Changeset 263621 in webkit

Timestamp:

Jun 27, 2020 9:08:59 AM (4 years ago)

Author:

Chris Dumez

Message:

Update web-platform-tests/common from upstream
​https://bugs.webkit.org/show_bug.cgi?id=213665

Reviewed by Sam Weinig.

Update web-platform-tests/common from upstream b076c305a256e7fb7.

• web-platform-tests/common/*: Updated.

Location:

trunk/LayoutTests/imported/w3c

Files:

• ChangeLog (modified) (1 diff)
• web-platform-tests/common/META.yml (modified) (1 diff)
• web-platform-tests/common/arrays.js (modified) (1 diff)
• web-platform-tests/common/get-host-info.sub.js (modified) (2 diffs)
• web-platform-tests/common/media.js (modified) (3 diffs)
• web-platform-tests/common/object-association.js (modified) (1 diff)
• web-platform-tests/common/redirect.py (modified) (2 diffs)
• web-platform-tests/common/reftest-wait.js (modified) (1 diff)
• web-platform-tests/common/rendering-utils.js (added)
• web-platform-tests/common/sab.js (added)
• web-platform-tests/common/security-features/README.md (modified) (14 diffs)
• web-platform-tests/common/security-features/resources/common.sub.js (modified) (11 diffs)
• web-platform-tests/common/security-features/scope/template/worker.js.template (modified) (2 diffs)
• web-platform-tests/common/security-features/scope/worker.py (modified) (1 diff)
• web-platform-tests/common/security-features/subresource/referrer.py (added)
• web-platform-tests/common/security-features/subresource/static-import.py (added)
• web-platform-tests/common/security-features/subresource/template/static-import.js.template (added)
• web-platform-tests/common/security-features/subresource/template/w3c-import.log (modified) (1 diff)
• web-platform-tests/common/security-features/subresource/w3c-import.log (modified) (1 diff)
• web-platform-tests/common/security-features/tools/format_spec_src_json.py (modified) (1 diff)
• web-platform-tests/common/security-features/tools/generate.py (modified) (11 diffs)
• web-platform-tests/common/security-features/tools/spec.src.json (added)
• web-platform-tests/common/security-features/tools/spec_validator.py (modified) (5 diffs)
• web-platform-tests/common/security-features/tools/template/disclaimer.template (modified) (1 diff)
• web-platform-tests/common/security-features/tools/template/test.debug.html.template (modified) (2 diffs)
• web-platform-tests/common/security-features/tools/template/test.release.html.template (modified) (1 diff)
• web-platform-tests/common/security-features/tools/util.py (modified) (6 diffs)
• web-platform-tests/common/security-features/tools/w3c-import.log (modified) (1 diff)
• web-platform-tests/common/security-features/types.md (added)
• web-platform-tests/common/security-features/w3c-import.log (modified) (1 diff)
• web-platform-tests/common/stringifiers.js (modified) (2 diffs)
• web-platform-tests/common/subset-tests-by-key.js (modified) (3 diffs)
• web-platform-tests/common/subset-tests.js (modified) (2 diffs)
• web-platform-tests/common/test-setting-immutable-prototype.js (modified) (4 diffs)
• web-platform-tests/common/utils.js (modified) (5 diffs)
• web-platform-tests/common/w3c-import.log (modified) (1 diff)
• web-platform-tests/common/worklet-reftest.js (modified) (3 diffs)
• web-platform-tests/html/browsers/history/the-location-interface/location-prototype-setting-same-origin-domain.sub-expected.txt (modified) (1 diff)
• web-platform-tests/html/browsers/the-windowproxy-exotic-object/windowproxy-prototype-setting-same-origin-domain.sub-expected.txt (modified) (1 diff)

trunk/LayoutTests/imported/w3c/ChangeLog

@@ +1 @@
+2020-06-27  Chris Dumez  <cdumez@apple.com>
+
+        Update web-platform-tests/common from upstream
+        https://bugs.webkit.org/show_bug.cgi?id=213665
+
+        Reviewed by Sam Weinig.
+
+        Update web-platform-tests/common from upstream b076c305a256e7fb7.
+
+        * web-platform-tests/common/*: Updated.
+
 2020-06-26  Chris Dumez  <cdumez@apple.com>
 

trunk/LayoutTests/imported/w3c/web-platform-tests/common/META.yml

@@ -2 +2 @@
   - zqzhang
   - deniak
-  - gsnedders

trunk/LayoutTests/imported/w3c/web-platform-tests/common/arrays.js

@@ -1 @@
-// Returns true if the given arrays are equal. Optionally can pass an equality function.
+/**
+ * Callback for checking equality of c and d.
+ *
+ * @callback equalityCallback
+ * @param {*} c
+ * @param {*} d
+ * @returns {boolean}
+ */
+
+/**
+ * Returns true if the given arrays are equal. Optionally can pass an equality function.
+ * @param {Array} a
+ * @param {Array} b
+ * @param {equalityCallback} callbackFunction - defaults to `c === d`
+ * @returns {boolean}
+ */
 export function areArraysEqual(a, b, equalityFunction = (c, d) => { return c === d; }) {
   try {

trunk/LayoutTests/imported/w3c/web-platform-tests/common/get-host-info.sub.js

@@ +1 @@
+/**
+ * Host information for cross-origin tests.
+ * @returns {Object} with properties for different host information.
+ */
 function get_host_info() {
 
@@ -39 +43 @@
 }
 
+/**
+ * When a default port is used, location.port returns the empty string.
+ * This function attempts to provide an exact port, assuming we are running under wptserve.
+ * @param {*} loc - can be Location/<a>/<area>/URL, but assumes http/https only.
+ * @returns {string} The port number.
+ */
 function get_port(loc) {
-  // When a default port is used, location.port returns the empty string.
-  // To compare with wptserve `ports` substitution we need a port...
-  // loc can be Location/<a>/<area>/URL, but assumes http/https only.
   if (loc.port) {
     return loc.port;

trunk/LayoutTests/imported/w3c/web-platform-tests/common/media.js

@@ -1 @@
-//
-// Returns the URI of a supported video source based on the user agent
-//
+/**
+ * Returns the URL of a supported video source based on the user agent
+ * @param {string} base - media URL without file extension
+ * @returns {string}
+ */
 function getVideoURI(base)
 {
@@ -17 +19 @@
 }
 
-//
-// Returns the URI of a supported audio source based on the user agent
-//
+/**
+ * Returns the URL of a supported audio source based on the user agent
+ * @param {string} base - media URL without file extension
+ * @returns {string}
+ */
 function getAudioURI(base)
 {
@@ -35 +39 @@
 }
 
+/**
+ * Returns the MIME type for a media URL based on the file extension.
+ * @param {string} url
+ * @returns {string}
+ */
 function getMediaContentType(url) {
     var extension = new URL(url, location).pathname.split(".").pop();

trunk/LayoutTests/imported/w3c/web-platform-tests/common/object-association.js

@@ -3 +3 @@
 // For now this only has per-Window tests, but we could expand it to also test per-Document
 
+/**
+ * Run tests for window[propertyName] after discarding the browsing context, navigating, etc.
+ * @param {string} propertyName
+ */
 window.testIsPerWindow = propertyName => {
   test(t => {

trunk/LayoutTests/imported/w3c/web-platform-tests/common/redirect.py

@@ -7 +7 @@
     """
     status = 302
-    if "status" in request.GET:
+    if b"status" in request.GET:
         try:
-            status = int(request.GET.first("status"))
+            status = int(request.GET.first(b"status"))
         except ValueError:
             pass
@@ -15 +15 @@
     response.status = status
 
-    location = request.GET.first("location")
+    location = request.GET.first(b"location")
 
-    response.headers.set("Location", location)
+    response.headers.set(b"Location", location)

trunk/LayoutTests/imported/w3c/web-platform-tests/common/reftest-wait.js

@@ +1 @@
+/**
+ * Remove the `reftest-wait` class on the document element.
+ * The reftest runner will wait with taking a screenshot while
+ * this class is present.
+ *
+ * See https://web-platform-tests.org/writing-tests/reftests.html#controlling-when-comparison-occurs
+ */
 function takeScreenshot() {
     document.documentElement.classList.remove("reftest-wait");
 }
 
+/**
+ * Call `takeScreenshot()` after a delay of at least |timeout| milliseconds.
+ * @param {number} timeout - milliseconds
+ */
 function takeScreenshotDelayed(timeout) {
     setTimeout(function() {

trunk/LayoutTests/imported/w3c/web-platform-tests/common/security-features/README.md

@@ -1 @@
-
-
 This directory contains the common infrastructure for the following tests (also referred below as projects).
 
@@ -26 +24 @@
 # Test generator
 
-The test generator (`common/security-features/tools`) generates test HTML files from templates and a seed (`spec.src.json`) that defines all the test scenarios.
+The test generator ([common/security-features/tools/generate.py](tools/generate.py)) generates test HTML files from templates and a seed (`spec.src.json`) that defines all the test scenarios.
 
