https://bugs.webkit.org/show_bug.cgi?id=203755
<rdar://problem/
50816282>
Reviewed by Brent Fulgham.
Update the tests and test expectations following CFNetwork change <rdar://problem/
42290578> as we
now only recognize SameSite=Strict and SameSite=Lax. That is, we no longer treat SameSite= or
SameSite=<some garbage value> as SameSite=Strict.
MacOS Mojave does not have the fix for <rdar://problem/
42290578> and so we land expected failure results.
* http/tests/cookies/same-site/fetch-after-navigating-iframe-in-cross-origin-page-expected.txt:
* http/tests/cookies/same-site/fetch-after-top-level-cross-origin-redirect-expected.txt:
* http/tests/cookies/same-site/fetch-after-top-level-navigation-from-cross-origin-page-expected.txt:
* http/tests/cookies/same-site/fetch-after-top-level-navigation-initiated-from-iframe-in-cross-origin-page-expected.txt:
* http/tests/cookies/same-site/fetch-in-cross-origin-service-worker-expected.txt:
* http/tests/cookies/same-site/popup-cross-site-post.html:
* http/tests/cookies/same-site/popup-cross-site.html:
* http/tests/cookies/same-site/popup-same-site-via-cross-site-redirect.html:
* http/tests/cookies/same-site/resources/fetch-after-navigating-iframe-in-cross-origin-page.php:
* http/tests/cookies/same-site/resources/fetch-after-top-level-cross-origin-redirect.php:
* http/tests/cookies/same-site/resources/fetch-after-top-level-navigation-from-cross-origin-page.php:
* http/tests/cookies/same-site/resources/fetch-after-top-level-navigation-initiated-from-iframe-in-cross-origin-page.php:
* http/tests/cookies/same-site/resources/fetch-in-cross-origin-service-worker.html:
* platform/ios-12/http/tests/cookies/same-site/fetch-after-navigating-iframe-in-cross-origin-page-expected.txt: Removed.
* platform/ios-12/http/tests/cookies/same-site/fetch-after-top-level-cross-origin-redirect-expected.txt: Removed.
* platform/ios-12/http/tests/cookies/same-site/fetch-after-top-level-navigation-from-cross-origin-page-expected.txt: Removed.
* platform/ios-12/http/tests/cookies/same-site/fetch-after-top-level-navigation-initiated-from-iframe-in-cross-origin-page-expected.txt: Removed.
* platform/ios-12/http/tests/cookies/same-site/fetch-in-cross-origin-service-worker-expected.txt: Removed.
* platform/ios-12/http/tests/cookies/same-site/popup-cross-site-expected.txt: Removed.
* platform/ios-12/http/tests/cookies/same-site/popup-cross-site-post-expected.txt: Removed.
* platform/ios-12/http/tests/cookies/same-site/popup-same-site-via-cross-site-redirect-expected.txt: Removed.
* platform/ios/http/tests/cookies/same-site/fetch-after-navigating-iframe-in-cross-origin-page-expected.txt: Removed.
* platform/ios/http/tests/cookies/same-site/fetch-after-top-level-cross-origin-redirect-expected.txt: Removed.
* platform/ios/http/tests/cookies/same-site/fetch-after-top-level-navigation-from-cross-origin-page-expected.txt: Removed.
* platform/ios/http/tests/cookies/same-site/fetch-after-top-level-navigation-initiated-from-iframe-in-cross-origin-page-expected.txt: Removed.
* platform/ios/http/tests/cookies/same-site/fetch-in-cross-origin-service-worker-expected.txt: Removed.
* platform/ios/http/tests/cookies/same-site/popup-cross-site-expected.txt: Removed.
* platform/ios/http/tests/cookies/same-site/popup-cross-site-post-expected.txt: Removed.
* platform/ios/http/tests/cookies/same-site/popup-same-site-via-cross-site-redirect-expected.txt: Removed.
* platform/mac-mojave/http/tests/cookies/same-site/fetch-after-navigating-iframe-in-cross-origin-page-expected.txt:
* platform/mac-mojave/http/tests/cookies/same-site/fetch-after-top-level-cross-origin-redirect-expected.txt:
* platform/mac-mojave/http/tests/cookies/same-site/fetch-after-top-level-navigation-from-cross-origin-page-expected.txt:
* platform/mac-mojave/http/tests/cookies/same-site/fetch-after-top-level-navigation-initiated-from-iframe-in-cross-origin-page-expected.txt:
* platform/mac-mojave/http/tests/cookies/same-site/fetch-in-cross-origin-service-worker-expected.txt:
* platform/mac-mojave/http/tests/cookies/same-site/popup-cross-site-expected.txt:
* platform/mac-mojave/http/tests/cookies/same-site/popup-cross-site-post-expected.txt:
* platform/mac-mojave/http/tests/cookies/same-site/popup-same-site-via-cross-site-redirect-expected.txt:
* platform/mac/http/tests/cookies/same-site/fetch-after-navigating-iframe-in-cross-origin-page-expected.txt: Removed.
* platform/mac/http/tests/cookies/same-site/fetch-after-top-level-cross-origin-redirect-expected.txt: Removed.
* platform/mac/http/tests/cookies/same-site/fetch-after-top-level-navigation-from-cross-origin-page-expected.txt: Removed.
* platform/mac/http/tests/cookies/same-site/fetch-after-top-level-navigation-initiated-from-iframe-in-cross-origin-page-expected.txt: Removed.
