas-tests.css">

trunk/LayoutTests/http/wpt/2dcontext/imagebitmap/drawImage-ImageBitmap.html

@@ -4 +4 @@
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
-<script src="/common/canvas-tests.js"></script>
+<script src="/2dcontext/resources/canvas-tests.js"></script>
 <script src="common.js"></script>
 <link rel="stylesheet" href="/common/canvas-tests.css">

trunk/LayoutTests/imported/w3c/ChangeLog

@@ +1 @@
+2019-12-18  Chris Dumez  <cdumez@apple.com>
+
+        Re-sync web-platform-tests/common from upstream
+        https://bugs.webkit.org/show_bug.cgi?id=205342
+
+        Reviewed by Frédéric Wang.
+
+        Re-sync web-platform-tests/common from upstream e9d489f3377139a1d54b.
+
+        * web-platform-tests/common/*: Updated.
+
 2019-12-17  Chris Dumez  <cdumez@apple.com>
 

trunk/LayoutTests/imported/w3c/web-platform-tests/common/get-host-info.sub.js

@@ -13 +13 @@
   var REMOTE_HOST = (ORIGINAL_HOST === 'localhost') ? '127.0.0.1' : ('www1.' + ORIGINAL_HOST);
   var OTHER_HOST = '{{domains[www2]}}';
-  var NOTSAMESITE_HOST = (ORIGINAL_HOST === 'localhost') ? '127.0.0.1' : ('not-' + ORIGINAL_HOST);
+  var NOTSAMESITE_HOST = (ORIGINAL_HOST === 'localhost') ? '127.0.0.1' : ('{{hosts[alt][]}}');
 
   return {

trunk/LayoutTests/imported/w3c/web-platform-tests/common/security-features/README.md

@@ -1 @@
-This directory contains the common infrastructure for the following tests.
+
+
+This directory contains the common infrastructure for the following tests (also referred below as projects).
+
 - referrer-policy/
 - mixed-content/
@@ -5 +8 @@
 
