service-worker-reporting.sub.https.window.js

Enable keyboard shortcuts

This test has a WPT meta file that expects 2 subtest issues.
This WPT test may be referenced by the following Test IDs:
- /connection-allowlist/tentative/service-worker-reporting.sub.https.window.html - WPT Dashboard Interop Dashboard

// META: script=/common/get-host-info.sub.js

// META: script=/reporting/resources/report-helper.js

// META: script=/service-workers/service-worker/resources/test-helpers.sub.js

//

// The following tests assume these headers have been set for the document.

// Reporting-Endpoints:

// endpoint="/reporting/resources/report.py?reportID=002ff910-653f-4ba7-ae2f-e62f74b7d0ce"

// Connection-Allowlist: (response-origin

// "https://{{hosts[alt][]}}:{{ports[https][0]}}"); report-to=endpoint

// Connection-Allowlist-Report-Only: (response-origin

// "https://{{hosts[alt][www]}}:{{ports[https][0]}}"); report-to=endpoint

//

// The service worker script does not set an allowlist, meaning that any request

// from the service worker should be allowed. However, the service worker should

// still respect the *document's* allowlists, meaning requests originating from

// the document that don't match the above headers should still be acted upon.

const port = get_host_info().HTTPS_PORT_ELIDED;

const SUCCESS = true;

const FAILURE = false;

async function service_worker_reporting_test(t, origin, expectation) {

  // We need the service worker's scope here to be global, because we want this

  // document with its own Connection Allowlist to be under worker control. By

  // default the maximum scope of a service worker is the directory where its

  // script lives. We override this via the Service-Worker-Allowed header on the

  // worker script resource.

  const scope = '/';

  const registration = await service_worker_unregister_and_register(

      t, 'resources/service-worker-fetch-script-allow-all.js', scope);

  t.add_cleanup(async () => {

    await registration.unregister();

})

  const worker = get_newest_worker(registration);

  await wait_for_state(t, worker, 'activated');

  // Wait for document to be controlled by the service worker.

  await new Promise((resolve) => {

    if (navigator.serviceWorker.controller) {

      return resolve();

    navigator.serviceWorker.addEventListener('controllerchange',

                                             () => resolve());

});

  const fetch_url = `${origin}/common/blank-with-cors.html`;

  let result;

  try {

    const response =

        await fetch(fetch_url, {mode: 'cors', credentials: 'omit'});

    result = response.ok;

  } catch (err) {

    result = false;

  if (expectation === SUCCESS) {

    assert_true(result, `Fetch to ${origin} should succeed.`);

  } else {

    assert_false(result, `Fetch to ${origin} should be blocked.`);

// 1. Fetch to {{hosts[alt][]}} should succeed because it matches the

// enforcement allowlist, but should send a report-disposition report because it

// doesn't match the report-only allowlist.

promise_test(async t => {

  await service_worker_reporting_test(t, 'https://{{hosts[alt][]}}' + port,

                                      SUCCESS);

}, 'Report sent in report-only mode');

// 2. Fetch to {{hosts[alt][www]}} should fail because it doesn't match the

// enforcement allowlist. It should only generate an enforce-disposition report,

// because it *does* match the report-only allowlist.

promise_test(async t => {

  await service_worker_reporting_test(

t,

      'https://{{hosts[alt][www]}}' + port,

      FAILURE,

);

}, 'Report sent in enforcement mode.');

// The above tests should have generated two reports: one in enforce disposition

// and another in report disposition.

promise_test(async t => {

  const endpoint = '/reporting/resources/report.py';

  const id = '002ff910-653f-4ba7-ae2f-e62f74b7d0ce';

  await wait(5000);

  let reports = await pollReports(endpoint, id);

  assert_equals(reports.length, 2);

  // Sort reports by disposition.

  reports = reports.sort((r1, r2) => {

    if (r1['body']['disposition'] < r2['body']['disposition']) {

      return -1;

    if (r1['body']['disposition'] > r2['body']['disposition']) {

      return 1;

    return 0;

});

  // The first report was generated because it violated the enforced allowlist.

  assert_equals(reports[0]['type'], 'connection-allowlist');

  assert_equals(reports[0]['url'], location.href);

  assert_equals(reports[0]['body']['disposition'], 'enforce');

  assert_equals(

      reports[0]['body']['connection'],

      `https://{{hosts[alt][www]}}${port}/common/blank-with-cors.html`);

  // The second report was generated because it violated the report-only

  // allowlist.

  assert_equals(reports[1]['type'], 'connection-allowlist');

  assert_equals(reports[1]['url'], location.href);

  assert_equals(reports[1]['body']['disposition'], 'report');

  assert_equals(reports[1]['body']['connection'],

                `https://{{hosts[alt][]}}${port}/common/blank-with-cors.html`);

});