From d10309afe386839b0960992b6477ce2b5e791c16 Mon Sep 17 00:00:00 2001 From: Ming-Ying Chung Date: Wed, 5 Jun 2024 17:20:37 +0000 Subject: [PATCH] Bug 1895639 [wpt PR 46159] - Reland "[fetch-later] Define new permissions policy `deferred-fetch`", a=testonly Automatic update from web-platform-tests Reland "[fetch-later] Define new permissions policy `deferred-fetch`" This is a reland of commit 193729386996ac0bd40dba0aa98b7f85ff7b94d1 The failed test from https://crbug.com/339120680 is removed by https://crrev.com/c/5524593/1..2 as the same behavior is already covered by `/fetch/fetch-later/permissions-policy/deferred-fetch-default-permissions-policy.tentative.https.window.js` more carefully. Original change's description: > [fetch-later] Define new permissions policy `deferred-fetch` > > 1-Pager: https://docs.google.com/document/d/1P70kdENIByy3qWabN5rUPmBVkkANNSOM_jZynLnqINY/edit > > This CL follows the [guide] to define a new permissions policy > `deferred-fetch`, which is used to gate the new `fetchLater()` API. > Relevant WPT are added in this CL, and the subsequent CL will further > use this policy to adjust the request quota. > > In this CL, `deferred-fetch` is not added to chrome://settings/content > page. And no permission prompt for it. > > - webappsec request: https://github.com/w3c/webappsec-permissions-policy/issues/544 > - "deferred-fetch" usage in fetchLater draft spec: https://whatpr.org/fetch/1647.html#request-a-deferred-fetch > - "deferred-fetch" policy discussion: https://github.com/WICG/pending-beacon/issues/87#issuecomment-1985358609 > - FetchLater Explainer: https://github.com/WICG/pending-beacon/blob/main/docs/fetch-later-api.md > > > [guide]: https://chromium.googlesource.com/chromium/src/+/main/components/permissions/add_new_permission.md > > Bug: b:40276121,339120680 > Change-Id: I2db4dd7484610fefb50c463552155b220f13ac5d > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5367481 > Reviewed-by: Adam Rice > Reviewed-by: Thomas Nguyen > Reviewed-by: Ian Clelland > Commit-Queue: Ming-Ying Chung > Reviewed-by: Yoav Weiss (@Shopify) > Reviewed-by: Takashi Toyoshima > Cr-Commit-Position: refs/heads/main@{#1297320} Bug: b:40276121,339120680 Change-Id: I41e2f0980f5d72eb6c0687a82d96ad4a59f59936 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5524593 Reviewed-by: Thomas Nguyen Reviewed-by: Yoav Weiss (@Shopify) Reviewed-by: Ian Clelland Commit-Queue: Ming-Ying Chung Reviewed-by: Takashi Toyoshima Reviewed-by: Adam Rice Cr-Commit-Position: refs/heads/main@{#1310429} -- wpt-commits: cdd00c8bc0a087353a9dc26e80f11c87aa4fdfae wpt-pr: 46159 --- .../tests/fetch/fetch-later/README.md | 2 +- .../iframe.tentative.https.window.js | 12 +---- .../fetch-later/permissions-policy/README.md | 8 ++++ ...tribute-redirect.tentative.https.window.js | 31 +++++++++++++ ...policy-attribute.tentative.https.window.js | 36 +++++++++++++++ ...rmissions-policy.tentative.https.window.js | 45 +++++++++++++++++++ ...s-policy.tentative.https.window.js.headers | 1 + ...rmissions-policy.tentative.https.window.js | 38 ++++++++++++++++ ...rmissions-policy.tentative.https.window.js | 34 ++++++++++++++ ...s-policy.tentative.https.window.js.headers | 1 + ...-by-permissions-policy.tentative.window.js | 8 ++++ .../permissions-policy/resources/helper.js | 13 ++++++ .../permissions-policy-deferred-fetch.html | 14 ++++++ 13 files changed, 232 insertions(+), 11 deletions(-) create mode 100644 testing/web-platform/tests/fetch/fetch-later/permissions-policy/README.md create mode 100644 testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-allowed-by-permissions-policy-attribute-redirect.tentative.https.window.js create mode 100644 testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-allowed-by-permissions-policy-attribute.tentative.https.window.js create mode 100644 testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-allowed-by-permissions-policy.tentative.https.window.js create mode 100644 testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-allowed-by-permissions-policy.tentative.https.window.js.headers create mode 100644 testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-default-permissions-policy.tentative.https.window.js create mode 100644 testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-disabled-by-permissions-policy.tentative.https.window.js create mode 100644 testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-disabled-by-permissions-policy.tentative.https.window.js.headers create mode 100644 testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-supported-by-permissions-policy.tentative.window.js create mode 100644 testing/web-platform/tests/fetch/fetch-later/permissions-policy/resources/helper.js create mode 100644 testing/web-platform/tests/fetch/fetch-later/permissions-policy/resources/permissions-policy-deferred-fetch.html diff --git a/testing/web-platform/tests/fetch/fetch-later/README.md b/testing/web-platform/tests/fetch/fetch-later/README.md index 661e2b918438f..d70ad217b1c6f 100644 --- a/testing/web-platform/tests/fetch/fetch-later/README.md +++ b/testing/web-platform/tests/fetch/fetch-later/README.md @@ -1,3 +1,3 @@ # FetchLater Tests -These tests cover [FetchLater method](https://whatpr.org/fetch/1647/094ea69...152d725.html#fetch-later-method) related behaviors. +These tests cover [FetchLater method](https://whatpr.org/fetch/1647.html#dom-window-fetchlater) related behaviors. diff --git a/testing/web-platform/tests/fetch/fetch-later/iframe.tentative.https.window.js b/testing/web-platform/tests/fetch/fetch-later/iframe.tentative.https.window.js index 305272af4195f..4f2610863604f 100644 --- a/testing/web-platform/tests/fetch/fetch-later/iframe.tentative.https.window.js +++ b/testing/web-platform/tests/fetch/fetch-later/iframe.tentative.https.window.js @@ -51,13 +51,5 @@ parallelPromiseTest(async t => { await expectBeacon(uuid, {count: 1}); }, 'A same-origin iframe can trigger fetchLater.'); -parallelPromiseTest(async t => { - const uuid = token(); - const url = generateSetBeaconURL(uuid); - - // Loads a same-origin iframe that fires a fetchLater request. - await loadFetchLaterIframe(HTTPS_NOTSAMESITE_ORIGIN, url); - - // The iframe should have sent the request. - await expectBeacon(uuid, {count: 1}); -}, 'A cross-origin iframe can trigger fetchLater.'); +// The test to load a cross-origin iframe that fires a fetchLater request is in +// /fetch/fetch-later/permissions-policy/deferred-fetch-default-permissions-policy.tentative.https.window.js diff --git a/testing/web-platform/tests/fetch/fetch-later/permissions-policy/README.md b/testing/web-platform/tests/fetch/fetch-later/permissions-policy/README.md new file mode 100644 index 0000000000000..a0a724a25e04d --- /dev/null +++ b/testing/web-platform/tests/fetch/fetch-later/permissions-policy/README.md @@ -0,0 +1,8 @@ +# Permissions Policy: "deferred-fetch" Tests + +This folder contains tests to cover the permissions policy "deferred-fetch", +which is used to gate the `fetchLater()` API. + +The tests follow the patterns from +permissions-policy/README.md to cover all use cases of permissions policy for a +new feature. diff --git a/testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-allowed-by-permissions-policy-attribute-redirect.tentative.https.window.js b/testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-allowed-by-permissions-policy-attribute-redirect.tentative.https.window.js new file mode 100644 index 0000000000000..2f168f06508a4 --- /dev/null +++ b/testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-allowed-by-permissions-policy-attribute-redirect.tentative.https.window.js @@ -0,0 +1,31 @@ +// META: title=Permissions Policy "deferred-fetch" is allowed to redirect