Revision 03b7db51f21ce2a157454020bb46301b825152a5 authored by Alex Moshchuk on 13 April 2018, 23:12:06 UTC, committed by Chromium WPT Sync on 13 April 2018, 23:12:06 UTC
Changes from first reland attempt at https://crrev.com/c/1011287:
- fix an additional source of flakiness in ChromeOS login tests
Changes from original attempt at https://crrev.com/c/999182:
- fix flakiness in two additional ChromeOS login tests
- fix CSP WPT tests to not depend on ordering between iframe's onload
and postMessage - see https://crbug.com/832319.
Previously, we sent the IPC to forward a cross-process postMessage
immediately. This caused a behavioral difference from the
same-process case where the postMessage is always scheduled. Namely,
in a scenario like this:
frame.postMessage(...);
doSomethingThatSendsIPCsToFrame(frame);
the IPCs from JS following the postMessage would've been ordered
incorrectly, causing |frame| to see their side effects after the
postMessage dispatch in the cross-process case, whereas they would be
seen before the postMessage dispatch in the same-process case. One
example of this is frame.focus(), and another is a frame element
onload event (dispatched via FrameHostMsg_DispatchLoad) arriving after
a postMessage dispatched from an inline script while the frame was
still loading.
To resolve these ordering concerns, this CL changes cross-process
postMessage to do a PostTask on the sender side before sending the
message to the browser process. This improves the current state of
the world, but does not yet achieve a perfect match for the IPC
ordering in the same-process case - see discussion on the bug.
Bug: 828529
Tbr: dcheng@chromium.org
Change-Id: If2cc6591db31471adff0d84ec0b689905e21cdf1
Reviewed-on: https://chromium-review.googlesource.com/999182
Reviewed-by: Xiyuan Xia <xiyuan@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Commit-Queue: Alex Moshchuk <alexmos@chromium.org>
Cr-Original-Original-Commit-Position: refs/heads/master@{#550284}
Reviewed-on: https://chromium-review.googlesource.com/1011287
Cr-Original-Commit-Position: refs/heads/master@{#550621}
Reviewed-on: https://chromium-review.googlesource.com/1012472
Cr-Commit-Position: refs/heads/master@{#550769}
1 parent ae86013
304.htm
<!DOCTYPE html>
<meta charset=utf-8>
<title>CORS - 304 Responses</title>
<meta name=author title="Mark Nottingham" href="mailto:mnot@mnot.net">
<script src=/resources/testharness.js></script>
<script src=/resources/testharnessreport.js></script>
<script src=support.js?pipe=sub></script>
<h1>CORS - 304 Responses</h1>
<div id=log></div>
<script>
/*
* 304 Responses
*/
// A header used to correlate requests and responses
var state_header = "content-language"
/* Make a request; call ready(client) when done */
function req(url, id, t, ready) {
var client = new XMLHttpRequest()
client.open('GET', url, true)
client.setRequestHeader(state_header, id)
client.send()
client.onreadystatechange = function() {
if (client.readyState == client.DONE) {
t.step(function() {
assert_true(client.status != 299, "req " + id + " server says: " + client.responseText)
})
ready(client)
}
}
return client
}
/*
* Make two requests to test cache behaviour.
* The second is made after the first is done and a delay, to make sure it gets into cache.
*/
function two_reqs(id1, id2, should_have_same_body, t, done) {
var rand = Date.now()
var url = CROSSDOMAIN + 'resources/304.py?id=' + id1 + '&r=%s' + rand
var client1 = req(url, id1, t, function(client1) {
t.step(function() {
assert_equals(client1.response, "Success", "didn't get successful 1st response;")
assert_equals(client1.getResponseHeader(state_header), id1, "1st response didn't come from server;")
})
t.step_timeout(function() {
req(url, id2, t, function(client2) {
t.step(function() {
if (should_have_same_body) {
assert_equals(client1.response, client2.response, "response bodies were different;")
// var res_id2 = client2.getResponseHeader(state_header)
// assert_not_equals(res_id2, id1, "2nd response doesn't appear to have updated cached headers;")
// assert_not_equals(res_id2, null, "2nd response didn't expose request identifier;")
// assert_equals(res_id2, id2, "2nd response is associated with a different request (!);")
}
done(client1, client2)
})
t.done()
})
}, 5000)
})
}
async_test(function(t) {
two_reqs('1', '2', true, t, function(client1, client2) {
assert_equals(client1.getResponseHeader("A"), null, "'A' header exposed without permission;")
})
}, "A 304 response with no CORS headers inherits from the stored response")
async_test(function(t) {
two_reqs('3', '4', true, t, function(client1, client2) {
assert_equals(client2.getResponseHeader("A"), "4", "304 didn't expose 'A' header, even though allowed;")
assert_equals(client2.getResponseHeader("B"), "4", "304 didn't expose 'B' header even though allowed;")
})
}, "A 304 can expand Access-Control-Expose-Headers")
async_test(function(t) {
two_reqs('5', '6', true, t, function(client1, client2) {
assert_equals(client2.getResponseHeader("B"), null, "2nd 304 exposed 'B' header;")
})
}, "A 304 can contract Access-Control-Expose-Headers")
async_test(function(t) {
two_reqs('7', '8', false, t, function(client1, client2) {
assert_not_equals(client1.response, client2.response, "Access granted even though 304 updated it to disallow;")
})
}, "A 304 can change Access-Control-Allow-Origin")
</script>
Computing file changes ...