 Subdirectories:
+
+- `resources`:
+    Serves JavaScript test helpers.
 - `subresource`:
     Serves subresources, with support for redirects, stash, etc.
@@ -12 +18 @@
     Serves nested contexts, such as iframe documents or workers.
     Used from `invokeFrom*()` functions in `resources/common.js`.
+- `tools`:
+    Scripts that generate test HTML files. Not used while running tests.
+- `/referrer-policy/generic/subresource-test`:
+    Sanity checking tests for subresource invocation
+    (This is still placed outside common/)
+
+# Test generator
+
+The test generator (`common/security-features/tools`) generates test HTML files from templates and a seed (`spec.src.json`) that defines all the test scenarios.
+
+The project (i.e. a WPT subdirectory, for example `referrer-policy/`) that uses the generator should define per-project data and invoke the common generator logic in `common/security-features/tools`.
+
+This is the overview of the project structure:
+
+```
+common/security-features/
+└── tools/ - the common test generator logic
+    └── template/ - the test files templates
+project-directory/ (e.g. referrer-policy/)
+├── spec.src.json
+├── generic/
+│   ├── test-case.sub.js - Per-project test helper
+│   └── tools/
+│       └── generator.py - Per-project generator script
+└── gen/ - generated tests
+```
+
+Invoking `project-directory/generic/tools/generate.py` will parse the spec JSON and determine which tests to generate (or skip) while using templates.
+
+## Generating the tests
+
+The repository already contains generated tests, so if you're making changes, see the [Removing all generated tests](#removing-all-generated-tests) section below, on how to remove them before you start generating tests which include your changes.
+
+```bash
+# Chdir into the project directory.
+cd ~/web-platform-tests/project-directory
+
+# Generate the test files under gen/ (HTMLs and .headers files).
+./generic/tools/generate.py
+
+# Add all generated tests to the repo.
+git add gen/ && git commit -m "Add generated tests"
+```
+
+During the generation, the spec is validated by ```common/security-features/tools/spec_validator.py```. This is specially important when you're making changes to  `spec.src.json`. Make sure it's a valid JSON (no comments or trailing commas). The validator reports specific errors (missing keys etc.), if any.
+
+### Removing all generated tests
+
+Simply remove all files under `project-directory/gen/`.
+
+```bash
+# Chdir into the project directory.
+cd ~/web-platform-tests/project-directory
+
+# Remove all generated tests.
+rm -r gen/
+```
+
+### Options for generating tests
+
+Note: this section is currently obsolete. Only the release template is working.
+
+The generator script ```./generic/tools/generate.py``` has two targets: ```release``` and ```debug```.
+
+* Using **release** for the target will produce tests using a template for optimizing size and performance. The release template is intended for the official web-platform-tests and possibly other test suites. No sanity checking is done in release mode. Use this option whenever you're checking into web-platform-tests.
+
+* When generating for ```debug```, the produced tests will contain more verbosity and sanity checks. Use this target to identify problems with the test suites when making changes locally. Make sure you don't check in tests generated with the debug target.
+
+Note that **release** is the default target when invoking ```generate.py```.
+
+
+## Updating the tests
+
+The main test logic lives in ```project-directory/generic/test-case.sub.js``` with helper functions defined in ```/common/security-features/resources/common.js``` so you should probably start there.
+
+For updating the test suites you will most likely do **a subset** of the following:
+
+* Add a new subresource type:
+
+  * Add a new sub-resource python script to `/common/security-features/subresource/`.
+  * Add a sanity check test for a sub-resource to `referrer-policy/generic/subresource-test/`.
+  * Add a new entry to `subresourceMap` in `/common/security-features/resources/common.js`.
+  * Add a new entry to `valid_subresource_names` in `/common/security-features/tools/spec_validator.py`.
+  * Add a new entry to `subresource_schema` in `spec.src.json`.
+  * Update `source_context_schema` to specify in which source context the subresource can be used.
+
+* Add a new subresource redirection type
+
+  * TODO: to be documented. Example: [https://github.com/web-platform-tests/wpt/pull/18939](https://github.com/web-platform-tests/wpt/pull/18939)
+
+* Add a new subresource origin type
+
+  * TODO: to be documented. Example: [https://github.com/web-platform-tests/wpt/pull/18940](https://github.com/web-platform-tests/wpt/pull/18940)
+
+* Add a new source context (e.g. "module sharedworker global scope")
+
+  * TODO: to be documented. Example: [https://github.com/web-platform-tests/wpt/pull/18904](https://github.com/web-platform-tests/wpt/pull/18904)
+
+* Add a new source context list (e.g. "subresource request from a dedicated worker in a `<iframe srcdoc>`")
+
+  * TODO: to be documented.
+
+* Implement new or update existing assertions in ```project-directory/generic/test-case.sub.js```.
+
+* Exclude or add some tests by updating ```spec.src.json``` test expansions.
+
+* Implement a new delivery method.
+
+  * TODO: to be documented. Currently the support for delivery methods are implemented in many places across `common/security-features/`.
+
+* Regenerate the tests and MANIFEST.json
+
+
+## The spec JSON format
+
+For examples of spec JSON files, see [referrer-policy/spec.src.json](../../referrer-policy/spec.src.json) or  [mixed-content/spec.src.json](../../mixed-content/spec.src.json).
+
+### Main sections
+
+* **`specification`**
+
+  Top level requirements with description fields and a ```test_expansion``` rule.
+  This is closely mimicking the [Referrer Policy specification](http://w3c.github.io/webappsec/specs/referrer-policy/) structure.
+
+* **`excluded_tests`**
+
+  List of ```test_expansion``` patterns expanding into selections which get skipped when generating the tests (aka. blacklisting/suppressing)
+
+* **`test_expansion_schema`**
+
+  Provides valid values for each field.
+  Each test expansion can only contain fields and values defined by this schema (or `"*"` values that indicate all the valid values defined this schema).
+
+* **`subresource_schema`**
+
+  Provides metadata of subresources, e.g. supported delivery types for each subresource.
+
+* **`source_context_schema`**
+
+  Provides metadata of each single source context, e.g. supported delivery types and subresources that can be sent from the context.
+
+* **`source_context_list_schema`**
+
+  Provides possible nested combinations of source contexts. See [Source Contexts](#source-contexts) section below for details.
+
+### Test Expansion Patterns
+
+Each field in a test expansion can be in one of the following formats:
+
+* Single match: ```"value"```
+
+* Match any of: ```["value1", "value2", ...]```
+
+* Match all: ```"*"```
+
+
+**NOTE:** An expansion is always constructive (inclusive), there isn't a negation operator for explicit exclusion. Be aware that using an empty list ```[]``` matches (expands into) exactly nothing. Tests which are to be excluded should be defined in the ```excluded_tests``` section instead.
+
+A single test expansion pattern, be it a requirement or a suppressed pattern, gets expanded into a list of **selections** as follows:
+
+* Expand each field's pattern (single, any of, or all) to list of allowed values (defined by the ```test_expansion_schema```)
+
+* Permute - Recursively enumerate all **selections** across all fields
+
+Be aware that if there is more than one pattern expanding into a same selection, the pattern appearing later in the spec JSON will overwrite a previously generated selection. To make sure this is not undetected when generating, set the value of the ```expansion``` field to ```default``` for an expansion appearing earlier and ```override``` for the one appearing later.
+
+A **selection** is a single **test instance** (scenario) with explicit values that defines a single test. The scenario is then evaluated by the ```TestCase``` in JS. For the rest of the arranging part, examine ```/common/security-features/tools/generate.py``` to see how the values for the templates are produced.
+
+
+Taking the spec JSON, the generator follows this algorithm:
+
+* Expand all ```excluded_tests``` to create a blacklist of selections
+
+* For each specification requirement: Expand the ```test_expansion``` pattern into selections and check each against the blacklist, if not marked as suppresed, generate the test resources for the selection
+
+
+### Source Contexts
+
+In **`source_context_list_schema`**, we can specify
+
+- source contexts from where subresource requests are sent, and
+- how policies are delivered, by source contexts and/or subresource requests.
+
+- `sourceContextList`: an array of `SourceContext` objects, and
+- `subresourcePolicyDeliveries`: an array of `PolicyDelivery` objects.
+
+They have the same object format as described in
+`common/security-features/resources/common.js` comments, and are directly
+serialized to generated HTML files and passed to JavaScript test code,
+except that:
+
+- The first entry of `sourceContextList`'s `sourceContextType` should be
+  always `top`, which represents the top-level generated test HTML.
+  (This entry is omitted in the JSON passed to JavaScript, but
+  the policy deliveries specified here are written as e.g.
+  `<meta>` elements in the generated test HTML or HTTP headers)
+- Instead of `PolicyDelivery` object (in `sourceContextList` or
+  `subresourcePolicyDeliveries`), following placeholder strings can be used.
+
+The keys of `source_context_list_schema` can be used as the values of
+`source_context_list` fields, to indicate which source context configuration
+to be used.
+
+### PolicyDelivery placeholders
+
+Each test contains
+
+- `delivery_key` (derived from the top-level `delivery_key`) and
+- `delivery_value`, `delivery_type` (derived from `test_expansion`),
+
+which represents the **target policy delivery**, the policy delivery to be
+tested.
+
+The following placeholder strings in `source_context_list_schema` can be used:
+
+- `"policy"`:
+    - Replaced with the target policy delivery.
+    - Can be used to specify where the target policy delivery should be
+      delivered.
+- `"policyIfNonNull"`:
+    - Replaced with the target policy delivery, only if it has non-null value.
+      If the value is null, then the test file is not generated.
+- `"anotherPolicy"`:
+    - Replaced with a `PolicyDelivery` object that has a different value from
+      the target policy delivery.
+    - Can be used to specify e.g. a policy that should be overridden by
+      the target policy delivery.
+
+For example, when the target policy delivery is
+`{deliveryType: "http-rp", key: "referrerPolicy", value: "no-referrer"}`,
+
+```json
+"sourceContextList": [
+  {
+    "sourceContextType": "top",
+    "policyDeliveries": [
+      "anotherPolicy"
+    ]
+  },
+  {
+    "sourceContextType": "classic-worker",
+    "policyDeliveries": [
+      "policy"
+    ]
+  }
+]
+```
+
+is replaced with
+
+```json
+"sourceContextList": [
+  {
+    "sourceContextType": "top",
+    "policyDeliveries": [
+      {
+        "deliveryType": "meta",
+        "key": "referrerPolicy",
+        "value": "unsafe-url"
+      }
+    ]
+  },
+  {
+    "sourceContextType": "classic-worker",
+    "policyDeliveries": [
+      {
+        "deliveryType": "http-rp",
+        "key": "referrerPolicy",
+        "value": "no-referrer"
+      }
+    ]
+  }
+]
+```
+
+which indicates
+
+- The top-level Document has `<meta name="referrer" content="unsafe-url">`.
+- The classic worker is created with
+  `Referrer-Policy: no-referrer` HTTP response headers.
+
+### `source_context_schema` and `subresource_schema`
+
+These represent supported delivery types and subresources
+for each source context or subresource type. These are used
+
+- To filter out test files for unsupported combinations of delivery types,
+  source contexts and subresources.
+- To determine what delivery types should be used for `anotherPolicy`
+  placeholder.