 The project (i.e. a WPT subdirectory, for example `referrer-policy/`) that uses the generator should define per-project data and invoke the common generator logic in `common/security-features/tools`.
@@ -35 +33 @@
 common/security-features/
 └── tools/ - the common test generator logic
+    ├── spec.src.json
     └── template/ - the test files templates
 project-directory/ (e.g. referrer-policy/)
@@ -40 +39 @@
 ├── generic/
 │   ├── test-case.sub.js - Per-project test helper
-│   └── tools/
-│       └── generator.py - Per-project generator script
+│   ├── sanity-checker.js (Used by debug target only)
+│   └── spec_json.js (Used by debug target only)
 └── gen/ - generated tests
 ```
 
-Invoking `project-directory/generic/tools/generate.py` will parse the spec JSON and determine which tests to generate (or skip) while using templates.
-
 ## Generating the tests
 
-The repository already contains generated tests, so if you're making changes, see the [Removing all generated tests](#removing-all-generated-tests) section below, on how to remove them before you start generating tests which include your changes.
+Note: When the repository already contains generated tests, [remove all generated tests](#removing-all-generated-tests) first.
 
 ```bash
-# Chdir into the project directory.
-cd ~/web-platform-tests/project-directory
+# Install json5 module if needed.
+pip install --user json5
 
 # Generate the test files under gen/ (HTMLs and .headers files).
-./generic/tools/generate.py
+path/to/common/security-features/tools/generate.py --spec path/to/project-directory/
 
 # Add all generated tests to the repo.
-git add gen/ && git commit -m "Add generated tests"
-```
+git add path/to/project-directory/gen/ && git commit -m "Add generated tests"
+```
+
+This will parse the spec JSON5 files and determine which tests to generate (or skip) while using templates.
+
+- The default spec JSON5: `common/security-features/tools/spec.src.json`.
+    - Describes common configurations, such as subresource types, source context types, etc.
+- The per-project spec JSON5: `project-directory/spec.src.json`.
+    - Describes project-specific configurations, particularly those related to test generation patterns (`specification`), policy deliveries (e.g. `delivery_type`, `delivery_value`) and `expectation`.
+
+For how these two spec JSON5 files are merged, see [Sub projects](#sub-projects) section.
+
+Note: `spec.src.json` is transitioning to JSON5 [#21710](https://github.com/web-platform-tests/wpt/issues/21710).
 
 During the generation, the spec is validated by ```common/security-features/tools/spec_validator.py```. This is specially important when you're making changes to  `spec.src.json`. Make sure it's a valid JSON (no comments or trailing commas). The validator reports specific errors (missing keys etc.), if any.
@@ -69 +77 @@
 
 ```bash
-# Chdir into the project directory.
-cd ~/web-platform-tests/project-directory
-
-# Remove all generated tests.
-rm -r gen/
+rm -r path/to/project-directory/gen/
 ```
 
@@ -80 +84 @@
 Note: this section is currently obsolete. Only the release template is working.
 
-The generator script ```./generic/tools/generate.py``` has two targets: ```release``` and ```debug```.
+The generator script has two targets: ```release``` and ```debug```.
 
 * Using **release** for the target will produce tests using a template for optimizing size and performance. The release template is intended for the official web-platform-tests and possibly other test suites. No sanity checking is done in release mode. Use this option whenever you're checking into web-platform-tests.
@@ -87 +91 @@
 
 Note that **release** is the default target when invoking ```generate.py```.
+
+
+## Sub projects
+
+Projects can be nested, for example to reuse a single `spec.src.json` across similar but slightly different sets of generated tests.
+The directory structure would look like:
+
+```
+project-directory/ (e.g. referrer-policy/)
+├── spec.src.json - Parent project's spec JSON
+├── generic/
+│   └── test-case.sub.js - Parent project's test helper
+├── gen/ - parent project's generated tests
+└── sub-project-directory/ (e.g. 4K)
+    ├── spec.src.json - Child project's spec JSON
+    ├── generic/
+    │   └── test-case.sub.js - Child project's test helper
+    └── gen/ - child project's generated tests
+```
+
+`generate.py --spec project-directory/sub-project-directory` generates test files under `project-directory/sub-project-directory/gen`, based on `project-directory/spec.src.json` and `project-directory/sub-project-directory/spec.src.json`.
+
+- The child project's `spec.src.json` is merged into parent project's `spec.src.json`.
+    - Two spec JSON objects are merged recursively.
+    - If a same key exists in both objects, the child's value overwrites the parent's value.
+        - If both (child's and parent's) values are arrays, then the child's value is concatenated to the parent's value.
+    - For debugging, `generate.py` dumps the merged spec JSON object as `generic/debug-output.spec.src.json`.
+- The child project's generated tests include both of the parent and child project's `test-case.sub.js`:
+  ```html
+  <script src="project-directory/test-case.sub.js"></script>
+  <script src="project-directory/sub-project-directory/test-case.sub.js"></script>
+  <script>
+    TestCase(...);
+  </script>
+  ```
 
 
@@ -130 +169 @@
 * Regenerate the tests and MANIFEST.json
 
-
-## The spec JSON format
-
-For examples of spec JSON files, see [referrer-policy/spec.src.json](../../referrer-policy/spec.src.json) or  [mixed-content/spec.src.json](../../mixed-content/spec.src.json).
-
-### Main sections
+## How the generator works
+
+This section describes how `spec.src.json` is turned into scenario data in test HTML files which are then processed by JavaScript test helpers and server-side scripts, and describes the objects/types used in the process.
+
+### The spec JSON
+
+`spec.src.json` is the input for the generator that defines what to generate. For examples of spec JSON files, see [referrer-policy/spec.src.json](../../referrer-policy/spec.src.json) or  [mixed-content/spec.src.json](../../mixed-content/spec.src.json).
+
+#### Main sections
 
 * **`specification`**
@@ -144 +186 @@
 * **`excluded_tests`**
 
-  List of ```test_expansion``` patterns expanding into selections which get skipped when generating the tests (aka. blacklisting/suppressing)
+  List of ```test_expansion``` patterns expanding into selections which get skipped when generating the tests (aka. blocklisting/suppressing)
 
 * **`test_expansion_schema`**
@@ -161 +203 @@
 * **`source_context_list_schema`**
 
-  Provides possible nested combinations of source contexts. See [Source Contexts](#source-contexts) section below for details.
-
-### Test Expansion Patterns
-
+  Provides possible nested combinations of source contexts. See [SourceContexts Resolution](#sourcecontexts-resolution) section below for details.
+
+### Test Expansion Pattern Object
+
+Test expansion patterns (`test_expansion`s in `specification` section) define the combinations of test configurations (*selections*) to be generated.
 Each field in a test expansion can be in one of the following formats:
 
@@ -173 +216 @@
 * Match all: ```"*"```
 
-
-**NOTE:** An expansion is always constructive (inclusive), there isn't a negation operator for explicit exclusion. Be aware that using an empty list ```[]``` matches (expands into) exactly nothing. Tests which are to be excluded should be defined in the ```excluded_tests``` section instead.
-
-A single test expansion pattern, be it a requirement or a suppressed pattern, gets expanded into a list of **selections** as follows:
+The following fields have special meaning:
+
+- **`name`**: just ignored. (Previously this was used as a part of filenames but now this is merely a label for human and is never used by generator. This field might be removed in the future (https://github.com/web-platform-tests/wpt/issues/21708))
+- **`expansion`**: if there is more than one pattern expanding into a same selection, the pattern appearing later in the spec JSON will overwrite a previously generated selection. To make clear this is intentional, set the value of the ```expansion``` field to ```default``` for an expansion appearing earlier and ```override``` for the one appearing later.
+
+For example a test expansion pattern (taken from [referrer-policy/spec.src.json](../../referrer-policy/spec.src.json), sorted/formatted for explanation):
+
+```json
+{
+  "name": "insecure-protocol",
+  "expansion": "default",
+
+  "delivery_type": "*",
+  "delivery_value": "no-referrer-when-downgrade",
+  "source_context_list": "*",
+
+  "expectation": "stripped-referrer",
+  "origin": ["same-http", "cross-http"],
+  "redirection": "*",
+  "source_scheme": "http",
+  "subresource": "*"
+}
+```
+
+means: "All combinations with all possible `delivery_type`,  `delivery_value`=`no-referrer-when-downgrade`, all possible `source_context_list`, `expectation`=`stripped-referrer`, `origin`=`same-http` or `cross-http`,  all possible `redirection`, `source_scheme`=`http`, and all possible `subresource`.
+
+### Selection Object
+
+A selection is an object that defines a single test, with keys/values from `test_expansion_schema`.
+
+A single test expansion pattern gets expanded into a list of selections as follows:
 
 * Expand each field's pattern (single, any of, or all) to list of allowed values (defined by the ```test_expansion_schema```)
 
-* Permute - Recursively enumerate all **selections** across all fields
-
-Be aware that if there is more than one pattern expanding into a same selection, the pattern appearing later in the spec JSON will overwrite a previously generated selection. To make sure this is not undetected when generating, set the value of the ```expansion``` field to ```default``` for an expansion appearing earlier and ```override``` for the one appearing later.
-
-A **selection** is a single **test instance** (scenario) with explicit values that defines a single test. The scenario is then evaluated by the ```TestCase``` in JS. For the rest of the arranging part, examine ```/common/security-features/tools/generate.py``` to see how the values for the templates are produced.
-
+* Permute - Recursively enumerate all selections across all fields
+
+The following field has special meaning:
+
+- **`delivery_key`**: This doesn't exist in test expansion patterns, and instead is taken from `delivery_key` field of the spec JSON and added into selections. (TODO(https://github.com/web-platform-tests/wpt/issues/21708): probably this should be added to test expansion patterns to remove this special handling)
+
+For example, the test expansion in the example above generates selections like the following selection (which eventually generates [this test file](../../referrer-policy/gen/worker-classic.http-rp/no-referrer-when-downgrade/fetch/same-http.no-redirect.http.html )):
+
+```json
+{
+  "delivery_type": "http-rp",
+  "delivery_key": "referrerPolicy",
+  "delivery_value": "no-referrer-when-downgrade",
+  "source_context_list": "worker-classic",
+
+  "expectation": "stripped-referrer",
+  "origin": "same-http",
+  "redirection": "no-redirect",
+  "source_scheme": "http",
+  "subresource": "fetch"
+}
+```
+
+### Excluding Test Expansion Patterns
+
+The ```excluded_tests``` section have objects with the same format as [Test Expansion Patterns](#test-expansion-patterns) that define selections to be excluded.
 
