From 1de7e8dd6dceb08d4c8300d9308e770d8a12eb63 Mon Sep 17 00:00:00 2001 From: Mike Pennisi Date: Tue, 17 Dec 2019 20:16:30 -0500 Subject: [PATCH 1/9] [html] Add tests for parsing COOP values --- .../header-parsing.https.html | 44 +++++++++++++++++++ .../resources/coop-same-origin-repeated.asis | 24 ++++++++++ 2 files changed, 68 insertions(+) create mode 100644 html/cross-origin-opener-policy/header-parsing.https.html create mode 100644 html/cross-origin-opener-policy/resources/coop-same-origin-repeated.asis diff --git a/html/cross-origin-opener-policy/header-parsing.https.html b/html/cross-origin-opener-policy/header-parsing.https.html new file mode 100644 index 00000000000000..0fef85f6e25239 --- /dev/null +++ b/html/cross-origin-opener-policy/header-parsing.https.html @@ -0,0 +1,44 @@ + + + + + + + +
+ diff --git a/html/cross-origin-opener-policy/resources/coop-same-origin-repeated.asis b/html/cross-origin-opener-policy/resources/coop-same-origin-repeated.asis new file mode 100644 index 00000000000000..082478e1599eb8 --- /dev/null +++ b/html/cross-origin-opener-policy/resources/coop-same-origin-repeated.asis @@ -0,0 +1,24 @@ +HTTP/1.1 200 OK +Cross-Origin-Opener-Policy: same-origin +Cross-Origin-Opener-Policy: same-origin +Server: BaseHTTP/0.3 Python/2.7.15+ +Date: Wed, 18 Dec 2019 00:47:08 GMT + + + + + + From 2843a5070abf872a57433c9ae1c4c2ee10ca8e2c Mon Sep 17 00:00:00 2001 From: Simon Pieters Date: Tue, 18 Aug 2020 14:56:16 +0200 Subject: [PATCH 2/9] Update tests to draft-ietf-httpbis-header-structure-19 and current HTML standard --- .../header-parsing.https.html | 24 ++++++++++++------- .../resources/common.js | 6 ++--- 2 files changed, 19 insertions(+), 11 deletions(-) diff --git a/html/cross-origin-opener-policy/header-parsing.https.html b/html/cross-origin-opener-policy/header-parsing.https.html index 0fef85f6e25239..94fef0a38c291b 100644 --- a/html/cross-origin-opener-policy/header-parsing.https.html +++ b/html/cross-origin-opener-policy/header-parsing.https.html @@ -13,24 +13,32 @@ // None of the following should be recognized as "same-origin" (hence the // "expected opener" value of `true`). - [SAME_ORIGIN, "same\u2014origin;", true], // non-ASCII character (em dash) + [SAME_ORIGIN, "same\u2014origin", true], // non-ASCII character (em dash) [SAME_ORIGIN, "same-origin;", true], - [SAME_ORIGIN, "same-origin\0", true], [SAME_ORIGIN, "\u000bsame-origin\u000b", true], // vertical tab [SAME_ORIGIN, "\u000csame-origin\u000c", true], // form feed [SAME_ORIGIN, "\u000dsame-origin\u000d", true], // carriage return [SAME_ORIGIN, "Same-origin", true], - [SAME_ORIGIN, "same-origin; foo=bar", true], - [SAME_ORIGIN, "\"same-origin\"", true], // HTTP structured header "string" item - [SAME_ORIGIN, "*c2FtZS1vcmlnaW4=*", true], // HTTP structured header "byte sequence" item + [SAME_ORIGIN, "same-origin;\tfoo=bar", true], + [SAME_ORIGIN, "same-origin ;foo=bar", true], + [SAME_ORIGIN, "same-origin; foo=bar;", true], + [SAME_ORIGIN, "\"same-origin\"", true], // HTTP structured fields "string" item + [SAME_ORIGIN, ":c2FtZS1vcmlnaW4=:", true], // HTTP structured fields "byte sequence" item + [SAME_ORIGIN, "?1", true], // HTTP structured fields "boolean" item + [SAME_ORIGIN, "1", true], // HTTP structured fields "integer or decimal" item + [SAME_ORIGIN, "$same-origin", true], // the item type is unrecognized [SAME_ORIGIN, "same-origin