* platform/mac/http/tests/cookies/same-site/fetch-in-cross-origin-service-worker-expected.txt: Removed.
* platform/mac/http/tests/cookies/same-site/popup-cross-site-expected.txt: Removed.
* platform/mac/http/tests/cookies/same-site/popup-cross-site-post-expected.txt: Removed.
* platform/mac/http/tests/cookies/same-site/popup-same-site-via-cross-site-redirect-expected.txt: Removed.
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@252153
268f45cc-cd09-0410-ab3c-
d52691b4dbfc
+2019-11-06 Daniel Bates <dabates@apple.com>
+
+ Update SameSite tests for new semantics for empty and invalid SameSite attribute
+ https://bugs.webkit.org/show_bug.cgi?id=203755
+ <rdar://problem/50816282>
+
+ Reviewed by Brent Fulgham.
+
+ Update the tests and test expectations following CFNetwork change <rdar://problem/42290578> as we
+ now only recognize SameSite=Strict and SameSite=Lax. That is, we no longer treat SameSite= or
+ SameSite=<some garbage value> as SameSite=Strict.
+
+ MacOS Mojave does not have the fix for <rdar://problem/42290578> and so we land expected failure results.
+
+ * http/tests/cookies/same-site/fetch-after-navigating-iframe-in-cross-origin-page-expected.txt:
+ * http/tests/cookies/same-site/fetch-after-top-level-cross-origin-redirect-expected.txt:
+ * http/tests/cookies/same-site/fetch-after-top-level-navigation-from-cross-origin-page-expected.txt:
+ * http/tests/cookies/same-site/fetch-after-top-level-navigation-initiated-from-iframe-in-cross-origin-page-expected.txt:
+ * http/tests/cookies/same-site/fetch-in-cross-origin-service-worker-expected.txt:
+ * http/tests/cookies/same-site/popup-cross-site-post.html:
+ * http/tests/cookies/same-site/popup-cross-site.html:
+ * http/tests/cookies/same-site/popup-same-site-via-cross-site-redirect.html:
+ * http/tests/cookies/same-site/resources/fetch-after-navigating-iframe-in-cross-origin-page.php:
+ * http/tests/cookies/same-site/resources/fetch-after-top-level-cross-origin-redirect.php:
+ * http/tests/cookies/same-site/resources/fetch-after-top-level-navigation-from-cross-origin-page.php:
+ * http/tests/cookies/same-site/resources/fetch-after-top-level-navigation-initiated-from-iframe-in-cross-origin-page.php:
+ * http/tests/cookies/same-site/resources/fetch-in-cross-origin-service-worker.html:
+ * platform/ios-12/http/tests/cookies/same-site/fetch-after-navigating-iframe-in-cross-origin-page-expected.txt: Removed.
+ * platform/ios-12/http/tests/cookies/same-site/fetch-after-top-level-cross-origin-redirect-expected.txt: Removed.
+ * platform/ios-12/http/tests/cookies/same-site/fetch-after-top-level-navigation-from-cross-origin-page-expected.txt: Removed.
+ * platform/ios-12/http/tests/cookies/same-site/fetch-after-top-level-navigation-initiated-from-iframe-in-cross-origin-page-expected.txt: Removed.
+ * platform/ios-12/http/tests/cookies/same-site/fetch-in-cross-origin-service-worker-expected.txt: Removed.
+ * platform/ios-12/http/tests/cookies/same-site/popup-cross-site-expected.txt: Removed.
+ * platform/ios-12/http/tests/cookies/same-site/popup-cross-site-post-expected.txt: Removed.
+ * platform/ios-12/http/tests/cookies/same-site/popup-same-site-via-cross-site-redirect-expected.txt: Removed.
+ * platform/ios/http/tests/cookies/same-site/fetch-after-navigating-iframe-in-cross-origin-page-expected.txt: Removed.
+ * platform/ios/http/tests/cookies/same-site/fetch-after-top-level-cross-origin-redirect-expected.txt: Removed.
+ * platform/ios/http/tests/cookies/same-site/fetch-after-top-level-navigation-from-cross-origin-page-expected.txt: Removed.
+ * platform/ios/http/tests/cookies/same-site/fetch-after-top-level-navigation-initiated-from-iframe-in-cross-origin-page-expected.txt: Removed.
+ * platform/ios/http/tests/cookies/same-site/fetch-in-cross-origin-service-worker-expected.txt: Removed.
+ * platform/ios/http/tests/cookies/same-site/popup-cross-site-expected.txt: Removed.
+ * platform/ios/http/tests/cookies/same-site/popup-cross-site-post-expected.txt: Removed.
+ * platform/ios/http/tests/cookies/same-site/popup-same-site-via-cross-site-redirect-expected.txt: Removed.
+ * platform/mac-mojave/http/tests/cookies/same-site/fetch-after-navigating-iframe-in-cross-origin-page-expected.txt:
+ * platform/mac-mojave/http/tests/cookies/same-site/fetch-after-top-level-cross-origin-redirect-expected.txt:
+ * platform/mac-mojave/http/tests/cookies/same-site/fetch-after-top-level-navigation-from-cross-origin-page-expected.txt:
+ * platform/mac-mojave/http/tests/cookies/same-site/fetch-after-top-level-navigation-initiated-from-iframe-in-cross-origin-page-expected.txt:
+ * platform/mac-mojave/http/tests/cookies/same-site/fetch-in-cross-origin-service-worker-expected.txt:
+ * platform/mac-mojave/http/tests/cookies/same-site/popup-cross-site-expected.txt:
+ * platform/mac-mojave/http/tests/cookies/same-site/popup-cross-site-post-expected.txt:
+ * platform/mac-mojave/http/tests/cookies/same-site/popup-same-site-via-cross-site-redirect-expected.txt:
+ * platform/mac/http/tests/cookies/same-site/fetch-after-navigating-iframe-in-cross-origin-page-expected.txt: Removed.
