Skip to content

Commit

Permalink
Bug 1695941 [wpt PR 27857] - WPT: Sec-Fetch-* headers aren't access…
Browse files Browse the repository at this point in the history
…ible in service workers., a=testonly

Automatic update from web-platform-tests
WPT: `Sec-Fetch-*` headers aren't accessible in service workers.

As requested in whatwg/fetch#993.

Change-Id: Ie6096154ad9f6af73e2c26e0bb0c8f72a2a7a99a
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2727263
Reviewed-by: Matt Falkenhagen <[email protected]>
Commit-Queue: Mike West <[email protected]>
Cr-Commit-Position: refs/heads/master@{#859345}

--

wpt-commits: df6a144d964283f2929eeb937af2806d9aafec62
wpt-pr: 27857
  • Loading branch information
mikewest authored and moz-wptsync-bot committed Mar 15, 2021
1 parent 026a088 commit 7865060
Show file tree
Hide file tree
Showing 3 changed files with 68 additions and 0 deletions.
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
<!DOCTYPE html>
<meta charset="utf-8">
<title>Page Title</title>
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
addEventListener("fetch", event => {
event.waitUntil(async function () {
if (!event.clientId) return;
const client = await clients.get(event.clientId);
if (!client) return;

client.postMessage({
"dest": event.request.headers.get("sec-fetch-dest"),
"mode": event.request.headers.get("sec-fetch-mode"),
"site": event.request.headers.get("sec-fetch-site"),
"user": event.request.headers.get("sec-fetch-user")
});
}());
});
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
<!DOCTYPE html>
<!--
This test verifies that Fetch Metadata headers are not exposed to Service
Workers via the request's `headers` accessor.
-->
<meta charset="utf-8"/>
<script src=/resources/testharness.js></script>
<script src=/resources/testharnessreport.js></script>
<script src=/fetch/metadata/resources/helper.js></script>
<script src=/service-workers/service-worker/resources/test-helpers.sub.js></script>
<script src=/common/utils.js></script>
<script>
const SCOPE = 'resources/serviceworker-accessors-frame.html';
const SCRIPT = 'resources/serviceworker-accessors.sw.js';

function assert_headers_not_seen_in_service_worker(frame) {
return new Promise((resolve, reject) => {
frame.contentWindow.fetch(SCOPE, {mode:'no-cors'});
frame.contentWindow.navigator.serviceWorker.addEventListener('message', e => {
assert_header_equals(e.data, {
"dest": null,
"mode": null,
"site": null,
"user": null
});
resolve();
});
});
}

promise_test(async function(t) {
const reg = await service_worker_unregister_and_register(t, SCRIPT, SCOPE);

t.add_cleanup(async () => {
if (reg)
await reg.unregister();
});

await wait_for_state(t, reg.installing, 'activated');

const frame = await with_iframe(SCOPE);
t.add_cleanup(async () => {
if (frame)
frame.remove();
});

// Trigger a fetch that will go through the service worker, and validate
// the visible headers.
await assert_headers_not_seen_in_service_worker(frame);
}, 'Sec-Fetch headers in Service Worker fetch handler.');
</script>

0 comments on commit 7865060

Please sign in to comment.