 Taking the spec JSON, the generator follows this algorithm:
@@ -191 +281 @@
 * Expand all ```excluded_tests``` to create a blacklist of selections
 
-* For each specification requirement: Expand the ```test_expansion``` pattern into selections and check each against the blacklist, if not marked as suppresed, generate the test resources for the selection
-
-
-### Source Contexts
-
-In **`source_context_list_schema`**, we can specify
-
-- source contexts from where subresource requests are sent, and
-- how policies are delivered, by source contexts and/or subresource requests.
-
-- `sourceContextList`: an array of `SourceContext` objects, and
-- `subresourcePolicyDeliveries`: an array of `PolicyDelivery` objects.
-
-They have the same object format as described in
-`common/security-features/resources/common.js` comments, and are directly
-serialized to generated HTML files and passed to JavaScript test code,
-except that:
-
-- The first entry of `sourceContextList`'s `sourceContextType` should be
-  always `top`, which represents the top-level generated test HTML.
-  (This entry is omitted in the JSON passed to JavaScript, but
-  the policy deliveries specified here are written as e.g.
-  `<meta>` elements in the generated test HTML or HTTP headers)
-- Instead of `PolicyDelivery` object (in `sourceContextList` or
-  `subresourcePolicyDeliveries`), following placeholder strings can be used.
-
-The keys of `source_context_list_schema` can be used as the values of
-`source_context_list` fields, to indicate which source context configuration
-to be used.
-
-### PolicyDelivery placeholders
-
-Each test contains
-
-- `delivery_key` (derived from the top-level `delivery_key`) and
-- `delivery_value`, `delivery_type` (derived from `test_expansion`),
-
-which represents the **target policy delivery**, the policy delivery to be
-tested.
-
-The following placeholder strings in `source_context_list_schema` can be used:
+* For each `specification` entries: Expand the ```test_expansion``` pattern into selections and check each against the blacklist, if not marked as suppresed, generate the test resources for the selection
+
+###  SourceContext Resolution
+
+The `source_context_list_schema` section of `spec.src.json` defines templates of policy deliveries and source contexts.
+The `source_context_list` value in a selection specifies the key of the template to be used in `source_context_list_schema`, and the following fields in the selection are filled into the template (these three values define the **target policy delivery** to be tested):
+
+- `delivery_type`
+- `delivery_key`
+- `delivery_value`
+
+#### Source Context List Schema
+
+Each entry of **`source_context_list_schema`**, defines a single template of how/what policies to be delivered in what source contexts (See also [PolicyDelivery](types.md#policydelivery) and [SourceContext](types.md#sourcecontext)).
+
+- The key: the name of the template which matches with the `source_context_list` value in a selection.
+- `sourceContextList`: an array of `SourceContext` objects that represents a (possibly nested) context.
+    - `sourceContextType` of the first entry of `sourceContextList` should be always `"top"`, which represents the top-level generated test HTML. This entry is omitted in the scenario JSON object passed to JavaScript runtime, but the policy deliveries specified here are handled by the generator, e.g. written as `<meta>` elements in the generated test HTML.
+- `subresourcePolicyDeliveries`: an array of `PolicyDelivery` objects that represents policies specified at subresource requests (e.g. `referrerPolicy` attribute of `<img>` elements).
+
+#### PolicyDelivery placeholders
+
+Instead to ordinal `PolicyDelivery` objects, the following placeholder strings can be used in `sourceContextList` or `subresourcePolicyDeliveries`.
 
 - `"policy"`:
     - Replaced with the target policy delivery.
-    - Can be used to specify where the target policy delivery should be
-      delivered.
 - `"policyIfNonNull"`:
-    - Replaced with the target policy delivery, only if it has non-null value.
-      If the value is null, then the test file is not generated.
+    - Replaced with the target policy delivery, only if `delivery_value` is not `null`.
+      If `delivery_value` is `null`, then the test is not generated.
 - `"anotherPolicy"`:
     - Replaced with a `PolicyDelivery` object that has a different value from
@@ -246 +316 @@
       the target policy delivery.
 
-For example, when the target policy delivery is
-`{deliveryType: "http-rp", key: "referrerPolicy", value: "no-referrer"}`,
-
-```json
-"sourceContextList": [
-  {
-    "sourceContextType": "top",
-    "policyDeliveries": [
-      "anotherPolicy"
-    ]
-  },
-  {
-    "sourceContextType": "classic-worker",
-    "policyDeliveries": [
-      "policy"
-    ]
-  }
-]
-```
-
-is replaced with
-
-```json
-"sourceContextList": [
-  {
-    "sourceContextType": "top",
-    "policyDeliveries": [
-      {
-        "deliveryType": "meta",
-        "key": "referrerPolicy",
-        "value": "unsafe-url"
-      }
-    ]
-  },
-  {
-    "sourceContextType": "classic-worker",
-    "policyDeliveries": [
-      {
-        "deliveryType": "http-rp",
-        "key": "referrerPolicy",
-        "value": "no-referrer"
-      }
-    ]
-  }
-]
-```
-
-which indicates
-
-- The top-level Document has `<meta name="referrer" content="unsafe-url">`.
-- The classic worker is created with
-  `Referrer-Policy: no-referrer` HTTP response headers.
-
-### `source_context_schema` and `subresource_schema`
+#### `source_context_schema` and `subresource_schema`
 
 These represent supported delivery types and subresources
@@ -305 +322 @@
 
 - To filter out test files for unsupported combinations of delivery types,
-  source contexts and subresources.
-- To determine what delivery types should be used for `anotherPolicy`
+  source contexts and subresources during SourceContext resolution.
+- To determine what delivery types can be used for `anotherPolicy`
   placeholder.
+
+#### Example
+
+For example, the following entry in `source_context_list_schema`:
+
+```json
+"worker-classic": {
+  "sourceContextList": [
+    {
+      "sourceContextType": "top",
+      "policyDeliveries": [
+        "anotherPolicy"
+      ]
+    },
+    {
+      "sourceContextType": "worker-classic",
+      "policyDeliveries": [
+        "policy"
+      ]
+    }
+  ],
+  "subresourcePolicyDeliveries": []
+}
+```
+
+Defines a template to be instantiated with `delivery_key`, `delivery_type` and `delivery_value` values defined outside `source_context_list_schema`, which reads:
+
+- A classic `WorkerGlobalScope` is created under the top-level Document, and has a policy defined by `delivery_key`, `delivery_type` and `delivery_value`.
+- The top-level Document has a policy different from the policy given to the classic worker (to confirm that the policy of the classic worker, not of the top-level Document, is used).
+- The subresource request is sent from the classic `WorkerGlobalScope`, with no additional policies specified at the subresource request.
+
+And when filled with the following values from a selection:
+
+- `delivery_type`: `"http-rp"`
+- `delivery_key`: `"referrerPolicy"`
+- `delivery_value`: `"no-referrer-when-downgrade"`
+
+This becomes:
+
+```json
+"worker-classic": {
+  "sourceContextList": [
+    {
+      "sourceContextType": "top",
+      "policyDeliveries": [
+        {
+          "deliveryType": "meta",
+          "key": "referrerPolicy",
+          "value": "no-referrer"
+        }
+      ]
+    },
+    {
+      "sourceContextType": "worker-classic",
+      "policyDeliveries": [
+        {
+          "deliveryType": "http-rp",
+          "key": "referrerPolicy",
+          "value": "no-referrer-when-downgrade"
+        }
+      ]
+    }
+  ],
+  "subresourcePolicyDeliveries": []
+}
+```
+
+which means
+
+- The top-level Document has `<meta name="referrer" content="no-referrer">`.
+- The classic worker is created with
+  `Referrer-Policy: no-referrer-when-downgrade` HTTP response headers.
+
+### Scenario Object
+
+The **scenario** object is the JSON object written to the generated HTML files, and passed to JavaScript test runtime (as an argument of `TestCase`).
+A scenario object is an selection object, minus the keys used in [SourceContext Resolution](#sourceContext-resolution):
+
+- `source_context_list`
+- `delivery_type`
+- `delivery_key`
+- `delivery_value`
+
+plus the keys instantiated by [SourceContext Resolution](#sourceContext-resolution):
+
+- `source_context_list`, except for the first `"top"` entry.
+- `subresource_policy_deliveries`
+
+For example:
+
+```json
+{
+  "source_context_list": [
+    {
+      "sourceContextType": "worker-classic",
+      "policyDeliveries": [
+        {
+          "deliveryType": "http-rp",
+          "key": "referrerPolicy",
+          "value": "no-referrer-when-downgrade"
+        }
+      ]
+    }
+  ],
+  "subresource_policy_deliveries": [],
+
+  "expectation": "stripped-referrer",
+  "origin": "same-http",
+  "redirection": "no-redirect",
+  "source_scheme": "http",
+  "subresource": "fetch"
+}
+```
+
+### TopLevelPolicyDelivery Object
+
+The ***TopLevelPolicyDelivery** object is the first `"top"` entry of `SourceContextList` instantiated by [SourceContext Resolution](#sourceContext-resolution), which represents the policy delivery of the top-level HTML Document.
+
+The generator generates `<meta>` elements and `.headers` files of the top-level HTML files from the TopLevelPolicyDelivery object.
+
+This is handled separately by the generator from other parts of selection objects and scenario objects, because the `<meta>` and `.headers` are hard-coded directly to the files in the WPT repository, while policies of subcontexts are generated via server-side `common/security-features/scope` scripts.
+
+TODO(https://github.com/web-platform-tests/wpt/issues/21710): Currently the name `TopLevelPolicyDelivery` doesn't appear in the code.
+
+## How the test runtime works
+
+All the information needed at runtime is contained in an scenario object. See the code/comments of the following files.
+
+- `project-directory/generic/test-case.js` defines `TestCase`, the entry point that receives a scenario object. `resources/common.sub.js` does the most of common JavaScript work.
+    - Subresource URLs (which point to `subresource/` scripts) are calculated from `origin` and `redirection` values.
+    - Initiating fetch requests based on `subresource` and `subresource_policy_deliveries`.
+- `scope/` server-side scripts serve non-toplevel contexts, while the top-level Document is generated by the generator.
+   TODO(https://github.com/web-platform-tests/wpt/issues/21709): Merge the logics of `scope/` and the generator.
+- `subresource/` server-side scripts serve subresource responses.

