From af66a01871dec28b0b2c15cab669a117fe580bb5 Mon Sep 17 00:00:00 2001
From: Domenic Denicola <domenic@chromium.org>
Date: Mon, 22 Jul 2019 11:08:58 +0000
Subject: [PATCH] Bug 1566566 [wpt PR 17424] - KV Storage: tweak secure context
 restriction and expand tests, a=testonly

Automatic update from web-platform-tests
KV Storage: tweak secure context restriction and expand tests

Recent discussions on the KV Storage spec (https://github.com/WICG/kv-storage/pull/53, https://github.com/WICG/kv-storage/pull/68) have decided on a slightly different model for restricting modules to secure contexts, that is based on preventing them from entering the module map, instead of throwing an error at module evaluation time.

This is mostly observably the same, with a few small differences:
* The error type changes from DOMException "SecurityError" to TypeError. This CL updates the implementation's runtime check, and all associated tests, to match the new error type.
* Not being present in the module map means module graph initialization fails earlier, preventing any side effects from earlier modules in the graph from being evaluated. This is tested in the new WPT kv-storage/secure-context/side-effects.html, which we fail for now.
* Not being present in the module map means that import map failover works. This is is tested in the new WPT kv-storage/secure-context/import-maps.html, which we fail for now.

https://crbug.com/977470 tracks the infrastructure work necessary to move from a runtime check to selectively filling the module map, which will allow us to pass the two newly-added tests.

BUG=977470

Change-Id: I9371400e9beed5be4ed5fbb0c94747a7bc0b3e86
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1670572
Reviewed-by: Hiroshige Hayashizaki <hiroshige@chromium.org>
Reviewed-by: Joshua Bell <jsbell@chromium.org>
Commit-Queue: Domenic Denicola <domenic@chromium.org>
Cr-Commit-Position: refs/heads/master@{#677454}

--

wpt-commits: b3a9dd55d31874e8f2d197b4b958c0dac96ea844
wpt-pr: 17424
---
 .../non-secure-context-script-element.html    | 25 ---------------
 .../tests/kv-storage/secure-context/README.md |  5 +++
 .../dynamic-import.html}                      |  2 +-
 .../secure-context/import-maps.html           | 31 +++++++++++++++++++
 .../import-statement.html}                    |  4 +--
 .../secure-context/resources/dummy-module.js  |  1 +
 .../resources/test-side-effects.js            |  1 +
 .../secure-context/script-element.html        | 21 +++++++++++++
 .../secure-context/side-effects.html          | 28 +++++++++++++++++
 9 files changed, 89 insertions(+), 29 deletions(-)
 delete mode 100644 testing/web-platform/tests/kv-storage/non-secure-context-script-element.html
 create mode 100644 testing/web-platform/tests/kv-storage/secure-context/README.md
 rename testing/web-platform/tests/kv-storage/{non-secure-context-dynamic-import.html => secure-context/dynamic-import.html} (87%)
 create mode 100644 testing/web-platform/tests/kv-storage/secure-context/import-maps.html
 rename testing/web-platform/tests/kv-storage/{non-secure-context-import-statement.html => secure-context/import-statement.html} (75%)
 create mode 100644 testing/web-platform/tests/kv-storage/secure-context/resources/dummy-module.js
 create mode 100644 testing/web-platform/tests/kv-storage/secure-context/resources/test-side-effects.js
 create mode 100644 testing/web-platform/tests/kv-storage/secure-context/script-element.html
 create mode 100644 testing/web-platform/tests/kv-storage/secure-context/side-effects.html

diff --git a/testing/web-platform/tests/kv-storage/non-secure-context-script-element.html b/testing/web-platform/tests/kv-storage/non-secure-context-script-element.html
deleted file mode 100644
index 66802b1254eda..0000000000000
--- a/testing/web-platform/tests/kv-storage/non-secure-context-script-element.html
+++ /dev/null
@@ -1,25 +0,0 @@
-<!DOCTYPE html>
-<meta charset="utf-8">
-<title>KV Storage: should not work in non-secure contexts when included via a script element</title>
-
-<script src="/resources/testharness.js"></script>
-<script src="/resources/testharnessreport.js"></script>
-
-<script>
-"use strict";
-setup({ allow_uncaught_exception: true });
-
-test(() => {
-  assert_false(self.isSecureContext, "This test must run in a non-secure context");
-}, "Prerequisite check");
-
-async_test(t => {
-  self.addEventListener("error", t.step_func_done(errorEvent => {
-    assert_equals(errorEvent.error.constructor, DOMException, "Must trigger a DOMException");
-    assert_equals(errorEvent.error.name, "SecurityError",
-      "The DOMException must be a \"SecurityError\"");
-  }, { once: true }));
-});
-</script>
-
-<script type="module" src="std:kv-storage"></script>
diff --git a/testing/web-platform/tests/kv-storage/secure-context/README.md b/testing/web-platform/tests/kv-storage/secure-context/README.md
new file mode 100644
index 0000000000000..9b3539995bfa6
--- /dev/null
+++ b/testing/web-platform/tests/kv-storage/secure-context/README.md
@@ -0,0 +1,5 @@
+# KV Storage `[SecureContext]` tests
+
+These tests ensure that KV Storage follows the rules for `[SecureContext]` modules. (As of the time of this writing, they are only proposed rules, in [heycam/webidl#675](https://github.com/heycam/webidl/pull/675).)
+
+Eventually these should probably be generalized and tested as part of `idlharness.js`.
diff --git a/testing/web-platform/tests/kv-storage/non-secure-context-dynamic-import.html b/testing/web-platform/tests/kv-storage/secure-context/dynamic-import.html
similarity index 87%
rename from testing/web-platform/tests/kv-storage/non-secure-context-dynamic-import.html
rename to testing/web-platform/tests/kv-storage/secure-context/dynamic-import.html
index 6ccbf84ba1dc6..38e1bb79c47ec 100644
--- a/testing/web-platform/tests/kv-storage/non-secure-context-dynamic-import.html
+++ b/testing/web-platform/tests/kv-storage/secure-context/dynamic-import.html
@@ -13,6 +13,6 @@
 }, "Prerequisite check");
 
