diff --git a/content/browser/cache_storage/cache_storage.proto b/content/browser/cache_storage/cache_storage.proto index 4b3af9dcc637ff..87fedf7158e057 100644 --- a/content/browser/cache_storage/cache_storage.proto +++ b/content/browser/cache_storage/cache_storage.proto @@ -58,6 +58,7 @@ message CacheResponse { optional string request_method = 14; optional int64 padding = 15; optional int64 side_data_padding = 16; + optional bool request_include_credentials = 17; } message CacheMetadata { diff --git a/content/browser/cache_storage/cache_storage_cache_unittest.cc b/content/browser/cache_storage/cache_storage_cache_unittest.cc index 59351884c5bf9e..5a44f4025babce 100644 --- a/content/browser/cache_storage/cache_storage_cache_unittest.cc +++ b/content/browser/cache_storage/cache_storage_cache_unittest.cc @@ -680,7 +680,8 @@ class CacheStorageCacheTest : public testing::Test { net::HttpResponseInfo::CONNECTION_INFO_UNKNOWN, /*alpn_negotiated_protocol=*/"unknown", /*was_fetched_via_spdy=*/false, /*has_range_requested=*/false, - /*auth_challenge_info=*/absl::nullopt); + /*auth_challenge_info=*/absl::nullopt, + /*request_include_credentials=*/true); } void CopySideDataToResponse(const std::string& uuid, diff --git a/content/browser/cache_storage/cache_storage_dispatcher_host.cc b/content/browser/cache_storage/cache_storage_dispatcher_host.cc index f99fa3e364a051..208a4b222c109f 100644 --- a/content/browser/cache_storage/cache_storage_dispatcher_host.cc +++ b/content/browser/cache_storage/cache_storage_dispatcher_host.cc @@ -152,7 +152,8 @@ bool ResponseBlockedByCrossOriginResourcePolicy( response->url_list.back(), response->url_list.front(), document_origin, corp_header_value, RequestMode::kNoCors, document_origin, network::mojom::RequestDestination::kEmpty, - document_coep, coep_reporter ? coep_reporter.get() : nullptr) + response->request_include_credentials, document_coep, + coep_reporter ? coep_reporter.get() : nullptr) .has_value(); } diff --git a/content/browser/cache_storage/cache_storage_manager_unittest.cc b/content/browser/cache_storage/cache_storage_manager_unittest.cc index 0ae00fc5f2acc7..3a440027c08aa8 100644 --- a/content/browser/cache_storage/cache_storage_manager_unittest.cc +++ b/content/browser/cache_storage/cache_storage_manager_unittest.cc @@ -653,7 +653,8 @@ class CacheStorageManagerTest : public testing::Test { net::HttpResponseInfo::CONNECTION_INFO_UNKNOWN, /*alpn_negotiated_protocol=*/"unknown", /*was_fetched_via_spdy=*/false, /*has_range_requested=*/false, - /*auth_challenge_info=*/absl::nullopt); + /*auth_challenge_info=*/absl::nullopt, + /*request_include_credentials=*/true); blink::mojom::BatchOperationPtr operation = blink::mojom::BatchOperation::New(); diff --git a/content/browser/cache_storage/legacy/legacy_cache_storage_cache.cc b/content/browser/cache_storage/legacy/legacy_cache_storage_cache.cc index d14ef4085c4247..be3a378607edc2 100644 --- a/content/browser/cache_storage/legacy/legacy_cache_storage_cache.cc +++ b/content/browser/cache_storage/legacy/legacy_cache_storage_cache.cc @@ -441,6 +441,11 @@ blink::mojom::FetchAPIResponsePtr CreateResponse( padding = storage::ComputeRandomResponsePadding(); } + bool request_include_credentials = + metadata.response().has_request_include_credentials() + ? metadata.response().request_include_credentials() + : true; + // Note that |has_range_requested| can be safely set to false since it only // affects HTTP 206 (Partial) responses, which are blocked from cache storage. // See https://fetch.spec.whatwg.org/#main-fetch for usage of @@ -462,7 +467,8 @@ blink::mojom::FetchAPIResponsePtr CreateResponse( static_cast( metadata.response().connection_info()), alpn_negotiated_protocol, metadata.response().was_fetched_via_spdy(), - /*has_range_requested=*/false, /*auth_challenge_info=*/absl::nullopt); + /*has_range_requested=*/false, /*auth_challenge_info=*/absl::nullopt, + request_include_credentials); } int64_t