trunk/LayoutTests/imported/w3c/web-platform-tests/common/security-features/resources/common.sub.js

@@ -14 +14 @@
 // The objects are represented as JSON objects (not JavaScript/Python classes
 // in a strict sense) to be passed between JavaScript/Python code.
-
-// Note: So far this document covers:
-// - resources/common.sub.js : client-side test infra code
-// - scope/ - server-side scripts that serves nested source contexts
-// but doesn't cover:
-// - tools/ - generator scripts that generates top-level HTML documents.
-// There are some policies only handled by generators (e.g. mixed-content
-// opt-ins) and not yet covered by the docs here.
+//
+// See also common/security-features/Types.md for high-level description.
 
 /**
@@ -93 +87 @@
   @typedef SourceContext
   @type {object}
-  Requests can be possibly sent from various kinds of source contexts, i.e.
-  fetch client's environment settings objects:
-  top-level windows, iframes, or workers.
-  A SourceContext object specifies one environment settings object, and
-  an Array<SourceContext> specifies a possibly nested context,
-  from the outer-most to inner-most environment settings objects.
-
-  For example:
-    [{sourceContextType: "srcdoc"}, {sourceContextType: "worker-classic"}]
-  means that a subresource request is to be sent from
-  a classic dedicated worker created from <iframe srcdoc>
-  inside the top-level HTML document.
-  Note: the top-level document is not included in the array and
-  is assumed implicitly.
-
-  SourceContext (or Array<SourceContext>) is set based on
-  the fetch client's settings object that is used for the subresource request,
-  NOT on module map settings object, and
-  NOT on the inner-most settings object that appears in the test.
-  For example, Array<SourceContext> is `[]` (indicating the top Window)
-  for `worker.js`
-  - When it is the root worker script: `new Worker('worker.js')`, or
-  - When it is imported from the root worker script:
-    `new Worker('top.js', {type: 'module'})`
-    where `top.js` has `import 'worker.js'`.
-  because the request for `worker.js` uses the Window as its fetch client's
-  settings object, while a WorkerGlobalScope is created though.
 
   @property {string} sourceContextType
@@ -399 +366 @@
   requestViaScript                 2        Y        Y       -
   requestViaSendBeacon             3        -        Y       -
-  requestViaSharedWorker           2        Y        -       -
+  requestViaSharedWorker           2        Y        Y       Y
   requestViaVideo                  3        -        Y       -
   requestViaWebSocket              3        -        Y       -
@@ -520 +487 @@
 
 function workerUrlThatImports(url) {
+  return `/common/security-features/subresource/static-import.py` +
+      `?import_url=${encodeURIComponent(url)}`;
+}
+
+function workerDataUrlThatImports(url) {
   return `data:text/javascript,import '${url}';`;
 }
@@ -543 +515 @@
 }
 
-function requestViaSharedWorker(url) {
+function requestViaSharedWorker(url, options) {
   var worker;
   try {
-    worker = new SharedWorker(url);
+    worker = new SharedWorker(url, options);
   } catch(e) {
     return Promise.reject(e);
@@ -912 +884 @@
     invoker: url => requestViaDedicatedWorker(url, {type: "module"}),
   },
+  "worker-import": {
+    path: "/common/security-features/subresource/worker.py",
+    invoker: url =>
+        requestViaDedicatedWorker(workerUrlThatImports(url), {type: "module"}),
+  },
   "worker-import-data": {
     path: "/common/security-features/subresource/worker.py",
     invoker: url =>
-        requestViaDedicatedWorker(workerUrlThatImports(url), {type: "module"}),
+        requestViaDedicatedWorker(workerDataUrlThatImports(url), {type: "module"}),
   },
   "sharedworker-classic": {
     path: "/common/security-features/subresource/shared-worker.py",
-    invoker: requestViaSharedWorker,
+    invoker: url => requestViaSharedWorker(url),
+  },
+  "sharedworker-module": {
+    path: "/common/security-features/subresource/shared-worker.py",
+    invoker: url => requestViaSharedWorker(url, {type: "module"}),
+  },
+  "sharedworker-import": {
+    path: "/common/security-features/subresource/shared-worker.py",
+    invoker: url =>
+        requestViaSharedWorker(workerUrlThatImports(url), {type: "module"}),
+  },
+  "sharedworker-import-data": {
+    path: "/common/security-features/subresource/shared-worker.py",
+    invoker: url =>
+        requestViaSharedWorker(workerDataUrlThatImports(url), {type: "module"}),
   },
 
@@ -935 +926 @@
       path: "/common/security-features/subresource/worker.py",
       invoker: url =>
-          requestViaWorklet(workletType, workerUrlThatImports(url))
+          requestViaWorklet(workletType, workerDataUrlThatImports(url))
     };
 }
@@ -1121 +1112 @@
     "worker-classic": {
       // Classic dedicated worker loaded from same-origin.
-      invoker: invokeFromWorker.bind(undefined, false, {}),
+      invoker: invokeFromWorker.bind(undefined, "worker", false, {}),
     },
     "worker-classic-data": {
       // Classic dedicated worker loaded from data: URL.
-      invoker: invokeFromWorker.bind(undefined, true, {}),
+      invoker: invokeFromWorker.bind(undefined, "worker", true, {}),
     },
     "worker-module": {
       // Module dedicated worker loaded from same-origin.
-      invoker: invokeFromWorker.bind(undefined, false, {type: 'module'}),
+      invoker: invokeFromWorker.bind(undefined, "worker", false, {type: 'module'}),
     },
     "worker-module-data": {
       // Module dedicated worker loaded from data: URL.
-      invoker: invokeFromWorker.bind(undefined, true, {type: 'module'}),
+      invoker: invokeFromWorker.bind(undefined, "worker", true, {type: 'module'}),
+    },
+    "sharedworker-classic": {
+      // Classic shared worker loaded from same-origin.
+      invoker: invokeFromWorker.bind(undefined, "sharedworker", false, {}),
+    },
+    "sharedworker-classic-data": {
+      // Classic shared worker loaded from data: URL.
+      invoker: invokeFromWorker.bind(undefined, "sharedworker", true, {}),
+    },
+    "sharedworker-module": {
+      // Module shared worker loaded from same-origin.
+      invoker: invokeFromWorker.bind(undefined, "sharedworker", false, {type: 'module'}),
+    },
+    "sharedworker-module-data": {
+      // Module shared worker loaded from data: URL.
+      invoker: invokeFromWorker.bind(undefined, "sharedworker", true, {type: 'module'}),
     },
   };
@@ -1154 +1161 @@
 
 /**
+  @param {string} workerType
+    "worker" (for dedicated worker) or "sharedworker".
   @param {boolean} isDataUrl
     true if the worker script is loaded from data: URL.
@@ -1162 +1171 @@
   Other parameters and return values are the same as those of invokeRequest().
 */
-function invokeFromWorker(isDataUrl, workerOptions,
+function invokeFromWorker(workerType, isDataUrl, workerOptions,
                           subresource, sourceContextList) {
   const currentSourceContext = sourceContextList[0];
@@ -1186 +1195 @@
   return promise
     .then(url => {
-      const worker = new Worker(url, workerOptions);
-      worker.postMessage({subresource: subresource,
-                          sourceContextList: sourceContextList.slice(1)});
-      return bindEvents2(worker, "message", worker, "error", window, "error");
+      if (workerType === "worker") {
+        const worker = new Worker(url, workerOptions);
+        worker.postMessage({subresource: subresource,
+                            sourceContextList: sourceContextList.slice(1)});
+        return bindEvents2(worker, "message", worker, "error", window, "error");
+      } else if (workerType === "sharedworker") {
+        const worker = new SharedWorker(url, workerOptions);
+        worker.port.start();
+        worker.port.postMessage({subresource: subresource,
+                                 sourceContextList: sourceContextList.slice(1)});
+        return bindEvents2(worker.port, "message", worker, "error", window, "error");
+      } else {
+        throw new Error('Invalid worker type: ' + workerType);
+      }
     })
     .then(event => {

trunk/LayoutTests/imported/w3c/web-platform-tests/common/security-features/scope/template/worker.js.template

