Skip to content

Commit

Permalink
Add a tentative WPT test for redirect handling.
Browse files Browse the repository at this point in the history
The fix added a unit test in //net. Now that the spec bug has been
filed, also add a test to WPT. Mark it tentative because it does not
actually reflect the specification, just actual browser behavior.

See whatwg/fetch#883 and associated bug.

Bug: 942073
Change-Id: I60aeef60ec8241f483d23ec7c1fd8ce8e5949d2d
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1532901
Commit-Queue: David Benjamin <[email protected]>
Auto-Submit: David Benjamin <[email protected]>
Reviewed-by: Philip Jägenstedt <[email protected]>
Cr-Commit-Position: refs/heads/master@{#643671}
  • Loading branch information
davidben authored and chromium-wpt-export-bot committed Mar 23, 2019
1 parent 0eddcd8 commit 5a8082c
Show file tree
Hide file tree
Showing 2 changed files with 56 additions and 10 deletions.
45 changes: 45 additions & 0 deletions fetch/api/redirect/redirect-location-escape.tentative.any.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
// META: script=../resources/utils.js

// See https://github.com/whatwg/fetch/issues/883 for the behavior covered by
// this test. As of writing, the Fetch spec has not been updated to cover these.

// redirectLocation tests that a Location header of |locationHeader| is resolved
// to a URL which ends in |expectedUrlSuffix|. |locationHeader| is interpreted
// as a byte sequence via isomorphic encode, as described in [INFRA]. This
// allows the caller to specify byte sequences which are not valid UTF-8.
// However, this means, e.g., U+2603 must be passed in as "\xe2\x98\x83", its
// UTF-8 encoding, not "\u2603".
//
// [INFRA] https://infra.spec.whatwg.org/#isomorphic-encode
function redirectLocation(
desc, redirectUrl, locationHeader, expectedUrlSuffix) {
promise_test(function(test) {
// Note we use escape() instead of encodeURIComponent(), so that characters
// are escaped as bytes in the isomorphic encoding.
var url = redirectUrl + '?simple=1&location=' + escape(locationHeader);

return fetch(url, {'redirect': 'follow'}).then(function(resp) {
assert_true(
resp.url.endsWith(expectedUrlSuffix),
resp.url + ' ends with ' + expectedUrlSuffix);
});
}, desc);
}

var redirUrl = RESOURCES_DIR + 'redirect.py';
redirectLocation(
'Redirect to escaped UTF-8', redirUrl, 'top.txt?%E2%98%83%e2%98%83',
'top.txt?%E2%98%83%e2%98%83');
redirectLocation(
'Redirect to unescaped UTF-8', redirUrl, 'top.txt?\xe2\x98\x83',
'top.txt?%E2%98%83');
redirectLocation(
'Redirect to escaped and unescaped UTF-8', redirUrl,
'top.txt?\xe2\x98\x83%e2%98%83', 'top.txt?%E2%98%83%e2%98%83');
redirectLocation(
'Escaping produces double-percent', redirUrl, 'top.txt?%\xe2\x98\x83',
'top.txt?%%E2%98%83');
redirectLocation(
'Redirect to invalid UTF-8', redirUrl, 'top.txt?\xff', 'top.txt?%FF');

done();
21 changes: 11 additions & 10 deletions fetch/api/resources/redirect.py
Original file line number Diff line number Diff line change
Expand Up @@ -38,16 +38,17 @@ def main(request, response):

if "location" in request.GET:
url = request.GET['location']
scheme = urlparse(url).scheme
if scheme == "" or scheme == "http" or scheme == "https":
url += "&" if '?' in url else "?"
#keep url parameters in location
url_parameters = {}
for item in request.GET.items():
url_parameters[item[0]] = item[1][0]
url += urlencode(url_parameters)
#make sure location changes during redirection loop
url += "&count=" + str(stashed_data['count'])
if "simple" not in request.GET:
scheme = urlparse(url).scheme
if scheme == "" or scheme == "http" or scheme == "https":
url += "&" if '?' in url else "?"
#keep url parameters in location
url_parameters = {}
for item in request.GET.items():
url_parameters[item[0]] = item[1][0]
url += urlencode(url_parameters)
#make sure location changes during redirection loop
url += "&count=" + str(stashed_data['count'])
headers.append(("Location", url))

if "redirect_referrerpolicy" in request.GET:
Expand Down

0 comments on commit 5a8082c

Please sign in to comment.