same-origin", true], [SAME_ORIGIN, "same-origin,same-origin", true], - [SAME_ORIGIN, "same-origin;same-origin", true], + [SAME_ORIGIN, "\tsame-origin", true], + [SAME_ORIGIN, "same-origin\t", true], + [SAME_ORIGIN, "*same-origin ", true], // All of the following should be recognized as "same-origin" (hence the // "expected opener" value of `false`). - [SAME_ORIGIN, " \tsame-origin", false], - [SAME_ORIGIN, "same-origin\t ", false], + [SAME_ORIGIN, " same-origin", false], + [SAME_ORIGIN, "same-origin ", false], + [SAME_ORIGIN, "same-origin;same-origin", false], + [SAME_ORIGIN, "same-origin; foo=bar", false], ]; run_coop_tests("unspecified", tests); diff --git a/html/cross-origin-opener-policy/resources/common.js b/html/cross-origin-opener-policy/resources/common.js index 8a3cd133734dc3..575ebc233432f7 100644 --- a/html/cross-origin-opener-policy/resources/common.js +++ b/html/cross-origin-opener-policy/resources/common.js @@ -63,7 +63,7 @@ function run_coop_tests(documentCOOPValueTitle, testArray) { coop_test(t, test[0], test[1], `${documentCOOPValueTitle}_to_${test[0].name}_${test[1].replace(/ /g,"-")}`, test[2], () => { t.done(); }); - }, `${documentCOOPValueTitle} document opening popup to ${test[0].origin} with COOP: "${test[1]}"`); + }, `${documentCOOPValueTitle} document opening popup to ${test[0].origin} with COOP: ${format_value(test[1])}`); } } @@ -91,5 +91,5 @@ function run_coop_test_iframe (documentTitle, iframe_origin, popup_origin, popup assert_equals(payload.name, expects_name? name:"", 'name'); }); document.body.append(frame); - }, `${documentTitle} with ${iframe_origin.name} iframe opening popup a ${popup_origin.name} with COOP: ${popup_coop}`); -} \ No newline at end of file + }, `${documentTitle} with ${iframe_origin.name} iframe opening popup a ${popup_origin.name} with COOP: ${format_value(popup_coop)}`); +} From 05c9fe2f02cbad74c225d645b690eb997ab033eb Mon Sep 17 00:00:00 2001 From: Simon Pieters Date: Wed, 19 Aug 2020 14:50:16 +0200 Subject: [PATCH 3/9] Fix tests - leading and trailing OWS are removed by HTTP --- html/cross-origin-opener-policy/header-parsing.https.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/html/cross-origin-opener-policy/header-parsing.https.html b/html/cross-origin-opener-policy/header-parsing.https.html index 94fef0a38c291b..a48a9383f7aa3c 100644 --- a/html/cross-origin-opener-policy/header-parsing.https.html +++ b/html/cross-origin-opener-policy/header-parsing.https.html @@ -29,14 +29,14 @@ [SAME_ORIGIN, "$same-origin", true], // the item type is unrecognized [SAME_ORIGIN, "same-origin same-origin", true], [SAME_ORIGIN, "same-origin,same-origin", true], - [SAME_ORIGIN, "\tsame-origin", true], - [SAME_ORIGIN, "same-origin\t", true], [SAME_ORIGIN, "*same-origin ", true], // All of the following should be recognized as "same-origin" (hence the // "expected opener" value of `false`). [SAME_ORIGIN, " same-origin", false], [SAME_ORIGIN, "same-origin ", false], + [SAME_ORIGIN, "\tsame-origin", true], + [SAME_ORIGIN, "same-origin\t", true], [SAME_ORIGIN, "same-origin;same-origin", false], [SAME_ORIGIN, "same-origin; foo=bar", false], ]; From 44ce78b28d4768cf657cc2e5c4cc321bd46de11c Mon Sep 17 00:00:00 2001 From: Simon Pieters Date: Thu, 20 Aug 2020 16:41:10 +0200 Subject: [PATCH 4/9] Fix typo --- html/cross-origin-opener-policy/header-parsing.https.