@@ -1 +1 @@
 %(import)s
 
+if ('DedicatedWorkerGlobalScope' in self &&
+    self instanceof DedicatedWorkerGlobalScope) {
+  self.onmessage = event => onMessageFromParent(event, self);
+} else if ('SharedWorkerGlobalScope' in self &&
+    self instanceof SharedWorkerGlobalScope) {
+  onconnect = event => {
+    const port = event.ports[0];
+    port.onmessage = event => onMessageFromParent(event, port);
+  };
+}
+
 // Receive a message from the parent and start the test.
-function onMessageFromParent(event) {
-  // Because this window might receive messages from child context during
-  // tests, we first remove the listener here before staring the test.
-  self.removeEventListener('message', onMessageFromParent);
-
+function onMessageFromParent(event, port) {
   const configurationError = "%(error)s";
   if (configurationError.length > 0) {
-    postMessage({error: configurationError});
+    port.postMessage({error: configurationError});
     return;
   }
@@ -15 +22 @@
   invokeRequest(event.data.subresource,
                 event.data.sourceContextList)
-    .then(result => postMessage(result))
+    .then(result => port.postMessage(result))
     .catch(e => {
         const message = (e.error && e.error.stack) || e.message || "Error";
-        postMessage({error: message});
+        port.postMessage({error: message});
       });
 }
-
-self.addEventListener('message', onMessageFromParent);

trunk/LayoutTests/imported/w3c/web-platform-tests/common/security-features/scope/worker.py

@@ -24 +24 @@
       if delivery['key'] == 'referrerPolicy':
         maybe_additional_headers['Referrer-Policy'] = delivery['value']
+      elif delivery['key'] == 'mixedContent' and delivery['value'] == 'opt-in':
+        maybe_additional_headers['Content-Security-Policy'] = 'block-all-mixed-content'
+      elif delivery['key'] == 'upgradeInsecureRequests' and delivery['value'] == 'upgrade':
+        maybe_additional_headers['Content-Security-Policy'] = 'upgrade-insecure-requests'
       else:
         error = 'invalid delivery key for http-rp: %s' % delivery['key']

trunk/LayoutTests/imported/w3c/web-platform-tests/common/security-features/subresource/template/w3c-import.log

@@ -20 +20 @@
 /LayoutTests/imported/w3c/web-platform-tests/common/security-features/subresource/template/script.js.template
 /LayoutTests/imported/w3c/web-platform-tests/common/security-features/subresource/template/shared-worker.js.template
+/LayoutTests/imported/w3c/web-platform-tests/common/security-features/subresource/template/static-import.js.template
 /LayoutTests/imported/w3c/web-platform-tests/common/security-features/subresource/template/svg.css.template
 /LayoutTests/imported/w3c/web-platform-tests/common/security-features/subresource/template/svg.embedded.template

trunk/LayoutTests/imported/w3c/web-platform-tests/common/security-features/subresource/w3c-import.log

@@ -21 +21 @@
 /LayoutTests/imported/w3c/web-platform-tests/common/security-features/subresource/font.py
 /LayoutTests/imported/w3c/web-platform-tests/common/security-features/subresource/image.py
+/LayoutTests/imported/w3c/web-platform-tests/common/security-features/subresource/referrer.py
 /LayoutTests/imported/w3c/web-platform-tests/common/security-features/subresource/script.py
 /LayoutTests/imported/w3c/web-platform-tests/common/security-features/subresource/shared-worker.py
+/LayoutTests/imported/w3c/web-platform-tests/common/security-features/subresource/static-import.py
 /LayoutTests/imported/w3c/web-platform-tests/common/security-features/subresource/stylesheet.py
 /LayoutTests/imported/w3c/web-platform-tests/common/security-features/subresource/subresource.py

trunk/LayoutTests/imported/w3c/web-platform-tests/common/security-features/tools/format_spec_src_json.py

@@ -8 +8 @@
     script_directory = os.path.dirname(os.path.abspath(__file__))
     for dir in [
-            'mixed-content', 'referrer-policy', 'upgrade-insecure-requests'
+            'mixed-content', 'referrer-policy', 'referrer-policy/4K-1',
+            'referrer-policy/4K', 'referrer-policy/4K+1',
+            'upgrade-insecure-requests'
     ]:
         filename = os.path.join(script_directory, '..', '..', '..', dir,

trunk/LayoutTests/imported/w3c/web-platform-tests/common/security-features/tools/generate.py

@@ +1 @@
+#!/usr/bin/env python
+
 from __future__ import print_function
 
 import argparse
+import collections
 import copy
 import json
@@ -52 +55 @@
 
 # Dumps the test config `selection` into a serialized JSON string.
-# We omit `name` parameter because it is not used by tests.
 def dump_test_parameters(selection):
-    selection = dict(selection)
-    del selection['name']
-
     return json.dumps(
         selection,
@@ -65 +64 @@
 
 
-def get_test_filename(config, selection):
+def get_test_filename(spec_directory, spec_json, selection):
     '''Returns the filname for the main test HTML file'''
 
@@ -73 +72 @@
         selection_for_filename['delivery_value'] = 'unset'
 
-    return os.path.join(config.spec_directory,
-                        config.test_file_path_pattern % selection_for_filename)
+    return os.path.join(
+        spec_directory,
+        spec_json['test_file_path_pattern'] % selection_for_filename)
 
 
@@ -128 +128 @@
 
 
-def generate_selection(spec_json, config, selection, spec,
-                       test_html_template_basename):
-    test_filename = get_test_filename(config, selection)
+def generate_selection(spec_json, selection):
+    '''
+    Returns a scenario object (with a top-level source_context_list entry,
+    which will be removed in generate_test_file() later).
+    '''
 
     target_policy_delivery = util.PolicyDelivery(selection['delivery_type'],
@@ -165 +167 @@
             ['supported_delivery_type'][selection['subresource']])
 
+    # Generate per-scenario test description.
+    selection['test_description'] = spec_json[
+        'test_description_template'] % selection
+
+    return selection
+
+
+def generate_test_file(spec_directory, test_helper_filenames,
+                       test_html_template_basename, test_filename, scenarios):
+    '''
+    Generates a test HTML file (and possibly its associated .headers file)
+    from `scenarios`.
+    '''
+
+    # Scenarios for the same file should have the same `source_context_list`,
+    # including the top-level one.
+    # Note: currently, non-top-level source contexts aren't necessarily required
+    # to be the same, but we set this requirement as it will be useful e.g. when
+    # we e.g. reuse a worker among multiple scenarios.
+    for scenario in scenarios:
+        assert (scenario['source_context_list'] == scenarios[0]
+                ['source_context_list'])
+
     # We process the top source context below, and do not include it in
-    # `scenario` field in JavaScript.
-    top_source_context = selection['source_context_list'].pop(0)
+    # the JSON objects (i.e. `scenarios`) in generated HTML files.
+    top_source_context = scenarios[0]['source_context_list'].pop(0)
     assert (top_source_context.source_context_type == 'top')
-
-    # Adjust the template for the test invoking JS. Indent it to look nice.
-    indent = "\n" + " " * 8
-    selection['scenario'] = dump_test_parameters(selection).replace(
-        "\n", indent)
-
-    selection['spec_name'] = spec['name']
-    selection[
-        'test_page_title'] = config.test_page_title_template % spec['title']
-    selection['spec_description'] = spec['description']
-    selection['spec_specification_url'] = spec['specification_url']
-    selection['helper_js'] = config.helper_js
-    selection['sanity_checker_js'] = config.sanity_checker_js
-    selection['spec_json_js'] = config.spec_json_js
+    for scenario in scenarios[1:]:
+        assert (scenario['source_context_list'].pop(0) == top_source_context)
+
+    parameters = {}
+
+    # Sort scenarios, to avoid unnecessary diffs due to different orders in
+    # `scenarios`.
+    serialized_scenarios = sorted(
+        [dump_test_parameters(scenario) for scenario in scenarios])
+
+    parameters['scenarios'] = ",\n".join(serialized_scenarios).replace(
+        "\n", "\n" + " " * 10)
+
+    test_directory = os.path.dirname(test_filename)
+
+    parameters['helper_js'] = ""
+    for test_helper_filename in test_helper_filenames:
+        parameters['helper_js'] += '    <script src="%s"></script>\n' % (
+            os.path.relpath(test_helper_filename, test_directory))
+    parameters['sanity_checker_js'] = os.path.relpath(
+        os.path.join(spec_directory, 'generic', 'sanity-checker.js'),
+        test_directory)
+    parameters['spec_json_js'] = os.path.relpath(
+        os.path.join(spec_directory, 'generic', 'spec_json.js'),
+        test_directory)
 
     test_headers_filename = test_filename + ".headers"
-    test_directory = os.path.dirname(test_filename)
 
     test_html_template = util.get_template(test_html_template_basename)
@@ -195 +230 @@
         % {'generating_script_filename': os.path.relpath(sys.argv[0],
                                                          util.test_root_directory),
-           'html_template_filename': os.path.relpath(html_template_filename,
-                                                     util.test_root_directory)}
+           'spec_directory': os.path.relpath(spec_directory,
+                                             util.test_root_directory)}
 