by allow attribute +// META: script=/permissions-policy/resources/permissions-policy.js +// META: script=/common/utils.js +// META: script=/common/get-host-info.sub.js +// META: script=/fetch/fetch-later/resources/fetch-later-helper.js +// META: script=/fetch/fetch-later/permissions-policy/resources/helper.js +// META: timeout=long +'use strict'; + +const { + HTTPS_ORIGIN, + HTTPS_NOTSAMESITE_ORIGIN, +} = get_host_info(); + +const baseUrl = '/permissions-policy/resources/redirect-on-load.html#'; +const description = 'Permissions policy allow="deferred-fetch"'; + +async_test(t => { + test_feature_availability( + 'fetchLater()', t, + getDeferredFetchPolicyInIframeHelperUrl(`${baseUrl}${HTTPS_ORIGIN}`), + expect_feature_available_default, /*feature_name=*/ 'deferred-fetch'); +}, `${description} allows same-origin navigation in an iframe.`); + +async_test(t => { + test_feature_availability( + 'fetchLater()', t, + getDeferredFetchPolicyInIframeHelperUrl( + `${baseUrl}${HTTPS_NOTSAMESITE_ORIGIN}`), + expect_feature_unavailable_default, /*feature_name=*/ 'deferred-fetch'); +}, `${description} disallows cross-origin navigation in an iframe.`); diff --git a/testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-allowed-by-permissions-policy-attribute.tentative.https.window.js b/testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-allowed-by-permissions-policy-attribute.tentative.https.window.js new file mode 100644 index 0000000000000..c881609b4f16b --- /dev/null +++ b/testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-allowed-by-permissions-policy-attribute.tentative.https.window.js @@ -0,0 +1,36 @@ +// META: title=Permissions Policy "deferred-fetch" is allowed by allow attribute +// META: script=/permissions-policy/resources/permissions-policy.js +// META: script=/common/utils.js +// META: script=/common/get-host-info.sub.js +// META: script=/fetch/fetch-later/resources/fetch-later-helper.js +// META: script=/fetch/fetch-later/permissions-policy/resources/helper.js +// META: timeout=long +'use strict'; + +const { + HTTPS_ORIGIN, + HTTPS_NOTSAMESITE_ORIGIN, +} = get_host_info(); + +const description = 'Permissions policy "deferred-fetch"'; +const attribute = 'allow="deferred-fetch" attribute'; + +async_test( + t => { + test_feature_availability( + 'fetchLater()', t, + getDeferredFetchPolicyInIframeHelperUrl(HTTPS_ORIGIN), + expect_feature_available_default, /*feature_name=*/ 'deferred-fetch'); + }, + `${description} can be enabled in the same-origin iframe using ${ + attribute}.`); + +async_test( + t => { + test_feature_availability( + 'fetchLater()', t, + getDeferredFetchPolicyInIframeHelperUrl(HTTPS_NOTSAMESITE_ORIGIN), + expect_feature_available_default, /*feature_name=*/ 'deferred-fetch'); + }, + `${description} can be enabled in the cross-origin iframe using ${ + attribute}.`); diff --git a/testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-allowed-by-permissions-policy.tentative.https.window.js b/testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-allowed-by-permissions-policy.tentative.https.window.js new file mode 100644 index 0000000000000..b65013d177f10 --- /dev/null +++ b/testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-allowed-by-permissions-policy.tentative.https.window.js @@ -0,0 +1,45 @@ +// META: title=Permissions Policy "deferred-fetch" is allowed +// META: script=/permissions-policy/resources/permissions-policy.js +// META: script=/common/utils.js +// META: script=/common/get-host-info.sub.js +// META: script=/fetch/fetch-later/resources/fetch-later-helper.js +// META: script=/fetch/fetch-later/permissions-policy/resources/helper.js +// META: timeout=long +'use strict'; + +const { + HTTPS_ORIGIN, + HTTPS_NOTSAMESITE_ORIGIN, +} = get_host_info(); + +const description = 'Permissions policy header: "deferred-fetch=*"'; + +parallelPromiseTest(async _ => { + const uuid = token(); + const url = generateSetBeaconURL(uuid); + + // Request the browser to fetchLater() immediately. + fetchLater(url, {activateAfter: 0}); + + await expectBeacon(uuid, {count: 1}); +}, `${description} allows fetchLater() in the top-level document.