corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
73f4f0146549173f51fd9f2950fd988ce646edfe
tubestation/testing/web-platform/tests/browsing-topics/fetch-topics.tentative.https.html
Yao Xiao e28349efcc Bug 1834902 [wpt PR 40209] - [Topics] pad topics header to make it harder to expose information via its length, a=testonly 
Automatic update from web-platform-tests
[Topics] pad topics header to make it harder to expose information via its length

What:
Switch to a different header format to allow padding.
Example: "t=(1;v=chrome.1:1:2), p=P00000000000"

The total length of the inner topics list plus the padding depends on the number of distinct version in the underlying epochs:
- If it's 0 or 1, use 27
  ("100;v=chrome.1:1:10 200 300")
- If it's 2, use 43
  ("100;v=chrome.1:1:10 200;v=chrome.1:1:20 300")
- If it's 3, use 59
  ("100;v=chrome.1:1:10 200;v=chrome.1:1:20 300;v=chrome.1:1:30")

This assumes maximum 3 digit topic ID, 2 digit model version,
and 1 digit config version and taxonomy version.

Why: Servers typically have a GET request size limit e.g. 8KB, and
will return an error when the limit is reached. An attacker can rely
this to learn the number of topics for a different origin.

Bug: 1443540
Change-Id: Ieadad5730870457ae219f4db30b072f829771ac4
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4553756
Commit-Queue: Yao Xiao <yaoxia@chromium.org>
Reviewed-by: Josh Karlin <jkarlin@chromium.org>
Reviewed-by: Dominic Farolino <dom@chromium.org>
Reviewed-by: Avi Drissman <avi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1150078}

--

wpt-commits: 4c27189ed2db4ddad8e727d4ea9ae8329c3e1672
wpt-pr: 40209
2023-06-13 07:14:46 +00:00

18 lines
718 B
HTML
Raw Blame History

<!doctype html>
<body>
<script src=/resources/testharness.js></script>
<script src=/resources/testharnessreport.js></script>
<script src=/browsing-topics/resources/header-util.sub.js></script>
<script>
promise_test(async t => {
let response = await fetch('./resources/check-topics-request-header.py', {browsingTopics: true});
let topics_header = await response.text();
// An empty result indicates that the request was eligible for topics.
// Currently, the web-platform-tests framework does not support actually
// handling the topics request.
assert_equals(topics_header, EMPTY_TOPICS_HEADER);
}, 'test fetch(<url>, {browsingTopics: true})');
</script>
</body>
Reference in New Issue View Git Blame Copy Permalink