trunk/LayoutTests/imported/w3c/web-platform-tests/common/security-features/resources/common.sub.js

@@ -1 +1 @@
 /**
- * @fileoverview Utilities for mixed-content in Web Platform Tests.
+ * @fileoverview Utilities for mixed-content in web-platform-tests.
  * @author burnik@google.com (Kristijan Burnik)
  * Disclaimer: Some methods of other authors are annotated in the corresponding
@@ -287 +287 @@
   var element = document.createElement(tagName);
 
-  if (doBindEvents)
+  if (doBindEvents) {
     bindEvents(element);
-
+    if (element.tagName == "IFRAME" && !('srcdoc' in attrs || 'src' in attrs)) {
+      // If we're loading a frame, ensure we spin the event loop after load to
+      // paper over the different event timing in Gecko vs Blink/WebKit
+      // see https://github.com/whatwg/html/issues/4965
+      element.eventPromise = element.eventPromise.then(() => {
+        return new Promise(resolve => setTimeout(resolve, 0))
+      });
+    }
+  }
   // We set the attributes after binding to events to catch any
   // event-triggering attribute changes. E.g. form submission.
@@ -313 +321 @@
 function createRequestViaElement(tagName, attrs, parentNode) {
   return createElement(tagName, attrs, parentNode, true).eventPromise;
-}
-
-/**
- * Creates a new empty iframe and appends it to {@code document.body} .
- * @param {string} name The name and ID of the new iframe.
- * @param {boolean} doBindEvents Whether to bind load and error events.
- * @return {DOMElement} The newly created iframe.
- */
-function createHelperIframe(name, doBindEvents) {
-  return createElement("iframe",
-                       {"name": name, "id": name},
-                       document.body,
-                       doBindEvents);
 }
 
@@ -395 +390 @@
   requestViaDedicatedWorker        2        Y        Y       Y
   requestViaFetch                  2        Y        Y       -
-  requestViaForm                   3        -        Y       -
+  requestViaForm                   2        -        Y       -
   requestViaIframe                 1        Y        Y       -
   requestViaImage                  2        Y        Y       -
@@ -584 +579 @@
 
 /**
- * Sets the href attribute on a navigable DOM element and performs a navigation
- *     by clicking it. To avoid navigating away from the current execution
- *     context, a target attribute is set to point to a new helper iframe.
- * @param {DOMElement} navigableElement The navigable DOMElement
- * @param {string} url The href for the navigable element.
- * @return {Promise} The promise for success/error events.
- */
-function requestViaNavigable(navigableElement, url) {
-  var iframe = createHelperIframe(guid(), false);
-  setAttributes(navigableElement,
-                {"href": url,
-                 "target": iframe.name});
+ * Creates a navigable element with the name `navigableElementName`
+ * (<a>, <area>, or <form>) under `parentNode`, and
+ * performs a navigation by `trigger()` (e.g. clicking <a>).
+ * To avoid navigating away from the current execution context,
+ * a target attribute is set to point to a new helper iframe.
+ * @param {string} navigableElementName
+ * @param {object} additionalAttributes The attributes of the navigable element.
+ * @param {DOMElement} parentNode
+ * @param {function(DOMElement} trigger A callback called after the navigable
+ * element is inserted and should trigger navigation using the element.
+ * @return {Promise} The promise for success/error events.
+ */
+function requestViaNavigable(navigableElementName, additionalAttributes,
+                             parentNode, trigger) {
+  const name = guid();
+
+  const iframe =
+    createElement("iframe", {"name": name, "id": name}, parentNode, false);
+
+  const navigable = createElement(
+      navigableElementName,
+      Object.assign({"target": name}, additionalAttributes),
+      parentNode, false);
 
   const promise =
@@ -604 +610 @@
           return event.data;
         });
-  navigableElement.click();
+  trigger(navigable);
   return promise;
 }
@@ -615 +621 @@
  */
 function requestViaAnchor(url, additionalAttributes) {
-  var a = createElement(
+  return requestViaNavigable(
       "a",
-      Object.assign({"innerHTML": "Link to resource"}, additionalAttributes),
-      document.body);
-
-  return requestViaNavigable(a, url);
+      Object.assign({"href": url, "innerHTML": "Link to resource"},
+                    additionalAttributes),
+      document.body, a => a.click());
 }
 
@@ -630 +635 @@
  */
 function requestViaArea(url, additionalAttributes) {
-  var area = createElement(
+  // TODO(kristijanburnik): Append to map and add image.
+  return requestViaNavigable(
       "area",
-      Object.assign({}, additionalAttributes),
-      document.body);
-
-  // TODO(kristijanburnik): Append to map and add image.
-  return requestViaNavigable(area, url);
+      Object.assign({"href": url}, additionalAttributes),
+      document.body, area => area.click());
 }
 
@@ -662 +665 @@
  * @return {Promise} The promise for success/error events.
  */
-function requestViaForm(url) {
-  var iframe = createHelperIframe(guid());
-  var form = createElement("form",
-                           {"action": url,
-                            "method": "POST",
-                            "target": iframe.name},
-                           document.body);
-  bindEvents(iframe);
-  form.submit();
-
-  return iframe.eventPromise;
+function requestViaForm(url, additionalAttributes) {
+  return requestViaNavigable(
+      "form",
+      Object.assign({"action": url, "method": "POST"}, additionalAttributes),
+      document.body, form => form.submit());
 }
 
@@ -867 +864 @@
   },
   "form-tag": {
-    path: "/common/security-features/subresource/empty.py",
+    path: "/common/security-features/subresource/document.py",
     invoker: requestViaForm,
   },
@@ -969 +966 @@
   // These values can evaluate to either empty strings or a ":port" string.
   const httpPort = getNormalizedPort(parseInt("{{ports[http][0]}}", 10));
-  const httpsPort = getNormalizedPort(parseInt("{{ports[https][0]}}", 10));
+  const httpsRawPort = parseInt("{{ports[https][0]}}", 10);
+  const httpsPort = getNormalizedPort(httpsRawPort);
   const wsPort = getNormalizedPort(parseInt("{{ports[ws][0]}}", 10));
-  const wssPort = getNormalizedPort(parseInt("{{ports[wss][0]}}", 10));
+  const wssRawPort = parseInt("{{ports[wss][0]}}", 10);
+  const wssPort = getNormalizedPort(wssRawPort);
 