     # Adjust the template for the test invoking JS. Indent it to look nice.
-    selection['generated_disclaimer'] = generated_disclaimer.rstrip()
-    selection[
-        'test_description'] = config.test_description_template % selection
-    selection['test_description'] = \
-        selection['test_description'].rstrip().replace("\n", "\n" + " " * 33)
+    parameters['generated_disclaimer'] = generated_disclaimer.rstrip()
 
     # Directory for the test files.
@@ -218 +249 @@
                 f.write('%s: %s\n' % (header, delivery['headers'][header]))
 
-    selection['meta_delivery_method'] = delivery['meta']
+    parameters['meta_delivery_method'] = delivery['meta']
     # Obey the lint and pretty format.
-    if len(selection['meta_delivery_method']) > 0:
-        selection['meta_delivery_method'] = "\n    " + \
-                                            selection['meta_delivery_method']
+    if len(parameters['meta_delivery_method']) > 0:
+        parameters['meta_delivery_method'] = "\n    " + \
+                                            parameters['meta_delivery_method']
 
     # Write out the generated HTML file.
-    util.write_file(test_filename, test_html_template % selection)
-
-
-def generate_test_source_files(config, spec_json, target):
+    util.write_file(test_filename, test_html_template % parameters)
+
+
+def generate_test_source_files(spec_directory, test_helper_filenames,
+                               spec_json, target):
     test_expansion_schema = spec_json['test_expansion_schema']
     specification = spec_json['specification']
 
-    spec_json_js_template = util.get_template('spec_json.js.template')
-    generated_spec_json_filename = os.path.join(config.spec_directory,
-                                                "spec_json.js")
-    util.write_file(
-        generated_spec_json_filename,
-        spec_json_js_template % {'spec_json': json.dumps(spec_json)})
+    if target == "debug":
+        spec_json_js_template = util.get_template('spec_json.js.template')
+        util.write_file(
+            os.path.join(spec_directory, "generic", "spec_json.js"),
+            spec_json_js_template % {'spec_json': json.dumps(spec_json)})
+        util.write_file(
+            os.path.join(spec_directory, "generic",
+                         "debug-output.spec.src.json"),
+            json.dumps(spec_json, indent=2, separators=(',', ': ')))
 
     # Choose a debug/release template depending on the target.
     html_template = "test.%s.html.template" % target
 
-    artifact_order = test_expansion_schema.keys() + ['name']
+    artifact_order = test_expansion_schema.keys()
     artifact_order.remove('expansion')
 
+    excluded_selection_pattern = ''
+    for key in artifact_order:
+        excluded_selection_pattern += '%(' + key + ')s/'
+
     # Create list of excluded tests.
-    exclusion_dict = {}
+    exclusion_dict = set()
     for excluded_pattern in spec_json['excluded_tests']:
         excluded_expansion = \
@@ -252 +291 @@
         for excluded_selection in permute_expansion(excluded_expansion,
                                                     artifact_order):
-            excluded_selection_path = config.selection_pattern % excluded_selection
-            exclusion_dict[excluded_selection_path] = True
+            excluded_selection['delivery_key'] = spec_json['delivery_key']
+            exclusion_dict.add(excluded_selection_pattern % excluded_selection)
+
+    # `scenarios[filename]` represents the list of scenario objects to be
+    # generated into `filename`.
+    scenarios = {}
 
     for spec in specification:
@@ -265 +308 @@
             for selection in permute_expansion(expansion, artifact_order):
                 selection['delivery_key'] = spec_json['delivery_key']
-                selection_path = config.selection_pattern % selection
-                if not selection_path in exclusion_dict:
-                    if selection_path in output_dict:
-                        if expansion_pattern['expansion'] != 'override':
-                            print(
-                                "Error: %s's expansion is default but overrides %s"
-                                % (selection['name'],
-                                   output_dict[selection_path]['name']))
-                            sys.exit(1)
-                    output_dict[selection_path] = copy.deepcopy(selection)
-                else:
-                    print('Excluding selection:', selection_path)
+                selection_path = spec_json['selection_pattern'] % selection
+                if selection_path in output_dict:
+                    if expansion_pattern['expansion'] != 'override':
+                        print("Error: expansion is default in:")
+                        print(dump_test_parameters(selection))
+                        print("but overrides:")
+                        print(dump_test_parameters(
+                            output_dict[selection_path]))
+                        sys.exit(1)
+                output_dict[selection_path] = copy.deepcopy(selection)
 
         for selection_path in output_dict:
             selection = output_dict[selection_path]
+            if (excluded_selection_pattern % selection) in exclusion_dict:
+                print('Excluding selection:', selection_path)
+                continue
             try:
-                generate_selection(spec_json, config, selection, spec,
-                                   html_template)
+                test_filename = get_test_filename(spec_directory, spec_json,
+                                                  selection)
+                scenario = generate_selection(spec_json, selection)
+                scenarios[test_filename] = scenarios.get(test_filename,
+                                                         []) + [scenario]
             except util.ShouldSkip:
                 continue
 
-
-def main(config):
+    for filename in scenarios:
+        generate_test_file(spec_directory, test_helper_filenames,
+                           html_template, filename, scenarios[filename])
+
+
+def merge_json(base, child):
+    for key in child:
+        if key not in base:
+            base[key] = child[key]
+            continue
+        # `base[key]` and `child[key]` both exists.
+        if isinstance(base[key], list) and isinstance(child[key], list):
+            base[key].extend(child[key])
+        elif isinstance(base[key], dict) and isinstance(child[key], dict):
+            merge_json(base[key], child[key])
+        else:
+            base[key] = child[key]
+
+
+def main():
     parser = argparse.ArgumentParser(
         description='Test suite generator utility')
@@ -301 +366 @@
         '--spec',
         type=str,
-        default=None,
+        default=os.getcwd(),
         help='Specify a file used for describing and generating the tests')
     # TODO(kristijanburnik): Add option for the spec_json file.
     args = parser.parse_args()
 
-    if args.spec:
-        config.spec_directory = args.spec
-
-    spec_filename = os.path.join(config.spec_directory, "spec.src.json")
-    spec_json = util.load_spec_json(spec_filename)
+    spec_directory = os.path.abspath(args.spec)
+
+    # Read `spec.src.json` files, starting from `spec_directory`, and
+    # continuing to parent directories as long as `spec.src.json` exists.
+    spec_filenames = []
+    test_helper_filenames = []
+    spec_src_directory = spec_directory
+    while len(spec_src_directory) >= len(util.test_root_directory):
+        spec_filename = os.path.join(spec_src_directory, "spec.src.json")
+        if not os.path.exists(spec_filename):
+            break
+        spec_filenames.append(spec_filename)
+        test_filename = os.path.join(spec_src_directory, 'generic',
+                                     'test-case.sub.js')
+        assert (os.path.exists(test_filename))
+        test_helper_filenames.append(test_filename)
+        spec_src_directory = os.path.abspath(
+            os.path.join(spec_src_directory, ".."))
+
+    spec_filenames = list(reversed(spec_filenames))
+    test_helper_filenames = list(reversed(test_helper_filenames))
+
+    if len(spec_filenames) == 0:
+        print('Error: No spec.src.json is found at %s.' % spec_directory)
+        return
+
+    # Load the default spec JSON file, ...
+    default_spec_filename = os.path.join(util.script_directory,
+                                         'spec.src.json')
+    spec_json = collections.OrderedDict()
+    if os.path.exists(default_spec_filename):
+        spec_json = util.load_spec_json(default_spec_filename)
+
+    # ... and then make spec JSON files in subdirectories override the default.
+    for spec_filename in spec_filenames:
+        child_spec_json = util.load_spec_json(spec_filename)
+        merge_json(spec_json, child_spec_json)
+
     spec_validator.assert_valid_spec_json(spec_json)
-
-    generate_test_source_files(config, spec_json, args.target)
+    generate_test_source_files(spec_directory, test_helper_filenames,
+                               spec_json, args.target)
+
+
+if __name__ == '__main__':
+    main()

trunk/LayoutTests/imported/w3c/web-platform-tests/common/security-features/tools/spec_validator.py

@@ -88 +88 @@
     details['object'] = spec_json
     assert_contains_only_fields(spec_json, [
+        "selection_pattern", "test_file_path_pattern",
+        "test_description_template", "test_page_title_template",
         "specification", "delivery_key", "subresource_schema",
         "source_context_schema", "source_context_list_schema",
@@ -100 +102 @@
     excluded_tests = spec_json['excluded_tests']
 
-    valid_test_expansion_fields = ['name'] + test_expansion_schema.keys()
+    valid_test_expansion_fields = test_expansion_schema.keys()
 
