[SAA] Fix chrome WPTs

In order for these to work we need to actually shim user interactions and permission grants. The prior code only works for content_shell. One thing we can't seem to test now is what happens if cookies are partitioned. That doesn't seem to be enabled here and the way we can fake that for content_shell doesn't work. Looking to fix: https://wpt.fyi/results/storage-access-api?label=experimental&label=master&aligned Using the commands from: https://chromium.googlesource.com/chromium/src/+/HEAD/docs/testing/run_web_platform_tests.md Change-Id: I122258d0cc9f3449d3e84526b689f86a92d84333 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5301177 Auto-Submit: Ari Chivukula <[email protected]> Reviewed-by: Kyra Seevers <[email protected]> Commit-Queue: Ari Chivukula <[email protected]> Cr-Commit-Position: refs/heads/main@{#1261875}
Tobias710219 · Feb 16, 2024 · ee84ad2 · ee84ad2
1 parent 6bad5f5
commit ee84ad2
Show file tree

Hide file tree

Showing 15 changed files with 100 additions and 37 deletions.
diff --git a/storage-access-api/resources/bless_cross_site_permissions.html b/storage-access-api/resources/bless_cross_site_permissions.html
@@ -0,0 +1,17 @@
+<!doctype html>
+<meta charset="utf-8">
+<script src="/resources/testdriver.js"></script>
+<script src="/resources/testdriver-vendor.js"></script>
+<body>
+<script>
+// In order to enable `requestStorageAccess` in a third-party context for some
+// origin we must first act in a window where that same origin is the top-frame
+// due to the following requirements:
+// (1) The origin must be `bless`ed when it's in the top-frame
+// (2) `set_permission` always operates on the top-frame origin
+test_driver.set_test_context(window.opener.top);
+test_driver.bless("fake interaction", () => {}, window);
+test_driver.set_permission({ name: 'storage-access' }, 'granted');
+window.opener.postMessage("blessed", "*");
+</script>
+</body>
diff --git a/storage-access-api/resources/storage-access-beyond-cookies-iframe-iframe.html b/storage-access-api/resources/storage-access-beyond-cookies-iframe-iframe.html
@@ -17,7 +17,7 @@
       case "none": {
         let couldRequestStorageAccessForNone = true;
         try {
-          await document.requestStorageAccess({});
+          await test_driver.bless("fake user interaction", () => document.requestStorageAccess({}));
         } catch (_) {
           couldRequestStorageAccessForNone = false;
         }
@@ -26,7 +26,7 @@
         }
         let couldRequestStorageAccessForAllFalse = true;
         try {
-          await document.requestStorageAccess({all:false});
+          await test_driver.bless("fake user interaction", () => document.requestStorageAccess({all:false}));
         } catch (_) {
           couldRequestStorageAccessForAllFalse = false;
         }
@@ -44,15 +44,15 @@
         if (hasUnpartitionedCookieAccess || document.cookie.includes("test="+id)) {
           message = "First-party cookies should not be readable before handle is loaded.";
         }
-        await document.requestStorageAccess({cookies: true});
+        await test_driver.bless("fake user interaction", () => document.requestStorageAccess({cookies: true}));
         hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess();
         if (!hasUnpartitionedCookieAccess || !document.cookie.includes("test="+id)) {
           message = "First-party cookies should be readable if cookies were requested.";
         }
         break;
       }
       case "sessionStorage": {
-        const handle = await document.requestStorageAccess({sessionStorage: true});
+        const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({sessionStorage: true}));
         let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess();
         if (hasUnpartitionedCookieAccess) {
           message = "First-party cookies should not be readable if not requested.";
@@ -77,7 +77,7 @@
         break;
       }
       case "localStorage": {
-        const handle = await document.requestStorageAccess({localStorage: true});
+        const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({localStorage: true}));
         let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess();
         if (hasUnpartitionedCookieAccess) {
           message = "First-party cookies should not be readable if not requested.";
@@ -102,7 +102,7 @@
         break;
       }
       case "indexedDB": {
-        const handle = await document.requestStorageAccess({indexedDB: true});
+        const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({indexedDB: true}));
         let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess();
         if (hasUnpartitionedCookieAccess) {
           message = "First-party cookies should not be readable if not requested.";
@@ -119,7 +119,7 @@
         break;
       }
       case "locks": {
-        const handle = await document.requestStorageAccess({locks: true});
+        const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({locks: true}));
         let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess();
         if (hasUnpartitionedCookieAccess) {
           message = "First-party cookies should not be readable if not requested.";
@@ -136,7 +136,7 @@
         break;
       }
       case "caches": {
-        const handle = await document.requestStorageAccess({caches: true});
+        const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({caches: true}));
         let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess();
         if (hasUnpartitionedCookieAccess) {
           message = "First-party cookies should not be readable if not requested.";
@@ -153,7 +153,7 @@
         break;
       }
       case "getDirectory": {
-        const handle = await document.requestStorageAccess({getDirectory: true});
+        const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({getDirectory: true}));
         let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess();