   /**
@@ -993 +992 @@
     "cross-wss": wssProtocol + "://" + crossOriginHost + wssPort,
     "cross-ws": wsProtocol + "://" + crossOriginHost + wsPort,
+
+    // The following origin types are used for upgrade-insecure-requests tests:
+    // These rely on some unintuitive cleverness due to WPT's test setup:
+    // 'Upgrade-Insecure-Requests' does not upgrade the port number,
+    // so we use URLs in the form `http://[domain]:[https-port]`,
+    // which will be upgraded to `https://[domain]:[https-port]`.
+    // If the upgrade fails, the load will fail, as we don't serve HTTP over
+    // the secure port.
+    "same-http-downgrade":
+        httpProtocol + "://" + sameOriginHost + ":" + httpsRawPort,
+    "cross-http-downgrade":
+        httpProtocol + "://" + crossOriginHost + ":" + httpsRawPort,
+    "same-ws-downgrade":
+        wsProtocol + "://" + sameOriginHost + ":" + wssRawPort,
+    "cross-ws-downgrade":
+        wsProtocol + "://" + crossOriginHost + ":" + wssRawPort,
   };
 
@@ -1101 +1116 @@
       invoker: invokeFromIframe,
     },
+    "iframe-blank": { // <iframe></iframe>
+      invoker: invokeFromIframe,
+    },
     "worker-classic": {
       // Classic dedicated worker loaded from same-origin.
@@ -1187 +1205 @@
         currentSourceContext.policyDeliveries || []));
 
+  let iframe;
   let promise;
   if (currentSourceContext.sourceContextType === 'srcdoc') {
@@ -1192 +1211 @@
       .then(r => r.text())
       .then(srcdoc => {
-          return createElement("iframe", {srcdoc: srcdoc}, document.body, true);
+          iframe = createElement(
+              "iframe", {srcdoc: srcdoc}, document.body, true);
+          return iframe.eventPromise;
         });
   } else if (currentSourceContext.sourceContextType === 'iframe') {
-    promise = Promise.resolve(
-        createElement("iframe", {src: frameUrl}, document.body, true));
+    iframe = createElement("iframe", {src: frameUrl}, document.body, true);
+    promise = iframe.eventPromise;
+  } else if (currentSourceContext.sourceContextType === 'iframe-blank') {
+    let frameContent;
+    promise = fetch(frameUrl)
+      .then(r => r.text())
+      .then(t => {
+          frameContent = t;
+          iframe = createElement("iframe", {}, document.body, true);
+          return iframe.eventPromise;
+        })
+      .then(() => {
+          // Reinitialize `iframe.eventPromise` with a new promise
+          // that catches the load event for the document.write() below.
+          bindEvents(iframe);
+
+          iframe.contentDocument.write(frameContent);
+          iframe.contentDocument.close();
+          return iframe.eventPromise;
+        });
   }
 
   return promise
-    .then(iframe => {
-        return iframe.eventPromise
-          .then(() => {
-              const promise = bindEvents2(
-                  window, "message", iframe, "error", window, "error");
-              iframe.contentWindow.postMessage(
-                  {subresource: subresource,
-                   sourceContextList: sourceContextList.slice(1)},
-                  "*");
-              return promise;
-            })
-          .then(event => {
-              if (event.data.error)
-                return Promise.reject(event.data.error);
-              return event.data;
-            });
+    .then(() => {
+        const promise = bindEvents2(
+            window, "message", iframe, "error", window, "error");
+        iframe.contentWindow.postMessage(
+            {subresource: subresource,
+             sourceContextList: sourceContextList.slice(1)},
+            "*");
+        return promise;
+      })
+    .then(event => {
+        if (event.data.error)
+          return Promise.reject(event.data.error);
+        return event.data;
       });
 }

trunk/LayoutTests/imported/w3c/web-platform-tests/common/security-features/resources/w3c-import.log

@@ -15 +15 @@
 ------------------------------------------------------------------------
 List of files:
-/LayoutTests/imported/w3c/web-platform-tests/common/security-features/resources/common.js
+/LayoutTests/imported/w3c/web-platform-tests/common/security-features/resources/common.sub.js
+/LayoutTests/imported/w3c/web-platform-tests/common/security-features/resources/common.sub.js.headers

trunk/LayoutTests/imported/w3c/web-platform-tests/common/security-features/scope/template/document.html.template

@@ -3 +3 @@
   <head>
     %(meta)s
-    <script src="/common/security-features/resources/common.js"></script>
+    <script src="/common/security-features/resources/common.sub.js"></script>
     <script>
     // Receive a message from the parent and start the test.

trunk/LayoutTests/imported/w3c/web-platform-tests/common/security-features/scope/template/w3c-import.log

@@ -16 +16 @@
 List of files:
 /LayoutTests/imported/w3c/web-platform-tests/common/security-features/scope/template/document.html.template
+/LayoutTests/imported/w3c/web-platform-tests/common/security-features/scope/template/worker.js.template

trunk/LayoutTests/imported/w3c/web-platform-tests/common/security-features/scope/w3c-import.log

@@ -17 +17 @@
 /LayoutTests/imported/w3c/web-platform-tests/common/security-features/scope/document.py
 /LayoutTests/imported/w3c/web-platform-tests/common/security-features/scope/util.py
+/LayoutTests/imported/w3c/web-platform-tests/common/security-features/scope/worker.py

trunk/LayoutTests/imported/w3c/web-platform-tests/common/security-features/subresource/subresource.py

