-
Notifications
You must be signed in to change notification settings - Fork 3.2k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
WPT:
Sec-Fetch-* headers aren't accessible in service workers.
As requested in whatwg/fetch#993. Change-Id: Ie6096154ad9f6af73e2c26e0bb0c8f72a2a7a99a
- Loading branch information
1 parent
b4cb174
commit ae15033
Showing
3 changed files
with
68 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| <!DOCTYPE html> | ||
| <meta charset="utf-8"> | ||
| <title>Page Title</title> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| addEventListener("fetch", event => { | ||
| event.waitUntil(async function () { | ||
| if (!event.clientId) return; | ||
| const client = await clients.get(event.clientId); | ||
| if (!client) return; | ||
|
|
||
| client.postMessage({ | ||
| "dest": event.request.headers.get("sec-fetch-dest"), | ||
| "mode": event.request.headers.get("sec-fetch-mode"), | ||
| "site": event.request.headers.get("sec-fetch-site"), | ||
| "user": event.request.headers.get("sec-fetch-user") | ||
| }); | ||
| }()); | ||
| }); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,51 @@ | ||
| <!DOCTYPE html> | ||
| <!-- | ||
| This test verifies that Fetch Metadata headers are not exposed to Service | ||
| Workers via the request's `headers` accessor. | ||
| --> | ||
| <meta charset="utf-8"/> | ||
| <script src=/resources/testharness.js></script> | ||
| <script src=/resources/testharnessreport.js></script> | ||
| <script src=/fetch/metadata/resources/helper.js></script> | ||
| <script src=/service-workers/service-worker/resources/test-helpers.sub.js></script> | ||
| <script src=/common/utils.js></script> | ||
| <script> | ||
| const SCOPE = 'resources/serviceworker-accessors-frame.html'; | ||
| const SCRIPT = 'resources/serviceworker-accessors.sw.js'; | ||
|
|
||
| function assert_headers_not_seen_in_service_worker(frame) { | ||
| return new Promise((resolve, reject) => { | ||
| frame.contentWindow.fetch(SCOPE, {mode:'no-cors'}); | ||
| frame.contentWindow.navigator.serviceWorker.addEventListener('message', e => { | ||
| assert_header_equals(e.data, { | ||
| "dest": null, | ||
| "mode": null, | ||
| "site": null, | ||
| "user": null | ||
| }); | ||
| resolve(); | ||
| }); | ||
| }); | ||
| } | ||
|
|
||
| promise_test(async function(t) { | ||
| const reg = await service_worker_unregister_and_register(t, SCRIPT, SCOPE); | ||
|
|
||
| t.add_cleanup(async () => { | ||
| if (reg) | ||
| await reg.unregister(); | ||
| }); | ||
|
|
||
| await wait_for_state(t, reg.installing, 'activated'); | ||
|
|
||
| const frame = await with_iframe(SCOPE); | ||
| t.add_cleanup(async () => { | ||
| if (frame) | ||
| frame.remove(); | ||
| }); | ||
|
|
||
| // Trigger a fetch that will go through the service worker, and validate | ||
| // the visible headers. | ||
| await assert_headers_not_seen_in_service_worker(frame); | ||
| }, 'Sec-Fetch headers in Service Worker fetch handler.'); | ||
| </script> |