`); + +async_test(t => { + test_feature_availability( + 'fetchLater()', t, getDeferredFetchPolicyInIframeHelperUrl(HTTPS_ORIGIN), + expect_feature_available_default); +}, `${description} allows fetchLater() in the same-origin iframe.`); + +async_test(t => { + test_feature_availability( + 'fetchLater()', t, + getDeferredFetchPolicyInIframeHelperUrl(HTTPS_NOTSAMESITE_ORIGIN), + expect_feature_unavailable_default); +}, `${description} disallows fetchLater() in the cross-origin iframe.`); + +async_test(t => { + test_feature_availability( + 'fetchLater()', t, + getDeferredFetchPolicyInIframeHelperUrl(HTTPS_NOTSAMESITE_ORIGIN), + expect_feature_available_default, /*feature_name=*/ 'deferred-fetch'); +}, `${description} allow="deferred-fetch" allows fetchLater() in the cross-origin iframe.`); diff --git a/testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-allowed-by-permissions-policy.tentative.https.window.js.headers b/testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-allowed-by-permissions-policy.tentative.https.window.js.headers new file mode 100644 index 0000000000000..cd356bd1a3914 --- /dev/null +++ b/testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-allowed-by-permissions-policy.tentative.https.window.js.headers @@ -0,0 +1 @@ +Permissions-Policy: deferred-fetch=* diff --git a/testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-default-permissions-policy.tentative.https.window.js b/testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-default-permissions-policy.tentative.https.window.js new file mode 100644 index 0000000000000..51b7e51844939 --- /dev/null +++ b/testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-default-permissions-policy.tentative.https.window.js @@ -0,0 +1,38 @@ +// META: title=Permissions Policy "deferred-fetch" default behavior +// META: script=/permissions-policy/resources/permissions-policy.js +// META: script=/common/utils.js +// META: script=/common/get-host-info.sub.js +// META: script=/fetch/fetch-later/resources/fetch-later-helper.js +// META: script=/fetch/fetch-later/permissions-policy/resources/helper.js +// META: timeout=long +'use strict'; + +const { + HTTPS_ORIGIN, + HTTPS_NOTSAMESITE_ORIGIN, +} = get_host_info(); + +const description = 'Default "deferred-fetch" permissions policy ["self"]'; + +parallelPromiseTest(async _ => { + const uuid = token(); + const url = generateSetBeaconURL(uuid); + + // Request the browser to fetchLater() immediately. + fetchLater(url, {activateAfter: 0}); + + await expectBeacon(uuid, {count: 1}); +}, `${description} allows fetchLater() in the top-level document.`); + +async_test(t => { + test_feature_availability( + 'fetchLater()', t, getDeferredFetchPolicyInIframeHelperUrl(HTTPS_ORIGIN), + expect_feature_available_default); +}, `${description} allows fetchLater() in the same-origin iframe.`); + +async_test(t => { + test_feature_availability( + 'fetchLater()', t, + getDeferredFetchPolicyInIframeHelperUrl(HTTPS_NOTSAMESITE_ORIGIN), + expect_feature_unavailable_default); +}, `${description} disallows fetchLater() in the cross-origin iframe.