[Credentialless] Block COEP:none request in safe COEP context shared …

…worker This CL implements COEP for SharedWorker partially behind a flag blink::feature::kCOEPForSharedWorker, which has the side effect of fixing tests about COEP:require-corp and COEP:credentialless. Bug: 1200233,1031542 Change-Id: Iddc861d71b0e24da7ce1ac53cc634162d8b4edb3 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2919071 Reviewed-by: Yifan Luo <[email protected]> Reviewed-by: Yutaka Hirano <[email protected]> Reviewed-by: Arthur Sonzogni <[email protected]> Commit-Queue: Yifan Luo <[email protected]> Cr-Commit-Position: refs/heads/master@{#894586}
valerioadm · Jun 22, 2021 · 1f61873 · 1f61873
1 parent 94028e4
commit 1f61873
Show file tree

Hide file tree

Showing 3 changed files with 53 additions and 26 deletions.
diff --git a/html/cross-origin-embedder-policy/credentialless/shared-worker.tentative.https.html b/html/cross-origin-embedder-policy/credentialless/shared-worker.tentative.https.html
@@ -34,6 +34,11 @@
   const w_credentialless = window.open(w_credentialless_url);
   add_completion_callback(() => w_credentialless.close());
 
+  let GetCookie = (response) => {
+    const headers_credentialless = JSON.parse(response);
+    return parseCookies(headers_credentialless)[cookie_key];
+  }
+
   const sharedWorkerTest = function(
     description, origin, coep_for_worker,
     expected_cookies_control,
@@ -44,13 +49,27 @@
       const worker_token_1 = token();
       const worker_token_2 = token();
 
+      // Used to check for errors creating the DedicatedWorker.
+      const worker_error_1 = token();
+      const worker_error_2 = token();
+
       const w_worker_src_1 = same_origin + executor_js_path +
         coep_for_worker + `&uuid=${worker_token_1}`;
-      send(w_control_token, `new SharedWorker("${w_worker_src_1}", {});`);
+      send(w_control_token, `
+        let worker = new SharedWorker("${w_worker_src_1}", {});
+        worker.onerror = () => {
+          send("${worker_error_1}", "Worker blocked");
+        }
+      `);
 
       const w_worker_src_2 = same_origin + executor_js_path +
         coep_for_worker + `&uuid=${worker_token_2}`;
-      send(w_credentialless_token, `new SharedWorker("${w_worker_src_2}", {});`);
+      send(w_credentialless_token, `
+        let worker = new SharedWorker("${w_worker_src_2}", {});
+        worker.onerror = () => {
+          send("${worker_error_2}", "Worker blocked");
+        }
+      `);
 
       // Fetch resources with the workers.
       const request_token_1 = token();
@@ -62,39 +81,38 @@
       send(worker_token_2,
         `fetch("${request_url_2}", {mode: 'no-cors', credentials: 'include'})`);
 
-      // Retrieve the resource request info.
-      const headers_control = JSON.parse(await receive(request_token_1));
-      const headers_credentialless = JSON.parse(await receive(request_token_2));
-
-      assert_equals(parseCookies(headers_control)[cookie_key],
+      const response_control = await Promise.race([
+        receive(worker_error_1),
+        receive(request_token_1).then(GetCookie)
+      ]);
+      assert_equals(response_control,
         expected_cookies_control,
         "coep:none => ");
-      assert_equals(parseCookies(headers_credentialless)[cookie_key],
+
+      const response_credentialless = await Promise.race([
+        receive(worker_error_2),
+        receive(request_token_2).then(GetCookie)
+      ]);
+      assert_equals(response_credentialless,
         expected_cookies_credentialless,
         "coep:credentialless => ");
     }, `fetch ${description}`)
   };
 
-  // TODO(https://crbug.com/1200233). A COEP:credentialless document shouldn't
-  // be able to load COEP:none SharedWorker. The sharedWorkerTest should listen
-  // for worker.onerror events and the expectations updated.
   sharedWorkerTest("same-origin",
     same_origin, coep_none,
     cookie_same_origin,
-    cookie_same_origin);
+    "Worker blocked");
 
   sharedWorkerTest("same-origin + credentialless worker",
     same_origin, coep_credentialless,
     cookie_same_origin,
     cookie_same_origin);
 
-  // TODO(https://crbug.com/1200233). A COEP:credentialless document shouldn't
-  // be able to load COEP:none SharedWorker. The sharedWorkerTest should listen
-  // for worker.onerror events and the expectations updated.
   sharedWorkerTest("cross-origin",
     cross_origin, coep_none,
     cookie_cross_origin,
-    cookie_cross_origin);
+    "Worker blocked");
 
   sharedWorkerTest("cross-origin + credentialless worker",
     cross_origin, coep_credentialless,

diff --git a/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html b/html/cross-origin-embedder-policy/cross-origin-isolated-permission.https.html
@@ -130,16 +130,24 @@
   }, `dedicated worker: scheme = ${scheme}, value = ${value}`);
 }
 
-function generateSharedWorkerTest(withCoopCoep) {
+function generateSharedWorkerTestWithCoopCoep() {
   async function run(t) {
     assert_equals(
-      await getCrossOriginIsolatedForSharedWorker(t, withCoopCoep),
-      withCoopCoep);
+      await getCrossOriginIsolatedForSharedWorker(t, true),
+      true);
   }
   // We use async_test, not promise_test here to run tests in parallel.
   async_test((t) => {
     run(t).then(() => t.done(), (e) => t.step(() => {throw e;}));
-  }, `shared worker: withCoopCoep = ${withCoopCoep}`);
+  }, `shared worker: withCoopCoep = true`);
+}
+
+function generateSharedWorkerTestWithoutCoopCoep() {
+  // We use async_test, not promise_test here to run tests in parallel.
+  async_test((t) => {
+    const worker = new SharedWorker(WORKER_URL);
+    worker.addEventListener('error', t.done());
+  }, `shared worker: withCoopCoep = false`);
 }
 
 function generateServiceWorkerTest(withCoopCoep) {
@@ -179,8 +187,8 @@
 // We need the backslash to escape the close parenthesis in a wpt pipe.
 generateDedicatedWorkerTest('blob', '(\\)', false);
 
-generateSharedWorkerTest(false);
-generateSharedWorkerTest(true);
+generateSharedWorkerTestWithoutCoopCoep();
+generateSharedWorkerTestWithCoopCoep();
 
 generateServiceWorkerTest(false);
 generateServiceWorkerTest(true);

diff --git a/...rigin-embedder-policy/shared-workers.html → ...embedder-policy/shared-workers.https.html b/...rigin-embedder-policy/shared-workers.html → ...embedder-policy/shared-workers.https.html
@@ -12,10 +12,11 @@
 this operation.</p>
 <script>
 'use strict';
-const testUrl = get_host_info().HTTPS_REMOTE_ORIGIN +
-  '/html/cross-origin-embedder-policy/resources/empty-coep.py';
-const workerHttpUrl = get_host_info().HTTPS_ORIGIN +
-  '/html/cross-origin-embedder-policy/resources/shared-worker-fetch.js.py';
+
+const {ORIGIN, REMOTE_ORIGIN} = get_host_info();
+const BASE = new URL("resources", location).pathname
+const testUrl = `${REMOTE_ORIGIN}${BASE}/empty-coep.py`;
+const workerHttpUrl = `${ORIGIN}${BASE}/shared-worker-fetch.js.py`;
 let workerBlobUrl;
 let workerDataUrl;