+ * platform/mac/http/tests/cookies/same-site/fetch-after-top-level-cross-origin-redirect-expected.txt: Removed.
+ * platform/mac/http/tests/cookies/same-site/fetch-after-top-level-navigation-from-cross-origin-page-expected.txt: Removed.
+ * platform/mac/http/tests/cookies/same-site/fetch-after-top-level-navigation-initiated-from-iframe-in-cross-origin-page-expected.txt: Removed.
+ * platform/mac/http/tests/cookies/same-site/fetch-in-cross-origin-service-worker-expected.txt: Removed.
+ * platform/mac/http/tests/cookies/same-site/popup-cross-site-expected.txt: Removed.
+ * platform/mac/http/tests/cookies/same-site/popup-cross-site-post-expected.txt: Removed.
+ * platform/mac/http/tests/cookies/same-site/popup-same-site-via-cross-site-redirect-expected.txt: Removed.
+
2019-11-06 Truitt Savell <tsavell@apple.com>
Unreviewed, rolling out r252138.
Cookies sent with HTTP request:
PASS Do not have cookie "strict".
-PASS Do not have cookie "implicit-strict".
-PASS Do not have cookie "strict-because-invalid-SameSite-value".
+PASS Has cookie "implicit-strict" with value 6.
+PASS Has cookie "strict-because-invalid-SameSite-value" with value 6.
PASS Do not have cookie "lax".
Cookies visible in DOM:
PASS Do not have DOM cookie "strict".
-PASS Do not have DOM cookie "implicit-strict".
-PASS Do not have DOM cookie "strict-because-invalid-SameSite-value".
+PASS Has DOM cookie "implicit-strict" with value 6.
+PASS Has DOM cookie "strict-because-invalid-SameSite-value" with value 6.
PASS Do not have DOM cookie "lax".
PASS successfullyParsed is true
Cookies sent with HTTP request:
PASS Do not have cookie "strict".
-PASS Do not have cookie "implicit-strict".
-PASS Do not have cookie "strict-because-invalid-SameSite-value".
+PASS Has cookie "implicit-strict" with value 19.
+PASS Has cookie "strict-because-invalid-SameSite-value" with value 19.
PASS Has cookie "lax" with value 19.
Cookies visible in DOM:
PASS Do not have DOM cookie "strict".
-PASS Do not have DOM cookie "implicit-strict".
-PASS Do not have DOM cookie "strict-because-invalid-SameSite-value".
+PASS Has DOM cookie "implicit-strict" with value 19.
+PASS Has DOM cookie "strict-because-invalid-SameSite-value" with value 19.
PASS Has DOM cookie "lax" with value 19.
PASS successfullyParsed is true
Cookies sent with HTTP request:
PASS Do not have cookie "strict".
-PASS Do not have cookie "implicit-strict".
-PASS Do not have cookie "strict-because-invalid-SameSite-value".
+PASS Has cookie "implicit-strict" with value 5.
+PASS Has cookie "strict-because-invalid-SameSite-value" with value 5.
PASS Has cookie "lax" with value 5.
Cookies visible in DOM:
PASS Do not have DOM cookie "strict".
-PASS Do not have DOM cookie "implicit-strict".
-PASS Do not have DOM cookie "strict-because-invalid-SameSite-value".
+PASS Has DOM cookie "implicit-strict" with value 5.
+PASS Has DOM cookie "strict-because-invalid-SameSite-value" with value 5.
PASS Has DOM cookie "lax" with value 5.
PASS successfullyParsed is true
Cookies sent with HTTP request:
PASS Do not have cookie "strict".
-PASS Do not have cookie "implicit-strict".
-PASS Do not have cookie "strict-because-invalid-SameSite-value".
+PASS Has cookie "implicit-strict" with value 4.
+PASS Has cookie "strict-because-invalid-SameSite-value" with value 4.
PASS Has cookie "lax" with value 4.
Cookies visible in DOM:
PASS Do not have DOM cookie "strict".
-PASS Do not have DOM cookie "implicit-strict".
-PASS Do not have DOM cookie "strict-because-invalid-SameSite-value".
+PASS Has DOM cookie "implicit-strict" with value 4.
+PASS Has DOM cookie "strict-because-invalid-SameSite-value" with value 4.
PASS Has DOM cookie "lax" with value 4.
PASS successfullyParsed is true
Cookies sent with HTTP request:
PASS Do not have cookie "strict".
-PASS Do not have cookie "implicit-strict".
-PASS Do not have cookie "strict-because-invalid-SameSite-value".
+PASS Has cookie "implicit-strict" with value 10.
+PASS Has cookie "strict-because-invalid-SameSite-value" with value 10.
PASS Do not have cookie "lax".