@@ -33 +33 @@
 # - When `swap_scheme` or `swap_origin` is True, its scheme/origin is changed
 #   to the other one. (http <-> https, ws <-> wss, etc.)
+# - For `downgrade`, we redirect to a URL that would be successfully loaded
+#   if and only if upgrade-insecure-request is applied.
 # - `query_parameter_to_remove` parameter is removed from query part.
 #   Its default is "redirection" to avoid redirect loops.
-def create_url(request, swap_scheme = False, swap_origin = False,
-               query_parameter_to_remove = "redirection"):
+def create_url(request,
+               swap_scheme=False,
+               swap_origin=False,
+               downgrade=False,
+               query_parameter_to_remove="redirection"):
     parsed = urlparse.urlsplit(request.url)
     destination_netloc = parsed.netloc
@@ -45 +50 @@
         hostname = parsed.netloc.split(':')[0]
         port = request.server.config["ports"][scheme][0]
+        destination_netloc = ":".join([hostname, str(port)])
+
+    if downgrade:
+        # These rely on some unintuitive cleverness due to WPT's test setup:
+        # 'Upgrade-Insecure-Requests' does not upgrade the port number,
+        # so we use URLs in the form `http://[domain]:[https-port]`,
+        # which will be upgraded to `https://[domain]:[https-port]`.
+        # If the upgrade fails, the load will fail, as we don't serve HTTP over
+        # the secure port.
+        if parsed.scheme == "https":
+            scheme = "http"
+        elif parsed.scheme == "wss":
+            scheme = "ws"
+        else:
+            raise ValueError("Downgrade redirection: Invalid scheme '%s'" %
+                             parsed.scheme)
+        hostname = parsed.netloc.split(':')[0]
+        port = request.server.config["ports"][parsed.scheme][0]
         destination_netloc = ":".join([hostname, str(port)])
 
@@ -72 +95 @@
     if redirection == "no-redirect":
         return False
-    elif redirection == "keep-scheme-redirect":
+    elif redirection == "keep-scheme":
         redirect_url = create_url(request, swap_scheme=False)
-    elif redirection == "swap-scheme-redirect":
+    elif redirection == "swap-scheme":
         redirect_url = create_url(request, swap_scheme=True)
-    elif redirection == "keep-origin-redirect":
+    elif redirection == "downgrade":
+        redirect_url = create_url(request, downgrade=True)
+    elif redirection == "keep-origin":
         redirect_url = create_url(request, swap_origin=False)
-    elif redirection == "swap-origin-redirect":
+    elif redirection == "swap-origin":
         redirect_url = create_url(request, swap_origin=True)
     else:

trunk/LayoutTests/imported/w3c/web-platform-tests/common/security-features/tools/generate.py

@@ -1 +1 @@
 from __future__ import print_function
 
+import argparse
 import copy
-import os, sys, json
+import json
+import os
+import sys
+
 import spec_validator
-import argparse
 import util
 
@@ -29 +32 @@
 
 
-def permute_expansion(expansion, artifact_order, selection = {}, artifact_index = 0):
+def permute_expansion(expansion,
+                      artifact_order,
+                      selection={},
+                      artifact_index=0):
     assert isinstance(artifact_order, list), "artifact_order should be a list"
 
@@ -40 +46 @@
     for artifact_value in expansion[artifact_key]:
         selection[artifact_key] = artifact_value
-        for next_selection in permute_expansion(expansion,
-                                                artifact_order,
-                                                selection,
-                                                artifact_index + 1):
+        for next_selection in permute_expansion(expansion, artifact_order,
+                                                selection, artifact_index + 1):
             yield next_selection
 
 
-def generate_selection(config, selection, spec, test_html_template_basename):
-    # TODO: Refactor out this referrer-policy-specific part.
-    if 'referrer_policy' in spec:
-      # Oddball: it can be None, so in JS it's null.
-      selection['referrer_policy'] = spec['referrer_policy']
-
-    test_parameters = json.dumps(selection, indent=2, separators=(',', ':'))
+# Dumps the test config `selection` into a serialized JSON string.
+# We omit `name` parameter because it is not used by tests.
+def dump_test_parameters(selection):
+    selection = dict(selection)
+    del selection['name']
+
+    return json.dumps(
+        selection,
+        indent=2,
+        separators=(',', ': '),
+        sort_keys=True,
+        cls=util.CustomEncoder)
+
+
+def get_test_filename(config, selection):
+    '''Returns the filname for the main test HTML file'''
+
+    selection_for_filename = copy.deepcopy(selection)
+    # Use 'unset' rather than 'None' in test filenames.
+    if selection_for_filename['delivery_value'] is None:
+        selection_for_filename['delivery_value'] = 'unset'
+
+    return os.path.join(config.spec_directory,
+                        config.test_file_path_pattern % selection_for_filename)
+
+
+def handle_deliveries(policy_deliveries):
+    '''
+    Generate <meta> elements and HTTP headers for the given list of
+    PolicyDelivery.
+    TODO(hiroshige): Merge duplicated code here, scope/document.py, etc.
+    '''
+
+    meta = ''
+    headers = {}
+
+    for delivery in policy_deliveries:
+        if delivery.value is None:
+            continue
+        if delivery.key == 'referrerPolicy':
+            if delivery.delivery_type == 'meta':
+                meta += \
+                    '<meta name="referrer" content="%s">' % delivery.value
+            elif delivery.delivery_type == 'http-rp':
+                headers['Referrer-Policy'] = delivery.value
+                # TODO(kristijanburnik): Limit to WPT origins.
+                headers['Access-Control-Allow-Origin'] = '*'
+            else:
+                raise Exception(
+                    'Invalid delivery_type: %s' % delivery.delivery_type)
+        elif delivery.key == 'mixedContent':
+            assert (delivery.value == 'opt-in')
+            if delivery.delivery_type == 'meta':
+                meta += '<meta http-equiv="Content-Security-Policy" ' + \
+                       'content="block-all-mixed-content">'
+            elif delivery.delivery_type == 'http-rp':
+                headers['Content-Security-Policy'] = 'block-all-mixed-content'
+            else:
+                raise Exception(
+                    'Invalid delivery_type: %s' % delivery.delivery_type)
+        elif delivery.key == 'upgradeInsecureRequests':
+            # https://w3c.github.io/webappsec-upgrade-insecure-requests/#delivery
+            assert (delivery.value == 'upgrade')
+            if delivery.delivery_type == 'meta':
+                meta += '<meta http-equiv="Content-Security-Policy" ' + \
+                       'content="upgrade-insecure-requests">'
+            elif delivery.delivery_type == 'http-rp':
+                headers[
+                    'Content-Security-Policy'] = 'upgrade-insecure-requests'
+            else:
+                raise Exception(
+                    'Invalid delivery_type: %s' % delivery.delivery_type)
+        else:
+            raise Exception('Invalid delivery_key: %s' % delivery.key)
+    return {"meta": meta, "headers": headers}
+
+
+def generate_selection(spec_json, config, selection, spec,
+                       test_html_template_basename):
+    test_filename = get_test_filename(config, selection)
+
+    target_policy_delivery = util.PolicyDelivery(selection['delivery_type'],
+                                                 selection['delivery_key'],
+                                                 selection['delivery_value'])
+    del selection['delivery_type']
+    del selection['delivery_key']
+    del selection['delivery_value']
+
+    # Parse source context list and policy deliveries of source contexts.
+    # `util.ShouldSkip()` exceptions are raised if e.g. unsuppported
+    # combinations of source contexts and policy deliveries are used.
+    source_context_list_scheme = spec_json['source_context_list_schema'][
+        selection['source_context_list']]
+    selection['source_context_list'] = [
+        util.SourceContext.from_json(source_context, target_policy_delivery,
+                                     spec_json['source_context_schema'])
+        for source_context in source_context_list_scheme['sourceContextList']
+    ]
+
+    # Check if the subresource is supported by the innermost source context.
+    innermost_source_context = selection['source_context_list'][-1]
+    supported_subresource = spec_json['source_context_schema'][
+        'supported_subresource'][innermost_source_context.source_context_type]
+    if supported_subresource != '*':
+        if selection['subresource'] not in supported_subresource:
+            raise util.ShouldSkip()
+
+    # Parse subresource policy deliveries.
+    selection[
+        'subresource_policy_deliveries'] = util.PolicyDelivery.list_from_json(
+            source_context_list_scheme['subresourcePolicyDeliveries'],
+            target_policy_delivery, spec_json['subresource_schema']
+            ['supported_delivery_type'][selection['subresource']])
+
+    # We process the top source context below, and do not include it in
+    # `scenario` field in JavaScript.
+    top_source_context = selection['source_context_list'].pop(0)
+    assert (top_source_context.source_context_type == 'top')
+
     # Adjust the template for the test invoking JS. Indent it to look nice.
     indent = "\n" + " " * 8
-    test_parameters = test_parameters.replace("\n", indent)
-
-    selection['test_js'] = '''
-      %s(
-        %s,
-        document.querySelector("meta[name=assert]").content,
-        new SanityChecker()
-      ).start();
-      ''' % (config.test_case_name, test_parameters)
+    selection['scenario'] = dump_test_parameters(selection).replace(
+        "\n", indent)
 
