Bug
1487339 [wpt PR 12754] - Refactored usage of XHR, added error handling., a=testonly
Automatic update from web-platform-testsRefactored usage of XHR, added error handling.
- Added error handling as suggested in https://github.com/web-platform-tests/wpt/pull/12162
- changed XHR calls to FetchAPI
- changed async tests to Promise tests
- corrected the existing redirect tests and reported bug: crbug/872285
- removed Same-Site and Cross-Origin XSLT tests as they seemed to fail because loading
cross origin xslt is not supported "Unsafe attempt to load URL from frame"
(No idea why they passed before)
- added two test cases for multiple redirects. The idea is that the Sec-Metadata header
should be "downgraded" to less secure and should carry the value to the end.
If a cross-origin domain controls a redirect at any point of the redirect chain,
then the final requests are potentially influenced by the attacker.
- (Same-Origin -> Cross-Site -> Same-Origin -> Same-Origin) -> site=cross-site
- (Same-Origin -> Same-Site -> Same-Origin -> Same-Origin) -> site=same-site
Change-Id: I591af1948cc1f16e3b5c44f51020149e43fc2746
Reviewed-on: https://chromium-review.googlesource.com/
1193953
Commit-Queue: Maciek Trzos <mtrzos@google.com>
Reviewed-by: Mike West <mkwst@chromium.org>
Cr-Commit-Position: refs/heads/master@{#587556}
--
wpt-commits:
241cb914b6eae52ce48ad26df7d5b8c2e7088613
wpt-pr: 12754