Cookies visible in DOM:
async_test(t => {
window.addEventListener("message", t.step_func_done(e => {
assert_equals(e.data.http[STRICT_DOM], undefined, "strict");
- assert_equals(e.data.http[IMPLICIT_STRICT_DOM], undefined, "implicit-strict");
- assert_equals(e.data.http[STRICT_BECAUSE_INVALID_SAMESITE_VALUE], undefined, "strict-because-invalid-SameSite-value");
+ assert_equals(e.data.http[IMPLICIT_STRICT_DOM], "1", "implicit-strict");
+ assert_equals(e.data.http[STRICT_BECAUSE_INVALID_SAMESITE_VALUE], "1", "strict-because-invalid-SameSite-value");
assert_equals(e.data.http[LAX_DOM], undefined, "lax");
assert_equals(e.data.http[NORMAL_DOM], "1", "normal");
- assert_equals(normalizeCookie(e.data.document), normalizeCookie(LAX_DOM + "=1; " + NORMAL_DOM + "=1"));
+ assert_equals(normalizeCookie(e.data.document), normalizeCookie(IMPLICIT_STRICT_DOM + "=1; " + LAX_DOM + "=1; " + NORMAL_DOM + "=1; " + STRICT_BECAUSE_INVALID_SAMESITE_VALUE + "=1"));
e.source.close();
}));
var i = window.open("http://127.0.0.1:8000/cookies/resources/post-cookies-to-opener.php");
window.addEventListener("message", t.step_func_done(e => {
assert_equals(e.data.http[STRICT_DOM], undefined, "strict");
- assert_equals(e.data.http[IMPLICIT_STRICT_DOM], undefined, "implicit-strict");
- assert_equals(e.data.http[STRICT_BECAUSE_INVALID_SAMESITE_VALUE], undefined, "strict-because-invalid-SameSite-value");
+ assert_equals(e.data.http[IMPLICIT_STRICT_DOM], "1", "implicit-strict");
+ assert_equals(e.data.http[STRICT_BECAUSE_INVALID_SAMESITE_VALUE], "1", "strict-because-invalid-SameSite-value");
assert_equals(e.data.http[LAX_DOM], "1", "lax");
assert_equals(e.data.http[NORMAL_DOM], "1", "normal");
- assert_equals(normalizeCookie(e.data.document), normalizeCookie(LAX_DOM + "=1; " + NORMAL_DOM + "=1"));
+ assert_equals(normalizeCookie(e.data.document), normalizeCookie(IMPLICIT_STRICT_DOM + "=1; " + LAX_DOM + "=1; " + NORMAL_DOM + "=1; " + STRICT_BECAUSE_INVALID_SAMESITE_VALUE + "=1"));
}));
}, "'127.0.0.1' is not same-site with 'localhost', so strict samesite cookies are not sent.");
}
window.addEventListener("message", t.step_func_done(e => {
assert_equals(e.data.http[STRICT_DOM], undefined, "strict");
- assert_equals(e.data.http[IMPLICIT_STRICT_DOM], undefined, "implicit-strict");
- assert_equals(e.data.http[STRICT_BECAUSE_INVALID_SAMESITE_VALUE], undefined, "strict-because-invalid-SameSite-value");
+ assert_equals(e.data.http[IMPLICIT_STRICT_DOM], "1", "implicit-strict");
+ assert_equals(e.data.http[STRICT_BECAUSE_INVALID_SAMESITE_VALUE], "1", "strict-because-invalid-SameSite-value");
assert_equals(e.data.http[LAX_DOM], "1", "lax");
assert_equals(e.data.http[NORMAL_DOM], "1", "normal");
- assert_equals(normalizeCookie(e.data.document), normalizeCookie(LAX_DOM + "=1; " + NORMAL_DOM + "=1"));
+ assert_equals(normalizeCookie(e.data.document), normalizeCookie(IMPLICIT_STRICT_DOM + "=1; " + LAX_DOM + "=1; " + NORMAL_DOM + "=1; " + STRICT_BECAUSE_INVALID_SAMESITE_VALUE + "=1"));
}));
var i = window.open("http://localhost:8000/resources/redirect.php?url=http://127.0.0.1:8000/cookies/resources/post-cookies-to-opener.php");
{
debug("Cookies sent with HTTP request:");
await shouldNotHaveCookie("strict");
- await shouldNotHaveCookie("implicit-strict");
- await shouldNotHaveCookie("strict-because-invalid-SameSite-value");
+ await shouldHaveCookieWithValue("implicit-strict", "6");
+ await shouldHaveCookieWithValue("strict-because-invalid-SameSite-value", "6");
await shouldNotHaveCookie("lax");
debug("<br>Cookies visible in DOM:");
shouldNotHaveDOMCookie("strict");
- shouldNotHaveDOMCookie("implicit-strict");
- shouldNotHaveDOMCookie("strict-because-invalid-SameSite-value");
+ shouldHaveDOMCookieWithValue("implicit-strict", "6");
+ shouldHaveDOMCookieWithValue("strict-because-invalid-SameSite-value", "6");
shouldNotHaveDOMCookie("lax");
await resetCookies();
{
debug("Cookies sent with HTTP request:");
await shouldNotHaveCookie("strict");
- await shouldNotHaveCookie("implicit-strict");
- await shouldNotHaveCookie("strict-because-invalid-SameSite-value");
+ await shouldHaveCookieWithValue("implicit-strict", "19");
+ await shouldHaveCookieWithValue("strict-because-invalid-SameSite-value", "19");
await shouldHaveCookieWithValue("lax", "19");
debug("<br>Cookies visible in DOM:");
shouldNotHaveDOMCookie("strict");
- shouldNotHaveDOMCookie("implicit-strict");
- shouldNotHaveDOMCookie("strict-because-invalid-SameSite-value");
+ shouldHaveDOMCookieWithValue("implicit-strict", "19");
+ shouldHaveDOMCookieWithValue("strict-because-invalid-SameSite-value", "19");
shouldHaveDOMCookieWithValue("lax", "19");
