[Private Network Access] Test targetAddressSpace more thoroughly.
Success tests fail because targetAddressSpace is not yet implemented.
Bug: chromium:1338439
Change-Id: I152944e5959c8e952d67cc9736bfd77a8cfc4b56
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3879523
Auto-Submit: Titouan Rigoudy <titouan@chromium.org>
Reviewed-by: Yifan Luo <lyf@chromium.org>
Commit-Queue: Titouan Rigoudy <titouan@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1061025}
diff --git a/fetch/private-network-access/fetch.https.window.js b/fetch/private-network-access/fetch.https.window.js
index 2440f2e..7a3cc20 100644
--- a/fetch/private-network-access/fetch.https.window.js
+++ b/fetch/private-network-access/fetch.https.window.js
@@ -78,7 +78,7 @@
},
fetchOptions: { method: "PUT" },
expected: FetchTestResult.SUCCESS,
-}), "local to public: PUT preflight success,");
+}), "local to public: PUT preflight success.");
// Generates tests of preflight behavior for a single (source, target) pair.
//
diff --git a/fetch/private-network-access/mixed-content-fetch.tentative.https.window.js b/fetch/private-network-access/mixed-content-fetch.tentative.https.window.js
index a5cddf4..a9b6d6b 100644
--- a/fetch/private-network-access/mixed-content-fetch.tentative.https.window.js
+++ b/fetch/private-network-access/mixed-content-fetch.tentative.https.window.js
@@ -1,282 +1,268 @@
-// META: script=/common/subset-tests-by-key.js
// META: script=/common/utils.js
// META: script=resources/support.sub.js
-// META: variant=?include=from-private
-// META: variant=?include=from-public
-// META: variant=?include=from-treat-as-public
//
// Spec: https://wicg.github.io/private-network-access
//
// These tests verify that secure contexts can fetch non-secure subresources
-// from more private address spaces, provided without mixed context check.
+// from more private address spaces, avoiding mixed context checks, as long as
+// they specify a valid `targetAddressSpace` fetch option that matches the
+// target server's address space.
setup(() => {
// Making sure we are in a secure context, as expected.
assert_true(window.isSecureContext);
});
-// Generates tests of preflight behavior for a single (source, target) pair.
+// Given `addressSpace`, returns the other three possible IP address spaces.
+function otherAddressSpaces(addressSpace) {
+ switch (addressSpace) {
+ case "local": return ["unknown", "private", "public"];
+ case "private": return ["unknown", "local", "public"];
+ case "public": return ["unknown", "local", "private"];
+ }
+}
+
+// Generates tests of `targetAddressSpace` for the given (source, target)
+// address space pair, expecting fetches to succeed iff `targetAddressSpace` is
+// correct.
//
-// Scenarios:
+// Scenarios exercised:
//
// - cors mode:
-// - without targetAddressSpace option
-// - with incorrect targetAddressSpace option
+// - missing targetAddressSpace option
+// - incorrect targetAddressSpace option (x3, see `otherAddressSpaces()`)
+// - failed preflight
// - success
// - success with PUT method (non-"simple" request)
// - no-cors mode:
// - success
//
-function makePreflightTests({
- subsetKey,
- source,
- sourceDescription,
- targetServer,
- targetDescription,
- targetAddressSpace,
- expectation,
- expectedMessage,
-}) {
- const prefix =
- `${sourceDescription} to ${targetDescription} with ${targetAddressSpace} targetAddressSpace option: `;
+function makeTests({ source, target }) {
+ const sourceServer = Server.get("https", source);
+ const targetServer = Server.get("http", target);
- subsetTestByKey(subsetKey, promise_test, t => fetchTest(t, {
- source,
- target: {
- server: targetServer,
- behavior: {
- preflight: PreflightBehavior.success(token()),
- response: ResponseBehavior.allowCrossOrigin(),
+ const makeTest = ({
+ fetchOptions,
+ targetBehavior,
+ name,
+ expected
+ }) => {
+ promise_test_parallel(t => fetchTest(t, {
+ source: { server: sourceServer },
+ target: {
+ server: targetServer,
+ behavior: targetBehavior,
},
- },
- fetchOptions: { targetAddressSpace: targetAddressSpace },
- expected: expectation,
- }), prefix + expectedMessage + ".");
+ fetchOptions,
+ expected,