CalculateSideDataPadding( @@ -1929,6 +1935,8 @@ void LegacyCacheStorageCache::PutDidCreateEntry( storage_key_, response_metadata, put_context->side_data_blob_size); } response_metadata->set_side_data_padding(side_data_padding); + response_metadata->set_request_include_credentials( + put_context->response->request_include_credentials); // Get a temporary copy of the entry pointer before passing it in base::Bind. disk_cache::Entry* temp_entry_ptr = put_context->cache_entry.get(); diff --git a/content/common/background_fetch/background_fetch_types.cc b/content/common/background_fetch/background_fetch_types.cc index 499e4ee2f5f1df..8a4561e5704d22 100644 --- a/content/common/background_fetch/background_fetch_types.cc +++ b/content/common/background_fetch/background_fetch_types.cc @@ -41,7 +41,8 @@ blink::mojom::FetchAPIResponsePtr BackgroundFetchSettledFetch::CloneResponse( CloneSerializedBlob(response->side_data_blob_for_cache_put), mojo::Clone(response->parsed_headers), response->connection_info, response->alpn_negotiated_protocol, response->was_fetched_via_spdy, - response->has_range_requested, response->auth_challenge_info); + response->has_range_requested, response->auth_challenge_info, + response->request_include_credentials); } // static diff --git a/services/network/public/cpp/cross_origin_resource_policy.cc b/services/network/public/cpp/cross_origin_resource_policy.cc index 8b71b1bb58bbae..f3472a19edde57 100644 --- a/services/network/public/cpp/cross_origin_resource_policy.cc +++ b/services/network/public/cpp/cross_origin_resource_policy.cc @@ -140,6 +140,7 @@ absl::optional IsBlockedInternal( const absl::optional& request_initiator, mojom::RequestMode request_mode, absl::optional request_initiator_origin_lock, + bool request_include_credentials, mojom::CrossOriginEmbedderPolicyValue embedder_policy) { // Browser-initiated requests are not subject to Cross-Origin-Resource-Policy. if (!request_initiator.has_value()) { @@ -153,11 +154,21 @@ absl::optional IsBlockedInternal( return absl::nullopt; } - bool require_corp = - embedder_policy == mojom::CrossOriginEmbedderPolicyValue::kRequireCorp || - (embedder_policy == - mojom::CrossOriginEmbedderPolicyValue::kCredentialless && - request_mode == mojom::RequestMode::kNavigate); + bool require_corp; + switch (embedder_policy) { + case mojom::CrossOriginEmbedderPolicyValue::kNone: + require_corp = false; + break; + + case mojom::CrossOriginEmbedderPolicyValue::kCredentialless: + require_corp = request_mode == mojom::RequestMode::kNavigate || + request_include_credentials; + break; + + case mojom::CrossOriginEmbedderPolicyValue::kRequireCorp: + require_corp = true; + break; + } // COEP https://mikewest.github.io/corpp/#corp-check bool upgrade_to_same_origin = false; @@ -222,6 +233,7 @@ absl::optional IsBlockedInternalWithReporting( mojom::RequestMode request_mode, absl::optional request_initiator_origin_lock, mojom::RequestDestination request_destination, + bool request_include_credentials, const CrossOriginEmbedderPolicy& embedder_policy, mojom::CrossOriginEmbedderPolicyReporter* reporter) { constexpr auto kBlockedDueToCoep = mojom::BlockedByResponseReason:: @@ -231,7 +243,8 @@ absl::optional IsBlockedInternalWithReporting( reporter) { const auto result = IsBlockedInternal( policy, request_url, request_initiator, request_mode, - request_initiator_origin_lock, embedder_policy.report_only_value); + request_initiator_origin_lock, request_include_credentials, + embedder_policy.report_only_value); UMA_HISTOGRAM_ENUMERATION( "NetworkService.CrossOriginResourcePolicy.ReportOnlyResult", ToCorpResult(result)); @@ -249,7 +262,8 @@ absl::optional IsBlockedInternalWithReporting( const auto result = IsBlockedInternal(policy, request_url, request_initiator, request_mode, - request_initiator_origin_lock, embedder_policy.value); + request_initiator_origin_lock, + request_include_credentials, embedder_policy.value); UMA_HISTOGRAM_ENUMERATION("NetworkService.CrossOriginResourcePolicy.Result", ToCorpResult(result)); if (reporter && @@ -296,8 +310,8 @@ CrossOriginResourcePolicy::IsBlocked( return IsBlockedInternalWithReporting( policy, request_url, original_url, request_initiator, request_mode, - request_initiator_origin_lock, request_destination, embedder_policy, - reporter); + request_initiator_origin_lock, request_destination, + response.request_include_credentials, embedder_policy, reporter); } // static @@ -310,6 +324,7 @@ CrossOriginResourcePolicy::IsBlockedByHeaderValue( mojom::RequestMode request_mode, absl::optional request_initiator_origin_lock, mojom::RequestDestination request_destination, + bool request_include_credentials, const CrossOriginEmbedderPolicy& embedder_policy, mojom::CrossOriginEmbedderPolicyReporter* reporter) { // From https://fetch.spec.whatwg.org/#cross-origin-resource-policy-header: @@ -321,8 +336,8 @@ CrossOriginResourcePolicy::IsBlockedByHeaderValue( return IsBlockedInternalWithReporting( policy, request_url, original_url, request_initiator, request_mode, - request_initiator_origin_lock, request_destination, embedder_policy, - reporter); + request_initiator_origin_lock, request_destination, + request_include_credentials, embedder_policy, reporter); } // static @@ -342,7 +357,8 @@ CrossOriginResourcePolicy::IsNavigationBlocked( return IsBlockedInternalWithReporting( policy, request_url, original_url, request_initiator, mojom::RequestMode::kNavigate, request_initiator_origin_lock, - request_destination, embedder_policy, reporter); + request_destination, response.request_include_credentials, + embedder_policy, reporter); } // static diff --git a/services/network/public/cpp/cross_origin_resource_policy.h b/services/network/public/cpp/cross_origin_resource_policy.h index db1d67aeb89519..a32df339f9883c 100644 --- a/services/network/public/cpp/cross_origin_resource_policy.h +++ b/services/network/public/cpp/cross_origin_resource_policy.h @@ -60,6 +60,7 @@ class COMPONENT_EXPORT(NETWORK_CPP) CrossOriginResourcePolicy { mojom::RequestMode request_mode, absl::optional request_initiator_origin_lock, mojom::RequestDestination request_destination, + bool request_include_credentials, const CrossOriginEmbedderPolicy& embedder_policy, mojom::CrossOriginEmbedderPolicyReporter* reporter) WARN_UNUSED_RESULT; diff --git a/services/network/public/mojom/url_response_head.mojom b/services/network/public/mojom/url_response_head.mojom index 13401ebfb86d95..9518e7892e9539 100644 --- a/services/network/public/mojom/url_response_head.mojom +++ b/services/network/public/mojom/url_response_head.mojom @@ -235,4 +235,9 @@ struct URLResponseHead { // covered by the wildcard in the preflight response. // TODO(crbug.com/1176753): Remove this once the investigation is done. bool has_authorization_covered_by_wildcard_on_preflight = false; + + // The request's |includeCredentials| value from the "HTTP-network fetch" + // algorithm. + // See: https://fetch.spec.whatwg.org/#concept-http-network-fetch + bool request_include_credentials = true; }; diff --git a/services/network/url_loader.cc b/services/network/url_loader.cc index 9f5850c6870b4d..7a57ebfa417b8a 100644 --- a/services/network/url_loader.cc +++ b/services/network/url_loader.cc @@ -159,6 +159,7 @@ void PopulateResourceResponse(net::URLRequest* request, response->has_range_requested = request->extra_request_headers().HasHeader( net::HttpRequestHeaders::kRange); response->dns_aliases = request->response_info().dns_aliases; + response->request_include_credentials = request->allow_credentials(); } // A subclass of net::UploadBytesElementReader which owns @@ -1141,7 +1142,6 @@ void