await resetCookies();
{
debug("Cookies sent with HTTP request:");
await shouldNotHaveCookie("strict");
- await shouldNotHaveCookie("implicit-strict");
- await shouldNotHaveCookie("strict-because-invalid-SameSite-value");
+ await shouldHaveCookieWithValue("implicit-strict", "5");
+ await shouldHaveCookieWithValue("strict-because-invalid-SameSite-value", "5");
await shouldHaveCookieWithValue("lax", "5");
debug("<br>Cookies visible in DOM:");
shouldNotHaveDOMCookie("strict");
- shouldNotHaveDOMCookie("implicit-strict");
- shouldNotHaveDOMCookie("strict-because-invalid-SameSite-value");
+ shouldHaveDOMCookieWithValue("implicit-strict", "5");
+ shouldHaveDOMCookieWithValue("strict-because-invalid-SameSite-value", "5");
shouldHaveDOMCookieWithValue("lax", "5");
await resetCookies();
{
debug("Cookies sent with HTTP request:");
await shouldNotHaveCookie("strict");
- await shouldNotHaveCookie("implicit-strict");
- await shouldNotHaveCookie("strict-because-invalid-SameSite-value");
+ await shouldHaveCookieWithValue("implicit-strict", "4");
+ await shouldHaveCookieWithValue("strict-because-invalid-SameSite-value", "4");
await shouldHaveCookieWithValue("lax", "4");
debug("<br>Cookies visible in DOM:");
shouldNotHaveDOMCookie("strict");
- shouldNotHaveDOMCookie("implicit-strict");
- shouldNotHaveDOMCookie("strict-because-invalid-SameSite-value");
+ shouldHaveDOMCookieWithValue("implicit-strict", "4");
+ shouldHaveDOMCookieWithValue("strict-because-invalid-SameSite-value", "4");
shouldHaveDOMCookieWithValue("lax", "4");
await resetCookies();
debug("Cookies sent with HTTP request:");
await shouldNotHaveCookie("strict");
- await shouldNotHaveCookie("implicit-strict");
- await shouldNotHaveCookie("strict-because-invalid-SameSite-value");
+ await shouldHaveCookieWithValue("implicit-strict", "10"); // Behaves like a non-SameSite cookie
+ await shouldHaveCookieWithValue("strict-because-invalid-SameSite-value", "10"); // Behaves like a non-SameSite cookie
await shouldNotHaveCookie("lax");
debug("<br>Cookies visible in DOM:");
+++ /dev/null
-
-
---------
-Frame: '<!--frame1-->'
---------
-Tests that Same-Site cookies for 127.0.0.1 are not sent with a frame navigation for a frame embedded in a page with a different origin.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-Cookies sent with HTTP request:
-PASS Do not have cookie "strict".
-PASS Do not have cookie "implicit-strict".
-PASS Do not have cookie "strict-because-invalid-SameSite-value".
-PASS Do not have cookie "lax".
-
-Cookies visible in DOM:
-PASS Do not have DOM cookie "strict".
-PASS Do not have DOM cookie "implicit-strict".
-PASS Do not have DOM cookie "strict-because-invalid-SameSite-value".
-PASS Do not have DOM cookie "lax".
-PASS successfullyParsed is true
-
-TEST COMPLETE
-
+++ /dev/null
-Tests that a SameSite Lax cookie for 127.0.0.1 is sent with a redirect from a page with a different origin.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-Cookies sent with HTTP request:
-PASS Do not have cookie "strict".
-PASS Do not have cookie "implicit-strict".
-PASS Do not have cookie "strict-because-invalid-SameSite-value".
-PASS Has cookie "lax" with value 19.
-
-Cookies visible in DOM:
-PASS Do not have DOM cookie "strict".
-PASS Do not have DOM cookie "implicit-strict".
-PASS Do not have DOM cookie "strict-because-invalid-SameSite-value".
-PASS Has DOM cookie "lax" with value 19.
-PASS successfullyParsed is true
-
-TEST COMPLETE
-
+++ /dev/null
-Tests that a SameSite Lax cookie for 127.0.0.1 is sent with a top-level navigation initiated from a page with a different origin.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-Cookies sent with HTTP request:
-PASS Do not have cookie "strict".
-PASS Do not have cookie "implicit-strict".
-PASS Do not have cookie "strict-because-invalid-SameSite-value".
-PASS Has cookie "lax" with value 5.
-
-Cookies visible in DOM:
-PASS Do not have DOM cookie "strict".
-PASS Do not have DOM cookie "implicit-strict".
-PASS Do not have DOM cookie "strict-because-invalid-SameSite-value".
-PASS Has DOM cookie "lax" with value 5.
-PASS successfullyParsed is true
-
-TEST COMPLETE
-
+++ /dev/null
-Tests that a SameSite Lax cookie for 127.0.0.1 is sent with a top-level navigation initiated from a frame embedded in a page with a different origin.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-Cookies sent with HTTP request:
-PASS Do not have cookie "strict".
-PASS Do not have cookie "implicit-strict".
-PASS Do not have cookie "strict-because-invalid-SameSite-value".
-PASS Has cookie "lax" with value 4.
-
-Cookies visible in DOM:
-PASS Do not have DOM cookie "strict".