+ }), `${sourceServer.name} to ${targetServer.name}: ${name}.`);
+ };
- subsetTestByKey(subsetKey, promise_test, t => fetchTest(t, {
- source,
- target: {
- server: targetServer,
- behavior: {
- preflight: PreflightBehavior.success(token()),
- response: ResponseBehavior.allowCrossOrigin(),
- },
+ makeTest({
+ name: "missing targetAddressSpace",
+ targetBehavior: {
+ preflight: PreflightBehavior.success(token()),
+ response: ResponseBehavior.allowCrossOrigin(),
},
- fetchOptions: { method: "PUT", targetAddressSpace: targetAddressSpace },
expected: FetchTestResult.FAILURE,
- }), prefix + "PUT " + expectedMessage + ".");
+ });
+
+ const correctAddressSpace = targetServer.addressSpace;
+
+ for (const targetAddressSpace of otherAddressSpaces(correctAddressSpace)) {
+ makeTest({
+ name: `wrong targetAddressSpace "${targetAddressSpace}"`,
+ targetBehavior: {
+ preflight: PreflightBehavior.success(token()),
+ response: ResponseBehavior.allowCrossOrigin(),
+ },
+ fetchOptions: { targetAddressSpace },
+ expected: FetchTestResult.FAILURE,
+ });
+ }
+
+ makeTest({
+ name: "failed preflight",
+ targetBehavior: {
+ preflight: PreflightBehavior.failure(),
+ response: ResponseBehavior.allowCrossOrigin(),
+ },
+ fetchOptions: { targetAddressSpace: correctAddressSpace },
+ expected: FetchTestResult.FAILURE,
+ });
+
+ makeTest({
+ name: "success",
+ targetBehavior: {
+ preflight: PreflightBehavior.success(token()),
+ response: ResponseBehavior.allowCrossOrigin(),
+ },
+ fetchOptions: { targetAddressSpace: correctAddressSpace },
+ expected: FetchTestResult.SUCCESS,
+ });
+
+ makeTest({
+ name: "PUT success",
+ targetBehavior: {
+ preflight: PreflightBehavior.success(token()),
+ response: ResponseBehavior.allowCrossOrigin(),
+ },
+ fetchOptions: {
+ targetAddressSpace: correctAddressSpace,
+ method: "PUT",
+ },
+ expected: FetchTestResult.SUCCESS,
+ });
+
+ makeTest({
+ name: "no-cors success",
+ targetBehavior: {
+ preflight: PreflightBehavior.success(token()),
+ response: ResponseBehavior.allowCrossOrigin(),
+ },
+ fetchOptions: {
+ targetAddressSpace: correctAddressSpace,
+ method: "no-cors",
+ },
+ expected: FetchTestResult.SUCCESS,
+ });
}
+// Generates tests for the given (source, target) address space pair expecting
+// that `targetAddressSpace` cannot be used to bypass mixed content.
+//
+// Scenarios exercised:
+//
+// - wrong `targetAddressSpace` (x3, see `otherAddressSpaces()`)
+// - correct `targetAddressSpace`
+//
+function makeNoBypassTests({ source, target }) {
+ const sourceServer = Server.get("https", source);
+ const targetServer = Server.get("http", target);
+
+ const prefix = `${sourceServer.name} to ${targetServer.name}: `;
+
+ const correctAddressSpace = targetServer.addressSpace;
+ for (const targetAddressSpace of otherAddressSpaces(correctAddressSpace)) {
+ promise_test_parallel(t => fetchTest(t, {
+ source: { server: sourceServer },
+ target: {
+ server: targetServer,
+ behavior: {
+ preflight: PreflightBehavior.success(token()),
+ response: ResponseBehavior.allowCrossOrigin(),
+ },
+ },
+ fetchOptions: { targetAddressSpace },
+ expected: FetchTestResult.FAILURE,
+ }), prefix + `wrong targetAddressSpace "${targetAddressSpace}".`);
+ }
+
+ promise_test_parallel(t => fetchTest(t, {
+ source: { server: sourceServer },
+ target: {
+ server: targetServer,
+ behavior: {
+ preflight: PreflightBehavior.success(token()),
+ response: ResponseBehavior.allowCrossOrigin(),
+ },
+ },
+ fetchOptions: { targetAddressSpace: correctAddressSpace },
+ expected: FetchTestResult.FAILURE,
+ }), prefix + 'not a private network request.');
+}
+
+// Source: local secure context.
+//
+// Fetches to the local and private address spaces cannot use
+// `targetAddressSpace` to bypass mixed content, as they are not otherwise
+// blocked by Private Network Access.
+
+makeNoBypassTests({ source: "local", target: "local" });
+makeNoBypassTests({ source: "local", target: "private" });
+makeNoBypassTests({ source: "local", target: "public" });
+
+// Source: private secure context.
+//
+// Fetches to the local address space requires the right `targetAddressSpace`
+// option, as well as a successful preflight response carrying a PNA-specific
+// header.