         if (hasUnpartitionedCookieAccess) {
           message = "First-party cookies should not be readable if not requested.";
@@ -172,7 +172,7 @@
         break;
       }
       case "estimate": {
-        const handle = await document.requestStorageAccess({estimate: true});
+        const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({estimate: true}));
         let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess();
         if (hasUnpartitionedCookieAccess) {
           message = "First-party cookies should not be readable if not requested.";
@@ -188,7 +188,7 @@
         break;
       }
       case "blobStorage": {
-        const handle = await document.requestStorageAccess({createObjectURL: true, revokeObjectURL: true});
+        const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({createObjectURL: true, revokeObjectURL: true}));
         let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess();
         if (hasUnpartitionedCookieAccess) {
           message = "First-party cookies should not be readable if not requested.";
@@ -230,7 +230,7 @@
         break;
       }
       case "BroadcastChannel": {
-        const handle = await document.requestStorageAccess({BroadcastChannel: true});
+        const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({BroadcastChannel: true}));
         let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess();
         if (hasUnpartitionedCookieAccess) {
           message = "First-party cookies should not be readable if not requested.";
@@ -247,7 +247,7 @@
         const local_shared_worker = new SharedWorker("/storage-access-api/resources/shared-worker-relay.js", id);
         local_shared_worker.port.start();
         local_shared_worker.port.postMessage("Same-origin local access");
-        const handle = await document.requestStorageAccess({SharedWorker: true});
+        const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({SharedWorker: true}));
         let couldRequestAllCookies = true;
         try {
           handle.SharedWorker("/storage-access-api/resources/shared-worker-relay.js", {name: id, sameSiteCookies: 'all'});
@@ -274,6 +274,6 @@
   // Step 7 (storage-access-api/storage-access-beyond-cookies.{}.tentative.sub.https.html)
   await MaybeSetStorageAccess("*", "*", "allowed");
   await test_driver.set_permission({ name: 'storage-access' }, 'prompt');
-  window.top.postMessage(message, "*");
+  window.top.postMessage({type: "result", message: message}, "*");
 })();
 </script>
diff --git a/storage-access-api/resources/storage-access-beyond-cookies-iframe.sub.html b/storage-access-api/resources/storage-access-beyond-cookies-iframe.sub.html
@@ -5,7 +5,10 @@
 <script src="/storage-access-api/helpers.js"></script>
 <body>
 <script>
-(async function() {
+window.addEventListener("message", async (e) => {
+  if (e.data != "blessed") {
+    return;
+  }
   test_driver.set_test_context(window.top);
   const type = (new URLSearchParams(window.location.search)).get("type");
   const id = (new URLSearchParams(window.location.search)).get("id");
@@ -14,14 +17,18 @@
   try {
     await MaybeSetStorageAccess("*", "*", "blocked");
     await test_driver.set_permission({ name: 'storage-access' }, 'granted');
-    let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess();
-    if (hasUnpartitionedCookieAccess) {
-      message = "First-party cookies should not be readable before handle is loaded.";
+    if (type == "cookies") {
+      let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess();
+      if (hasUnpartitionedCookieAccess) {
+        message = "First-party cookies should not be readable before handle is loaded.";
+      }
     }
-    const handle = await document.requestStorageAccess({all: true});
-    hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess();
-    if (!hasUnpartitionedCookieAccess) {
-      message = "First-party cookies should be readable after handle is loaded.";
+    const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({all: true}));
+    if (type == "cookies") {
+      hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess();
+      if (!hasUnpartitionedCookieAccess) {
+        message = "First-party cookies should be readable after handle is loaded.";
+      }
     }
     switch (type) {
       case "none": {
@@ -125,13 +132,14 @@
   await MaybeSetStorageAccess("*", "*", "allowed");
   await test_driver.set_permission({ name: 'storage-access' }, 'prompt');
   if (message) {
-    window.top.postMessage(message, "*");
+    window.top.postMessage({type: "result", message: message}, "*");
     return;
   }
   // Step 5 (storage-access-api/storage-access-beyond-cookies.{}.tentative.sub.https.html)
   let iframe = document.createElement("iframe");
   iframe.src = "https://{{hosts[][]}}:{{ports[https][0]}}/storage-access-api/resources/storage-access-beyond-cookies-iframe-iframe.html?type=" + type + "&id=" + id;
   document.body.appendChild(iframe);
-})();
+});
+window.open("https://{{hosts[alt][]}}:{{ports[https][0]}}/storage-access-api/resources/bless_cross_site_permissions.html");
 </script>
 </body>
diff --git a/...e-access-api/storage-access-beyond-cookies.BroadcastChannel.tentative.sub.https.window.js b/...e-access-api/storage-access-beyond-cookies.BroadcastChannel.tentative.sub.https.window.js
@@ -17,8 +17,11 @@ async_test(t => {
   let broadcasts = [];
   // Step 1
   window.addEventListener("message", t.step_func(e => {
+    if (e.data.type != "result") {
+      return;
+    }
     // Step 8
-    assert_equals(e.data, "HasAccess for BroadcastChannel", "Storage Access API should be accessible and return first-party data");
+    assert_equals(e.data.message, "HasAccess for BroadcastChannel", "Storage Access API should be accessible and return first-party data");
     assert_array_equals(broadcasts, ["Same-origin handle access"], "Should have only seen same-origin handle broadcasts");
     t.done();
   }));

