Update some domain tests to follow latest 6265bis update.

Also, add a few more tests inspired by bingler@'s GitHub comments. Previously, the cookie spec left an empty domain attribute as undefined behavior with SHOULD-level guidance. httpwg/http-extensions#1709 changes the spec to require handling of a cookie as a host cookie when its last domain attribute is empty. This matches the current behavior of Firefox and Safari. See httpwg/http-extensions#1332 for more discussion. Change-Id: Ibf4f243c929b11768ff406e940d6988a37434754 Bug: 1255273 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3203692 Reviewed-by: Steven Bingler <[email protected]> Commit-Queue: Mike Taylor <[email protected]> Cr-Commit-Position: refs/heads/main@{#931471}
blueboxd · Oct 14, 2021 · 3813959 · 3813959
1 parent 57b07c3
commit 3813959
Show file tree

Hide file tree

Showing 3 changed files with 176 additions and 2 deletions.
diff --git a/third_party/blink/web_tests/external/wpt/cookies/attributes/resources/domain-child.sub.html b/third_party/blink/web_tests/external/wpt/cookies/attributes/resources/domain-child.sub.html
@@ -310,8 +310,8 @@
         },
         {
           cookie: `test=42; domain=${www1Host}; domain=`,
-          expected: "",
-          name: "No cookie returned for domain mismatch (with domain mismatch as first domain attribute and second a bare attribute)",
+          expected: "test=42",
+          name: "Cookie returned for bare domain attribute following mismatched domain attribute (after redirect to same-origin page).",
           location: `http://${wwwHost}:${port}/cookies/attributes/resources/path.html`,
         },
         {
@@ -332,6 +332,60 @@
           name: "Cookies with same name, path, and domain (differing only in leading '.') overwrite each other ('.' first)",
           location: `http://${wwwHost}:${port}/cookies/attributes/resources/path.html`,
         },
+        {
+          cookie: `test=46; domain=.`,
+          expected: "",
+          name: "No cookie returned for domain with single dot ('.') value.",
+          location: `http://${wwwHost}:${port}/cookies/attributes/resources/path.html`,
+        },
+        {
+          cookie: `test=46b; domain=.`,
+          expected: "",
+          name: "No cookie returned with single dot ('.') domain value (aka host-cookie) on non-host subdomain redirect",
+          location: `http://${www2wwwHost}:${port}/cookies/attributes/resources/path.html`,
+        },
+        {
+          cookie: `test=46c; domain=.; domain=${host}`,
+          expected: "test=46c",
+          name: "Return cookie with valid domain after domain with single dot ('.') value.",
+          location: `http://${wwwHost}:${port}/cookies/attributes/resources/path.html`,
+        },
+        {
+          cookie: ["test=47", `test=47b; domain=${host}`,`test=47b; domain=${www1Host}; domain=`],
+          expected: "test=47b; test=47b",
+          name: "Empty domain treated as host cookie 1",
+          location: `http://${wwwHost}:${port}/cookies/attributes/resources/path.html`,
+        },
+        {
+          cookie: ["test=48", `test=48b; domain=${host}`,`test=48b; domain=${host}; domain=`],
+          expected: "test=48b; test=48b",
+          name: "Empty domain treated as host cookie 2",
+          location: `http://${wwwHost}:${port}/cookies/attributes/resources/path.html`,
+        },
+        {
+          cookie: ["test=49", `test=49b; domain=${host}`,`test=49b; domain=`],
+          expected: "test=49b; test=49b",
+          name: "Empty domain treated as host cookie 3",
+          location: `http://${wwwHost}:${port}/cookies/attributes/resources/path.html`,
+        },
+        {
+          cookie: ["test=50", `test=50b; domain=${host}`,`test=50b; domain=${www1Host}; domain=`],
+          expected: "test=50b",
+          name: "No host cookies returned for host cookies after non-host redirect 1",
+          location: `http://${www2wwwHost}:${port}/cookies/attributes/resources/path.html`,
+        },
+        {
+          cookie: ["test=51", `test=51b; domain=${host}`,`test=51b; domain=${host}; domain=`],
+          expected: "test=51b",
+          name: "No host cookies returned for host cookies after non-host redirect 2",
+          location: `http://${www2wwwHost}:${port}/cookies/attributes/resources/path.html`,
+        },
+        {
+          cookie: ["test=52", `test=52b; domain=${host}`,`test=52b; domain=`],
+          expected: "test=52b",
+          name: "No host cookies returned for host cookies after non-host redirect 3",
+          location: `http://${www2wwwHost}:${port}/cookies/attributes/resources/path.html`,
+        },
       ];
 
