From 72c7cfed684554c0d65b7a33d413df9ae1c5999f Mon Sep 17 00:00:00 2001
From: Hiroki Nakagawa <nhiroki@chromium.org>
Date: Thu, 31 May 2018 18:16:38 -0700
Subject: [PATCH] Worker: Change the default credentials option from 'omit' to
 'same-origin'

This is a follow-up for the spec change:
https://github.com/whatwg/html/pull/3656

Note that ES Modules for dedicated workers is still behind the flag and this
change doesn't affect applications in the real world.

Bug: 848247
Change-Id: I25083f3f11f9d13663e16e2f4c137095e9b12b01
Reviewed-on: https://chromium-review.googlesource.com/1080668
Reviewed-by: Matt Falkenhagen <falken@chromium.org>
Commit-Queue: Hiroki Nakagawa <nhiroki@chromium.org>
Cr-Commit-Position: refs/heads/master@{#563465}
---
 .../dedicated-worker-options-credentials.html | 57 +++++++++++--------
 1 file changed, 32 insertions(+), 25 deletions(-)

diff --git a/workers/modules/dedicated-worker-options-credentials.html b/workers/modules/dedicated-worker-options-credentials.html
index 316b01d789c7b3..6603eb9be9b8f0 100644
--- a/workers/modules/dedicated-worker-options-credentials.html
+++ b/workers/modules/dedicated-worker-options-credentials.html
@@ -17,61 +17,68 @@
     return 'COOKIE_VALUE';
   assert_equals(options.type, 'module');
 
-  if (!options.credentials || options.credentials == 'omit')
-    return '';
-  if (options.credentials == 'same-origin' || options.credentials == 'include')
+  if (!options.credentials ||
+      options.credentials == 'same-origin' ||
+      options.credentials == 'include') {
     return 'COOKIE_VALUE';
+  }
+  if (options.credentials == 'omit')
+    return '';
   assert_unreached('Invalid credentials option was specified: ' +
                    options.credentials);
 }
 
 // Runs a credentials test with the given WorkerOptions.
-async function runCredentialsTest(options) {
-  const worker = new Worker('resources/credentials.py', options);
+function credentials_test(options, description) {
+  promise_test(async () => {
+    const worker = new Worker('resources/credentials.py', options);
 
-  // Wait until the worker sends the actual cookie value.
-  const msg_event = await new Promise(resolve => worker.onmessage = resolve);
+    // Wait until the worker sends the actual cookie value.
+    const msg_event = await new Promise(resolve => worker.onmessage = resolve);
 
-  const expectedCookieValue = DetermineExpectedCookieValue(options);
-  assert_equals(msg_event.data, expectedCookieValue);
+    const expectedCookieValue = DetermineExpectedCookieValue(options);
+    assert_equals(msg_event.data, expectedCookieValue);
+  }, description);
 }
 
 // Tests for module scripts.
 
-promise_test(() => runCredentialsTest({ type: 'module'}),
-    'new Worker() with the default credentials option should not send ' +
-    'the credentials');
+credentials_test(
+    { type: 'module'},
+    'new Worker() with the default credentials option should behave as ' +
+    'credentials=same-origin and send the credentials');
 
-promise_test(() => runCredentialsTest({ credentials: 'omit',
-                                        type: 'module' }),
+credentials_test(
+    { credentials: 'omit', type: 'module' },
     'new Worker() with credentials=omit should not send the credentials');
 
-promise_test(() => runCredentialsTest({ credentials: 'same-origin',
-                                        type: 'module' }),
+credentials_test(
+    { credentials: 'same-origin', type: 'module' },
     'new Worker() with credentials=same-origin should send the credentials');
 
-promise_test(() => runCredentialsTest({ credentials: 'include',
-                                        type: 'module' }),
+credentials_test(
+    { credentials: 'include', type: 'module' },
     'new Worker() with credentials=include should send the credentials');
 
 // Tests for classic scripts.
 
-promise_test(() => runCredentialsTest({ type: 'classic' }),
+credentials_test(
+    { type: 'classic' },
     'new Worker() with type=classic should always send the credentials ' +
     'regardless of the credentials option (default).');
 
-promise_test(() => runCredentialsTest({ credentials: 'omit',
-                                        type: 'classic' }),
+credentials_test(
+    { credentials: 'omit', type: 'classic' },
     'new Worker() with type=classic should always send the credentials ' +
     'regardless of the credentials option (omit).');
 
-promise_test(() => runCredentialsTest({ credentials: 'same-origin',
-                                        type: 'classic' }),
+credentials_test(
+    { credentials: 'same-origin', type: 'classic' },
     'new Worker() with type=classic should always send the credentials ' +
     'regardless of the credentials option (same-origin).');
 
-promise_test(() => runCredentialsTest({ credentials: 'include',
-                                        type: 'classic' }),
+credentials_test(
+    { credentials: 'include', type: 'classic' },
     'new Worker() with type=classic should always send the credentials ' +
     'regardless of the credentials option (include).');