+//
+// Fetches to the private address space cannot use `targetAddressSpace` to
+// bypass mixed content, as they are not otherwise blocked by Private Network
+// Access.
+
+makeTests({ source: "private", target: "local" });
+
+makeNoBypassTests({ source: "private", target: "private" });
+makeNoBypassTests({ source: "private", target: "public" });
+
// Source: public secure context.
//
-// Fetches to the local and private address spaces require a successful
-// preflight response carrying a PNA-specific header.
+// Fetches to the local and private address spaces require the right
+// `targetAddressSpace` option, as well as a successful preflight response
+// carrying a PNA-specific header.
-makePreflightTests({
- subsetKey: "from-private",
- source: { server: Server.HTTPS_PRIVATE },
- sourceDescription: "private",
- targetServer: Server.HTTP_LOCAL,
- targetDescription: "local",
- targetAddressSpace: "local",
- expectation: FetchTestResult.SUCCESS,
- expectedMessage: "success",
-});
+makeTests({ source: "public", target: "local" });
+makeTests({ source: "public", target: "private" });
-makePreflightTests({
- subsetKey: "from-private",
- source: { server: Server.HTTPS_PRIVATE },
- sourceDescription: "private",
- targetServer: Server.HTTP_LOCAL,
- targetDescription: "local",
- targetAddressSpace: "private",
- expectation: FetchTestResult.FAILURE,
- expectedMessage: "failed",
-});
-
-makePreflightTests({
- subsetKey: "from-private",
- source: { server: Server.HTTPS_PRIVATE },
- sourceDescription: "private",
- targetServer: Server.HTTP_LOCAL,
- targetDescription: "local",
- targetAddressSpace: "public",
- expectation: FetchTestResult.FAILURE,
- expectedMessage: "failed",
-});
-
-makePreflightTests({
- subsetKey: "from-private",
- source: { server: Server.HTTPS_PRIVATE },
- sourceDescription: "private",
- targetServer: Server.HTTP_PRIVATE,
- targetDescription: "private",
- targetAddressSpace: "local",
- expectation: FetchTestResult.FAILURE,
- expectedMessage: "failed",
-});
-
-makePreflightTests({
- subsetKey: "from-private",
- source: { server: Server.HTTPS_PRIVATE },
- sourceDescription: "private",
- targetServer: Server.HTTP_PRIVATE,
- targetDescription: "private",
- targetAddressSpace: "private",
- expectation: FetchTestResult.FAILURE,
- expectedMessage: "failed",
-});
-
-makePreflightTests({
- subsetKey: "from-private",
- source: { server: Server.HTTPS_PRIVATE },
- sourceDescription: "private",
- targetServer: Server.HTTP_PRIVATE,
- targetDescription: "private",
- targetAddressSpace: "public",
- expectation: FetchTestResult.FAILURE,
- expectedMessage: "failed",
-});
-
-makePreflightTests({
- subsetKey: "from-private",
- source: { server: Server.HTTPS_PRIVATE },
- sourceDescription: "private",
- targetServer: Server.HTTP_PUBLIC,
- targetDescription: "public",
- targetAddressSpace: "local",
- expectation: FetchTestResult.FAILURE,
- expectedMessage: "failed",
-});
-
-makePreflightTests({
- subsetKey: "from-private",
- source: { server: Server.HTTPS_PRIVATE },
- sourceDescription: "private",
- targetServer: Server.HTTP_PUBLIC,
- targetDescription: "public",
- targetAddressSpace: "private",
- expectation: FetchTestResult.FAILURE,
- expectedMessage: "failed",
-});
-
-makePreflightTests({
- subsetKey: "from-private",
- source: { server: Server.HTTPS_PRIVATE },
- sourceDescription: "private",
- targetServer: Server.HTTP_PUBLIC,
- targetDescription: "public",
- targetAddressSpace: "public",
- expectation: FetchTestResult.FAILURE,
- expectedMessage: "failed",
-});
-
-makePreflightTests({
- subsetKey: "from-public",
- source: { server: Server.HTTPS_PUBLIC },
- sourceDescription: "public",
- targetServer: Server.HTTP_LOCAL,
- targetDescription: "local",
- targetAddressSpace: "local",
- expectation: FetchTestResult.SUCCESS,
- expectedMessage: "success",
-});
-
-makePreflightTests({
- subsetKey: "from-public",
- source: { server: Server.HTTPS_PUBLIC },
- sourceDescription: "public",