`); diff --git a/testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-disabled-by-permissions-policy.tentative.https.window.js b/testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-disabled-by-permissions-policy.tentative.https.window.js new file mode 100644 index 0000000000000..283f703a283be --- /dev/null +++ b/testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-disabled-by-permissions-policy.tentative.https.window.js @@ -0,0 +1,34 @@ +// META: title=Permissions Policy "deferred-fetch" is disabled +// META: script=/permissions-policy/resources/permissions-policy.js +// META: script=/common/utils.js +// META: script=/common/get-host-info.sub.js +// META: script=/fetch/fetch-later/resources/fetch-later-helper.js +// META: script=/fetch/fetch-later/permissions-policy/resources/helper.js +// META: timeout=long +'use strict'; + +const { + HTTPS_ORIGIN, + HTTPS_NOTSAMESITE_ORIGIN, +} = get_host_info(); + +const description = 'Permissions policy header: "deferred-fetch=()"'; + +parallelPromiseTest(async _ => { + // Request the browser to fetchLater() immediately, which is not allowed. + assert_throws_dom( + 'NotAllowedError', () => fetchLater('/', {activateAfter: 0})); +}, `${description} disallows fetchLater() in the top-level document.`); + +async_test(t => { + test_feature_availability( + 'fetchLater()', t, getDeferredFetchPolicyInIframeHelperUrl(HTTPS_ORIGIN), + expect_feature_unavailable_default); +}, `${description} disallows fetchLater() in the same-origin iframe.`); + +async_test(t => { + test_feature_availability( + 'fetchLater()', t, + getDeferredFetchPolicyInIframeHelperUrl(HTTPS_NOTSAMESITE_ORIGIN), + expect_feature_unavailable_default); +}, `${description} disallows fetchLater() in the cross-origin iframe.`); diff --git a/testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-disabled-by-permissions-policy.tentative.https.window.js.headers b/testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-disabled-by-permissions-policy.tentative.https.window.js.headers new file mode 100644 index 0000000000000..9c2b593ec80d3 --- /dev/null +++ b/testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-disabled-by-permissions-policy.tentative.https.window.js.headers @@ -0,0 +1 @@ +Permissions-Policy: deferred-fetch=() diff --git a/testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-supported-by-permissions-policy.tentative.window.js b/testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-supported-by-permissions-policy.tentative.window.js new file mode 100644 index 0000000000000..e89f1edb85670 --- /dev/null +++ b/testing/web-platform/tests/fetch/fetch-later/permissions-policy/deferred-fetch-supported-by-permissions-policy.tentative.window.js @@ -0,0 +1,8 @@ +// META: title=The feature list should advertise deferred-fetch +'use strict'; + +// https://w3c.github.io/webappsec-permissions-policy/#dom-permissions-policy-features +// https://wicg.github.io/local-fonts/#permissions-policy +test(() => { + assert_in_array('deferred-fetch', document.featurePolicy.features()); +}, 'document.featurePolicy.features should advertise deferred-fetch.'); diff --git a/testing/web-platform/tests/fetch/fetch-later/permissions-policy/resources/helper.js b/testing/web-platform/tests/fetch/fetch-later/permissions-policy/resources/helper.js new file mode 100644 index 0000000000000..5cbb183acf1d7 --- /dev/null +++ b/testing/web-platform/tests/fetch/fetch-later/permissions-policy/resources/helper.js @@ -0,0 +1,13 @@ +'use strict'; + +/** + * Returns an URL to a document that can be used to initialize an iframe to test + * whether the "deferred-fetch"policy is enabled. + */ +function getDeferredFetchPolicyInIframeHelperUrl(iframeOrigin) { + if (!iframeOrigin.endsWith('/')) { + iframeOrigin += '/'; + } + return `${ + iframeOrigin}fetch/fetch-later/permissions-policy/resources/permissions-policy-deferred-fetch.html`; +} diff --git a/testing/web-platform/tests/fetch/fetch-later/permissions-policy/resources/permissions-policy-deferred-fetch.html b/testing/web-platform/tests/fetch/fetch-later/permissions-policy/resources/permissions-policy-deferred-fetch.html new file mode 100644 index 0000000000000..f5ce3178db4b1 --- /dev/null +++ b/testing/web-platform/tests/fetch/fetch-later/permissions-policy/resources/permissions-policy-deferred-fetch.html @@ -0,0 +1,14 @@ + +