     # Should be consistent with `sourceContextMap` in
@@ -106 +108 @@
     valid_source_context_names = [
         "top", "iframe", "iframe-blank", "srcdoc", "worker-classic",
-        "worker-module", "worker-classic-data", "worker-module-data"
+        "worker-module", "worker-classic-data", "worker-module-data",
+        "sharedworker-classic", "sharedworker-module",
+        "sharedworker-classic-data", "sharedworker-module-data"
     ]
 
@@ -133 +137 @@
         # Validate required fields for a single spec.
         assert_contains_only_fields(spec, [
-            'name', 'title', 'description', 'specification_url',
-            'test_expansion'
+            'title', 'description', 'specification_url', 'test_expansion'
         ])
-        assert_non_empty_string(spec, 'name')
         assert_non_empty_string(spec, 'title')
         assert_non_empty_string(spec, 'description')
@@ -142 +144 @@
         assert_non_empty_list(spec, 'test_expansion')
 
-        # Validate spec's test expansion.
-        used_spec_names = {}
-
         for spec_exp in spec['test_expansion']:
             details['object'] = spec_exp
-            assert_non_empty_string(spec_exp, 'name')
-            # The name is unique in same expansion group.
-            assert_value_unique_in((spec_exp['expansion'], spec_exp['name']),
-                                   used_spec_names)
             assert_contains_only_fields(spec_exp, valid_test_expansion_fields)
 

trunk/LayoutTests/imported/w3c/web-platform-tests/common/security-features/tools/template/disclaimer.template

@@ -1 @@
-<!-- DO NOT EDIT! Generated by %(generating_script_filename)s using %(html_template_filename)s. -->
+<!-- DO NOT EDIT! Generated by `%(generating_script_filename)s --spec %(spec_directory)s/` -->

trunk/LayoutTests/imported/w3c/web-platform-tests/common/security-features/tools/template/test.debug.html.template

@@ -3 +3 @@
 <html>
   <head>
-    <title>%(test_page_title)s</title>
-    <meta charset='utf-8'>
-    <meta name="description" content="%(spec_description)s">
-    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
-    <link rel="help" href="%(spec_specification_url)s">
-    <meta name="assert" content="%(test_description)s">%(meta_delivery_method)s
+    <meta charset="utf-8">
+    <meta name="timeout" content="long">%(meta_delivery_method)s
     <script src="/resources/testharness.js"></script>
     <script src="/resources/testharnessreport.js"></script>
@@ -16 +12 @@
     <!-- Internal checking of the tests -->
     <script src="%(sanity_checker_js)s"></script>
-    <script src="%(helper_js)s"></script>
-  </head>
+%(helper_js)s  </head>
   <body>
     <script>
       TestCase(
-        %(scenario)s,
-        document.querySelector("meta[name=assert]").content,
+        [
+          %(scenarios)s
+        ],
         new SanityChecker()
       ).start();
-      </script>
+    </script>
     <div id="log"></div>
   </body>

trunk/LayoutTests/imported/w3c/web-platform-tests/common/security-features/tools/template/test.release.html.template

@@ -3 +3 @@
 <html>
   <head>
-    <title>%(test_page_title)s</title>
-    <meta charset='utf-8'>
-    <meta name="description" content="%(spec_description)s">
-    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
-    <link rel="help" href="%(spec_specification_url)s">
-    <meta name="assert" content="%(test_description)s">%(meta_delivery_method)s
+    <meta charset="utf-8">
+    <meta name="timeout" content="long">%(meta_delivery_method)s
     <script src="/resources/testharness.js"></script>
     <script src="/resources/testharnessreport.js"></script>
     <script src="/common/security-features/resources/common.sub.js"></script>
-    <script src="%(helper_js)s"></script>
-  </head>
+%(helper_js)s  </head>
   <body>
     <script>
       TestCase(
-        %(scenario)s,
-        document.querySelector("meta[name=assert]").content,
+        [
+          %(scenarios)s
+        ],
         new SanityChecker()
       ).start();
-      </script>
+    </script>
     <div id="log"></div>
   </body>

trunk/LayoutTests/imported/w3c/web-platform-tests/common/security-features/tools/util.py

@@ -1 +1 @@
 from __future__ import print_function
 
-import os, sys, json, re
+import os, sys, json, json5, re
+import collections
 
 script_directory = os.path.dirname(os.path.abspath(__file__))
@@ -31 +32 @@
     with open(path_to_spec, "r") as f:
         try:
-            return json.load(f)
+            return json5.load(f, object_pairs_hook=collections.OrderedDict)
         except ValueError as ex:
             print(ex.message)
@@ -67 +68 @@
         self.key = key
         self.value = value
+
+    def __eq__(self, other):
+        return type(self) is type(other) and self.__dict__ == other.__dict__
 
     @classmethod
@@ -121 +125 @@
             policy_delivery = target_policy_delivery.get_another_policy(
                 supported_delivery_types[0])
-        elif type(obj) == dict:
+        elif isinstance(obj, dict):
             policy_delivery = PolicyDelivery(obj['deliveryType'], obj['key'],
                                              obj['value'])
@@ -148 +152 @@
             else:
                 return PolicyDelivery(delivery_type, self.key, 'no-referrer')
+        elif self.key == 'mixedContent':
+            if self.value == 'opt-in':
+                return PolicyDelivery(delivery_type, self.key, None)
+            else:
+                return PolicyDelivery(delivery_type, self.key, 'opt-in')
+        elif self.key == 'upgradeInsecureRequests':
+            if self.value == 'upgrade':
+                return PolicyDelivery(delivery_type, self.key, None)
+            else:
+                return PolicyDelivery(delivery_type, self.key, 'upgrade')
         else:
             raise Exception('delivery key is invalid: ' + self.key)
@@ -157 +171 @@
         self.source_context_type = source_context_type
         self.policy_deliveries = policy_deliveries
+
+    def __eq__(self, other):
+        return type(self) is type(other) and self.__dict__ == other.__dict__
 
     @classmethod

trunk/LayoutTests/imported/w3c/web-platform-tests/common/security-features/tools/w3c-import.log

@@ -17 +17 @@
 /LayoutTests/imported/w3c/web-platform-tests/common/security-features/tools/format_spec_src_json.py
 /LayoutTests/imported/w3c/web-platform-tests/common/security-features/tools/generate.py
+/LayoutTests/imported/w3c/web-platform-tests/common/security-features/tools/spec.src.json
 /LayoutTests/imported/w3c/web-platform-tests/common/security-features/tools/spec_validator.py
 /LayoutTests/imported/w3c/web-platform-tests/common/security-features/tools/util.py

trunk/LayoutTests/imported/w3c/web-platform-tests/common/security-features/w3c-import.log

@@ -16 +16 @@
 List of files:
 /LayoutTests/imported/w3c/web-platform-tests/common/security-features/README.md
+/LayoutTests/imported/w3c/web-platform-tests/common/security-features/types.md

trunk/LayoutTests/imported/w3c/web-platform-tests/common/stringifiers.js

@@ -1 @@
-// Tests <http://heycam.github.io/webidl/#es-stringifier>.
+/**
+ * Runs tests for <http://heycam.github.io/webidl/#es-stringifier>.
+ * @param {Object} aObject - object to test
+ * @param {string} aAttribute - IDL attribute name that is annotated with `stringifier`
+ * @param {boolean} aIsUnforgeable - whether the IDL attribute is `[Unforgeable]`
+ */
 function test_stringifier_attribute(aObject, aAttribute, aIsUnforgeable) {
   // Step 1.
   test(function() {
     [null, undefined].forEach(function(v) {
-      assert_throws(new TypeError(), function() {
+      assert_throws_js(TypeError, function() {
         aObject.toString.call(v);
       });
@@ -16 +21 @@
     assert_false("Window" in window && aObject instanceof window.Window);
     [{}, window].forEach(function(v) {
-      assert_throws(new TypeError(), function() {
+      assert_throws_js(TypeError, function() {
         aObject.toString.call(v)
       });

trunk/LayoutTests/imported/w3c/web-platform-tests/common/subset-tests-by-key.js

@@ -1 @@
-// Only test a subset of tests with ?include=Foo or ?exclude=Foo in the URL.
-// Can be used together with <meta name="variant" content="...">
-// Sample usage:
-// for (const test of tests) {
-//   subsetTestByKey("Foo", async_test, test.fn, test.name);
-// }
 (function() {
   var subTestKeyPattern = null;
@@ -49 +43 @@
     }
   }
+  /**
+   * Check if `key` is in the subset specified in the URL.
+   * @param {string} key
+   * @returns {boolean}
+   */
   function shouldRunSubTest(key) {
     if (key && subTestKeyPattern) {
@@ -59 +58 @@
     return true;
   }
-  function subsetTestByKey(key, testFunc, ...args) {
+  /**
+   * Only test a subset of tests with `?include=Foo` or `?exclude=Foo` in the URL.
+   * Can be used together with `<meta name="variant" content="...">`
+   * Sample usage:
+   * for (const test of tests) {
+   *   subsetTestByKey("Foo", async_test, test.fn, test.name);
+   * }
+   */
+   function subsetTestByKey(key, testFunc, ...args) {
     if (collectKeys) {
       if (collectCounts && key in keys) {

trunk/LayoutTests/imported/w3c/web-platform-tests/common/subset-tests.js

@@ -1 @@
-// Only test a subset of tests with, e.g., ?1-10 in the URL.
-// Can be used together with <meta name="variant" content="...">
-// Sample usage:
-// for (const test of tests) {
-//   subsetTest(async_test, test.fn, test.name);
-// }
 (function() {
   var subTestStart = 0;
@@ -38 +32 @@
     }
   }
+  /**
+   * Check if `currentSubTest` is in the subset specified in the URL.
+   * @param {number} currentSubTest
+   * @returns {boolean}
+   */
   function shouldRunSubTest(currentSubTest) {
     return currentSubTest >= subTestStart && currentSubTest <= subTestEnd;
   }
   var currentSubTest = 0;
+  /**
+   * Only test a subset of tests with, e.g., `?1-10` in the URL.
+   * Can be used together with `<meta name="variant" content="...">`
+   * Sample usage:
+   * for (const test of tests) {
+   *   subsetTest(async_test, test.fn, test.name);
+   * }
+   */
   function subsetTest(testFunc, ...args) {
     currentSubTest++;

trunk/LayoutTests/imported/w3c/web-platform-tests/common/test-setting-immutable-prototype.js