 promise_test(t => {
-  return promise_rejects(t, "SecurityError", import("std:kv-storage"));
+  return promise_rejects(t, new TypeError(), import("std:kv-storage"));
 });
 </script>
diff --git a/testing/web-platform/tests/kv-storage/secure-context/import-maps.html b/testing/web-platform/tests/kv-storage/secure-context/import-maps.html
new file mode 100644
index 0000000000000..64301f03032c0
--- /dev/null
+++ b/testing/web-platform/tests/kv-storage/secure-context/import-maps.html
@@ -0,0 +1,31 @@
+<!DOCTYPE html>
+<meta charset="utf-8">
+<title>KV Storage: in non-secure contexts, import map mappings should fall back</title>
+
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+
+<script>
+"use strict";
+test(() => {
+  assert_false(self.isSecureContext, "This test must run in a non-secure context");
+}, "Prerequisite check");
+</script>
+
+<script type="importmap">
+{
+  "imports": {
+    "std:kv-storage": [
+      "std:kv-storage",
+      "./resources/dummy-module.js"
+    ]
+  }
+}
+</script>
+
+<script type="module">
+promise_test(async () => {
+  const result = await import("std:kv-storage");
+  assert_equals(namespaceObj.myExport, "not the real KV storage");
+});
+</script>
diff --git a/testing/web-platform/tests/kv-storage/non-secure-context-import-statement.html b/testing/web-platform/tests/kv-storage/secure-context/import-statement.html
similarity index 75%
rename from testing/web-platform/tests/kv-storage/non-secure-context-import-statement.html
rename to testing/web-platform/tests/kv-storage/secure-context/import-statement.html
index fda02aadf14fc..db01152a4e155 100644
--- a/testing/web-platform/tests/kv-storage/non-secure-context-import-statement.html
+++ b/testing/web-platform/tests/kv-storage/secure-context/import-statement.html
@@ -15,9 +15,7 @@
 
 async_test(t => {
   window.addEventListener("error", t.step_func_done(errorEvent => {
-    assert_equals(errorEvent.error.constructor, DOMException, "Must trigger a DOMException");
-    assert_equals(errorEvent.error.name, "SecurityError",
-      "The DOMException must be a \"SecurityError\"");
+    assert_equals(errorEvent.error.constructor, TypeError, "Must trigger a TypeError");
   }, { once: true }));
 });
 </script>
diff --git a/testing/web-platform/tests/kv-storage/secure-context/resources/dummy-module.js b/testing/web-platform/tests/kv-storage/secure-context/resources/dummy-module.js
new file mode 100644
index 0000000000000..27fb98860ea35
--- /dev/null
+++ b/testing/web-platform/tests/kv-storage/secure-context/resources/dummy-module.js
@@ -0,0 +1 @@
+export const myExport = "not the real KV storage";
diff --git a/testing/web-platform/tests/kv-storage/secure-context/resources/test-side-effects.js b/testing/web-platform/tests/kv-storage/secure-context/resources/test-side-effects.js
new file mode 100644
index 0000000000000..39780a92fff17
--- /dev/null
+++ b/testing/web-platform/tests/kv-storage/secure-context/resources/test-side-effects.js
@@ -0,0 +1 @@
+window.sideEffectsHappened = true;
diff --git a/testing/web-platform/tests/kv-storage/secure-context/script-element.html b/testing/web-platform/tests/kv-storage/secure-context/script-element.html
new file mode 100644
index 0000000000000..b8170549ab558
--- /dev/null
+++ b/testing/web-platform/tests/kv-storage/secure-context/script-element.html
@@ -0,0 +1,21 @@
+<!DOCTYPE html>
+<meta charset="utf-8">
+<title>KV Storage: should not work in non-secure contexts when included via a script element</title>
+
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+
+<script>
+"use strict";
+test(() => {
+  assert_false(self.isSecureContext, "This test must run in a non-secure context");
+}, "Prerequisite check");
+
+window.t = async_test("Check the events");
+</script>
+
+<script type="module"
+        src="std:kv-storage"
+        onload="t.step(() => { assert_unreached('load event fired'); })"
+        onerror="t.done()">
+</script>
diff --git a/testing/web-platform/tests/kv-storage/secure-context/side-effects.html b/testing/web-platform/tests/kv-storage/secure-context/side-effects.html
new file mode 100644
index 0000000000000..f4c4b691d30db
--- /dev/null
+++ b/testing/web-platform/tests/kv-storage/secure-context/side-effects.html
@@ -0,0 +1,28 @@
+<!DOCTYPE html>
+<meta charset="utf-8">
+<title>KV Storage: should fail in non-secure contexts in the fetching phase, not evaluation phase</title>
+
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+
+<script>
+"use strict";
+setup({ allow_uncaught_exception: true });
+
+window.sideEffectsHappened = false;
+
+test(() => {
+  assert_false(self.isSecureContext, "This test must run in a non-secure context");
+}, "Prerequisite check");
+</script>
+
+<script type="module">
+import "./resources/test-side-effects.js";
+import "std:kv-storage";
+</script>
+
+<script type="module">
+test(() => {
+  assert_false(window.sideEffectsHappened, "The side effects module didn't evaluate either");
+});
+</script>