diff --git a/remote/marionette/driver.sys.mjs b/remote/marionette/driver.sys.mjs index 125bfa89d47c..a33985fccce6 100644 --- a/remote/marionette/driver.sys.mjs +++ b/remote/marionette/driver.sys.mjs @@ -3350,7 +3350,13 @@ GeckoDriver.prototype.setPermission = async function (cmd) { `state is ${state}, expected "granted", "denied", or "prompt"` )(state); - lazy.permissions.set(descriptor, state, oneRealm); + lazy.permissions.set( + descriptor, + state, + oneRealm, + this.getBrowsingContext(), + this.getBrowsingContext({ top: true }) + ); }; /** diff --git a/remote/marionette/permissions.sys.mjs b/remote/marionette/permissions.sys.mjs index d67e2c46b7ce..681bbd192a3b 100644 --- a/remote/marionette/permissions.sys.mjs +++ b/remote/marionette/permissions.sys.mjs @@ -5,6 +5,7 @@ const lazy = {}; ChromeUtils.defineESModuleGetters(lazy, { + assert: "chrome://remote/content/shared/webdriver/Assert.sys.mjs", error: "chrome://remote/content/shared/webdriver/Errors.sys.mjs", MarionettePrefs: "chrome://remote/content/marionette/prefs.sys.mjs", }); @@ -22,29 +23,38 @@ export const permissions = {}; * State of the permission. It can be `granted`, `denied` or `prompt`. * @param {boolean} oneRealm * Currently ignored - * + * @param {browsingContext=} thirdPartyBrowsingContext + * 3rd party browsing context object + * @param {browsingContext=} topLevelBrowsingContext + * Top level browsing context object * @throws {UnsupportedOperationError} * If `marionette.setpermission.enabled` is not set or * an unsupported permission is used. */ -permissions.set = function (descriptor, state, oneRealm) { +permissions.set = function ( + descriptor, + state, + oneRealm, + thirdPartyBrowsingContext, + topLevelBrowsingContext +) { if (!lazy.MarionettePrefs.setPermissionEnabled) { throw new lazy.error.UnsupportedOperationError( "'Set Permission' is not available" ); } - if (state === "prompt") { - throw new lazy.error.UnsupportedOperationError( - "'Set Permission' doesn't support prompt" - ); - } - // This is not a real implementation of the permissions API. // Instead the purpose of this implementation is to have web-platform-tests // that use `set_permission()` not fail. // Each test needs the corresponding testing pref to make it actually work. const { name } = descriptor; + + if (state === "prompt" && name !== "storage-access") { + throw new lazy.error.UnsupportedOperationError( + "'Set Permission' doesn't support prompt" + ); + } if (["clipboard-write", "clipboard-read"].includes(name)) { if ( Services.prefs.getBoolPref("dom.events.testing.asyncClipboard", false) @@ -61,6 +71,49 @@ permissions.set = function (descriptor, state, oneRealm) { throw new lazy.error.UnsupportedOperationError( "'Set Permission' expected notification.prompt.testing to be set" ); + } else if (name === "storage-access") { + // Check if browsing context has a window global object + lazy.assert.open(thirdPartyBrowsingContext); + lazy.assert.open(topLevelBrowsingContext); + + const thirdPartyURI = + thirdPartyBrowsingContext.currentWindowGlobal.documentURI; + const topLevelURI = topLevelBrowsingContext.currentWindowGlobal.documentURI; + + const thirdPartyPrincipalSite = Services.eTLD.getSite(thirdPartyURI); + + const topLevelPrincipal = + Services.scriptSecurityManager.createContentPrincipal(topLevelURI, {}); + + switch (state) { + case "granted": { + Services.perms.addFromPrincipal( + topLevelPrincipal, + "3rdPartyFrameStorage^" + thirdPartyPrincipalSite, + Services.perms.ALLOW_ACTION + ); + return; + } + case "denied": { + Services.perms.addFromPrincipal( + topLevelPrincipal, + "3rdPartyFrameStorage^" + thirdPartyPrincipalSite, + Services.perms.DENY_ACTION + ); + return; + } + case "prompt": { + Services.perms.removeFromPrincipal( + topLevelPrincipal, + "3rdPartyFrameStorage^" + thirdPartyPrincipalSite + ); + return; + } + default: + throw new lazy.error.UnsupportedOperationError( + `'Set Permission' did not work for storage-access'` + ); + } } throw new lazy.error.UnsupportedOperationError( diff --git a/testing/web-platform/meta/storage-access-api/__dir__.ini b/testing/web-platform/meta/storage-access-api/__dir__.ini new file mode 100644 index 000000000000..15533cd2e6b2 --- /dev/null +++ b/testing/web-platform/meta/storage-access-api/__dir__.ini @@ -0,0 +1 @@ +prefs: [marionette.setpermission.enabled:true] diff --git a/testing/web-platform/meta/storage-access-api/requestStorageAccess-ABA.tentative.sub.https.window.js.ini b/testing/web-platform/meta/storage-access-api/requestStorageAccess-ABA.tentative.sub.https.window.js.ini index 6bfbf0bfa832..e442193182d1 100644 --- a/testing/web-platform/meta/storage-access-api/requestStorageAccess-ABA.tentative.sub.https.window.js.ini +++ b/testing/web-platform/meta/storage-access-api/requestStorageAccess-ABA.tentative.sub.https.window.js.ini @@ -1,7 +1,6 @@ [requestStorageAccess-ABA.tentative.sub.https.window.html] expected: - if (os == "android") and swgl: [OK, TIMEOUT] - if (os == "android") and not swgl: [OK, TIMEOUT] + [OK, TIMEOUT, ERROR] [[ABA\] document.requestStorageAccess() should resolve in top-level frame or same-site iframe, otherwise reject with a NotAllowedError with no user gesture.] expected: FAIL diff --git a/testing/web-platform/meta/storage-access-api/requestStorageAccess-cross-origin-iframe-navigation.sub.https.window.js.ini b/testing/web-platform/meta/storage-access-api/requestStorageAccess-cross-origin-iframe-navigation.sub.https.window.js.ini index f55a572ed169..f8177b722688 100644 --- a/testing/web-platform/meta/storage-access-api/requestStorageAccess-cross-origin-iframe-navigation.sub.https.window.js.ini +++ b/testing/web-platform/meta/storage-access-api/requestStorageAccess-cross-origin-iframe-navigation.sub.https.window.js.ini @@ -1,13 +1,13 @@ [requestStorageAccess-cross-origin-iframe-navigation.sub.https.window.html] - expected: TIMEOUT + expected: OK [Self-initiated same-origin navigations preserve storage access] - expected: NOTRUN + expected: FAIL [Self-initiated reloads preserve storage access] - expected: TIMEOUT + expected: FAIL [Non-self-initiated same-origin navigations do not preserve storage access] - expected: NOTRUN + expected: FAIL [Self-initiated cross-origin navigations do not preserve storage access] - expected: NOTRUN + expected: FAIL diff --git a/testing/web-platform/meta/storage-access-api/requestStorageAccess-cross-site-iframe.sub.https.window.js.ini b/testing/web-platform/meta/storage-access-api/requestStorageAccess-cross-site-iframe.sub.https.window.js.ini index 11ac29206c4e..ea63c5e0bd0d 100644 --- a/testing/web-platform/meta/storage-access-api/requestStorageAccess-cross-site-iframe.sub.https.window.js.ini +++ b/testing/web-platform/meta/storage-access-api/requestStorageAccess-cross-site-iframe.sub.https.window.js.ini @@ -3,14 +3,12 @@ if (os == "android") and debug and swgl: [TIMEOUT, OK] if (os == "android") and debug and not swgl: [OK, TIMEOUT] if (os == "android") and not debug: [OK, TIMEOUT] + [OK, TIMEOUT] [[cross-site-frame\] document.requestStorageAccess() should be rejected with a NotAllowedError without permission grant] - expected: FAIL + expected: [TIMEOUT, FAIL] [[cross-site-frame\] document.requestStorageAccess() should be rejected with a NotAllowedError with denied permission] - expected: FAIL + expected: [NOTRUN, FAIL] [[cross-site-frame\] document.requestStorageAccess() should be resolved with no user gesture when a permission grant exists, and should allow cookie access] expected: FAIL - - [[cross-site-frame\] document.requestStorageAccess() should