URLLoader::OnReceivedRedirect(net::URLRequest* url_request, DCHECK(!deferred_redirect_url_); deferred_redirect_url_ = std::make_unique(redirect_info.new_url); - SetRequestCredentials(redirect_info.new_url); // Send the redirect response to the client, allowing them to inspect it and // optionally follow the redirect. @@ -1191,6 +1191,8 @@ void URLLoader::OnReceivedRedirect(net::URLRequest* url_request, return; } + SetRequestCredentials(redirect_info.new_url); + // We may need to clear out old Sec- prefixed request headers. We'll attempt // to do this before we re-add any. MaybeRemoveSecHeaders(url_request_.get(), redirect_info.new_url); diff --git a/third_party/blink/public/mojom/fetch/fetch_api_response.mojom b/third_party/blink/public/mojom/fetch/fetch_api_response.mojom index 7d169ec828fcfb..a65b71f0a7f321 100644 --- a/third_party/blink/public/mojom/fetch/fetch_api_response.mojom +++ b/third_party/blink/public/mojom/fetch/fetch_api_response.mojom @@ -104,4 +104,9 @@ struct FetchAPIResponse { // Information related to an authentication challenge from the response, if // there was one. network.mojom.AuthChallengeInfo? auth_challenge_info; + + // The request's |includeCredentials| value from the "HTTP-network fetch" + // algorithm. + // See: https://fetch.spec.whatwg.org/#concept-http-network-fetch + bool request_include_credentials = true; }; diff --git a/third_party/blink/public/platform/web_url_response.h b/third_party/blink/public/platform/web_url_response.h index f650a0bfea2682..9a65a93589cfa6 100644 --- a/third_party/blink/public/platform/web_url_response.h +++ b/third_party/blink/public/platform/web_url_response.h @@ -351,6 +351,12 @@ class WebURLResponse { BLINK_PLATFORM_EXPORT const absl::optional& AuthChallengeInfo() const; + // The request's |includeCredentials| value from the "HTTP-network fetch" + // algorithm. + // See: https://fetch.spec.whatwg.org/#concept-http-network-fetch + BLINK_PLATFORM_EXPORT void SetRequestIncludeCredentials(bool); + BLINK_PLATFORM_EXPORT bool RequestIncludeCredentials() const; + #if INSIDE_BLINK protected: // Permit subclasses to set arbitrary ResourceResponse pointer as diff --git a/third_party/blink/renderer/core/fetch/fetch_response_data.cc b/third_party/blink/renderer/core/fetch/fetch_response_data.cc index 35c2aa55b267ca..6cd2613e35402e 100644 --- a/third_party/blink/renderer/core/fetch/fetch_response_data.cc +++ b/third_party/blink/renderer/core/fetch/fetch_response_data.cc @@ -174,6 +174,11 @@ String FetchResponseData::InternalMIMEType() const { return mime_type_; } +bool FetchResponseData::RequestIncludeCredentials() const { + return internal_response_ ? internal_response_->RequestIncludeCredentials() + : request_include_credentials_; +} + void FetchResponseData::SetURLList(const Vector& url_list) { url_list_ = url_list; } @@ -208,6 +213,7 @@ FetchResponseData* FetchResponseData::Clone(ScriptState* script_state, new_response->alpn_negotiated_protocol_ = alpn_negotiated_protocol_; new_response->was_fetched_via_spdy_ = was_fetched_via_spdy_; new_response->has_range_requested_ = has_range_requested_; + new_response->request_include_credentials_ = request_include_credentials_; if (auth_challenge_info_) { new_response->auth_challenge_info_ = std::make_unique(*auth_challenge_info_); @@ -286,6 +292,7 @@ mojom::blink::FetchAPIResponsePtr FetchResponseData::PopulateFetchAPIResponse( response->alpn_negotiated_protocol = alpn_negotiated_protocol_; response->was_fetched_via_spdy = was_fetched_via_spdy_; response->has_range_requested = has_range_requested_; + response->request_include_credentials = request_include_credentials_; for (const auto& header : HeaderList()->List()) response->headers.insert(header.first, header.second); response->parsed_headers = ParseHeaders( @@ -367,6 +374,7 @@ void