Skip to content

Commit c78a4e6

Browse files
xiaochen-zchromium-wpt-export-bot
authored andcommitted
[Connection-Allowlist] Enforce for speculation rules prerender
- The prerendering navigation request already correctly sets the initiator frame token. The Connection Allowlist(CA) check in navigation request enforces according to the initiator frame's CA. - Add browser test and WPT. - Add browser test for kPrerender2FallbackPrefetchSpecRules feature. When enabled, a fallback prefetch request is created for speculation rules prerender. The fallback prefetch is also checked by CA. About CA: https://github.com/WICG/connection-allowlists Bug: 447954811, 492462315 Change-Id: I3f14f25d03c9d72eec5a652246769b6e4be36cae
1 parent 2897041 commit c78a4e6

2 files changed

Lines changed: 58 additions & 0 deletions

File tree

Lines changed: 56 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,56 @@
1+
// META: script=/common/get-host-info.sub.js
2+
// META: script=/common/utils.js
3+
// META: script=/common/dispatcher/dispatcher.js
4+
// META: script=/speculation-rules/prefetch/resources/utils.sub.js
5+
// META: script=resources/utils.js
6+
// META: timeout=long
7+
8+
const port = get_host_info().HTTPS_PORT_ELIDED;
9+
const SUCCESS = true;
10+
const FAILURE = false;
11+
12+
function prerender_test(origin, expectation) {
13+
promise_test(
14+
async t => {
15+
const key = token();
16+
const value = 'hello';
17+
const params = new URLSearchParams();
18+
params.set('key', key);
19+
params.set('value', value);
20+
21+
const url = `${origin}${STORE_URL}?${params.toString()}`;
22+
insertSpeculationRules({
23+
prerender: [{source: 'list', urls: [url], eagerness: 'immediate'}]
24+
});
25+
26+
if (expectation === SUCCESS) {
27+
const result = await nextValueFromServer(key);
28+
assert_equals(result, value);
29+
} else {
30+
const result = await Promise.race([
31+
new Promise(r => t.step_timeout(r, 1000)), nextValueFromServer(key)
32+
]);
33+
assert_true(typeof result === 'undefined');
34+
}
35+
},
36+
`Prerender to ${origin} ${
37+
expectation === SUCCESS ? 'succeeds' : 'fails'}.`);
38+
}
39+
40+
// Note: SpeculationRules API currently does not support cross-site prerender.
41+
// Only same-site prerender is tested. See crbug.com/1176054.
42+
const test_cases = [
43+
// Page loads originate from `http://hosts[][]`; prerendering this origin
44+
// succeeds, while subdomains fail except `https://{{hosts[][www1]}}` which is
45+
// allowed by the allowlist.
46+
{origin: 'https://{{hosts[][]}}' + port, expectation: SUCCESS},
47+
{origin: 'https://{{hosts[][www]}}' + port, expectation: FAILURE},
48+
{origin: 'https://{{hosts[][www1]}}' + port, expectation: SUCCESS},
49+
{origin: 'https://{{hosts[][www2]}}' + port, expectation: FAILURE},
50+
{origin: 'https://{{hosts[][天気の良い日]}}' + port, expectation: FAILURE},
51+
{origin: 'https://{{hosts[][élève]}}' + port, expectation: FAILURE},
52+
];
53+
54+
for (let i = 0; i < test_cases.length; i++) {
55+
prerender_test(test_cases[i].origin, test_cases[i].expectation);
56+
}
Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
2+
Connection-Allowlist: (response-origin "*://{{hosts[][www1]}}:*" "*://*:*/*\\?*&ignore-allowlist=true*")

0 commit comments

Comments
 (0)