Bug 1498930 [wpt PR 13508] - Test TAO origin check on different ports, a=testonly

Automatic update from web-platform-tests
Test TAO origin check on different ports (#13508)

* Test that TAO check fails when the port doesn't match

--

wpt-commits: b2ffdb6329c634bd3e2e118ed628aad6b12afcee
wpt-pr: 13508

testing/web-platform/tests/lint.whitelist

@@ -186,6 +186,7 @@ SET TIMEOUT: paint-timing/resources/subframe-painting.html
 SET TIMEOUT: payment-request/allowpaymentrequest/setting-allowpaymentrequest-timing.https.sub.html
 SET TIMEOUT: preload/single-download-preload.html
 SET TIMEOUT: resize-observer/resources/iframe.html
+SET TIMEOUT: resource-timing/resources/iframe-TAO*
 SET TIMEOUT: screen-orientation/onchange-event.html
 SET TIMEOUT: secure-contexts/basic-popup-and-iframe-tests.https.js
 SET TIMEOUT: service-workers/cache-storage/script-tests/cache-abort.js

testing/web-platform/tests/resource-timing/TAO-crossorigin-port.sub.html

@@ -0,0 +1,25 @@
+<!DOCTYPE html>
+<html>
+<head>
+<meta charset="utf-8" />
+<title>Resource Timing TAO - "null" and opaque origin</title>
+<link rel="author" title="Google" href="http://www.google.com/" />
+<link rel="help" href="https://www.w3.org/TR/resource-timing-2/#timing-allow-origin"/>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script>
+
+const t = async_test("Makes sure that the iframe passed the test and had an entry which passed the timing allow check");
+window.addEventListener("message", t.step_func_done(e=>{
+    assert_equals(e.data, "PASS");
+}));
+</script>
+</head>
+<body>
+<h1>Description</h1>
+<p>This test validates that for a cross origin resource with different ports, the timing allow check algorithm will fail when the value of Timing-Allow-Origin value has the right host but the wrong port in it.</p>
+<div id="log"></div>
+<!-- The frame is being requested on the default port ([0]), while the subresource in it will be requested on a separate port ([1]) -->
+<iframe id="frameContext" src="{{location[scheme]}}://{{host}}:{{ports[http][0]}}/resource-timing/resources/iframe-TAO-crossorigin-port.sub.html"></iframe>
+</body>
+</html>

testing/web-platform/tests/resource-timing/resources/TAOResponse.py

@@ -16,6 +16,12 @@ def main(request, response):
     elif tao == 'origin':
     # case-sensitive match for origin, pass
         response.headers.set('Timing-Allow-Origin', origin)
+    elif tao.startswith('origin_port'):
+    # case-sensitive match for origin and port, pass
+        origin_parts = origin.split(':')
+        host = origin_parts[0] + ':' + origin_parts[1]
+        port = tao.split('origin_port_')[1]
+        response.headers.set('Timing-Allow-Origin', host + ':' + port)
     elif tao == 'space':
     # space separated list of origin and wildcard, fail
         response.headers.set('Timing-Allow-Origin', (origin + ' *'))

testing/web-platform/tests/resource-timing/resources/iframe-TAO-crossorigin-port.sub.html

@@ -0,0 +1,31 @@
+<!DOCTYPE html>
+<html>
+<body>
+<script>
+    const url = '{{location[scheme]}}://{{host}}:{{ports[http][1]}}/resource-timing/resources/TAOResponse.py?tao=origin_port_{{ports[http][1]}}';
+    const observe = (list, observer) => {
+        const entry = list.getEntries()[0];
+        const sum = entry.redirectStart +
+                  entry.redirectEnd +
+                  entry.domainLookupStart +
+                  entry.domainLookupEnd +
+                  entry.connectStart +
+                  entry.connectEnd +
+                  entry.secureConnectionStart +
+                  entry.requestStart +
+                  entry.responseStart +
+                  entry.transferSize +
+                  entry.encodedBodySize +
+                  entry.decodedBodySize;
+
+        const result = sum == 0 ? 'PASS' : 'FAIL';
+        window.top.postMessage(result, '*');
+    }
+    let observer = new PerformanceObserver(observe);
+    observer.observe({ entryTypes: ["resource"] });
+    fetch(url);
+</script>
+</body>
+</html>
+
+