-PASS Do not have DOM cookie "implicit-strict".
-PASS Do not have DOM cookie "strict-because-invalid-SameSite-value".
-PASS Has DOM cookie "lax" with value 4.
-PASS successfullyParsed is true
-
-TEST COMPLETE
-
+++ /dev/null
-
-
---------
-Frame: '<!--frame1-->'
---------
-Tests that Same-Site cookies for 127.0.0.1 are not sent with a request initiated from an iframe- and processed by a service worker- with a different origin.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-Cookies sent with HTTP request:
-PASS Do not have cookie "strict".
-PASS Do not have cookie "implicit-strict".
-PASS Do not have cookie "strict-because-invalid-SameSite-value".
-PASS Do not have cookie "lax".
-
-Cookies visible in DOM:
-PASS Do not have DOM cookie "strict".
-PASS Do not have DOM cookie "implicit-strict".
-PASS Do not have DOM cookie "strict-because-invalid-SameSite-value".
-PASS Do not have DOM cookie "lax".
-PASS successfullyParsed is true
-
-TEST COMPLETE
-
+++ /dev/null
-
-PASS '127.0.0.1' is not same-site with 'localhost', so strict samesite cookies are not sent.
-
+++ /dev/null
-
-PASS '127.0.0.1' is not same-site with 'localhost', so samesite cookies are not sent via POST.
-
+++ /dev/null
-
-PASS '127.0.0.1' is same-site with itself, so samesite cookies are sent.
-
+++ /dev/null
-
-
---------
-Frame: '<!--frame1-->'
---------
-Tests that Same-Site cookies for 127.0.0.1 are not sent with a frame navigation for a frame embedded in a page with a different origin.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-Cookies sent with HTTP request:
-PASS Do not have cookie "strict".
-FAIL Should not have cookie "implicit-strict". But do with value 6.
-FAIL Should not have cookie "strict-because-invalid-SameSite-value". But do with value 6.
-PASS Do not have cookie "lax".
-
-Cookies visible in DOM:
-PASS Do not have DOM cookie "strict".
-FAIL Should not have DOM cookie "implicit-strict". But do with value 6.
-FAIL Should not have DOM cookie "strict-because-invalid-SameSite-value". But do with value 6.
-PASS Do not have DOM cookie "lax".
-PASS successfullyParsed is true
-Some tests failed.
-
-TEST COMPLETE
-
+++ /dev/null
-Tests that a SameSite Lax cookie for 127.0.0.1 is sent with a redirect from a page with a different origin.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-Cookies sent with HTTP request:
-PASS Do not have cookie "strict".
-FAIL Should not have cookie "implicit-strict". But do with value 19.
-FAIL Should not have cookie "strict-because-invalid-SameSite-value". But do with value 19.
-PASS Has cookie "lax" with value 19.
-
-Cookies visible in DOM:
-PASS Do not have DOM cookie "strict".
-FAIL Should not have DOM cookie "implicit-strict". But do with value 19.
-FAIL Should not have DOM cookie "strict-because-invalid-SameSite-value". But do with value 19.
-PASS Has DOM cookie "lax" with value 19.
-PASS successfullyParsed is true
-Some tests failed.
-
-TEST COMPLETE
-
+++ /dev/null
-Tests that a SameSite Lax cookie for 127.0.0.1 is sent with a top-level navigation initiated from a page with a different origin.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-Cookies sent with HTTP request:
-PASS Do not have cookie "strict".
-FAIL Should not have cookie "implicit-strict". But do with value 5.
-FAIL Should not have cookie "strict-because-invalid-SameSite-value". But do with value 5.
-PASS Has cookie "lax" with value 5.
-
-Cookies visible in DOM:
-PASS Do not have DOM cookie "strict".
-FAIL Should not have DOM cookie "implicit-strict". But do with value 5.
-FAIL Should not have DOM cookie "strict-because-invalid-SameSite-value". But do with value 5.
-PASS Has DOM cookie "lax" with value 5.
-PASS successfullyParsed is true
-Some tests failed.
-
-TEST COMPLETE
-
+++ /dev/null
-Tests that a SameSite Lax cookie for 127.0.0.1 is sent with a top-level navigation initiated from a frame embedded in a page with a different origin.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-Cookies sent with HTTP request:
-PASS Do not have cookie "strict".
-FAIL Should not have cookie "implicit-strict". But do with value 4.
-FAIL Should not have cookie "strict-because-invalid-SameSite-value". But do with value 4.
-PASS Has cookie "lax" with value 4.
-
-Cookies visible in DOM:
-PASS Do not have DOM cookie "strict".
-FAIL Should not have DOM cookie "implicit-strict". But do with value 4.
-FAIL Should not have DOM cookie "strict-because-invalid-SameSite-value". But do with value 4.
-PASS Has DOM cookie "lax" with value 4.
-PASS successfullyParsed is true
-Some tests failed.
-
-TEST COMPLETE
-
+++ /dev/null
-
-
---------
-Frame: '<!--frame1-->'
---------
-Tests that Same-Site cookies for 127.0.0.1 are not sent with a request initiated from an iframe- and processed by a service worker- with a different origin.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-Cookies sent with HTTP request:
-PASS Do not have cookie "strict".
-FAIL Should not have cookie "implicit-strict". But do with value 10.
-FAIL Should not have cookie "strict-because-invalid-SameSite-value". But do with value 10.
-PASS Do not have cookie "lax".
