[ResourceTiming]: Extend TAO-match.html test to cover more resource types
Since we have different code paths for loading different types of
resources, this CL adds tests for Timing-Allow-Origin parsing/checking
that exercise more resource types than before.
This test is actually failing right now for Chrome but should pass in
other browsers. Part of the reason to land this now is to see if other
browsers will need fixes too.
Bug: 1218565
Change-Id: Id274ec1fd914f62d3b805d4d69f81f2945a8baaa
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2956309
Commit-Queue: Tom McKee <tommckee@chromium.org>
Reviewed-by: Yoav Weiss <yoavweiss@chromium.org>
Cr-Commit-Position: refs/heads/master@{#893912}
diff --git a/resource-timing/TAO-match.html b/resource-timing/TAO-match.html
index a2645a6..fb140c4 100644
--- a/resource-timing/TAO-match.html
+++ b/resource-timing/TAO-match.html
@@ -11,59 +11,70 @@
<script src="/common/get-host-info.sub.js"></script>
<script src="resources/entry-invariants.js"></script>
<script src="resources/resource-loaders.js"></script>
+<body>
<script>
const {REMOTE_ORIGIN} = get_host_info();
const path = REMOTE_ORIGIN + '/resource-timing/resources/TAOResponse.py?tao=';
-attribute_test(load.xhr_sync, path + 'match_origin',
- invariants.assert_tao_pass_no_redirect_http,
-'The timing allow check algorithm will pass when the Timing-Allow-Origin ' +
-'header value list contains a case-sensitive match.');
+const tao_test = (loader, resource_type) => {
+ attribute_test(loader, path + 'match_origin',
+ invariants.assert_tao_pass_no_redirect_http,
+ `The timing allow check algorithm will pass when the Timing-Allow-Origin ` +
+ `header value list contains a case-sensitive match. (${resource_type})`);
-attribute_test(load.xhr_sync, path + 'match_wildcard',
- invariants.assert_tao_pass_no_redirect_http,
-'The timing allow check algorithm will pass when the Timing-Allow-Origin ' +
-'header value list contains a wildcard.');
+ attribute_test(loader, path + 'match_wildcard',
+ invariants.assert_tao_pass_no_redirect_http,
+ `The timing allow check algorithm will pass when the Timing-Allow-Origin ` +
+ `header value list contains a wildcard. (${resource_type})`);
-attribute_test(load.xhr_sync, path + 'null',
- invariants.assert_tao_failure_resource,
-'The timing allow check algorithm will fail when the Timing-Allow-Origin ' +
-'header value list contains a null origin.');
+ attribute_test(loader, path + 'null',
+ invariants.assert_tao_failure_resource,
+ `The timing allow check algorithm will fail when the Timing-Allow-Origin ` +
+ `header value list contains a null origin. (${resource_type})`);
-attribute_test(load.xhr_sync, path + 'multi',
- invariants.assert_tao_pass_no_redirect_http,
-'The timing allow check algorithm will pass when the Timing-Allow-Origin ' +
-'header value list contains the origin and a wildcard.');
+ attribute_test(loader, path + 'multi',
+ invariants.assert_tao_pass_no_redirect_http,
+ `The timing allow check algorithm will pass when the Timing-Allow-Origin ` +
+ `header value list contains the origin and a wildcard. (${resource_type})`);
-attribute_test(load.xhr_sync, path + 'multi_wildcard',
- invariants.assert_tao_pass_no_redirect_http,
-'The timing allow check algorithm will pass when the Timing-Allow-Origin ' +
-'header value list contains multiple wildcards.');
+ attribute_test(loader, path + 'multi_wildcard',
+ invariants.assert_tao_pass_no_redirect_http,
+ `The timing allow check algorithm will pass when the Timing-Allow-Origin ` +
+ `header value list contains multiple wildcards. (${resource_type})`);
-attribute_test(load.xhr_sync, path + 'origin',
- invariants.assert_tao_pass_no_redirect_http,
-'The timing allow check algorithm will pass when the Timing-Allow-Origin ' +
-'header value contains only the origin.');
+ attribute_test(loader, path + 'origin',
+ invariants.assert_tao_pass_no_redirect_http,
+ `The timing allow check algorithm will pass when the Timing-Allow-Origin ` +
+ `header value contains only the origin. (${resource_type})`);
-attribute_test(load.xhr_sync, path + 'uppercase',
- invariants.assert_tao_failure_resource,
-'The timing allow check algorithm will fail when the Timing-Allow-Origin ' +
-'header value contains only the uppercased origin.');
+ attribute_test(loader, path + 'uppercase',
+ invariants.assert_tao_failure_resource,
+ `The timing allow check algorithm will fail when the Timing-Allow-Origin ` +
+ `header value contains only the uppercased origin. (${resource_type})`);
-attribute_test(load.xhr_sync, path + 'space',
- invariants.assert_tao_failure_resource,
-'The timing allow check algorithm will fail when the Timing-Allow-Origin ' +
-'header value contains only a space.');
+ attribute_test(loader, path + 'space',
+ invariants.assert_tao_failure_resource,
+ `The timing allow check algorithm will fail when the Timing-Allow-Origin ` +
+ `header value contains only a space. (${resource_type})`);
-attribute_test(load.xhr_sync, path + 'wildcard',
- invariants.assert_tao_pass_no_redirect_http,
-'The timing allow check algorithm will fail when the Timing-Allow-Origin ' +
-'header value contains only a wildcard.');
+ attribute_test(loader, path + 'wildcard',
+ invariants.assert_tao_pass_no_redirect_http,
+ `The timing allow check algorithm will fail when the Timing-Allow-Origin ` +
+ `header value contains only a wildcard. (${resource_type})`);
-attribute_test(load.xhr_sync, path + 'zero',
- invariants.assert_tao_failure_resource,
-'The timing allow check algorithm will fail when the Timing-Allow-Origin ' +
-'header is not present.');
+ attribute_test(loader, path + 'zero',
+ invariants.assert_tao_failure_resource,
+ `The timing allow check algorithm will fail when the Timing-Allow-Origin ` +
+ `header is not present. (${resource_type})`);
+};
+
+tao_test(load.font, "font");
+tao_test(load.iframe, "iframe");
+tao_test(load.image, "image");
+tao_test(load.script, "script");
+tao_test(load.stylesheet, "stylesheet");
+tao_test(load.xhr_sync, "XMLHttpRequest");
+
</script>
</body>
</html>