resolve in top-level frame or same-site iframe, otherwise reject with a NotAllowedError with no user gesture.] - expected: FAIL diff --git a/testing/web-platform/meta/storage-access-api/requestStorageAccess-cross-site-sibling-iframes.sub.https.window.js.ini b/testing/web-platform/meta/storage-access-api/requestStorageAccess-cross-site-sibling-iframes.sub.https.window.js.ini index bd564fdab926..5ea3d3b83594 100644 --- a/testing/web-platform/meta/storage-access-api/requestStorageAccess-cross-site-sibling-iframes.sub.https.window.js.ini +++ b/testing/web-platform/meta/storage-access-api/requestStorageAccess-cross-site-sibling-iframes.sub.https.window.js.ini @@ -1,7 +1,7 @@ [requestStorageAccess-cross-site-sibling-iframes.sub.https.window.html] - expected: TIMEOUT + expected: OK [Grants have per-frame scope] - expected: TIMEOUT + expected: FAIL [Cross-site sibling iframes should not be able to take advantage of the existing permission grant requested by others.] - expected: NOTRUN + expected: FAIL diff --git a/testing/web-platform/meta/storage-access-api/requestStorageAccess-nested-cross-origin-iframe.sub.https.window.js.ini b/testing/web-platform/meta/storage-access-api/requestStorageAccess-nested-cross-origin-iframe.sub.https.window.js.ini index 07285108d1ed..ea615b3048a3 100644 --- a/testing/web-platform/meta/storage-access-api/requestStorageAccess-nested-cross-origin-iframe.sub.https.window.js.ini +++ b/testing/web-platform/meta/storage-access-api/requestStorageAccess-nested-cross-origin-iframe.sub.https.window.js.ini @@ -1,9 +1,9 @@ [requestStorageAccess-nested-cross-origin-iframe.sub.https.window.html] expected: if (os == "android") and not swgl and not debug: [OK, TIMEOUT, ERROR] - if (os == "mac") and not debug: [OK, TIMEOUT] + if (os == "mac") and not debug: [OK, TIMEOUT, ERROR] if (os == "android") and swgl: [OK, TIMEOUT, ERROR] - if (os == "win") and not debug: [TIMEOUT, OK] + if (os == "win") and not debug: [TIMEOUT, OK, ERROR] [OK, ERROR, TIMEOUT] [[nested-cross-origin-frame\] document.requestStorageAccess() should be resolved with no user gesture when a permission grant exists, and should allow cookie access] expected: FAIL diff --git a/testing/web-platform/meta/storage-access-api/requestStorageAccess-nested-cross-site-iframe.sub.https.window.js.ini b/testing/web-platform/meta/storage-access-api/requestStorageAccess-nested-cross-site-iframe.sub.https.window.js.ini index ef562c30b158..de4d3ce875a1 100644 --- a/testing/web-platform/meta/storage-access-api/requestStorageAccess-nested-cross-site-iframe.sub.https.window.js.ini +++ b/testing/web-platform/meta/storage-access-api/requestStorageAccess-nested-cross-site-iframe.sub.https.window.js.ini @@ -1,16 +1,13 @@ [requestStorageAccess-nested-cross-site-iframe.sub.https.window.html] expected: - if os == "mac": OK - if os == "win": OK + if os == "mac": [OK, TIMEOUT] + if os == "win": [OK, TIMEOUT] [OK, TIMEOUT] [[nested-cross-site-frame\] document.requestStorageAccess() should be rejected with a NotAllowedError without permission grant] - expected: FAIL + expected: [TIMEOUT, FAIL] [[nested-cross-site-frame\] document.requestStorageAccess() should be rejected with a NotAllowedError with denied permission] - expected: FAIL + expected: [NOTRUN, FAIL] [[nested-cross-site-frame\] document.requestStorageAccess() should be resolved with no user gesture when a permission grant exists, and should allow cookie access] expected: FAIL - - [[nested-cross-site-frame\] document.requestStorageAccess() should resolve in top-level frame or same-site iframe, otherwise reject with a NotAllowedError with no user gesture.] - expected: FAIL diff --git a/testing/web-platform/meta/storage-access-api/requestStorageAccess-nested-same-origin-iframe.sub.https.window.js.ini