     selection['spec_name'] = spec['name']
-    selection['test_page_title'] = config.test_page_title_template % spec['title']
+    selection[
+        'test_page_title'] = config.test_page_title_template % spec['title']
     selection['spec_description'] = spec['description']
     selection['spec_specification_url'] = spec['specification_url']
@@ -74 +184 @@
     selection['spec_json_js'] = config.spec_json_js
 
-    test_filename = os.path.join(config.spec_directory, config.test_file_path_pattern % selection)
     test_headers_filename = test_filename + ".headers"
     test_directory = os.path.dirname(test_filename)
@@ -84 +193 @@
                                           test_html_template_basename)
     generated_disclaimer = disclaimer_template \
-        % {'generating_script_filename': os.path.relpath(__file__,
+        % {'generating_script_filename': os.path.relpath(sys.argv[0],
                                                          util.test_root_directory),
            'html_template_filename': os.path.relpath(html_template_filename,
@@ -91 +200 @@
     # Adjust the template for the test invoking JS. Indent it to look nice.
     selection['generated_disclaimer'] = generated_disclaimer.rstrip()
-    selection['test_description'] = config.test_description_template % selection
+    selection[
+        'test_description'] = config.test_description_template % selection
     selection['test_description'] = \
         selection['test_description'].rstrip().replace("\n", "\n" + " " * 33)
@@ -101 +211 @@
         pass
 
-    delivery = config.handleDelivery(selection, spec)
+    delivery = handle_deliveries(top_source_context.policy_deliveries)
 
     if len(delivery['headers']) > 0:
         with open(test_headers_filename, "w") as f:
             for header in delivery['headers']:
-                f.write(header)
-                f.write('\n')
+                f.write('%s: %s\n' % (header, delivery['headers'][header]))
 
     selection['meta_delivery_method'] = delivery['meta']
@@ -124 +233 @@
 
     spec_json_js_template = util.get_template('spec_json.js.template')
-    generated_spec_json_filename = os.path.join(config.spec_directory, "spec_json.js")
-    util.write_file(generated_spec_json_filename,
-               spec_json_js_template % {'spec_json': json.dumps(spec_json)})
+    generated_spec_json_filename = os.path.join(config.spec_directory,
+                                                "spec_json.js")
+    util.write_file(
+        generated_spec_json_filename,
+        spec_json_js_template % {'spec_json': json.dumps(spec_json)})
 
     # Choose a debug/release template depending on the target.
@@ -150 +261 @@
 
         for expansion_pattern in spec['test_expansion']:
-            expansion = expand_pattern(expansion_pattern, test_expansion_schema)
+            expansion = expand_pattern(expansion_pattern,
+                                       test_expansion_schema)
             for selection in permute_expansion(expansion, artifact_order):
+                selection['delivery_key'] = spec_json['delivery_key']
                 selection_path = config.selection_pattern % selection
                 if not selection_path in exclusion_dict:
                     if selection_path in output_dict:
                         if expansion_pattern['expansion'] != 'override':
-                            print("Error: %s's expansion is default but overrides %s" % (selection['name'], output_dict[selection_path]['name']))
+                            print(
+                                "Error: %s's expansion is default but overrides %s"
+                                % (selection['name'],
+                                   output_dict[selection_path]['name']))
                             sys.exit(1)
                     output_dict[selection_path] = copy.deepcopy(selection)
@@ -164 +280 @@
         for selection_path in output_dict:
             selection = output_dict[selection_path]
-            generate_selection(config,
-                               selection,
-                               spec,
-                               html_template)
+            try:
+                generate_selection(spec_json, config, selection, spec,
+                                   html_template)
+            except util.ShouldSkip:
+                continue
 
 
 def main(config):
-    parser = argparse.ArgumentParser(description='Test suite generator utility')
-    parser.add_argument('-t', '--target', type = str,
-        choices = ("release", "debug"), default = "release",
-        help = 'Sets the appropriate template for generating tests')
-    parser.add_argument('-s', '--spec', type = str, default = None,
-        help = 'Specify a file used for describing and generating the tests')
+    parser = argparse.ArgumentParser(
+        description='Test suite generator utility')
+    parser.add_argument(
+        '-t',
+        '--target',
+        type=str,
+        choices=("release", "debug"),
+        default="release",
+        help='Sets the appropriate template for generating tests')
+    parser.add_argument(
+        '-s',
+        '--spec',
+        type=str,
+        default=None,
+        help='Specify a file used for describing and generating the tests')
     # TODO(kristijanburnik): Add option for the spec_json file.
     args = parser.parse_args()
 
     if args.spec:
-      config.spec_directory = args.spec
+        config.spec_directory = args.spec
 
     spec_filename = os.path.join(config.spec_directory, "spec.src.json")

trunk/LayoutTests/imported/w3c/web-platform-tests/common/security-features/tools/template/test.debug.html.template

