diff --git a/dom/script/ScriptLoader.cpp b/dom/script/ScriptLoader.cpp index a510b49ca373c..3e00f58a9b648 100644 --- a/dom/script/ScriptLoader.cpp +++ b/dom/script/ScriptLoader.cpp @@ -6761,20 +6761,8 @@ CORSMode = = CORS_NONE -) -{ -securityFlags | -= -nsILoadInfo -: -: -SEC_COOKIES_OMIT -; -} -else -if -( +| aRequest - > diff --git a/testing/web-platform/meta/html/semantics/scripting-1/the-script-element/module/dynamic-import/dynamic-imports-credentials.sub.html.ini b/testing/web-platform/meta/html/semantics/scripting-1/the-script-element/module/dynamic-import/dynamic-imports-credentials.sub.html.ini new file mode 100644 index 0000000000000..a9d1c9be7c9f1 --- /dev/null +++ b/testing/web-platform/meta/html/semantics/scripting-1/the-script-element/module/dynamic-import/dynamic-imports-credentials.sub.html.ini @@ -0,0 +1,45 @@ +[ +dynamic +- +imports +- +credentials +. +sub +. +html +] +[ +Dynamic +imports +should +be +loaded +with +or +without +the +credentials +based +on +the +same +- +origin +- +ness +and +the +parent +script +' +s +crossOrigin +attribute +] +expected +: +FAIL +bug +: +1342012 diff --git a/testing/web-platform/meta/html/semantics/scripting-1/the-script-element/module/dynamic-import/dynamic-imports-fetch-error.sub.html.ini b/testing/web-platform/meta/html/semantics/scripting-1/the-script-element/module/dynamic-import/dynamic-imports-fetch-error.sub.html.ini index acfc03195191c..bd907772f94b7 100644 --- a/testing/web-platform/meta/html/semantics/scripting-1/the-script-element/module/dynamic-import/dynamic-imports-fetch-error.sub.html.ini +++ b/testing/web-platform/meta/html/semantics/scripting-1/the-script-element/module/dynamic-import/dynamic-imports-fetch-error.sub.html.ini @@ -25,3 +25,6 @@ fetching expected : FAIL +bug +: +1342012 diff --git a/testing/web-platform/tests/html/semantics/scripting-1/the-script-element/module/credentials.sub.html b/testing/web-platform/tests/html/semantics/scripting-1/the-script-element/module/credentials.sub.html index 04b2a509e7a78..24a9079d7f9ae 100644 --- a/testing/web-platform/tests/html/semantics/scripting-1/the-script-element/module/credentials.sub.html +++ b/testing/web-platform/tests/html/semantics/scripting-1/the-script-element/module/credentials.sub.html @@ -327,7 +327,6 @@ . sameOriginNone ' -not found ' ' @@ -335,7 +334,7 @@ should be loaded -without +with the credentials when @@ -447,9 +446,10 @@ ' Modules should +not be loaded -without +with the credentials when @@ -481,9 +481,10 @@ ' Modules should +not be loaded -without +with the credentials when @@ -554,18 +555,17 @@ ( w . -sameOriginNoneDecendent +sameOriginNoneDescendant ' -not found ' ' -Decendent +Descendant modules should be loaded -without +with the credentials when @@ -589,12 +589,12 @@ ( w . -sameOriginAnonymousDecendent +sameOriginAnonymousDescendant ' found ' ' -Decendent +Descendant modules should be @@ -629,12 +629,12 @@ ( w . -sameOriginUseCredentialsDecendent +sameOriginUseCredentialsDescendant ' found ' ' -Decendent +Descendant modules should be @@ -671,18 +671,19 @@ ( w . -crossOriginNoneDecendent +crossOriginNoneDescendant ' not found ' ' -Decendent +Descendant modules should +not be loaded -without +with the credentials when @@ -706,18 +707,19 @@ ( w . -crossOriginAnonymousDecendent +crossOriginAnonymousDescendant ' not found ' ' -Decendent +Descendant modules should +not be loaded -without +with the credentials when @@ -747,12 +749,12 @@ ( w . -crossOriginUseCredentialsDecendent +crossOriginUseCredentialsDescendant ' found ' ' -Decendent +Descendant modules should be diff --git a/testing/web-platform/tests/html/semantics/scripting-1/the-script-element/module/dynamic-import/dynamic-imports-credentials.sub.html b/testing/web-platform/tests/html/semantics/scripting-1/the-script-element/module/dynamic-import/dynamic-imports-credentials.sub.html