-
-Cookies visible in DOM:
-PASS Do not have DOM cookie "strict".
-PASS Do not have DOM cookie "implicit-strict".
-PASS Do not have DOM cookie "strict-because-invalid-SameSite-value".
-PASS Do not have DOM cookie "lax".
-PASS successfullyParsed is true
-Some tests failed.
-
-TEST COMPLETE
-
+++ /dev/null
-
-FAIL '127.0.0.1' is not same-site with 'localhost', so strict samesite cookies are not sent. assert_equals: implicit-strict expected (undefined) undefined but got (string) "1"
-
+++ /dev/null
-
-FAIL '127.0.0.1' is not same-site with 'localhost', so samesite cookies are not sent via POST. assert_equals: implicit-strict expected (undefined) undefined but got (string) "1"
-
+++ /dev/null
-
-FAIL '127.0.0.1' is same-site with itself, so samesite cookies are sent. assert_equals: implicit-strict expected (undefined) undefined but got (string) "1"
-
Cookies sent with HTTP request:
PASS Do not have cookie "strict".
-PASS Do not have cookie "implicit-strict".
-PASS Do not have cookie "strict-because-invalid-SameSite-value".
+FAIL Should have cookie "implicit-strict". But do not.
+FAIL Should have cookie "strict-because-invalid-SameSite-value". But do not.
PASS Do not have cookie "lax".
Cookies visible in DOM:
PASS Do not have DOM cookie "strict".
-PASS Do not have DOM cookie "implicit-strict".
-PASS Do not have DOM cookie "strict-because-invalid-SameSite-value".
+FAIL Should have DOM cookie "implicit-strict". But do not.
+FAIL Should have DOM cookie "strict-because-invalid-SameSite-value". But do not.
PASS Do not have DOM cookie "lax".
PASS successfullyParsed is true
+Some tests failed.
TEST COMPLETE
Cookies sent with HTTP request:
PASS Do not have cookie "strict".
-PASS Do not have cookie "implicit-strict".
-PASS Do not have cookie "strict-because-invalid-SameSite-value".
+FAIL Should have cookie "implicit-strict". But do not.
+FAIL Should have cookie "strict-because-invalid-SameSite-value". But do not.
PASS Has cookie "lax" with value 19.
Cookies visible in DOM:
PASS Do not have DOM cookie "strict".
-PASS Do not have DOM cookie "implicit-strict".
-PASS Do not have DOM cookie "strict-because-invalid-SameSite-value".
+FAIL Should have DOM cookie "implicit-strict". But do not.
+FAIL Should have DOM cookie "strict-because-invalid-SameSite-value". But do not.
PASS Has DOM cookie "lax" with value 19.
PASS successfullyParsed is true
+Some tests failed.
TEST COMPLETE
Cookies sent with HTTP request:
PASS Do not have cookie "strict".
-PASS Do not have cookie "implicit-strict".
-PASS Do not have cookie "strict-because-invalid-SameSite-value".
+FAIL Should have cookie "implicit-strict". But do not.
+FAIL Should have cookie "strict-because-invalid-SameSite-value". But do not.
PASS Has cookie "lax" with value 5.
Cookies visible in DOM:
PASS Do not have DOM cookie "strict".
-PASS Do not have DOM cookie "implicit-strict".
-PASS Do not have DOM cookie "strict-because-invalid-SameSite-value".
+FAIL Should have DOM cookie "implicit-strict". But do not.
+FAIL Should have DOM cookie "strict-because-invalid-SameSite-value". But do not.
PASS Has DOM cookie "lax" with value 5.
PASS successfullyParsed is true
+Some tests failed.
TEST COMPLETE
Cookies sent with HTTP request:
PASS Do not have cookie "strict".
-PASS Do not have cookie "implicit-strict".
-PASS Do not have cookie "strict-because-invalid-SameSite-value".
+FAIL Should have cookie "implicit-strict". But do not.
+FAIL Should have cookie "strict-because-invalid-SameSite-value". But do not.
PASS Has cookie "lax" with value 4.
Cookies visible in DOM:
PASS Do not have DOM cookie "strict".
-PASS Do not have DOM cookie "implicit-strict".
-PASS Do not have DOM cookie "strict-because-invalid-SameSite-value".
+FAIL Should have DOM cookie "implicit-strict". But do not.
+FAIL Should have DOM cookie "strict-because-invalid-SameSite-value". But do not.
PASS Has DOM cookie "lax" with value 4.
PASS successfullyParsed is true
+Some tests failed.
TEST COMPLETE
Cookies sent with HTTP request:
PASS Do not have cookie "strict".
-PASS Do not have cookie "implicit-strict".
-PASS Do not have cookie "strict-because-invalid-SameSite-value".
+FAIL Should have cookie "implicit-strict". But do not.
+FAIL Should have cookie "strict-because-invalid-SameSite-value". But do not.
PASS Do not have cookie "lax".
Cookies visible in DOM:
PASS Do not have DOM cookie "strict-because-invalid-SameSite-value".
PASS Do not have DOM cookie "lax".
PASS successfullyParsed is true
+Some tests failed.
TEST COMPLETE
-PASS '127.0.0.1' is not same-site with 'localhost', so strict samesite cookies are not sent.
+FAIL '127.0.0.1' is not same-site with 'localhost', so strict samesite cookies are not sent. assert_equals: implicit-strict expected (string) "1" but got (undefined) undefined
-PASS '127.0.0.1' is not same-site with 'localhost', so samesite cookies are not sent via POST.