FetchResponseData::InitFromResourceResponse( } SetAuthChallengeInfo(response.AuthChallengeInfo()); + SetRequestIncludeCredentials(response.RequestIncludeCredentials()); } FetchResponseData::FetchResponseData(Type type, @@ -393,6 +401,12 @@ void FetchResponseData::SetAuthChallengeInfo( } } +void FetchResponseData::SetRequestIncludeCredentials( + bool request_include_credentials) { + DCHECK(!internal_response_); + request_include_credentials_ = request_include_credentials; +} + void FetchResponseData::ReplaceBodyStreamBuffer(BodyStreamBuffer* buffer) { if (type_ == Type::kBasic || type_ == Type::kCors) { DCHECK(internal_response_); diff --git a/third_party/blink/renderer/core/fetch/fetch_response_data.h b/third_party/blink/renderer/core/fetch/fetch_response_data.h index d5e11918daff3e..cf9488130c5444 100644 --- a/third_party/blink/renderer/core/fetch/fetch_response_data.h +++ b/third_party/blink/renderer/core/fetch/fetch_response_data.h @@ -84,6 +84,7 @@ class CORE_EXPORT FetchResponseData final return cors_exposed_header_names_; } bool HasRangeRequested() const { return has_range_requested_; } + bool RequestIncludeCredentials() const; int64_t GetPadding() const { return padding_; } void SetPadding(int64_t padding) { padding_ = padding; } @@ -126,6 +127,7 @@ class CORE_EXPORT FetchResponseData final } void SetAuthChallengeInfo( const absl::optional& auth_challenge_info); + void SetRequestIncludeCredentials(bool request_include_credentials); // If the type is Default, replaces |buffer_|. // If the type is Basic or CORS, replaces |buffer_| and @@ -172,6 +174,11 @@ class CORE_EXPORT FetchResponseData final // |because this member is empty in most cases. std::unique_ptr auth_challenge_info_; + // The request's |includeCredentials| value from the "HTTP-network fetch" + // algorithm. + // See: https://fetch.spec.whatwg.org/#concept-http-network-fetch + bool request_include_credentials_ = true; + DISALLOW_COPY_AND_ASSIGN(FetchResponseData); }; diff --git a/third_party/blink/renderer/core/fetch/response.cc b/third_party/blink/renderer/core/fetch/response.cc index e2ce5c1ddd5e01..f1e45a35d3a592 100644 --- a/third_party/blink/renderer/core/fetch/response.cc +++ b/third_party/blink/renderer/core/fetch/response.cc @@ -390,6 +390,8 @@ FetchResponseData* Response::CreateUnfilteredFetchResponseDataWithoutBody( WTF::AtomicString(fetch_api_response.alpn_negotiated_protocol)); response->SetWasFetchedViaSpdy(fetch_api_response.was_fetched_via_spdy); response->SetHasRangeRequested(fetch_api_response.has_range_requested); + response->SetRequestIncludeCredentials( + fetch_api_response.request_include_credentials); for (const auto& header : fetch_api_response.headers) response->HeaderList()->Append(header.key, header.value); diff --git a/third_party/blink/renderer/modules/service_worker/cross_origin_resource_policy_checker.cc b/third_party/blink/renderer/modules/service_worker/cross_origin_resource_policy_checker.cc index 992f3a5e05032d..48f38bfa586642 100644 --- a/third_party/blink/renderer/modules/service_worker/cross_origin_resource_policy_checker.cc +++ b/third_party/blink/renderer/modules/service_worker/cross_origin_resource_policy_checker.cc @@ -42,7 +42,8 @@ bool CrossOriginResourcePolicyChecker::IsBlocked( response.InternalURLList().back(), response.InternalURLList().front(), initiator_origin, corp_header_value, request_mode, initiator_origin, - request_destination, policy_, + request_destination, + response.GetResponse()->RequestIncludeCredentials(), policy_, reporter_ ? reporter_.get() : nullptr) .has_value(); } diff --git a/third_party/blink/renderer/platform/exported/web_url_response.cc b/third_party/blink/renderer/platform/exported/web_url_response.cc index a67bba839ef554..9b3b99fe1e2bf5 100644 --- a/third_party/blink/renderer/platform/exported/web_url_response.cc +++ b/third_party/blink/renderer/platform/exported/web_url_response.cc @@ -550,6 +550,15 @@ WebURLResponse::AuthChallengeInfo() const { return resource_response_->AuthChallengeInfo(); } +void WebURLResponse::SetRequestIncludeCredentials( + bool request_include_credentials) { + resource_response_->SetRequestIncludeCredentials(request_include_credentials); +} + +bool WebURLResponse::RequestIncludeCredentials() const { + return resource_response_->RequestIncludeCredentials(); +} + WebURLResponse::WebURLResponse(ResourceResponse& r) : resource_response_(&r) {} } // namespace blink diff --git a/third_party/blink/renderer/platform/loader/fetch/resource_response.h b/third_party/blink/renderer/platform/loader/fetch/resource_response.h index 2cd78afb977410..e0f59772d3c15a 100644 --- a/third_party/blink/renderer/platform/loader/fetch/resource_response.h +++ b/third_party/blink/renderer/platform/loader/fetch/resource_response.h @@ -520,6 +520,13 @@ class PLATFORM_EXPORT ResourceResponse final { auth_challenge_info_ = value; } + bool RequestIncludeCredentials() const { + return request_include_credentials_; + } + void SetRequestIncludeCredentials(bool request_include_credentials) { + request_include_credentials_ = request_include_credentials; + } + private: void UpdateHeaderParsedState(const AtomicString& name); @@ -710,6 +717,11 @@ class PLATFORM_EXPORT ResourceResponse final { KURL web_bundle_url_; absl::optional auth_challenge_info_; + + // The request's |includeCredentials| value from the "HTTP-network fetch" + // algorithm. + // See: https://fetch.spec.whatwg.org/#concept-http-network-fetch + bool request_include_credentials_ = true; }; } // namespace blink diff --git a/third_party/blink/renderer/platform/loader/fetch/url_loader/web_url_loader.cc b/third_party/blink/renderer/platform/loader/fetch/url_loader/web_url_loader.cc index a398790e443a73..bdecf8ae261769 100644 --- a/third_party/blink/renderer/platform/loader/fetch/url_loader/web_url_loader.cc +++ b/third_party/blink/renderer/platform/loader/fetch/url_loader/web_url_loader.cc @@ -893,6 +893,7 @@ void WebURLLoader::PopulateURLResponse( } response->SetAuthChallengeInfo(head.auth_challenge_info); + response->SetRequestIncludeCredentials(head.request_include_credentials); const net::HttpResponseHeaders* headers = head.headers.get(); if (!headers) diff --git a/third_party/blink/web_tests/external/wpt/html/cross-origin-embedder-policy/credentialless/cache-storage.tentative.https_document-expected.txt b/third_party/blink/web_tests/external/wpt/html/cross-origin-embedder-policy/credentialless/cache-storage.tentative.https_document-expected.txt deleted file mode 100644 index 3e62207655b8d8..00000000000000 --- a/third_party/blink/web_tests/external/wpt/html/cross-origin-embedder-policy/credentialless/cache-storage.tentative.https_document-expected.txt +++ /dev/null @@ -1,17 +0,0 @@ -This is a testharness.js-based test. -PASS [document] unsafe-none => unsafe-none -FAIL [document] unsafe-none => credentialless assert_equals: expected "error" but got "retrieved" -PASS [document] unsafe-none => credentialless (omit) -PASS [document] unsafe-none => credentialless + CORP -PASS [document] unsafe-none => require-corp -PASS [document] unsafe-none => require-corp (omit) -PASS [document] unsafe-none => require-corp + CORP -PASS [document] credentialless => unsafe-none -PASS [document] credentialless => credentialless -PASS [document] credentialless => require-corp -PASS [document] credentialless => require-corp + CORP -PASS [document] require_corp => unsafe-none -PASS [document] require_corp => credentialless -PASS [document] require_corp => require-corp -Harness: the test ran to completion. - diff --git a/third_party/blink/web_tests/external/wpt/html/cross-origin-embedder-policy/credentialless/cache-storage.tentative.https_service_worker-expected.txt b/third_party/blink/web_tests/external/wpt/html/cross-origin-embedder-policy/credentialless/cache-storage.tentative.https_service_worker-expected.txt