Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Worker: Change the default credentials option from 'omit' to 'same-origin' #11274

Merged
merged 1 commit into from
Jun 1, 2018
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
57 changes: 32 additions & 25 deletions workers/modules/dedicated-worker-options-credentials.html
Original file line number Diff line number Diff line change
Expand Up @@ -17,61 +17,68 @@
return 'COOKIE_VALUE';
assert_equals(options.type, 'module');

if (!options.credentials || options.credentials == 'omit')
return '';
if (options.credentials == 'same-origin' || options.credentials == 'include')
if (!options.credentials ||
options.credentials == 'same-origin' ||
options.credentials == 'include') {
return 'COOKIE_VALUE';
}
if (options.credentials == 'omit')
return '';
assert_unreached('Invalid credentials option was specified: ' +
options.credentials);
}

// Runs a credentials test with the given WorkerOptions.
async function runCredentialsTest(options) {
const worker = new Worker('resources/credentials.py', options);
function credentials_test(options, description) {
promise_test(async () => {
const worker = new Worker('resources/credentials.py', options);

// Wait until the worker sends the actual cookie value.
const msg_event = await new Promise(resolve => worker.onmessage = resolve);
// Wait until the worker sends the actual cookie value.
const msg_event = await new Promise(resolve => worker.onmessage = resolve);

const expectedCookieValue = DetermineExpectedCookieValue(options);
assert_equals(msg_event.data, expectedCookieValue);
const expectedCookieValue = DetermineExpectedCookieValue(options);
assert_equals(msg_event.data, expectedCookieValue);
}, description);
}

// Tests for module scripts.

promise_test(() => runCredentialsTest({ type: 'module'}),
'new Worker() with the default credentials option should not send ' +
'the credentials');
credentials_test(
{ type: 'module'},
'new Worker() with the default credentials option should behave as ' +
'credentials=same-origin and send the credentials');

promise_test(() => runCredentialsTest({ credentials: 'omit',
type: 'module' }),
credentials_test(
{ credentials: 'omit', type: 'module' },
'new Worker() with credentials=omit should not send the credentials');

promise_test(() => runCredentialsTest({ credentials: 'same-origin',
type: 'module' }),
credentials_test(
{ credentials: 'same-origin', type: 'module' },
'new Worker() with credentials=same-origin should send the credentials');

promise_test(() => runCredentialsTest({ credentials: 'include',
type: 'module' }),
credentials_test(
{ credentials: 'include', type: 'module' },
'new Worker() with credentials=include should send the credentials');

// Tests for classic scripts.

promise_test(() => runCredentialsTest({ type: 'classic' }),
credentials_test(
{ type: 'classic' },
'new Worker() with type=classic should always send the credentials ' +
'regardless of the credentials option (default).');

promise_test(() => runCredentialsTest({ credentials: 'omit',
type: 'classic' }),
credentials_test(
{ credentials: 'omit', type: 'classic' },
'new Worker() with type=classic should always send the credentials ' +
'regardless of the credentials option (omit).');

promise_test(() => runCredentialsTest({ credentials: 'same-origin',
type: 'classic' }),
credentials_test(
{ credentials: 'same-origin', type: 'classic' },
'new Worker() with type=classic should always send the credentials ' +
'regardless of the credentials option (same-origin).');

promise_test(() => runCredentialsTest({ credentials: 'include',
type: 'classic' }),
credentials_test(
{ credentials: 'include', type: 'classic' },
'new Worker() with type=classic should always send the credentials ' +
'regardless of the credentials option (include).');

Expand Down