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/html/cross-origin-opener-policy/header-parsing.https.html b/html/cross-origin-opener-policy/header-parsing.https.html index a48a9383f7aa3c..8abf85cc379ca3 100644 --- a/html/cross-origin-opener-policy/header-parsing.https.html +++ b/html/cross-origin-opener-policy/header-parsing.https.html @@ -35,8 +35,8 @@ // "expected opener" value of `false`). [SAME_ORIGIN, " same-origin", false], [SAME_ORIGIN, "same-origin ", false], - [SAME_ORIGIN, "\tsame-origin", true], - [SAME_ORIGIN, "same-origin\t", true], + [SAME_ORIGIN, "\tsame-origin", false], + [SAME_ORIGIN, "same-origin\t", false], [SAME_ORIGIN, "same-origin;same-origin", false], [SAME_ORIGIN, "same-origin; foo=bar", false], ]; From 9839b1545c3ff7c89741cbbac0e83612b8db9a0d Mon Sep 17 00:00:00 2001 From: Mike Pennisi Date: Thu, 20 Aug 2020 20:10:47 -0400 Subject: [PATCH 5/9] fixup! [html] Add tests for parsing COOP values --- html/cross-origin-opener-policy/resources/common.js | 2 +- html/cross-origin-opener-policy/resources/coop-coep.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/html/cross-origin-opener-policy/resources/common.js b/html/cross-origin-opener-policy/resources/common.js index 575ebc233432f7..f75cd63db94bf6 100644 --- a/html/cross-origin-opener-policy/resources/common.js +++ b/html/cross-origin-opener-policy/resources/common.js @@ -50,7 +50,7 @@ function url_test(t, url, channelName, hasOpener, openerDOMAccess, callback) { } function coop_coep_test(t, host, coop, coep, channelName, hasOpener, openerDOMAccess, callback) { - url_test(t, `${host.origin}/html/cross-origin-opener-policy/resources/coop-coep.py?coop=${encodeURIComponent(coop)}&coep=${coep}&channel=${channelName}`, channelName, hasOpener, openerDOMAccess, callback); + url_test(t, `${host.origin}/html/cross-origin-opener-policy/resources/coop-coep.py?coop=${encodeURIComponent(coop)}&coep=${coep}&channel=${encodeURIComponent(channelName)}`, channelName, hasOpener, openerDOMAccess, callback); } function coop_test(t, host, coop, channelName, hasOpener, callback) { diff --git a/html/cross-origin-opener-policy/resources/coop-coep.py b/html/cross-origin-opener-policy/resources/coop-coep.py index e0a3d90050a624..31490a162ba66f 100644 --- a/html/cross-origin-opener-policy/resources/coop-coep.py +++ b/html/cross-origin-opener-policy/resources/coop-coep.py @@ -70,7 +70,7 @@ def main(request, response): iframe.contentWindow.postMessage(payload, "*"); }; const channelName = new URL(location).searchParams.get("channel"); - iframe.src = `${get_host_info().HTTPS_ORIGIN}/html/cross-origin-opener-policy/resources/postback.html?channel=${channelName}`; + iframe.src = `${get_host_info().HTTPS_ORIGIN}/html/cross-origin-opener-policy/resources/postback.html?channel=${encodeURIComponent(channelName)}`; document.body.appendChild(iframe); } From 31c5e51917a5d25efe1587dd13165341d945c46b Mon Sep 17 00:00:00 2001 From: Simon Pieters Date: Mon, 24 Aug 2020 20:00:51 +0200 Subject: [PATCH 6/9] Test bytes by using URL percent encoding --- .../header-parsing.https.html | 46 +++++++++---------- .../resources/common.js | 6 +-- 2 files changed, 26 insertions(+), 26 deletions(-) diff --git a/html/cross-origin-opener-policy/header-parsing.https.html b/html/cross-origin-opener-policy/header-parsing.https.html index 8abf85cc379ca3..00ab2a2c462381 100644 --- a/html/cross-origin-opener-policy/header-parsing.https.html +++ b/html/cross-origin-opener-policy/header-parsing.https.html @@ -13,32 +13,32 @@ // None of the following should be recognized as "same-origin" (hence the // "expected opener" value of `true`). - [SAME_ORIGIN, "same\u2014origin", true], // non-ASCII character (em dash) - [SAME_ORIGIN, "same-origin;", true], - [SAME_ORIGIN, "\u000bsame-origin\u000b", true], // vertical tab - [SAME_ORIGIN, "\u000csame-origin\u000c", true], // form feed - [SAME_ORIGIN, "\u000dsame-origin\u000d", true], // carriage return - [SAME_ORIGIN, "Same-origin", true], - [SAME_ORIGIN, "same-origin;\tfoo=bar", true], - [SAME_ORIGIN, "same-origin ;foo=bar", true], - [SAME_ORIGIN, "same-origin; foo=bar;", true], - [SAME_ORIGIN, "\"same-origin\"", true], // HTTP structured fields "string" item - [SAME_ORIGIN, ":c2FtZS1vcmlnaW4=:", true], // HTTP structured fields "byte sequence" item - [SAME_ORIGIN, "?1", true], // HTTP structured fields "boolean" item - [SAME_ORIGIN, "1", true], // HTTP structured fields "integer or decimal" item - [SAME_ORIGIN, "$same-origin", true], // the item type is unrecognized - [SAME_ORIGIN, "same-origin same-origin", true], - [SAME_ORIGIN, "same-origin,same-origin", true], - [SAME_ORIGIN, "*same-origin ", true], + [SAME_ORIGIN, "same%FForigin", true], // non-ASCII byte 0xFF + [SAME_ORIGIN, encodeURIComponent("same-origin;"), true], + [SAME_ORIGIN, encodeURIComponent("\u000bsame-origin\u000b"), true], // vertical tab + [SAME_ORIGIN, encodeURIComponent("\u000csame-origin\u000c"), true], // form feed + [SAME_ORIGIN, encodeURIComponent("\u000dsame-origin\u000d"), true], // carriage return + [SAME_ORIGIN, encodeURIComponent("Same-origin"), true], + [SAME_ORIGIN, encodeURIComponent("same-origin;\tfoo=bar"), true], + [SAME_ORIGIN, encodeURIComponent("same-origin ;foo=bar"), true], + [SAME_ORIGIN, encodeURIComponent("same-origin; foo=bar;"), true], + [SAME_ORIGIN, encodeURIComponent("\"same-origin\""), true], // HTTP structured fields "string" item + [SAME_ORIGIN, encodeURIComponent(":c2FtZS1vcmlnaW4=:"), true], // HTTP structured fields "byte sequence" item + [SAME_ORIGIN, encodeURIComponent("?1"), true], // HTTP structured fields "boolean" item + [SAME_ORIGIN, encodeURIComponent("1"), true], // HTTP structured fields "integer or decimal" item + [SAME_ORIGIN, encodeURIComponent("$same-origin"), true], // the item type is unrecognized + [SAME_ORIGIN, encodeURIComponent("same-origin same-origin"), true], + [SAME_ORIGIN, encodeURIComponent("same-origin,same-origin"), true], + [SAME_ORIGIN, encodeURIComponent("*same-origin "), true], // All of the following should be recognized as "same-origin" (hence the // "expected opener" value of `false`). - [SAME_ORIGIN, " same-origin", false], - [SAME_ORIGIN, "same-origin ", false], - [SAME_ORIGIN, "\tsame-origin", false], - [SAME_ORIGIN, "same-origin\t", false], - [SAME_ORIGIN, "same-origin;same-origin", false], - [SAME_ORIGIN, "same-origin; foo=bar", false], + [SAME_ORIGIN, encodeURIComponent(" same-origin"), false], + [SAME_ORIGIN, encodeURIComponent("same-origin "), false], + [SAME_ORIGIN, encodeURIComponent("\tsame-origin"), false], + [SAME_ORIGIN, encodeURIComponent("same-origin\t"), false], + [SAME_ORIGIN, encodeURIComponent("same-origin;same-origin"), false], + [SAME_ORIGIN, encodeURIComponent("same-origin; foo=bar"), false], ]; run_coop_tests("unspecified", tests); diff --git a/html/cross-origin-opener-policy/resources/common.js