diff --git a/storage-access-api/storage-access-beyond-cookies.SharedWorker.tentative.sub.https.window.js b/storage-access-api/storage-access-beyond-cookies.SharedWorker.tentative.sub.https.window.js
@@ -17,7 +17,10 @@
 async_test(t => {
   // Step 1
   window.addEventListener("message", t.step_func(e => {
-    assert_equals(e.data, "HasAccess for SharedWorker", "Storage Access API should be accessible and return first-party data");
+    if (e.data.type != "result") {
+      return;
+    }
+    assert_equals(e.data.message, "HasAccess for SharedWorker", "Storage Access API should be accessible and return first-party data");
   }));
 
   // Step 2
@@ -29,7 +32,9 @@ async_test(t => {
     const cookie_worker = new SharedWorker("/storage-access-api/resources/shared-worker-cookies.py", {name: id, sameSiteCookies: 'none'});
     cookie_worker.port.onmessage = t.step_func(e => {
       assert_equals(e.data, "ReadOnLoad:None,ReadOnFetch:None,ConnectionsMade:2", "Worker should already have been opened and only see SameSite=None cookies");
-      t.done();
+      test_driver.delete_all_cookies().then(t.step_func(() => {
+        t.done();
+      }));
     });
   });
 

diff --git a/storage-access-api/storage-access-beyond-cookies.blobStorage.tentative.sub.https.window.js b/storage-access-api/storage-access-beyond-cookies.blobStorage.tentative.sub.https.window.js
@@ -16,8 +16,11 @@
 async_test(t => {
   // Step 1
   window.addEventListener("message", t.step_func(e => {
+    if (e.data.type != "result") {
+      return;
+    }
     // Step 8
-    assert_equals(e.data, "HasAccess for blobStorage", "Storage Access API should be accessible and return first-party data");
+    assert_equals(e.data.message, "HasAccess for blobStorage", "Storage Access API should be accessible and return first-party data");
     t.done();
   }));
 

diff --git a/storage-access-api/storage-access-beyond-cookies.caches.tentative.sub.https.window.js b/storage-access-api/storage-access-beyond-cookies.caches.tentative.sub.https.window.js
@@ -16,8 +16,11 @@
 async_test(t => {
   // Step 1
   window.addEventListener("message", t.step_func(e => {
+    if (e.data.type != "result") {
+      return;
+    }
     // Step 8
-    assert_equals(e.data, "HasAccess for caches", "Storage Access API should be accessible and return first-party data");
+    assert_equals(e.data.message, "HasAccess for caches", "Storage Access API should be accessible and return first-party data");
     t.done();
   }));
 

diff --git a/storage-access-api/storage-access-beyond-cookies.cookies.tentative.sub.https.window.js b/storage-access-api/storage-access-beyond-cookies.cookies.tentative.sub.https.window.js
@@ -16,8 +16,11 @@
 async_test(t => {
   // Step 1
   window.addEventListener("message", t.step_func(e => {
+    if (e.data.type != "result") {
+      return;
+    }
     // Step 8
-    assert_equals(e.data, "HasAccess for cookies", "Storage Access API should be accessible and return first-party data");
+    assert_equals(e.data.message, "HasAccess for cookies", "Storage Access API should be accessible and return first-party data");
     test_driver.delete_all_cookies().then(t.step_func(() => {
       t.done();
     }));

diff --git a/storage-access-api/storage-access-beyond-cookies.estimate.tentative.sub.https.window.js b/storage-access-api/storage-access-beyond-cookies.estimate.tentative.sub.https.window.js
@@ -18,8 +18,11 @@ async_test(t => {
 