- targetServer: Server.HTTP_LOCAL,
- targetDescription: "local",
- targetAddressSpace: "private",
- expectation: FetchTestResult.FAILURE,
- expectedMessage: "failed",
-});
-
-makePreflightTests({
- subsetKey: "from-public",
- source: { server: Server.HTTPS_PUBLIC },
- sourceDescription: "public",
- targetServer: Server.HTTP_LOCAL,
- targetDescription: "local",
- targetAddressSpace: "public",
- expectation: FetchTestResult.FAILURE,
- expectedMessage: "failed",
-});
-
-makePreflightTests({
- subsetKey: "from-public",
- source: { server: Server.HTTPS_PUBLIC },
- sourceDescription: "public",
- targetServer: Server.HTTP_PRIVATE,
- targetDescription: "private",
- targetAddressSpace: "local",
- expectation: FetchTestResult.FAILURE,
- expectedMessage: "failed",
-});
-
-makePreflightTests({
- subsetKey: "from-public",
- source: { server: Server.HTTPS_PUBLIC },
- sourceDescription: "public",
- targetServer: Server.HTTP_PRIVATE,
- targetDescription: "private",
- targetAddressSpace: "private",
- expectation: FetchTestResult.SUCCESS,
- expectedMessage: "success",
-});
-
-makePreflightTests({
- subsetKey: "from-public",
- source: { server: Server.HTTPS_PUBLIC },
- sourceDescription: "public",
- targetServer: Server.HTTP_PRIVATE,
- targetDescription: "private",
- targetAddressSpace: "public",
- expectation: FetchTestResult.FAILURE,
- expectedMessage: "failed",
-});
-
-makePreflightTests({
- subsetKey: "from-public",
- source: { server: Server.HTTPS_PUBLIC },
- sourceDescription: "public",
- targetServer: Server.HTTP_PUBLIC,
- targetDescription: "public",
- targetAddressSpace: "local",
- expectation: FetchTestResult.FAILURE,
- expectedMessage: "failed",
-});
-
-makePreflightTests({
- subsetKey: "from-public",
- source: { server: Server.HTTPS_PUBLIC },
- sourceDescription: "public",
- targetServer: Server.HTTP_PUBLIC,
- targetDescription: "public",
- targetAddressSpace: "private",
- expectation: FetchTestResult.FAILURE,
- expectedMessage: "failed",
-});
-
-makePreflightTests({
- subsetKey: "from-public",
- source: { server: Server.HTTPS_PUBLIC },
- sourceDescription: "public",
- targetServer: Server.HTTP_PUBLIC,
- targetDescription: "public",
- targetAddressSpace: "public",
- expectation: FetchTestResult.FAILURE,
- expectedMessage: "failed",
-});
+makeNoBypassTests({ source: "public", target: "public" });
// These tests verify that documents fetched from the `local` address space yet
// carrying the `treat-as-public-address` CSP directive are treated as if they
// had been fetched from the `public` address space.
-subsetTestByKey("from-treat-as-public", promise_test, t => fetchTest(t, {
+promise_test_parallel(t => fetchTest(t, {
source: {
- server: Server.HTTPS_PUBLIC,
+ server: Server.HTTPS_LOCAL,
+ treatAsPublic: true,
+ },
+ target: {
+ server: Server.HTTP_LOCAL,
+ behavior: {
+ preflight: PreflightBehavior.success(token()),
+ response: ResponseBehavior.allowCrossOrigin(),
+ },
+ },
+ fetchOptions: { targetAddressSpace: "private" },
+ expected: FetchTestResult.FAILURE,
+}), 'https-treat-as-public to http-local: wrong targetAddressSpace "private".');
+
+promise_test_parallel(t => fetchTest(t, {
+ source: {
+ server: Server.HTTPS_LOCAL,
+ treatAsPublic: true,
+ },
+ target: {
+ server: Server.HTTP_LOCAL,
+ behavior: {
+ preflight: PreflightBehavior.success(token()),
+ response: ResponseBehavior.allowCrossOrigin(),
+ },
+ },
+ fetchOptions: { targetAddressSpace: "local" },
+ expected: FetchTestResult.SUCCESS,
+}), "https-treat-as-public to http-local: success.");
+
+promise_test_parallel(t => fetchTest(t, {
+ source: {
+ server: Server.HTTPS_LOCAL,
+ treatAsPublic: true,
+ },
+ target: {
+ server: Server.HTTP_PRIVATE,
+ behavior: {
+ preflight: PreflightBehavior.success(token()),
+ response: ResponseBehavior.allowCrossOrigin(),
+ },
+ },
+ fetchOptions: { targetAddressSpace: "local" },
+ expected: FetchTestResult.FAILURE,