new file mode 100644 index 0000000000000..5ea6788a20834 --- /dev/null +++ b/testing/web-platform/tests/html/semantics/scripting-1/the-script-element/module/dynamic-import/dynamic-imports-credentials.sub.html @@ -0,0 +1,618 @@ +< +! +DOCTYPE +html +> +< +meta +charset += +" +utf +- +8 +" +> +< +script +src += +" +/ +resources +/ +testharness +. +js +" +> +< +/ +script +> +< +script +src += +" +/ +resources +/ +testharnessreport +. +js +" +> +< +/ +script +> +< +script +src += +" +/ +common +/ +get +- +host +- +info +. +sub +. +js +" +> +< +/ +script +> +< +script +type += +" +text +/ +javascript +" +> +host_info += +get_host_info +( +) +; +document +. +cookie += +' +same += +1 +' +; +const +setCookiePromise += +fetch +( +' +http +: +/ +/ +{ +{ +domains +[ +www2 +] +} +} +: +{ +{ +ports +[ +http +] +[ +0 +] +} +} +/ +cookies +/ +resources +/ +set +- +cookie +. +py +? +name += +cross +& +path += +/ +html +/ +semantics +/ +scripting +- +1 +/ +the +- +script +- +element +/ +module +/ +' +{ +mode +: +' +no +- +cors +' +credentials +: +' +include +' +} +) +; +const +windowLoadPromise += +new +Promise +( +resolve += +> +{ +window +. +addEventListener +( +' +load +' +( +) += +> +{ +resolve +( +) +; +} +) +; +} +) +; +promise_test +( +t += +> +{ +const +iframe += +document +. +createElement +( +' +iframe +' +) +; +return +Promise +. +all +( +[ +setCookiePromise +windowLoadPromise +] +) +. +then +( +( +) += +> +{ +const +messagePromise += +new +Promise +( +resolve += +> +{ +window +. +addEventListener +( +' +message +' +event += +> +{ +resolve +( +) +; +} +) +; +} +) +; +iframe +. +src += +' +. +. +/ +resources +/ +dynamic +- +import +- +credentials +- +iframe +. +sub +. +html +' +; +document +. +body +. +appendChild +( +iframe +) +; +return +messagePromise +; +} +) +. +then +( +( +) += +> +{ +const +w += +iframe +. +contentWindow +; +assert_equals +( +w +. +sameOriginNoneDynamicDescendant +' +found +' +' +Dynamic +descendant +modules +should +be +loaded +with +the +credentials +when +the +crossOrigin +attribute +is +not +specified +and +the +target +is +same +- +origin +' +) +; +assert_equals +( +w +. +sameOriginAnonymousDynamicDescendant +' +found +' +' +Dynamic +descendant +modules +should +be +loaded +with +the +credentials +when +the +crossOrigin +attribute +is +specified +with +" +anonymous +" +as +its +value +and +the +target +is +same +- +origin +' +) +; +assert_equals +( +w +. +sameOriginUseCredentialsDynamicDescendant +' +found +' +' +Dynamic +descendant +modules +should +be +loaded +with +the +credentials +when +the +crossOrigin +attribute +is +specified +with +" +use +- +credentials +" +as +its +value +and +the +target +is +same +- +origin +' +) +; +assert_equals +( +w +. +crossOriginNoneDynamicDescendant +' +not +found +' +' +Dynamic +descendant +modules +should +not +be +loaded +with +the +credentials +when +the +crossOrigin +attribute +is +not +specified +and +the +target +is +cross +- +origin +' +) +; +assert_equals +( +w +. +crossOriginAnonymousDynamicDescendant +' +not +found +' +' +Dynamic +descendant +modules +should +not +be +loaded +with +the +credentials +when +the +crossOrigin +attribute +is +specified +with +" +anonymous +" +as +its +value +and +the +target +is +cross +- +origin +' +) +; +assert_equals +( +w +. +crossOriginUseCredentialsDynamicDescendant +' +found +' +' +Dynamic +descendant +modules +should +be +loaded +with +the +credentials +when +the +crossOrigin +attribute +is +specified +with +" +use +- +credentials +" +as +its +value +and +the +target +is +cross +- +origin +' +) +; +} +) +; +} +' +Dynamic +imports +should +be +loaded +with +or +without +the +credentials +based +on +the +same +- +origin +- +ness +and +the +parent +script +\ +' +s +crossOrigin +attribute +' +) +; +< +/ +script +> +< +body +> +< +/ +body +> diff --git a/testing/web-platform/tests/html/semantics/scripting-1/the-script-element/module/resources/credentials-iframe.sub.html b/testing/web-platform/tests/html/semantics/scripting-1/the-script-element/module/resources/credentials-iframe.sub.html index 103a0b0a9ab62..7b355fc8eef90 100644 --- a/testing/web-platform/tests/html/semantics/scripting-1/the-script-element/module/resources/credentials-iframe.sub.html +++ b/testing/web-platform/tests/html/semantics/scripting-1/the-script-element/module/resources/credentials-iframe.sub.html @@ -360,7 +360,7 @@ ? id = -sameOriginNoneDecendent +sameOriginNoneDescendant & cookieName = @@ -396,7 +396,7 @@ ? id = -sameOriginAnonymousDecendent +sameOriginAnonymousDescendant & cookieName = @@ -434,7 +434,7 @@ ? id = -sameOriginUseCredentialsDecendent +sameOriginUseCredentialsDescendant & cookieName = @@ -506,7 +506,7 @@ ? id = -crossOriginNoneDecendent +crossOriginNoneDescendant & cookieName = @@ -583,7 +583,7 @@ ? id = -crossOriginAnonymousDecendent +crossOriginAnonymousDescendant & cookieName = @@ -662,7 +662,7 @@ ? id = -crossOriginUseCredentialsDecendent +crossOriginUseCredentialsDescendant & cookieName = diff --git a/testing/web-platform/tests/html/semantics/scripting-1/the-script-element/module/resources/dynamic-import-credentials-iframe.sub.html b/testing/web-platform/tests/html/semantics/scripting-1/the-script-element/module/resources/dynamic-import-credentials-iframe.sub.html new file mode 100644 index 0000000000000..b3046c3750143 --- /dev/null +++ b/testing/web-platform/tests/html/semantics/scripting-1/the-script-element/module/resources/dynamic-import-credentials-iframe.sub.html @@ -0,0 +1,391 @@ +< +! +DOCTYPE +html +> +< +script +type += +" +module +" +> +import +( +" +. +/ +check +- +cookie +. +py +? +id += +sameOriginNoneDynamicDescendant +& +cookieName += +same +" +) +; +< +/ +script +> +< +script +type += +" +module +" +crossOrigin += +" +anonymous +" +> +import +( +" +. +/ +check +- +cookie +. +py +? +id += +sameOriginAnonymousDynamicDescendant +& +cookieName += +same +" +) +; +< +/ +script +> +< +script +type += +" +module +" +crossOrigin += +" +use +- +credentials +" +> +import +( +" +. +/ +check +- +cookie +. +py +? +id += +sameOriginUseCredentialsDynamicDescendant +& +cookieName += +same +" +) +; +< +/ +script +> +< +script +type += +" +module +" +> +import +( +" +http +: +/ +/ +{ +{ +domains +[ +www2 +] +} +} +: +{ +{ +ports +[ +http +] +[ +0 +] +} +} +/ +html +/ +semantics +/ +scripting +- +1 +/ +the +- +script +- +element +/ +module +/ +resources +/ +check +- +cookie +. +py +? +id += +crossOriginNoneDynamicDescendant +& +cookieName += +cross +" +) +; +< +/ +script +> +< +script +type += +" +module +" +crossOrigin += +" +anonymous +" +> +import +( +" +http +: +/ +/ +{ +{ +domains +[ +www2 +] +} +} +: +{ +{ +ports +[ +http +] +[ +0 +] +} +} +/ +html +/ +semantics +/ +scripting +- +1 +/ +the +- +script +- +element +/ +module +/ +resources +/ +check +- +cookie +. +py +? +id += +crossOriginAnonymousDynamicDescendant +& +cookieName += +cross +" +) +; +< +/ +script +> +< +script +type += +" +module +" +crossOrigin += +" +use +- +credentials +" +> +import +( +" +http +: +/ +/ +{ +{ +domains +[ +www2 +] +} +} +: +{ +{ +ports +[ +http +] +[ +0 +] +} +} +/ +html +/ +semantics +/ +scripting +- +1 +/ +the +- +script +- +element +/ +module +/ +resources +/ +check +- +cookie +. +py +? +id += +crossOriginUseCredentialsDynamicDescendant +& +cookieName += +cross +" +) +; +< +/ +script +> +< +script +type += +" +text +/ +javascript +" +> +window +. +addEventListener +( +' +load +' +event += +> +{ +window +. +parent +. +postMessage +( +{ +} +' +* +' +) +; +} +) +; +< +/ +script +>