       for (const test of domainTests) {

diff --git a/...arty/blink/web_tests/platform/mac/external/wpt/cookies/attributes/domain.sub-expected.txt b/...arty/blink/web_tests/platform/mac/external/wpt/cookies/attributes/domain.sub-expected.txt
@@ -0,0 +1,60 @@
+This is a testharness.js-based test.
+Found 56 tests; 53 PASS, 3 FAIL, 0 TIMEOUT, 0 NOTRUN.
+PASS Test cookie domain attribute parsing
+PASS Return cookie for a domain match
+PASS No cookie returned for domain mismatch (subdomains differ post-redirect)
+PASS Return cookie for a domain match with leading '.'
+PASS Return cookie for domain match (domain attribute is suffix of the host name and first level subdomain)
+PASS Return cookie for domain match (domain attribute is suffix of the host name and first level subdomain, with leading '.')
+PASS No cookie returned for domain mismatch (subdomains differ, with leading '.')
+PASS No cookie returned for domain mismatch when cookie was created (which would match after the redirect, with one subdomain level)
+PASS Return cookie for domain match (domain attribute is suffix of the host name, with leading '.')
+PASS Return cookie for domain match (domain attribute is suffix of the host name)
+PASS No cookie returned for domain attribute with double leading '.'
+PASS No cookie returned for domain attribute with subdomain followed by ..
+PASS Return cookie for a domain match with leading whitespace and '.'
+PASS No cookie returned for domain attribute with whitespace that surrounds a leading '.'
+PASS No cookie returned for domain attribute with trailing '.'
+PASS No cookie returned for domain attribute with trailing '..'
+PASS No cookie returned for domain attribute with trailing whitespace and '.'
+PASS No cookie returned for domain attribute with TLD as value
+PASS No cookie returned for domain attribute with TLD as value, with leading '.'
+PASS No cookie returned for domain attribute with TLD as value, with leading and trailing '.'
+PASS Return multiple cookies that match on domain (without and with leading '.')
+PASS Return multiple cookies that match on domain (with and without leading '.')
+PASS No cookie returned for domain attribute value between quotes
+PASS Return multiple cookies that match on subdomain and domain (without and with leading '.')
+PASS Return multiple cookies that match on domain and subdomain (with and without leading '.')
+PASS No cookie returned when domain attribute does not domain-match (and first does)
+PASS Return cookie for domain attribute match (first does not, but second does)
+PASS Return cookie for domain match (with bizarre capitalization for domain attribute value)
+PASS No cookie returned for domain attribute value with port
+PASS No cookie returned for domain mismatch when cookie was created (which would match after the redirect, with two subdomain levels)
+PASS No cookie returned for cookie set on different domain (with no domain attribute)
+PASS Return cookie set with bare domain= attribute
+PASS Return cookie that domain-matches with bizarre-cased URL
+PASS No cookie returned for domain attribute mismatch (first attribute matches, but second does not)
+PASS Return cookie for domain match (first attribute doesn't, but second does)
+PASS Return cookie for domain match (first attribute matches, second doesn't, third does)
+PASS No cookie returned for domain attribute mismatch (first attribute doesn't, second does, third doesn't)
+PASS Return cookie for domain match (with two identical domain attributes)
+PASS Return cookie for domain match (with first domain attribute a match for host name and second as suffix of host name)
+PASS Return cookie for domain match (with first domain attribute as suffix of host name and second a match for host name)
+PASS No cookie set on domain mismatch before a (domain matching) redirect
+PASS No cookie set on domain mismatch before a (domain matching) redirect (for second level subdomain)
+PASS Return cookie for domain match (with first domain attribute as suffix of host name and second a bare attribute)
+FAIL Cookie returned for bare domain attribute following mismatched domain attribute (after redirect to same-origin page). assert_equals: The cookie was set as expected. expected "test=42" but got ""
+PASS No cookie returned for domain mismatch (first attribute is a different subdomain and second is bare)
+PASS Cookies with same name, path, and domain (differing only in leading '.') overwrite each other ('.' second)
+PASS Cookies with same name, path, and domain (differing only in leading '.') overwrite each other ('.' first)
+PASS No cookie returned for domain with single dot ('.') value.
+PASS No cookie returned with single dot ('.') domain value (aka host-cookie) on non-host subdomain redirect
+PASS Return cookie with valid domain after domain with single dot ('.') value.
+FAIL Empty domain treated as host cookie 1 assert_equals: The cookie was set as expected. expected "test=47b; test=47b" but got "test=47; test=47b"
+FAIL Empty domain treated as host cookie 2 assert_equals: The cookie was set as expected. expected "test=48b; test=48b" but got "test=48; test=48b"
+PASS Empty domain treated as host cookie 3
+PASS No host cookies returned for host cookies after non-host redirect 1
+PASS No host cookies returned for host cookies after non-host redirect 2
+PASS No host cookies returned for host cookies after non-host redirect 3