   // Step 1
   window.addEventListener("message", t.step_func(e => {
+    if (e.data.type != "result") {
+      return;
+    }
     // Step 8
-    assert_equals(e.data, "HasAccess for estimate", "Storage Access API should be accessible and return first-party data");
+    assert_equals(e.data.message, "HasAccess for estimate", "Storage Access API should be accessible and return first-party data");
     caches.delete(id).then(() => {
       t.done();
     });

diff --git a/storage-access-api/storage-access-beyond-cookies.getDirectory.tentative.sub.https.window.js b/storage-access-api/storage-access-beyond-cookies.getDirectory.tentative.sub.https.window.js
@@ -16,8 +16,11 @@
 async_test(t => {
   // Step 1
   window.addEventListener("message", t.step_func(e => {
+    if (e.data.type != "result") {
+      return;
+    }
     // Step 8
-    assert_equals(e.data, "HasAccess for getDirectory", "Storage Access API should be accessible and return first-party data");
+    assert_equals(e.data.message, "HasAccess for getDirectory", "Storage Access API should be accessible and return first-party data");
     t.done();
   }));
 

diff --git a/storage-access-api/storage-access-beyond-cookies.indexedDB.tentative.sub.https.window.js b/storage-access-api/storage-access-beyond-cookies.indexedDB.tentative.sub.https.window.js
@@ -16,8 +16,11 @@
 async_test(t => {
   // Step 1
   window.addEventListener("message", t.step_func(e => {
+    if (e.data.type != "result") {
+      return;
+    }
     // Step 8
-    assert_equals(e.data, "HasAccess for indexedDB", "Storage Access API should be accessible and return first-party data");
+    assert_equals(e.data.message, "HasAccess for indexedDB", "Storage Access API should be accessible and return first-party data");
     t.done();
   }));
 

diff --git a/storage-access-api/storage-access-beyond-cookies.localStorage.tentative.sub.https.window.js b/storage-access-api/storage-access-beyond-cookies.localStorage.tentative.sub.https.window.js
@@ -16,7 +16,10 @@
 async_test(t => {
   // Step 1
   window.addEventListener("message", t.step_func(e => {
-    assert_equals(e.data, "HasAccess for localStorage", "Storage Access API should be accessible and return first-party data");
+    if (e.data.type != "result") {
+      return;
+    }
+    assert_equals(e.data.message, "HasAccess for localStorage", "Storage Access API should be accessible and return first-party data");
     window.localStorage.setItem("window_event", id);
   }));
 

diff --git a/storage-access-api/storage-access-beyond-cookies.locks.tentative.sub.https.window.js b/storage-access-api/storage-access-beyond-cookies.locks.tentative.sub.https.window.js
@@ -16,8 +16,11 @@
 async_test(t => {
   // Step 1
   window.addEventListener("message", t.step_func(e => {
+    if (e.data.type != "result") {
+      return;
+    }
     // Step 8
-    assert_equals(e.data, "HasAccess for locks", "Storage Access API should be accessible and return first-party data");
+    assert_equals(e.data.message, "HasAccess for locks", "Storage Access API should be accessible and return first-party data");
     t.done();
   }));
 

diff --git a/storage-access-api/storage-access-beyond-cookies.none.tentative.sub.https.window.js b/storage-access-api/storage-access-beyond-cookies.none.tentative.sub.https.window.js
@@ -17,7 +17,10 @@ async_test(t => {
   // Step 1
   window.addEventListener("message", t.step_func(e => {
     // Step 8
-    assert_equals(e.data, "HasAccess for none", "Storage Access API should not allow access for empty requests.");
+    if (e.data.type != "result") {
+      return;
+    }
+    assert_equals(e.data.message, "HasAccess for none", "Storage Access API should not allow access for empty requests.");
     t.done();
   }));
 

diff --git a/...age-access-api/storage-access-beyond-cookies.sessionStorage.tentative.sub.https.window.js b/...age-access-api/storage-access-beyond-cookies.sessionStorage.tentative.sub.https.window.js
@@ -16,7 +16,10 @@
 async_test(t => {
   // Step 1
   window.addEventListener("message", t.step_func(e => {
-    assert_equals(e.data, "HasAccess for sessionStorage", "Storage Access API should be accessible and return first-party data");
+    if (e.data.type != "result") {
+      return;
+    }
+    assert_equals(e.data.message, "HasAccess for sessionStorage", "Storage Access API should be accessible and return first-party data");
     window.sessionStorage.setItem("window_event", id);
   }));