mirror of
https://github.com/mozilla/gecko-dev.git
synced 2025-11-10 05:08:36 +02:00
22d659d74e
Automatic update from web-platform-tests Connect document.requestStorageAccess() to NetworkService This change plumbs successful Document::RequestStorageAccess calls from blink to the RenderFrameHost and subsequently into the BrowserContentClient and CookieManager. This call also ensures that the default StoragePartition in the NetworkService is called to update the set of storage access grants it has. The original callback in the Document is gated upon the successful update of the StoragePartition; this is to ensure no race exists between the renderer process receiving notice of access being granted and the grant(s) actually being delivered to the StoragePartition. Currently only the default partition is signaled to ensure state is not leaked across guest partitions. Future changes will amend the added methods to ensure that new grants are conditionally added to the appropriate CONTENT_SETTINGS_* to persist and that those settings are delivered to the NetworkService CookieManager properly. This change focuses on the proper plumbing and conditional callback when access is requested from a renderer's Document. New mojo methods have been added to the CookieManager and FrameHost interfaces to facilitate updating storage grants and request storage access respectively. As the renderer process may not be trustworthy the FrameHost method is guarded by a feature control check to ensure the feature is actually enabled before allowing the call to proceed. Browser and unit tests have been added to validate newly added surface area and a WPT test case has been added to validate the end to end scenario. In order to facilitate the non-blink feature flag configuration required to run the new test case a virtual test suite `virtual/storage-access-api` has been added to pass the --enable-features=StorageAccessAPI flag to the test binaries. Bug: 989663 Change-Id: Icaf964097f765ae94d4973633a05beb9bdc8c962 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1833481 Commit-Queue: Brandon Maslen <brandm@microsoft.com> Reviewed-by: Matt Falkenhagen <falken@chromium.org> Reviewed-by: Balazs Engedy <engedy@chromium.org> Reviewed-by: Richard Coles <torne@chromium.org> Reviewed-by: Mike West <mkwst@chromium.org> Reviewed-by: Theresa <twellington@chromium.org> Reviewed-by: Finnur Thorarinsson <finnur@chromium.org> Reviewed-by: Ilya Sherman <isherman@chromium.org> Reviewed-by: Maksim Orlovich <morlovich@chromium.org> Reviewed-by: Tao Bai <michaelbai@chromium.org> Reviewed-by: Bret Sepulveda <bsep@chromium.org> Cr-Commit-Position: refs/heads/master@{#742422} -- wpt-commits: 7a0c45dacd346df8cd6dc4e1a040ad8d68526cc7 wpt-pr: 19436
67 lines
3.1 KiB
JavaScript
67 lines
3.1 KiB
JavaScript
// META: script=helpers.js
|
|
'use strict';
|
|
|
|
// Unless overridden by a query string we expect access to be granted. This lets
|
|
// us re-use this test file within various iframes of differing origin.
|
|
let expectAccessAllowed = true;
|
|
|
|
// Prefix each test case with an indicator so we know what context they are run in
|
|
// if they are used in multiple iframes.
|
|
let testPrefix = "top-level-context";
|
|
|
|
// Keep track of if we run these tests in a nested context, we don't want to
|
|
// recurse forever.
|
|
let topLevelDocument = true;
|
|
|
|
// Check if we were called with a query string of allowed=false. This would
|
|
// indicate we expect the access to be denied.
|
|
let queryParams = window.location.search.substring(1).split("&");
|
|
queryParams.forEach(function (param, index) {
|
|
if (param.toLowerCase() == "allowed=false") {
|
|
expectAccessAllowed = false;
|
|
} else if (param.toLowerCase() == "rootdocument=false") {
|
|
topLevelDocument = false;
|
|
} else if (param.split("=")[0].toLowerCase() == "testcase") {
|
|
testPrefix = param.split("=")[1];
|
|
}
|
|
});
|
|
|
|
// Common tests to run in all frames.
|
|
test(() => {
|
|
assert_not_equals(document.hasStorageAccess, undefined);
|
|
}, "[" + testPrefix + "] document.hasStorageAccess() should be supported on the document interface");
|
|
|
|
promise_test(() => {
|
|
return document.hasStorageAccess().then(hasAccess => {
|
|
assert_equals(hasAccess, expectAccessAllowed, "Access should be granted by default: " + expectAccessAllowed);
|
|
});
|
|
}, "[" + testPrefix + "] document.hasStorageAccess() should be allowed by default: " + expectAccessAllowed);
|
|
|
|
promise_test(() => {
|
|
let createdDocument = document.implementation.createDocument("", null);
|
|
|
|
return createdDocument.hasStorageAccess().then(hasAccess => {
|
|
assert_false(hasAccess, "Access should be denied to a generated document not part of the DOM.");
|
|
});
|
|
}, "[" + testPrefix + "] document.hasStorageAccess() should work on a document object.");
|
|
|
|
// Logic to load test cases within combinations of iFrames.
|
|
if (topLevelDocument) {
|
|
// This specific test will run only as a top level test (not as a worker).
|
|
// Specific hasStorageAccess() scenarios will be tested within the context
|
|
// of various iFrames
|
|
|
|
// Create a test with a single-child same-origin iframe.
|
|
RunTestsInIFrame("hasStorageAccess.sub.window.html?testCase=same-origin-frame&rootdocument=false");
|
|
|
|
// Create a test with a single-child cross-origin iframe.
|
|
RunTestsInIFrame("http://{{domains[www]}}:{{ports[http][0]}}/storage-access-api/hasStorageAccess.sub.window.html?testCase=cross-origin-frame&allowed=false&rootdocument=false");
|
|
|
|
// Validate the nested-iframe scenario where the same-origin frame containing
|
|
// the tests is not the first child.
|
|
RunTestsInNestedIFrame("hasStorageAccess.sub.window.html?testCase=nested-same-origin-frame&rootdocument=false");
|
|
|
|
// Validate the nested-iframe scenario where the cross-origin frame containing
|
|
// the tests is not the first child.
|
|
RunTestsInNestedIFrame("http://{{domains[www]}}:{{ports[http][0]}}/storage-access-api/hasStorageAccess.sub.window.html?testCase=nested-cross-origin-frame&allowed=false&rootdocument=false");
|
|
}
|