b/html/cross-origin-opener-policy/resources/common.js index f75cd63db94bf6..4a28f8c019eef8 100644 --- a/html/cross-origin-opener-policy/resources/common.js +++ b/html/cross-origin-opener-policy/resources/common.js @@ -50,7 +50,7 @@ function url_test(t, url, channelName, hasOpener, openerDOMAccess, callback) { } function coop_coep_test(t, host, coop, coep, channelName, hasOpener, openerDOMAccess, callback) { - url_test(t, `${host.origin}/html/cross-origin-opener-policy/resources/coop-coep.py?coop=${encodeURIComponent(coop)}&coep=${coep}&channel=${encodeURIComponent(channelName)}`, channelName, hasOpener, openerDOMAccess, callback); + url_test(t, `${host.origin}/html/cross-origin-opener-policy/resources/coop-coep.py?coop=${coop}&coep=${coep}&channel=${encodeURIComponent(channelName)}`, channelName, hasOpener, openerDOMAccess, callback); } function coop_test(t, host, coop, channelName, hasOpener, callback) { @@ -63,7 +63,7 @@ function run_coop_tests(documentCOOPValueTitle, testArray) { coop_test(t, test[0], test[1], `${documentCOOPValueTitle}_to_${test[0].name}_${test[1].replace(/ /g,"-")}`, test[2], () => { t.done(); }); - }, `${documentCOOPValueTitle} document opening popup to ${test[0].origin} with COOP: ${format_value(test[1])}`); + }, `${documentCOOPValueTitle} document opening popup to ${test[0].origin} with COOP: ${test[1]}`); } } @@ -91,5 +91,5 @@ function run_coop_test_iframe (documentTitle, iframe_origin, popup_origin, popup assert_equals(payload.name, expects_name? name:"", 'name'); }); document.body.append(frame); - }, `${documentTitle} with ${iframe_origin.name} iframe opening popup a ${popup_origin.name} with COOP: ${format_value(popup_coop)}`); + }, `${documentTitle} with ${iframe_origin.name} iframe opening popup a ${popup_origin.name} with COOP: ${popup_coop}`); } From a7de38c93f416da5282a3772a8fdb0829a480246 Mon Sep 17 00:00:00 2001 From: Simon Pieters Date: Tue, 25 Aug 2020 13:19:22 +0200 Subject: [PATCH 7/9] Revert "Test bytes by using URL percent encoding" This reverts commit 31c5e51917a5d25efe1587dd13165341d945c46b. --- .../header-parsing.https.html | 46 +++++++++---------- .../resources/common.js | 6 +-- 2 files changed, 26 insertions(+), 26 deletions(-) diff --git a/html/cross-origin-opener-policy/header-parsing.https.html b/html/cross-origin-opener-policy/header-parsing.https.html index 00ab2a2c462381..8abf85cc379ca3 100644 --- a/html/cross-origin-opener-policy/header-parsing.https.html +++ b/html/cross-origin-opener-policy/header-parsing.https.html @@ -13,32 +13,32 @@ // None of the following should be recognized as "same-origin" (hence the // "expected opener" value of `true`). - [SAME_ORIGIN, "same%FForigin", true], // non-ASCII byte 0xFF - [SAME_ORIGIN, encodeURIComponent("same-origin;"), true], - [SAME_ORIGIN, encodeURIComponent("\u000bsame-origin\u000b"), true], // vertical tab - [SAME_ORIGIN, encodeURIComponent("\u000csame-origin\u000c"), true], // form feed - [SAME_ORIGIN, encodeURIComponent("\u000dsame-origin\u000d"), true], // carriage return - [SAME_ORIGIN, encodeURIComponent("Same-origin"), true], - [SAME_ORIGIN, encodeURIComponent("same-origin;\tfoo=bar"), true], - [SAME_ORIGIN, encodeURIComponent("same-origin ;foo=bar"), true], - [SAME_ORIGIN, encodeURIComponent("same-origin; foo=bar;"), true], - [SAME_ORIGIN, encodeURIComponent("\"same-origin\""), true], // HTTP structured fields "string" item - [SAME_ORIGIN, encodeURIComponent(":c2FtZS1vcmlnaW4=:"), true], // HTTP structured fields "byte sequence" item - [SAME_ORIGIN, encodeURIComponent("?1"), true], // HTTP structured fields "boolean" item - [SAME_ORIGIN, encodeURIComponent("1"), true], // HTTP structured fields "integer or decimal" item - [SAME_ORIGIN, encodeURIComponent("$same-origin"), true], // the item type is unrecognized - [SAME_ORIGIN, encodeURIComponent("same-origin same-origin"), true], - [SAME_ORIGIN, encodeURIComponent("same-origin,same-origin"), true], - [SAME_ORIGIN, encodeURIComponent("*same-origin "), true], + [SAME_ORIGIN, "same\u2014origin", true], // non-ASCII character (em dash) + [SAME_ORIGIN, "same-origin;", true], + [SAME_ORIGIN, "\u000bsame-origin\u000b", true], // vertical tab + [SAME_ORIGIN, "\u000csame-origin\u000c", true], // form feed + [SAME_ORIGIN, "\u000dsame-origin\u000d", true], // carriage return + [SAME_ORIGIN, "Same-origin", true], + [SAME_ORIGIN, "same-origin;\tfoo=bar", true], + [SAME_ORIGIN, "same-origin ;foo=bar", true], + [SAME_ORIGIN, "same-origin; foo=bar;", true], + [SAME_ORIGIN, "\"same-origin\"", true], // HTTP structured fields "string" item + [SAME_ORIGIN, ":c2FtZS1vcmlnaW4=:", true], // HTTP structured fields "byte sequence" item + [SAME_ORIGIN, "?1", true], // HTTP structured fields "boolean" item + [SAME_ORIGIN, "1", true], // HTTP structured fields "integer or decimal" item + [SAME_ORIGIN, "$same-origin", true], // the item type is unrecognized + [SAME_ORIGIN, "same-origin same-origin", true], + [SAME_ORIGIN, "same-origin,same-origin", true], + [SAME_ORIGIN, "*same-origin ", true], // All of the following should be recognized as "same-origin" (hence the // "expected opener" value of `false`). - [SAME_ORIGIN, encodeURIComponent(" same-origin"), false], - [SAME_ORIGIN, encodeURIComponent("same-origin "), false], - [SAME_ORIGIN, encodeURIComponent("\tsame-origin"), false], - [SAME_ORIGIN, encodeURIComponent("same-origin\t"), false], - [SAME_ORIGIN, encodeURIComponent("same-origin;same-origin"), false], - [SAME_ORIGIN, encodeURIComponent("same-origin; foo=bar"), false], + [SAME_ORIGIN, " same-origin", false], + [SAME_ORIGIN, "same-origin ", false], + [SAME_ORIGIN, "\tsame-origin", false], + [SAME_ORIGIN, "same-origin\t", false], + [SAME_ORIGIN, "same-origin;same-origin", false], + [SAME_ORIGIN, "same-origin; foo=bar", false], ]; run_coop_tests("unspecified", tests); diff --git a/html/cross-origin-opener-policy/resources/common.js b/html/cross-origin-opener-policy/resources/common.js index 4a28f8c019eef8..f75cd63db94bf6 100644 --- a/html/cross-origin-opener-policy/resources/common.js +++ b/html/cross-origin-opener-policy/resources/common.js @@ -50,7 +50,7 @@ function url_test(t, url, channelName, hasOpener, openerDOMAccess, callback) { } function coop_coep_test(t, host, coop, coep, channelName, hasOpener, openerDOMAccess, callback) { - url_test(t, `${host.origin}/html/cross-origin-opener-policy/resources/coop-coep.py?coop=${coop}&coep=${coep}&channel=${encodeURIComponent(channelName)}`, channelName, hasOpener, openerDOMAccess, callback); + url_test(t, `${host.origin}/html/cross-origin-opener-policy/resources/coop-coep.py?coop=${encodeURIComponent(coop)}&coep=${coep}&channel=${encodeURIComponent(channelName)}`, channelName, hasOpener, openerDOMAccess, callback); } function coop_test(t, host, coop, channelName, hasOpener, callback) { @@ -63,7 +63,7 @@ function run_coop_tests(documentCOOPValueTitle, testArray) { coop_test(t, test[0], test[1], `${documentCOOPValueTitle}_to_${test[0].name}_${test[1].replace(/ /g,"-")}`, test[2], () => { t.done(); }); - }, `${documentCOOPValueTitle} document opening popup to ${test[0].origin} with COOP: ${test[1]}`); + }, `${documentCOOPValueTitle} document opening popup to ${test[0].origin} with COOP: ${format_value(test[1])}`); } } @@ -91,5 +91,5 @@ function run_coop_test_iframe (documentTitle, iframe_origin, popup_origin, popup assert_equals(payload.name, expects_name? name:"", 'name'); }); document.body.append(frame); - }, `${documentTitle} with ${iframe_origin.name} iframe opening popup a ${popup_origin.name} with COOP: ${popup_coop}`); + }, `${documentTitle} with ${iframe_origin.name} iframe opening popup a ${popup_origin.name} with COOP: ${format_value(popup_coop)}`); } From 84cfdf82668af97adeb29f003932af3a9f2a7d45 Mon Sep 17 00:00:00 2001 From: Simon Pieters Date: Tue, 25 Aug 2020 13:51:29 +0200 Subject: [PATCH 8/9] Use an object to represent the 0xFF byte test --- .../header-parsing.https.html | 2 +- .../resources/common.js | 15 ++++++++++++--- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/html/cross-origin-opener-policy/header-parsing.https.html b/html/cross-origin-opener-policy/header-parsing.https.html index 8abf85cc379ca3..3d46e829db0c80 100644 --- a/html/cross-origin-opener-policy/header-parsing.https.html +++ b/html/cross-origin-opener-policy/header-parsing.https.html @@ -13,7 +13,7 @@ // None of the following should be recognized as "same-origin" (hence the // "expected opener" value of `true`). - [SAME_ORIGIN, "same\u2014origin", true], // non-ASCII character (em dash) + [SAME_ORIGIN, { percentEscaped: "same%FForigin" }, true], // non-ASCII byte [SAME_ORIGIN, "same-origin;", true], [SAME_ORIGIN, "\u000bsame-origin\u000b", true], // vertical tab [SAME_ORIGIN, "\u000csame-origin\u000c", true], // form feed diff --git a/html/cross-origin-opener-policy/resources/common.js b/html/cross-origin-opener-policy/resources/common.js index f75cd63db94bf6..b018dc2aca70ce 100644 --- a/html/cross-origin-opener-policy/resources/common.js +++ b/html/cross-origin-opener-policy/resources/common.js @@ -49,8 +49,16 @@ function url_test(t, url, channelName, hasOpener, openerDOMAccess, callback) { }); } +function percent_escape(objectOrString) { + if (typeof objectOrString === "object") { + return objectOrString.percentEscaped; + } + return encodeURIComponent(objectOrString); +} + function coop_coep_test(t, host, coop, coep, channelName, hasOpener, openerDOMAccess, callback) { - url_test(t, `${host.origin}/html/cross-origin-opener-policy/resources/coop-coep.py?coop=${encodeURIComponent(coop)}&coep=${coep}&channel=${encodeURIComponent(channelName)}`, channelName, hasOpener, openerDOMAccess, callback); + const coopPercentEscaped = percent_escape(coop); + url_test(t, `${host.origin}/html/cross-origin-opener-policy/resources/coop-coep.py?coop=${coopPercentEscaped}&coep=${coep}&channel=${encodeURIComponent(channelName)}`, channelName, hasOpener, openerDOMAccess, callback); } function coop_test(t, host, coop, channelName, hasOpener, callback) { @@ -59,11 +67,12 @@ function coop_test(t, host, coop, channelName, hasOpener, callback) { function run_coop_tests(documentCOOPValueTitle, testArray) { for (const test of testArray) { + let coopName = typeof