Revision - 03b7db5 - Reland 2: Use PostTask to schedule cross-process postMessage [...]

Revision 03b7db51f21ce2a157454020bb46301b825152a5 authored by Alex Moshchuk on 13 April 2018, 23:12:06 UTC, committed by Chromium WPT Sync on 13 April 2018, 23:12:06 UTC

Reland 2: Use PostTask to schedule cross-process postMessage forwarding.

Changes from first reland attempt at https://crrev.com/c/1011287:
- fix an additional source of flakiness in ChromeOS login tests

Changes from original attempt at https://crrev.com/c/999182:
- fix flakiness in two additional ChromeOS login tests
- fix CSP WPT tests to not depend on ordering between iframe's onload
  and postMessage - see https://crbug.com/832319.

Previously, we sent the IPC to forward a cross-process postMessage
immediately.  This caused a behavioral difference from the
same-process case where the postMessage is always scheduled.  Namely,
in a scenario like this:

  frame.postMessage(...);
  doSomethingThatSendsIPCsToFrame(frame);

the IPCs from JS following the postMessage would've been ordered
incorrectly, causing |frame| to see their side effects after the
postMessage dispatch in the cross-process case, whereas they would be
seen before the postMessage dispatch in the same-process case.  One
example of this is frame.focus(), and another is a frame element
onload event (dispatched via FrameHostMsg_DispatchLoad) arriving after
a postMessage dispatched from an inline script while the frame was
still loading.

To resolve these ordering concerns, this CL changes cross-process
postMessage to do a PostTask on the sender side before sending the
message to the browser process.  This improves the current state of
the world, but does not yet achieve a perfect match for the IPC
ordering in the same-process case - see discussion on the bug.

Bug: 828529
Tbr: dcheng@chromium.org
Change-Id: If2cc6591db31471adff0d84ec0b689905e21cdf1
Reviewed-on: https://chromium-review.googlesource.com/999182
Reviewed-by: Xiyuan Xia <xiyuan@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Commit-Queue: Alex Moshchuk <alexmos@chromium.org>
Cr-Original-Original-Commit-Position: refs/heads/master@{#550284}
Reviewed-on: https://chromium-review.googlesource.com/1011287
Cr-Original-Commit-Position: refs/heads/master@{#550621}
Reviewed-on: https://chromium-review.googlesource.com/1012472
Cr-Commit-Position: refs/heads/master@{#550769}

1 parent ae86013

Files
Changes

Permalinks

origin.htm

<!DOCTYPE html>
<meta charset=utf-8>
<title>Access-Control-Allow-Origin handling</title>
<link rel=help href=https://fetch.spec.whatwg.org/>
<meta name=author title="Odin Hørthe Omdal" href="mailto:odiho@opera.com">

<script src=/resources/testharness.js></script>
<script src=/resources/testharnessreport.js></script>
<script src=support.js?pipe=sub></script>

<h1>Access-Control-Allow-Origin handling</h1>

<div id=log></div>

<script>

/*
 * Origin header
 */
function shouldPass(origin) {
    test(function () {
        var client = new XMLHttpRequest()
        client.open('GET', CROSSDOMAIN
                            + '/resources/cors-makeheader.py?origin='
                            + encodeURIComponent(origin),
                    false)
        client.send()
        r = JSON.parse(client.response)
        var host = location.protocol + "//" + location.host
        assert_equals(r['origin'], host, 'Request Origin: should be ' + host)
    }, 'Allow origin: ' + origin.replace(/\t/g, "[tab]").replace(/ /g, '_'));
}

shouldPass('*');
shouldPass(' *  ');
shouldPass('	*');
shouldPass(location.protocol + "//" + location.host);
shouldPass(" "+location.protocol + "//" + location.host);
shouldPass(" "+location.protocol + "//" + location.host + "   	 ");
shouldPass("	"+location.protocol + "//" + location.host);


function shouldFail(origin) {
    test(function () {
        var client = new XMLHttpRequest()
        client.open('GET', CROSSDOMAIN
                            + '/resources/cors-makeheader.py?origin='
                            + encodeURIComponent(origin),
                    false)
        assert_throws("NetworkError", function() { client.send() }, 'send')
    }, 'Disallow origin: ' + origin.replace(/\0/g, "\\0"));
}

shouldFail(location.protocol + "//" + SUBDOMAIN + "." + location.host)
shouldFail("//" + location.host)
shouldFail("://" + location.host)
shouldFail("ftp://" + location.host)
shouldFail("http:://" + location.host)
shouldFail("http:/" + location.host)
shouldFail("http:" + location.host)
shouldFail(location.host)
shouldFail(location.protocol + "//" + location.host + "?")
shouldFail(location.protocol + "//" + location.host + "/")
shouldFail(location.protocol + "//" + location.host + " /")
shouldFail(location.protocol + "//" + location.host + "#")
shouldFail(location.protocol + "//" + location.host + "%23")
shouldFail(location.protocol + "//" + location.host + ":80")
shouldFail(location.protocol + "//" + location.host + ", *")
shouldFail(location.protocol + "//" + location.host + "\0")
shouldFail((location.protocol + "//" + location.host).toUpperCase())
shouldFail(location.protocol.toUpperCase() + "//" + location.host)
shouldFail("-")
shouldFail("**")
shouldFail("\0*")
shouldFail("*\0")
shouldFail("'*'")
shouldFail('"*"')
shouldFail("* *")
shouldFail("* null")
shouldFail("*" + location.protocol + "//" + "*")
shouldFail("*" + location.protocol + "//" + location.host)
shouldFail("* " + location.protocol + "//" + location.host)
shouldFail("*, " + location.protocol + "//" + location.host)
shouldFail("\0" + location.protocol + "//" + location.host)
shouldFail("null " + location.protocol + "//" + location.host)
shouldFail('http://example.net')
shouldFail('null')
shouldFail('null *')
shouldFail('')
shouldFail(location.href)
shouldFail(dirname(location.href))
shouldFail(CROSSDOMAIN)
shouldFail(location.host.replace(/^[^\.]+\./, ""))
shouldFail("." + location.host.replace(/^[^\.]+\./, ""))
shouldFail("*." + location.host.replace(/^[^\.]+\./, ""))
shouldFail("http://" + location.host.replace(/^[^\.]+\./, ""))
shouldFail("http://." + location.host.replace(/^[^\.]+\./, ""))
shouldFail("http://*." + location.host.replace(/^[^\.]+\./, ""))

function doubleOrigin(origin, origin2) {
    test(function () {
        var client = new XMLHttpRequest()
        client.open('GET', CROSSDOMAIN
                            + '/resources/cors-makeheader.py?origin='
                            + encodeURIComponent(origin)
                            + '&origin2=' + encodeURIComponent(origin2),
                    false)
        assert_throws("NetworkError", function() { client.send() }, 'send')
    }, 'Disallow multiple headers (' + origin + ', ' + origin2 + ')');
}

doubleOrigin('', '*');
doubleOrigin('*', '');
doubleOrigin('*', '*');
doubleOrigin('', location.protocol + "//" + location.host);
doubleOrigin('*', location.protocol + "//" + location.host);
doubleOrigin(location.protocol + "//" + location.host, location.protocol + "//" + location.host);

</script>

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...