+}), 'https-treat-as-public to http-private: wrong targetAddressSpace "local".');
+
+promise_test_parallel(t => fetchTest(t, {
+ source: {
+ server: Server.HTTPS_LOCAL,
treatAsPublic: true,
},
target: {
@@ -288,20 +274,4 @@
},
fetchOptions: { targetAddressSpace: "private" },
expected: FetchTestResult.SUCCESS,
-}), "treat-as-public-address to private: success.");
-
-subsetTestByKey("from-treat-as-public", promise_test, t => fetchTest(t, {
- source: {
- server: Server.HTTPS_PUBLIC,
- treatAsPublic: true,
- },
- target: {
- server: Server.HTTP_LOCAL,
- behavior: {
- preflight: PreflightBehavior.success(token()),
- response: ResponseBehavior.allowCrossOrigin(),
- },
- },
- fetchOptions: { method: "PUT", targetAddressSpace: "local" },
- expected: FetchTestResult.SUCCESS,
-}), "treat-as-public-address to local: success.");
+}), "https-treat-as-public to http-private: success.");
diff --git a/fetch/private-network-access/resources/support.sub.js b/fetch/private-network-access/resources/support.sub.js
index 3b414ed..f4c9a9b 100644
--- a/fetch/private-network-access/resources/support.sub.js
+++ b/fetch/private-network-access/resources/support.sub.js
@@ -72,39 +72,68 @@
return await reply;
}
-const Server = {
- HTTP_LOCAL: {
- port: {{ports[http][0]}},
- protocol: "http:",
+// Maps protocol (without the trailing colon) and address space to port.
+const SERVER_PORTS = {
+ "http": {
+ "local": {{ports[http][0]}},
+ "private": {{ports[http-private][0]}},
+ "public": {{ports[http-public][0]}},
},
- HTTP_PRIVATE: {
- port: {{ports[http-private][0]}},
- protocol: "http:",
+ "https": {
+ "local": {{ports[https][0]}},
+ "private": {{ports[https-private][0]}},
+ "public": {{ports[https-public][0]}},
},
- HTTP_PUBLIC: {
- port: {{ports[http-public][0]}},
- protocol: "http:",
+ "ws": {
+ "local": {{ports[ws][0]}},
},
- HTTPS_LOCAL: {
- port: {{ports[https][0]}},
- protocol: "https:",
+ "wss": {
+ "local": {{ports[wss][0]}},
},
- HTTPS_PRIVATE: {
- port: {{ports[https-private][0]}},
- protocol: "https:",
- },
- HTTPS_PUBLIC: {
- port: {{ports[https-public][0]}},
- protocol: "https:",
- },
- WS_LOCAL: {
- port: {{ports[ws][0]}},
- protocol: "ws:",
- },
- WSS_LOCAL: {
- port: {{ports[wss][0]}},
- protocol: "wss:",
- },
+};
+
+// A `Server` is a web server accessible by tests. It has the following shape:
+//
+// {
+// addressSpace: the IP address space of the server ("local", "private" or
+// "public"),
+// name: a human-readable name for the server,
+// port: the port on which the server listens for connections,
+// protocol: the protocol (including trailing colon) spoken by the server,
+// }
+//
+// Constants below define the available servers, which can also be accessed
+// programmatically with `get()`.
+class Server {
+ // Maps the given `protocol` (without a trailing colon) and `addressSpace` to
+ // a server. Returns null if no such server exists.
+ static get(protocol, addressSpace) {
+ const ports = SERVER_PORTS[protocol];
+ if (ports === undefined) {
+ return null;
+ }
+
+ const port = ports[addressSpace];
+ if (port === undefined) {
+ return null;
+ }
+
+ return {
+ addressSpace,
+ name: `${protocol}-${addressSpace}`,
+ port,
+ protocol: protocol + ':',
+ };
+ }
+
+ static HTTP_LOCAL = Server.get("http", "local");
+ static HTTP_PRIVATE = Server.get("http", "private");
+ static HTTP_PUBLIC = Server.get("http", "public");
+ static HTTPS_LOCAL = Server.get("https", "local");
+ static HTTPS_PRIVATE = Server.get("https", "private");
+ static HTTPS_PUBLIC = Server.get("https", "public");
+ static WS_LOCAL = Server.get("ws", "local");
+ static WSS_LOCAL = Server.get("wss", "local");
};
// Resolves a URL relative to the current location, returning an absolute URL.
@@ -283,7 +312,7 @@
const targetUrl = preflightUrl(target);
const iframe = await appendIframe(t, document, sourceUrl);
- const reply = futureMessage();
+ const reply = futureMessage({ source: iframe.contentWindow });
const message = {
url: targetUrl.href,