@@ -11 +11 @@
     <script src="/resources/testharness.js"></script>
     <script src="/resources/testharnessreport.js"></script>
-    <script src="/common/security-features/resources/common.js"></script>
+    <script src="/common/security-features/resources/common.sub.js"></script>
     <!-- The original specification JSON for validating the scenario. -->
     <script src="%(spec_json_js)s"></script>
@@ -19 +19 @@
   </head>
   <body>
-    <script>%(test_js)s</script>
+    <script>
+      TestCase(
+        %(scenario)s,
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
     <div id="log"></div>
   </body>

trunk/LayoutTests/imported/w3c/web-platform-tests/common/security-features/tools/template/test.release.html.template

@@ -11 +11 @@
     <script src="/resources/testharness.js"></script>
     <script src="/resources/testharnessreport.js"></script>
-    <script src="/common/security-features/resources/common.js"></script>
+    <script src="/common/security-features/resources/common.sub.js"></script>
     <script src="%(helper_js)s"></script>
   </head>
   <body>
-    <script>%(test_js)s</script>
+    <script>
+      TestCase(
+        %(scenario)s,
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
     <div id="log"></div>
   </body>

trunk/LayoutTests/imported/w3c/web-platform-tests/common/security-features/tools/util.py

@@ -4 +4 @@
 
 script_directory = os.path.dirname(os.path.abspath(__file__))
-template_directory = os.path.abspath(os.path.join(script_directory,
-                                                  'template'))
-test_root_directory = os.path.abspath(os.path.join(script_directory,
-                                                   '..', '..', '..'))
+template_directory = os.path.abspath(
+    os.path.join(script_directory, 'template'))
+test_root_directory = os.path.abspath(
+    os.path.join(script_directory, '..', '..', '..'))
 
 
@@ -21 +21 @@
 
 def read_nth_line(fp, line_number):
-  fp.seek(0)
-  for i, line in enumerate(fp):
-    if (i + 1) == line_number:
-      return line
+    fp.seek(0)
+    for i, line in enumerate(fp):
+        if (i + 1) == line_number:
+            return line
 
 
@@ -31 +31 @@
     with open(path_to_spec, "r") as f:
         try:
-          return json.load(f)
+            return json.load(f)
         except ValueError as ex:
-          print(ex.message)
-          match = re_error_location.search(ex.message)
-          if match:
-            line_number, column = int(match.group(1)), int(match.group(2))
-            print(read_nth_line(f, line_number).rstrip())
-            print(" " * (column - 1) + "^")
-          sys.exit(1)
+            print(ex.message)
+            match = re_error_location.search(ex.message)
+            if match:
+                line_number, column = int(match.group(1)), int(match.group(2))
+                print(read_nth_line(f, line_number).rstrip())
+                print(" " * (column - 1) + "^")
+            sys.exit(1)
+
+
+class ShouldSkip(Exception):
+    '''
+    Raised when the given combination of subresource type, source context type,
+    delivery type etc. are not supported and we should skip that configuration.
+    ShouldSkip is expected in normal generator execution (and thus subsequent
+    generation continues), as we first enumerate a broad range of configurations
+    first, and later raise ShouldSkip to filter out unsupported combinations.
+
+    ShouldSkip is distinguished from other general errors that cause immediate
+    termination of the generator and require fix.
+    '''
+    def __init__(self):
+        pass
+
+
+class PolicyDelivery(object):
+    '''
+    See `@typedef PolicyDelivery` comments in
+    `common/security-features/resources/common.sub.js`.
+    '''
+
+    def __init__(self, delivery_type, key, value):
+        self.delivery_type = delivery_type
+        self.key = key
+        self.value = value
+
+    @classmethod
+    def list_from_json(cls, list, target_policy_delivery,
+                       supported_delivery_types):
+        # type: (dict, PolicyDelivery, typing.List[str]) -> typing.List[PolicyDelivery]
+        '''
+        Parses a JSON object `list` that represents a list of `PolicyDelivery`
+        and returns a list of `PolicyDelivery`, plus supporting placeholders
+        (see `from_json()` comments below or
+        `common/security-features/README.md`).
+
+        Can raise `ShouldSkip`.
+        '''
+        if list is None:
+            return []
+
+        out = []
+        for obj in list:
+            policy_delivery = PolicyDelivery.from_json(
+                obj, target_policy_delivery, supported_delivery_types)
+            # Drop entries with null values.
+            if policy_delivery.value is None:
+                continue
+            out.append(policy_delivery)
+        return out
+
+    @classmethod
+    def from_json(cls, obj, target_policy_delivery, supported_delivery_types):
+        # type: (dict, PolicyDelivery, typing.List[str]) -> PolicyDelivery
+        '''
+           Parses a JSON object `obj` and returns a `PolicyDelivery` object.
+           In addition to dicts (in the same format as to_json() outputs),
+           this method accepts the following placeholders:
+             "policy":
+               `target_policy_delivery`
+             "policyIfNonNull":
+               `target_policy_delivery` if its value is not None.
+             "anotherPolicy":
+               A PolicyDelivery that has the same key as
+               `target_policy_delivery` but a different value.
+               The delivery type is selected from `supported_delivery_types`.
+
+        Can raise `ShouldSkip`.
+        '''
+
+        if obj == "policy":
+            policy_delivery = target_policy_delivery
+        elif obj == "nonNullPolicy":
+            if target_policy_delivery.value is None:
+                raise ShouldSkip()
+            policy_delivery = target_policy_delivery
+        elif obj == "anotherPolicy":
+            policy_delivery = target_policy_delivery.get_another_policy(
+                supported_delivery_types[0])
+        elif type(obj) == dict:
+            policy_delivery = PolicyDelivery(obj['deliveryType'], obj['key'],
+                                             obj['value'])
+        else:
+            raise Exception('policy delivery is invalid: ' + obj)
+
+        # Omit unsupported combinations of source contexts and delivery type.
+        if policy_delivery.delivery_type not in supported_delivery_types:
+            raise ShouldSkip()
+
+        return policy_delivery
+
+    def to_json(self):
+        # type: () -> dict
+        return {
+            "deliveryType": self.delivery_type,
+            "key": self.key,
+            "value": self.value
+        }
+
+    def get_another_policy(self, delivery_type):
+        # type: (str) -> PolicyDelivery
+        if self.key == 'referrerPolicy':
+            if self.value == 'no-referrer':
+                return PolicyDelivery(delivery_type, self.key, 'unsafe-url')
+            else:
+                return PolicyDelivery(delivery_type, self.key, 'no-referrer')
+        else:
+            raise Exception('delivery key is invalid: ' + self.key)
+
+
+class SourceContext(object):
+    def __init__(self, source_context_type, policy_deliveries):
+        # type: (unicode, typing.List[PolicyDelivery]) -> None
+        self.source_context_type = source_context_type
+        self.policy_deliveries = policy_deliveries
+
+    @classmethod
+    def from_json(cls, obj, target_policy_delivery, source_context_schema):
+        '''
+        Parses a JSON object `obj` and returns a `SourceContext` object.
+
+        `target_policy_delivery` and `source_context_schema` are used for
+        policy delivery placeholders and filtering out unsupported
+        delivery types.
+
+        Can raise `ShouldSkip`.
+        '''
+        source_context_type = obj.get('sourceContextType')
+        policy_deliveries = PolicyDelivery.list_from_json(
+            obj.get('policyDeliveries'), target_policy_delivery,
+            source_context_schema['supported_delivery_type']
+            [source_context_type])
+        return SourceContext(source_context_type, policy_deliveries)
+
+    def to_json(self):
+        return {
+            "sourceContextType": self.source_context_type,
+            "policyDeliveries": [x.to_json() for x in self.policy_deliveries]
+        }
+
+
+class CustomEncoder(json.JSONEncoder):
+    '''
+    Used to dump dicts containing `SourceContext`/`PolicyDelivery` into JSON.
+    '''
+    def default(self, obj):
+        if isinstance(obj, SourceContext):
+            return obj.to_json()
+        if isinstance(obj, PolicyDelivery):
+            return obj.to_json()
+        return json.JSONEncoder.default(self, obj)