b/testing/web-platform/meta/storage-access-api/requestStorageAccess-nested-same-origin-iframe.sub.https.window.js.ini index 6a9dc44eced3..5bbd980d65cc 100644 --- a/testing/web-platform/meta/storage-access-api/requestStorageAccess-nested-same-origin-iframe.sub.https.window.js.ini +++ b/testing/web-platform/meta/storage-access-api/requestStorageAccess-nested-same-origin-iframe.sub.https.window.js.ini @@ -1,15 +1,5 @@ [requestStorageAccess-nested-same-origin-iframe.sub.https.window.html] expected: - if (os == "win") and debug and (processor == "x86_64") and not swgl: [TIMEOUT, OK, ERROR] - if (os == "win") and debug and (processor == "x86_64") and swgl: [TIMEOUT, OK, ERROR] - if (os == "linux") and debug and not fission and swgl: OK - if (os == "android") and not swgl and not debug: [OK, TIMEOUT, ERROR] - if (os == "win") and not debug and (processor == "x86"): [TIMEOUT, OK] - if (os == "win") and not debug and (processor == "x86_64"): [OK, TIMEOUT] - if (os == "linux") and debug and fission: OK - if (os == "mac") and debug: [TIMEOUT, OK, ERROR] - if (os == "mac") and not debug: [TIMEOUT, OK] - if (os == "android") and swgl: [TIMEOUT, OK] [OK, ERROR, TIMEOUT] [[nested-same-origin-frame\] document.requestStorageAccess() should resolve without permission grant or user gesture] expected: FAIL diff --git a/testing/web-platform/meta/storage-access-api/requestStorageAccess-same-site-iframe.sub.https.window.js.ini b/testing/web-platform/meta/storage-access-api/requestStorageAccess-same-site-iframe.sub.https.window.js.ini index 58e7c6e8ab93..f56ae83abd94 100644 --- a/testing/web-platform/meta/storage-access-api/requestStorageAccess-same-site-iframe.sub.https.window.js.ini +++ b/testing/web-platform/meta/storage-access-api/requestStorageAccess-same-site-iframe.sub.https.window.js.ini @@ -1,7 +1,7 @@ [requestStorageAccess-same-site-iframe.sub.https.window.html] expected: if (os == "mac") and debug: [TIMEOUT, OK] - [OK, TIMEOUT] + [OK, TIMEOUT, ERROR] [[same-site-frame\] document.requestStorageAccess() should resolve in top-level frame or same-site iframe, otherwise reject with a NotAllowedError with no user gesture.] expected: FAIL diff --git a/testing/web-platform/meta/storage-access-api/requestStorageAccess.sub.https.window.js.ini b/testing/web-platform/meta/storage-access-api/requestStorageAccess.sub.https.window.js.ini index 6935961b6da6..76541ad2a94e 100644 --- a/testing/web-platform/meta/storage-access-api/requestStorageAccess.sub.https.window.js.ini +++ b/testing/web-platform/meta/storage-access-api/requestStorageAccess.sub.https.window.js.ini @@ -1,4 +1,5 @@ [requestStorageAccess.sub.https.window.html] + expected: ERROR [[top-level-context\] document.requestStorageAccess() should be resolved with no user gesture when a permission grant exists, and should allow cookie access] expected: FAIL diff --git a/testing/web-platform/meta/storage-access-api/storage-access-permission.sub.https.window.js.ini b/testing/web-platform/meta/storage-access-api/storage-access-permission.sub.https.window.js.ini index f5f3e0a44db8..5f07025e99de 100644 --- a/testing/web-platform/meta/storage-access-api/storage-access-permission.sub.https.window.js.ini +++ b/testing/web-platform/meta/storage-access-api/storage-access-permission.sub.https.window.js.ini @@ -1,10 +1,14 @@ [storage-access-permission.sub.https.window.html] - expected: TIMEOUT + expected: + [OK, TIMEOUT] [Permissions grants are observable across same-origin iframes] - expected: TIMEOUT - - [IFrame tests] - expected: NOTRUN + expected: [TIMEOUT, FAIL] [Permissions grants are observable across same-site iframes] - expected: NOTRUN + expected: [NOTRUN, FAIL, TIMEOUT] + + [Permission state can be observed] + expected: FAIL + + [IFrame tests] + expected: [PASS, NOTRUN]