+Harness: the test ran to completion.
+
diff --git a/...m/mac/virtual/schemeful-same-site/external/wpt/cookies/attributes/domain.sub-expected.txt b/...m/mac/virtual/schemeful-same-site/external/wpt/cookies/attributes/domain.sub-expected.txt
@@ -0,0 +1,60 @@
+This is a testharness.js-based test.
+Found 56 tests; 53 PASS, 3 FAIL, 0 TIMEOUT, 0 NOTRUN.
+PASS Test cookie domain attribute parsing
+PASS Return cookie for a domain match
+PASS No cookie returned for domain mismatch (subdomains differ post-redirect)
+PASS Return cookie for a domain match with leading '.'
+PASS Return cookie for domain match (domain attribute is suffix of the host name and first level subdomain)
+PASS Return cookie for domain match (domain attribute is suffix of the host name and first level subdomain, with leading '.')
+PASS No cookie returned for domain mismatch (subdomains differ, with leading '.')
+PASS No cookie returned for domain mismatch when cookie was created (which would match after the redirect, with one subdomain level)
+PASS Return cookie for domain match (domain attribute is suffix of the host name, with leading '.')
+PASS Return cookie for domain match (domain attribute is suffix of the host name)
+PASS No cookie returned for domain attribute with double leading '.'
+PASS No cookie returned for domain attribute with subdomain followed by ..
+PASS Return cookie for a domain match with leading whitespace and '.'
+PASS No cookie returned for domain attribute with whitespace that surrounds a leading '.'
+PASS No cookie returned for domain attribute with trailing '.'
+PASS No cookie returned for domain attribute with trailing '..'
+PASS No cookie returned for domain attribute with trailing whitespace and '.'
+PASS No cookie returned for domain attribute with TLD as value
+PASS No cookie returned for domain attribute with TLD as value, with leading '.'
+PASS No cookie returned for domain attribute with TLD as value, with leading and trailing '.'
+PASS Return multiple cookies that match on domain (without and with leading '.')
+PASS Return multiple cookies that match on domain (with and without leading '.')
+PASS No cookie returned for domain attribute value between quotes
+PASS Return multiple cookies that match on subdomain and domain (without and with leading '.')
+PASS Return multiple cookies that match on domain and subdomain (with and without leading '.')
+PASS No cookie returned when domain attribute does not domain-match (and first does)
+PASS Return cookie for domain attribute match (first does not, but second does)
+PASS Return cookie for domain match (with bizarre capitalization for domain attribute value)
+PASS No cookie returned for domain attribute value with port
+PASS No cookie returned for domain mismatch when cookie was created (which would match after the redirect, with two subdomain levels)
+PASS No cookie returned for cookie set on different domain (with no domain attribute)
+PASS Return cookie set with bare domain= attribute
+PASS Return cookie that domain-matches with bizarre-cased URL
+PASS No cookie returned for domain attribute mismatch (first attribute matches, but second does not)
+PASS Return cookie for domain match (first attribute doesn't, but second does)
+PASS Return cookie for domain match (first attribute matches, second doesn't, third does)
+PASS No cookie returned for domain attribute mismatch (first attribute doesn't, second does, third doesn't)
+PASS Return cookie for domain match (with two identical domain attributes)
+PASS Return cookie for domain match (with first domain attribute a match for host name and second as suffix of host name)
+PASS Return cookie for domain match (with first domain attribute as suffix of host name and second a match for host name)
+PASS No cookie set on domain mismatch before a (domain matching) redirect
+PASS No cookie set on domain mismatch before a (domain matching) redirect (for second level subdomain)
+PASS Return cookie for domain match (with first domain attribute as suffix of host name and second a bare attribute)
+FAIL Cookie returned for bare domain attribute following mismatched domain attribute (after redirect to same-origin page). assert_equals: The cookie was set as expected. expected "test=42" but got ""
+PASS No cookie returned for domain mismatch (first attribute is a different subdomain and second is bare)
+PASS Cookies with same name, path, and domain (differing only in leading '.') overwrite each other ('.' second)
+PASS Cookies with same name, path, and domain (differing only in leading '.') overwrite each other ('.' first)
+PASS No cookie returned for domain with single dot ('.') value.
+PASS No cookie returned with single dot ('.') domain value (aka host-cookie) on non-host subdomain redirect
+PASS Return cookie with valid domain after domain with single dot ('.') value.
+FAIL Empty domain treated as host cookie 1 assert_equals: The cookie was set as expected. expected "test=47b; test=47b" but got "test=47; test=47b"
+FAIL Empty domain treated as host cookie 2 assert_equals: The cookie was set as expected. expected "test=48b; test=48b" but got "test=48; test=48b"
+PASS Empty domain treated as host cookie 3
+PASS No host cookies returned for host cookies after non-host redirect 1
+PASS No host cookies returned for host cookies after non-host redirect 2
+PASS No host cookies returned for host cookies after non-host redirect 3
+Harness: the test ran to completion.
+