Update split-cache.html test.

This test was requesting the same resource using fetch and using navigations. Navigation are request with credentials. The fetch requests weren't. This patch updates the test to make the fetch request to send credentials. This ensures passing this test is not simply the consequence of discriminating anonymous and credentialled request in the HTTP cache, but really about implementing a split cache. This ensures implementing: https://docs.google.com/document/d/1lvbiy4n-GM5I56Ncw304sgvY5Td32R6KHitjRXvkZ6U/edit#heading=h.i5fo7881c05m won't cause one test case of this test to pass when split cache is disabled. https://chromium-review.googlesource.com/c/chromium/src/+/2964120/7/third_party/blink/web_tests/virtual/not-split-http-cache/external/wpt/fetch/http-cache/split-cache-expected.txt Bug:1221529 Change-Id: I3e7fdfa1a21570b5128f87238238aea4a92a8a0f
web-platform-tests · Jul 8, 2021 · b245c2f · b245c2f
1 parent a97a1e3
commit b245c2f
Show file tree

Hide file tree

Showing 3 changed files with 26 additions and 8 deletions.
diff --git a/fetch/http-cache/http-cache.js b/fetch/http-cache/http-cache.js
@@ -126,7 +126,7 @@ function fetchInit (requests, config) {
   if ('name' in config) init.headers.push(['Test-Name', config.name])
   if ('request_body' in config) init.body = config['request_body']
   if ('mode' in config) init.mode = config['mode']
-  if ('credentials' in config) init.mode = config['credentials']
+  if ('credentials' in config) init.credentials = config['credentials']
   if ('cache' in config) init.cache = config['cache']
   init.headers.push(['Test-Requests', btoa(JSON.stringify(requests))])
   return init

diff --git a/fetch/http-cache/resources/http-cache.py b/fetch/http-cache/resources/http-cache.py
@@ -16,6 +16,7 @@ def main(request, response):
     dispatch = request.GET.first(b"dispatch", None)
     uuid = request.GET.first(b"uuid", None)
 
+    response.headers.set(b"Access-Control-Allow-Credentials", b"true")
     if request.method == u"OPTIONS":
         return handle_preflight(uuid, request, response)
     if not uuid:
@@ -32,9 +33,9 @@ def main(request, response):
 
 def handle_preflight(uuid, request, response):
     response.status = (200, b"OK")
-    response.headers.set(b"Access-Control-Allow-Origin", b"*")
+    response.headers.set(b"Access-Control-Allow-Origin", request.headers.get(b"origin") or '*')
     response.headers.set(b"Access-Control-Allow-Methods", b"GET")
-    response.headers.set(b"Access-Control-Allow-Headers", b"*")
+    response.headers.set(b"Access-Control-Allow-Headers", request.headers.get(b"Access-Control-Request-Headers") or "*")
     response.headers.set(b"Access-Control-Max-Age", b"86400")
     return b"Preflight request"
 

diff --git a/fetch/http-cache/split-cache.html b/fetch/http-cache/split-cache.html
@@ -26,21 +26,37 @@
   const popupBaseURL = POPUP_HTTP_ORIGIN + window.location.pathname.replace(/\/[^\/]*$/, '/') ;
   const localBaseURL = LOCAL_HTTP_ORIGIN + window.location.pathname.replace(/\/[^\/]*$/, '/') ;
 
+  // Note: Navigation requests are requested with credentials. Make sure the
+  // fetch requests are also requested with credentials. This ensures passing
+  // this test is not simply the consequence of discriminating anonymous and
+  // credentialled request in the HTTP cache.
+  //
+  // See https://github.com/whatwg/fetch/issues/1253
+
   var test = {
     requests: [
       {
         response_headers: [
-              ["Expires", (30 * 24 * 60 * 60)]
-            ],
-        base_url: localBaseURL
+          ["Expires", (30 * 24 * 60 * 60)],
+          ["Access-Control-Allow-Origin", POPUP_HTTP_ORIGIN],
+        ],
+        base_url: localBaseURL,
+        credentials: "include",
       },
       {
-        base_url: localBaseURL
+        response_headers: [
+          ["Access-Control-Allow-Origin", POPUP_HTTP_ORIGIN],
+        ],
+        base_url: localBaseURL,
+        credentials: "include",
       },
       {
         request_headers: [
           ["Cache-Control", "no-cache"]
         ],
+        response_headers: [
+          ["Access-Control-Allow-Origin", POPUP_HTTP_ORIGIN],
+        ],
         // If the popup's request was a cache hit, we would only expect 2
         // requests to the server. If it was a cache miss, we would expect 3.
         // load_resource_in_iframe does not affect the expectation as, even
@@ -49,7 +65,8 @@
         expected_response_headers: [
           ["server-request-count", is_cross_site_test ? "3" : "2"]
         ],
-        base_url: localBaseURL
+        base_url: localBaseURL,
+        credentials: "include",
       }
     ]
   }