@@ -1 +1 @@
 self.testSettingImmutablePrototypeToNewValueOnly =
-  (prefix, target, newValue, newValueString, { isSameOriginDomain }) => {
+  (prefix, target, newValue, newValueString, { isSameOriginDomain },
+   targetGlobal = window) => {
   test(() => {
-    assert_throws(new TypeError, () => {
+    assert_throws_js(TypeError, () => {
       Object.setPrototypeOf(target, newValue);
     });
@@ -10 +11 @@
   let dunderProtoErrorName = "\"SecurityError\" DOMException";
   if (isSameOriginDomain) {
-    dunderProtoError = new TypeError();
+    // We're going to end up calling the __proto__ setter, which will
+    // enter the Realm of targetGlobal before throwing.
+    dunderProtoError = targetGlobal.TypeError;
     dunderProtoErrorName = "TypeError";
   }
 
   test(() => {
-    assert_throws(dunderProtoError, function() {
+    const func = function() {
       target.__proto__ = newValue;
-    });
+    };
+    if (isSameOriginDomain) {
+      assert_throws_js(dunderProtoError, func);
+    } else {
+      assert_throws_dom(dunderProtoError, func);
+    }
   }, `${prefix}: setting the prototype to ${newValueString} via __proto__ should throw a ${dunderProtoErrorName}`);
 
@@ -26 +34 @@
 
 self.testSettingImmutablePrototype =
-  (prefix, target, originalValue, { isSameOriginDomain }, newValue = {}, newValueString = "an empty object") => {
-  testSettingImmutablePrototypeToNewValueOnly(prefix, target, newValue, newValueString, { isSameOriginDomain });
+  (prefix, target, originalValue, { isSameOriginDomain }, targetGlobal = window) => {
+  const newValue = {};
+  const newValueString = "an empty object";
+  testSettingImmutablePrototypeToNewValueOnly(prefix, target, newValue, newValueString, { isSameOriginDomain }, targetGlobal);
 
   const originalValueString = originalValue === null ? "null" : "its original value";
@@ -45 +55 @@
   } else {
     test(() => {
-      assert_throws("SecurityError", function() {
+      assert_throws_dom("SecurityError", function() {
         target.__proto__ = newValue;
       });

trunk/LayoutTests/imported/w3c/web-platform-tests/common/utils.js

@@ +1 @@
+/**
+ * Create an absolute URL from `options` and defaulting unspecified properties to `window.location`.
+ * @param {Object} options - a `Location`-like object
+ * @param {string} options.hostname
+ * @param {string} options.subdomain - prepend subdomain to the hostname
+ * @param {string} options.port
+ * @param {string} options.path
+ * @param {string} options.query
+ * @param {string} options.hash
+ * @returns {string}
+ */
 function make_absolute_url(options) {
     var loc = window.location;
@@ -42 +53 @@
 }
 
+/** @private */
 function get(obj, name, default_val) {
     if (obj.hasOwnProperty(name)) {
@@ -49 +61 @@
 }
 
+/**
+ * Generate a new UUID.
+ * @returns {string}
+ */
 function token() {
     var uuid = [to_hex(rand_int(32), 8),
@@ -58 +74 @@
 }
 
+/** @private */
 function rand_int(bits) {
     if (bits < 1 || bits > 53) {
@@ -72 +89 @@
 }
 
+/** @private */
 function to_hex(x, length) {
     var rv = x.toString(16);

trunk/LayoutTests/imported/w3c/web-platform-tests/common/w3c-import.log

@@ -39 +39 @@
 /LayoutTests/imported/w3c/web-platform-tests/common/reftest-wait.js
 /LayoutTests/imported/w3c/web-platform-tests/common/reftest-wait.js.headers
+/LayoutTests/imported/w3c/web-platform-tests/common/rendering-utils.js
+/LayoutTests/imported/w3c/web-platform-tests/common/sab.js
 /LayoutTests/imported/w3c/web-platform-tests/common/slow.py
 /LayoutTests/imported/w3c/web-platform-tests/common/stringifiers.js

trunk/LayoutTests/imported/w3c/web-platform-tests/common/worklet-reftest.js

@@ -1 @@
-// Imports code into a worklet. E.g.
-//
-// importWorklet(CSS.paintWorklet, {url: 'script.js'});
-// importWorklet(CSS.paintWorklet, '/* javascript string */');
+/**
+ * Imports code into a worklet. E.g.
+ *
+ * importWorklet(CSS.paintWorklet, {url: 'script.js'});
+ * importWorklet(CSS.paintWorklet, '(javascript string)');
+ *
+ * @param {Worklet} worklet
+ * @param {(Object|string)} code
+ */
 function importWorklet(worklet, code) {
     let url;
@@ -15 +20 @@
 }
 
+/** @private */
 async function animationFrames(frames) {
   for (let i = 0; i < frames; i++)
@@ -20 +26 @@
 }
 
+/** @private */
 async function workletPainted() {
     await animationFrames(2);
 }
 
-// To make sure that we take the snapshot at the right time, we do double
-// requestAnimationFrame. In the second frame, we take a screenshot, that makes
-// sure that we already have a full frame.
+/**
+ * To make sure that we take the snapshot at the right time, we do double
+ * requestAnimationFrame. In the second frame, we take a screenshot, that makes
+ * sure that we already have a full frame.
+ *
+ * @param {Worklet} worklet
+ * @param {(Object|string)} code
+ */
 async function importWorkletAndTerminateTestAfterAsyncPaint(worklet, code) {
     if (typeof worklet === 'undefined') {

trunk/LayoutTests/imported/w3c/web-platform-tests/html/browsers/history/the-location-interface/location-prototype-setting-same-origin-domain.sub-expected.txt

@@ -4 +4 @@
 FAIL Same-origin-domain prerequisite check: the original prototype is accessible assert_not_equals: got disallowed value null
 PASS Same-origin-domain: setting the prototype to an empty object via Object.setPrototypeOf should throw a TypeError 
-FAIL Same-origin-domain: setting the prototype to an empty object via __proto__ should throw a TypeError assert_throws: function "function () {
+FAIL Same-origin-domain: setting the prototype to an empty object via __proto__ should throw a TypeError assert_throws_js: function "function () {
       target.__proto__ = newValue;
-    }" threw object "SecurityError: Blocked a frame with origin "http://localhost:8800" from accessing a cross-origin frame. Protocols, domains, and ports must match." ("SecurityError") expected object "TypeError" ("TypeError")
+    }" threw object "SecurityError: Blocked a frame with origin "http://localhost:8800" from accessing a cross-origin frame. Protocols, domains, and ports must match." ("SecurityError") expected instance of function "function TypeError() {
+    [native code]
+}" ("TypeError")
 PASS Same-origin-domain: setting the prototype to an empty object via Reflect.setPrototypeOf should return false 
 PASS Same-origin-domain: the prototype must still be null 

trunk/LayoutTests/imported/w3c/web-platform-tests/html/browsers/the-windowproxy-exotic-object/windowproxy-prototype-setting-same-origin-domain.sub-expected.txt

@@ -4 +4 @@
 FAIL Same-origin-domain prerequisite check: the original prototype is accessible assert_not_equals: got disallowed value null
 PASS Same-origin-domain: setting the prototype to an empty object via Object.setPrototypeOf should throw a TypeError 
-FAIL Same-origin-domain: setting the prototype to an empty object via __proto__ should throw a TypeError assert_throws: function "function () {
+FAIL Same-origin-domain: setting the prototype to an empty object via __proto__ should throw a TypeError assert_throws_js: function "function () {
       target.__proto__ = newValue;
-    }" threw object "SecurityError: Blocked a frame with origin "http://localhost:8800" from accessing a cross-origin frame. Protocols, domains, and ports must match." ("SecurityError") expected object "TypeError" ("TypeError")
+    }" threw object "SecurityError: Blocked a frame with origin "http://localhost:8800" from accessing a cross-origin frame. Protocols, domains, and ports must match." ("SecurityError") expected instance of function "function TypeError() {
+    [native code]
+}" ("TypeError")
 PASS Same-origin-domain: setting the prototype to an empty object via Reflect.setPrototypeOf should return false 
 PASS Same-origin-domain: the prototype must still be null