test[1] === "object" ? test[1].percentEscaped : test[1]; async_test(t => { coop_test(t, test[0], test[1], - `${documentCOOPValueTitle}_to_${test[0].name}_${test[1].replace(/ /g,"-")}`, + `${documentCOOPValueTitle}_to_${test[0].name}_${coopName.replace(/ /g,"-")}`, test[2], () => { t.done(); }); - }, `${documentCOOPValueTitle} document opening popup to ${test[0].origin} with COOP: ${format_value(test[1])}`); + }, `${documentCOOPValueTitle} document opening popup to ${test[0].origin} with COOP: ${format_value(coopName)}`); } } From 76c073092e12852d5d78e3ed37971273b1d8347c Mon Sep 17 00:00:00 2001 From: Simon Pieters Date: Tue, 25 Aug 2020 14:39:58 +0200 Subject: [PATCH 9/9] escaped -> encoded --- .../header-parsing.https.html | 2 +- html/cross-origin-opener-policy/resources/common.js | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/html/cross-origin-opener-policy/header-parsing.https.html b/html/cross-origin-opener-policy/header-parsing.https.html index 3d46e829db0c80..2839c381b807ef 100644 --- a/html/cross-origin-opener-policy/header-parsing.https.html +++ b/html/cross-origin-opener-policy/header-parsing.https.html @@ -13,7 +13,7 @@ // None of the following should be recognized as "same-origin" (hence the // "expected opener" value of `true`). - [SAME_ORIGIN, { percentEscaped: "same%FForigin" }, true], // non-ASCII byte + [SAME_ORIGIN, { percentEncoded: "same%FForigin" }, true], // non-ASCII byte [SAME_ORIGIN, "same-origin;", true], [SAME_ORIGIN, "\u000bsame-origin\u000b", true], // vertical tab [SAME_ORIGIN, "\u000csame-origin\u000c", true], // form feed diff --git a/html/cross-origin-opener-policy/resources/common.js b/html/cross-origin-opener-policy/resources/common.js index b018dc2aca70ce..5a1744cd9ceaa4 100644 --- a/html/cross-origin-opener-policy/resources/common.js +++ b/html/cross-origin-opener-policy/resources/common.js @@ -49,16 +49,16 @@ function url_test(t, url, channelName, hasOpener, openerDOMAccess, callback) { }); } -function percent_escape(objectOrString) { +function percent_encode(objectOrString) { if (typeof objectOrString === "object") { - return objectOrString.percentEscaped; + return objectOrString.percentEncoded; } return encodeURIComponent(objectOrString); } function coop_coep_test(t, host, coop, coep, channelName, hasOpener, openerDOMAccess, callback) { - const coopPercentEscaped = percent_escape(coop); - url_test(t, `${host.origin}/html/cross-origin-opener-policy/resources/coop-coep.py?coop=${coopPercentEscaped}&coep=${coep}&channel=${encodeURIComponent(channelName)}`, channelName, hasOpener, openerDOMAccess, callback); + const coopPercentEncoded = percent_encode(coop); + url_test(t, `${host.origin}/html/cross-origin-opener-policy/resources/coop-coep.py?coop=${coopPercentEncoded}&coep=${coep}&channel=${encodeURIComponent(channelName)}`, channelName, hasOpener, openerDOMAccess, callback); } function coop_test(t, host, coop, channelName, hasOpener, callback) { @@ -67,7 +67,7 @@ function coop_test(t, host, coop, channelName, hasOpener, callback) { function run_coop_tests(documentCOOPValueTitle, testArray) { for (const test of testArray) { - let coopName = typeof test[1] === "object" ? test[1].percentEscaped : test[1]; + let coopName = typeof test[1] === "object" ? test[1].percentEncoded : test[1]; async_test(t => { coop_test(t, test[0], test[1], `${documentCOOPValueTitle}_to_${test[0].name}_${coopName.replace(/ /g,"-")}`,