Augment COEP violation report
This implements https://github.com/whatwg/html/pull/5848.
- Add "blockedURL" (we'll keep "blocked-url" for some time).
- Add "disposition".
- Add "destination".
There are subtle bugs in WPTs
(https://github.com/web-platform-tests/wpt/pull/25177). Fix them.
Bug: 1119676
Change-Id: I9b83f18d9881b2742bafd88405b57645a67cac49
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2373970
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Reviewed-by: Makoto Shimazu <shimazu@chromium.org>
Reviewed-by: Domenic Denicola <domenic@chromium.org>
Commit-Queue: Yutaka Hirano <yhirano@chromium.org>
Cr-Commit-Position: refs/heads/master@{#802161}
diff --git a/html/cross-origin-embedder-policy/reporting-subresource-corp.https.html b/html/cross-origin-embedder-policy/reporting-subresource-corp.https.html
index b7571d0..ad8a8e9 100644
--- a/html/cross-origin-embedder-policy/reporting-subresource-corp.https.html
+++ b/html/cross-origin-embedder-policy/reporting-subresource-corp.https.html
@@ -185,7 +185,7 @@
}
});
observer.observe();
- const url = `${REMOTE_ORIGIN}$/common/utils.js`;
+ const url = `${REMOTE_ORIGIN}/common/utils.js`;
const script = frame.contentDocument.createElement('script');
script.src = url;
frame.contentDocument.body.appendChild(script);
diff --git a/html/cross-origin-embedder-policy/reporting-to-endpoint.https.html b/html/cross-origin-embedder-policy/reporting-to-endpoint.https.html
index d40f437..02c719d 100644
--- a/html/cross-origin-embedder-policy/reporting-to-endpoint.https.html
+++ b/html/cross-origin-embedder-policy/reporting-to-endpoint.https.html
@@ -44,7 +44,7 @@
pollReports('endpoint', reports);
pollReports('report-only-endpoint', reportsForReportOnly);
-function checkCorpReportExistence(reports, blockedUrl, contextUrl, disposition) {
+function checkCorpReportExistence(reports, blockedUrl, contextUrl, destination, disposition) {
blockedUrl = new URL(blockedUrl, location).href;
contextUrl = new URL(contextUrl, location).href;
for (const report of reports) {
@@ -54,7 +54,7 @@
}
if (report.body.blockedURL === blockedUrl &&
report.body.disposition === disposition) {
- assert_equals(report.body.destination, '');
+ assert_equals(report.body.destination, destination);
return;
}
}
@@ -97,9 +97,9 @@
// Wait 3 seconds for reports to settle.
await wait(3000);
- checkCorpReportExistence(reports, url, iframe.src, 'enforce');
+ checkCorpReportExistence(reports, url, iframe.src, '', 'enforce');
checkCorpReportExistence(
- reportsForReportOnly, url, iframe.src, 'reporting');
+ reportsForReportOnly, url, iframe.src, '', 'reporting');
t.done();
} catch (e) {
@@ -134,9 +134,9 @@
// Wait 3 seconds for reports to settle.
await wait(3000);
- checkCorpReportExistence(reports, url, iframe.src, 'enforce');
+ checkCorpReportExistence(reports, url, iframe.src, 'iframe', 'enforce');
checkCorpReportExistence(
- reportsForReportOnly, url, iframe.src, 'reporting');
+ reportsForReportOnly, url, iframe.src, 'iframe', 'reporting');
t.done();
} catch (e) {