+FAIL '127.0.0.1' is not same-site with 'localhost', so samesite cookies are not sent via POST. assert_equals: implicit-strict expected (string) "1" but got (undefined) undefined
-PASS '127.0.0.1' is same-site with itself, so samesite cookies are sent.
+FAIL '127.0.0.1' is same-site with itself, so samesite cookies are sent. assert_equals: implicit-strict expected (string) "1" but got (undefined) undefined
+++ /dev/null
-
-
---------
-Frame: '<!--frame1-->'
---------
-Tests that Same-Site cookies for 127.0.0.1 are not sent with a frame navigation for a frame embedded in a page with a different origin.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-Cookies sent with HTTP request:
-PASS Do not have cookie "strict".
-FAIL Should not have cookie "implicit-strict". But do with value 6.
-FAIL Should not have cookie "strict-because-invalid-SameSite-value". But do with value 6.
-PASS Do not have cookie "lax".
-
-Cookies visible in DOM:
-PASS Do not have DOM cookie "strict".
-FAIL Should not have DOM cookie "implicit-strict". But do with value 6.
-FAIL Should not have DOM cookie "strict-because-invalid-SameSite-value". But do with value 6.
-PASS Do not have DOM cookie "lax".
-PASS successfullyParsed is true
-Some tests failed.
-
-TEST COMPLETE
-
+++ /dev/null
-Tests that a SameSite Lax cookie for 127.0.0.1 is sent with a redirect from a page with a different origin.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-Cookies sent with HTTP request:
-PASS Do not have cookie "strict".
-FAIL Should not have cookie "implicit-strict". But do with value 19.
-FAIL Should not have cookie "strict-because-invalid-SameSite-value". But do with value 19.
-PASS Has cookie "lax" with value 19.
-
-Cookies visible in DOM:
-PASS Do not have DOM cookie "strict".
-FAIL Should not have DOM cookie "implicit-strict". But do with value 19.
-FAIL Should not have DOM cookie "strict-because-invalid-SameSite-value". But do with value 19.
-PASS Has DOM cookie "lax" with value 19.
-PASS successfullyParsed is true
-Some tests failed.
-
-TEST COMPLETE
-
+++ /dev/null
-Tests that a SameSite Lax cookie for 127.0.0.1 is sent with a top-level navigation initiated from a page with a different origin.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-Cookies sent with HTTP request:
-PASS Do not have cookie "strict".
-FAIL Should not have cookie "implicit-strict". But do with value 5.
-FAIL Should not have cookie "strict-because-invalid-SameSite-value". But do with value 5.
-PASS Has cookie "lax" with value 5.
-
-Cookies visible in DOM:
-PASS Do not have DOM cookie "strict".
-FAIL Should not have DOM cookie "implicit-strict". But do with value 5.
-FAIL Should not have DOM cookie "strict-because-invalid-SameSite-value". But do with value 5.
-PASS Has DOM cookie "lax" with value 5.
-PASS successfullyParsed is true
-Some tests failed.
-
-TEST COMPLETE
-
+++ /dev/null
-Tests that a SameSite Lax cookie for 127.0.0.1 is sent with a top-level navigation initiated from a frame embedded in a page with a different origin.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-Cookies sent with HTTP request:
-PASS Do not have cookie "strict".
-FAIL Should not have cookie "implicit-strict". But do with value 4.
-FAIL Should not have cookie "strict-because-invalid-SameSite-value". But do with value 4.
-PASS Has cookie "lax" with value 4.
-
-Cookies visible in DOM:
-PASS Do not have DOM cookie "strict".
-FAIL Should not have DOM cookie "implicit-strict". But do with value 4.
-FAIL Should not have DOM cookie "strict-because-invalid-SameSite-value". But do with value 4.
-PASS Has DOM cookie "lax" with value 4.
-PASS successfullyParsed is true
-Some tests failed.
-
-TEST COMPLETE
-
+++ /dev/null
-
-
---------
-Frame: '<!--frame1-->'
---------
-Tests that Same-Site cookies for 127.0.0.1 are not sent with a request initiated from an iframe- and processed by a service worker- with a different origin.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-Cookies sent with HTTP request:
-PASS Do not have cookie "strict".
-FAIL Should not have cookie "implicit-strict". But do with value 10.
-FAIL Should not have cookie "strict-because-invalid-SameSite-value". But do with value 10.
-PASS Do not have cookie "lax".
-
-Cookies visible in DOM:
-PASS Do not have DOM cookie "strict".
-PASS Do not have DOM cookie "implicit-strict".
-PASS Do not have DOM cookie "strict-because-invalid-SameSite-value".
-PASS Do not have DOM cookie "lax".
-PASS successfullyParsed is true
-Some tests failed.
-
-TEST COMPLETE
-
+++ /dev/null
-
-FAIL '127.0.0.1' is not same-site with 'localhost', so strict samesite cookies are not sent. assert_equals: implicit-strict expected (undefined) undefined but got (string) "1"
-
+++ /dev/null
-
-FAIL '127.0.0.1' is not same-site with 'localhost', so samesite cookies are not sent via POST. assert_equals: implicit-strict expected (undefined) undefined but got (string) "1"
-
+++ /dev/null
-
-FAIL '127.0.0.1' is same-site with itself, so samesite cookies are sent. assert_equals: implicit-strict expected (undefined) undefined but got (string) "1"
-
git://git.webkit.org / WebKit-https.git / commitdiff