trunk/LayoutTests/imported/w3c/web-platform-tests/common/security-features/tools/w3c-import.log

@@ -15 +15 @@
 ------------------------------------------------------------------------
 List of files:
+/LayoutTests/imported/w3c/web-platform-tests/common/security-features/tools/format_spec_src_json.py
 /LayoutTests/imported/w3c/web-platform-tests/common/security-features/tools/generate.py
+/LayoutTests/imported/w3c/web-platform-tests/common/security-features/tools/spec_validator.py
 /LayoutTests/imported/w3c/web-platform-tests/common/security-features/tools/util.py

trunk/LayoutTests/imported/w3c/web-platform-tests/common/w3c-import.log

@@ -20 +20 @@
 /LayoutTests/imported/w3c/web-platform-tests/common/PrefixedPostMessage.js
 /LayoutTests/imported/w3c/web-platform-tests/common/PrefixedPostMessage.js.headers
+/LayoutTests/imported/w3c/web-platform-tests/common/README.md
 /LayoutTests/imported/w3c/web-platform-tests/common/arrays.js
 /LayoutTests/imported/w3c/web-platform-tests/common/blank.html
-/LayoutTests/imported/w3c/web-platform-tests/common/canvas-frame.css
-/LayoutTests/imported/w3c/web-platform-tests/common/canvas-frame.css.headers
-/LayoutTests/imported/w3c/web-platform-tests/common/canvas-index.css
-/LayoutTests/imported/w3c/web-platform-tests/common/canvas-index.css.headers
-/LayoutTests/imported/w3c/web-platform-tests/common/canvas-spec.css
-/LayoutTests/imported/w3c/web-platform-tests/common/canvas-spec.css.headers
-/LayoutTests/imported/w3c/web-platform-tests/common/canvas-tests.css
-/LayoutTests/imported/w3c/web-platform-tests/common/canvas-tests.css.headers
-/LayoutTests/imported/w3c/web-platform-tests/common/canvas-tests.js
-/LayoutTests/imported/w3c/web-platform-tests/common/canvas-tests.js.headers
-/LayoutTests/imported/w3c/web-platform-tests/common/css-paint-tests.js.headers
-/LayoutTests/imported/w3c/web-platform-tests/common/css-red.txt
 /LayoutTests/imported/w3c/web-platform-tests/common/domain-setter.sub.html
 /LayoutTests/imported/w3c/web-platform-tests/common/dummy.xhtml
 /LayoutTests/imported/w3c/web-platform-tests/common/dummy.xml
 /LayoutTests/imported/w3c/web-platform-tests/common/echo.py
-/LayoutTests/imported/w3c/web-platform-tests/common/entities.json
-/LayoutTests/imported/w3c/web-platform-tests/common/form-submission.py
 /LayoutTests/imported/w3c/web-platform-tests/common/get-host-info.sub.js
 /LayoutTests/imported/w3c/web-platform-tests/common/get-host-info.sub.js.headers
 /LayoutTests/imported/w3c/web-platform-tests/common/media.js
 /LayoutTests/imported/w3c/web-platform-tests/common/media.js.headers
-/LayoutTests/imported/w3c/web-platform-tests/common/namespaces.js
 /LayoutTests/imported/w3c/web-platform-tests/common/object-association.js
 /LayoutTests/imported/w3c/web-platform-tests/common/object-association.js.headers
@@ -53 +39 @@
 /LayoutTests/imported/w3c/web-platform-tests/common/reftest-wait.js
 /LayoutTests/imported/w3c/web-platform-tests/common/reftest-wait.js.headers
-/LayoutTests/imported/w3c/web-platform-tests/common/sleep.py
 /LayoutTests/imported/w3c/web-platform-tests/common/slow.py
 /LayoutTests/imported/w3c/web-platform-tests/common/stringifiers.js
@@ -65 +50 @@
 /LayoutTests/imported/w3c/web-platform-tests/common/utils.js.headers
 /LayoutTests/imported/w3c/web-platform-tests/common/worklet-reftest.js
+/LayoutTests/imported/w3c/web-platform-tests/common/worklet-reftest.js.headers

trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/document-metadata/the-style-element/style-error-01-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Did not parse stylesheet at 'http://localhost:8800/common/css-red.txt' because non CSS MIME types are not allowed in strict mode.
 
-Harness Error (TIMEOUT), message = null
+PASS Should get an error event for a text/plain response. 
 
-TIMEOUT Should get an error event for a text/plain response. Test timed out
-