deleted file mode 100644 index ebf65050082279..00000000000000 --- a/third_party/blink/web_tests/external/wpt/html/cross-origin-embedder-policy/credentialless/cache-storage.tentative.https_service_worker-expected.txt +++ /dev/null @@ -1,17 +0,0 @@ -This is a testharness.js-based test. -PASS [service_worker] unsafe-none => unsafe-none -FAIL [service_worker] unsafe-none => credentialless assert_equals: expected "error" but got "retrieved" -PASS [service_worker] unsafe-none => credentialless (omit) -PASS [service_worker] unsafe-none => credentialless + CORP -PASS [service_worker] unsafe-none => require-corp -PASS [service_worker] unsafe-none => require-corp (omit) -PASS [service_worker] unsafe-none => require-corp + CORP -PASS [service_worker] credentialless => unsafe-none -PASS [service_worker] credentialless => credentialless -PASS [service_worker] credentialless => require-corp -PASS [service_worker] credentialless => require-corp + CORP -PASS [service_worker] require_corp => unsafe-none -PASS [service_worker] require_corp => credentialless -PASS [service_worker] require_corp => require-corp -Harness: the test ran to completion. - diff --git a/third_party/blink/web_tests/virtual/plz-dedicated-worker/external/wpt/html/cross-origin-embedder-policy/credentialless/cache-storage.tentative.https_dedicated_worker-expected.txt b/third_party/blink/web_tests/virtual/plz-dedicated-worker/external/wpt/html/cross-origin-embedder-policy/credentialless/cache-storage.tentative.https_dedicated_worker-expected.txt index 2217e4589f8854..a4269f98902b83 100644 --- a/third_party/blink/web_tests/virtual/plz-dedicated-worker/external/wpt/html/cross-origin-embedder-policy/credentialless/cache-storage.tentative.https_dedicated_worker-expected.txt +++ b/third_party/blink/web_tests/virtual/plz-dedicated-worker/external/wpt/html/cross-origin-embedder-policy/credentialless/cache-storage.tentative.https_dedicated_worker-expected.txt @@ -1,13 +1,13 @@ This is a testharness.js-based test. PASS [dedicated_worker] unsafe-none => unsafe-none -FAIL [dedicated_worker] unsafe-none => credentialless assert_equals: expected "error" but got "retrieved" +PASS [dedicated_worker] unsafe-none => credentialless PASS [dedicated_worker] unsafe-none => credentialless (omit) PASS [dedicated_worker] unsafe-none => credentialless + CORP PASS [dedicated_worker] unsafe-none => require-corp PASS [dedicated_worker] unsafe-none => require-corp (omit) PASS [dedicated_worker] unsafe-none => require-corp + CORP PASS [dedicated_worker] credentialless => unsafe-none -PASS [dedicated_worker] credentialless => credentialless +FAIL [dedicated_worker] credentialless => credentialless assert_equals: expected "retrieved" but got "error" PASS [dedicated_worker] credentialless => require-corp PASS [dedicated_worker] credentialless => require-corp + CORP PASS [dedicated_worker] require_corp => unsafe-none diff --git a/third_party/blink/web_tests/virtual/plz-dedicated-worker/external/wpt/html/cross-origin-embedder-policy/credentialless/shared-worker.tentative.https-expected.txt b/third_party/blink/web_tests/virtual/plz-dedicated-worker/external/wpt/html/cross-origin-embedder-policy/credentialless/shared-worker.tentative.https-expected.txt deleted file mode 100644 index 19699d99f224b2..00000000000000 --- a/third_party/blink/web_tests/virtual/plz-dedicated-worker/external/wpt/html/cross-origin-embedder-policy/credentialless/shared-worker.tentative.https-expected.txt +++ /dev/null @@ -1,8 +0,0 @@ -This is a testharness.js-based test. -PASS shared-worker -PASS fetch same-origin -PASS fetch same-origin + credentialless worker -PASS fetch cross-origin -FAIL fetch cross-origin + credentialless worker assert_equals: coep:none => expected (undefined) undefined but got (string) "cross_origin" -Harness: the test ran to completion. -