New issue
Advanced search Search tips

Issue 750332 link

Starred by 1 user
Status: Untriaged
Owner: ----
Cc:
rbyers@chromium.org
paulmeyer@chromium.org
cha...@chromium.org
foolip@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Bug



Sign in to add a comment

Add non-secure webexposed listing tests

Project Member Reported by jsb...@chromium.org, Jul 28 2017 
The tests in webexposed/ and http/tests/serviceworker/webexposed run in "secure" contexts (via file: and localhost exemptions, respectively)

This means we don't have general tests enumerating the global exposed interfaces/methods/attributes in non-secure contexts, so e.g. we would not notice if a [SecureContext] attribute were added or - more worryingly - if it were dropped.

Comment 1 by rbyers@chromium.org, Jul 28 2017

Cc: paulmeyer@chromium.org cha...@chromium.org
Components: -Blink>Infra>Predictability
chasej@ and I talked about this a bit.  I'm a little worried about expanding the webexposed tests too much.  There are TONS of different IDL attributes that the webexposed tests don't check for (how about just adding/removing arguments?).  We're working on some IDL diffing tools to be exhaustive here.  IMHO we should probably keep webexposed simple to just help catch the common case of accidentally adding or removing an API.  They're already a real pain for people to update (something paulmeyer is working to fix).

Comment 2 by jsb...@chromium.org, Jul 28 2017 

That's cool (and close this off if you want); we do have scattered tests for "this interface should not exist in non-secure contexts".

We might want to standardize on that in WPT, e.g. always have interfaces.html and interfaces.https.html for anything that has [SecureContext]

Comment 3 by dtapu...@chromium.org, Oct 26 2017

Components: Tests
Labels: Hotlist-Interop

Comment 4 by foolip@chromium.org, Sep 20

Labels: -Hotlist-Interop

Sign in to add a comment