File: subdomain-registration.https.html

package info (click to toggle)
firefox 147.0-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 4,683,324 kB
  • sloc: cpp: 7,607,156; javascript: 6,532,492; ansic: 3,775,158; python: 1,415,368; xml: 634,556; asm: 438,949; java: 186,241; sh: 62,751; makefile: 18,079; objc: 13,092; perl: 12,808; yacc: 4,583; cs: 3,846; pascal: 3,448; lex: 1,720; ruby: 1,003; php: 436; lisp: 258; awk: 247; sql: 66; sed: 54; csh: 10; exp: 6
file content (83 lines) | stat: -rw-r--r-- 3,148 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
 
<!DOCTYPE html>
<meta charset="utf-8">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/device-bound-session-credentials/helper.js" type="module"></script>

<script type="module">
  import {
    addCookieAndSessionCleanup,
    configureServer,
    documentHasCookie,
    expireCookie,
    setupShardedServerState,
    waitForCookie
  } from "/device-bound-session-credentials/helper.js";

  async function waitForRefresh(cookieAndAttributes, cookieAndValue, expectRefreshed) {
    const startTime = Date.now();
    const refreshed = await new Promise(resolve => {
      async function tryRefresh() {
        expireCookie(cookieAndAttributes);
        assert_false(documentHasCookie(cookieAndValue));
        const authResponseAfterExpiry = await fetch('verify_authenticated.py');
        if (authResponseAfterExpiry.status == 200) {
          resolve(true);
          return;
        }
        if (!expectRefreshed && Date.now() - startTime >= 1000) {
          resolve(false);
          return;
        }

        step_timeout(tryRefresh, 100);
      }

      tryRefresh();
    });

    assert_equals(refreshed, expectRefreshed);
  }

  async function runTest(t, subdomain, expectRegistration) {
    await setupShardedServerState();
    const expectedCookieAndValue = "auth_cookie=abcdef0123";
    const expectedCookieAttributes = `Domain=${location.hostname};Path=/device-bound-session-credentials`;
    const expectedCookieAndAttributes = `${expectedCookieAndValue};${expectedCookieAttributes}`;
    addCookieAndSessionCleanup(t);

    // Configure the server with the parent domain's origin + cookie
    // details instead of the subdomain's.
    await configureServer({
      "scopeOrigin": location.origin,
      "cookieDetails": [
        {
          "nameAndValue": expectedCookieAndValue,
          "attributes": expectedCookieAttributes
        }
      ]
    });

    // .well-known/device-bound-sessions hardcodes www as allowed, but not www1.
    const loginUrl = new URL("/device-bound-session-credentials/login.py", location);
    loginUrl.hostname = `${subdomain}.${location.hostname}`;

    const loginResponse = await fetch(loginUrl.toString(), {credentials: "include"});
    assert_equals(loginResponse.status, 200);
    // Wait for the cookie returned by the server providing the session config to
    // the user agent.
    await waitForCookie(expectedCookieAndValue, /*expectCookie=*/true);
    // There is still well-known fetching after that, so we can't conclude yet that
    // registration is finished and has either succeeded or failed as expected.
    // Trigger repeated refresh attempts to confirm this instead.
    await waitForRefresh(expectedCookieAndAttributes, expectedCookieAndValue, /*expectRefresh=*/expectRegistration);
  }

  promise_test(async t => {
    await runTest(t, /*subdomain=*/"www1", /*expectRegistration=*/false);
  }, "Registration fails without a .well-known");

  promise_test(async t => {
    await runTest(t, /*subdomain=*/"www", /*expectRegistration=*/true);
  }, "Registration succeeds with a .well-known");
</script>