7e114b93d3
Automatic update from web-platform-tests [shared storage] Bugfix: Check the permissions policy against the script origin When creating or using a cross-origin worklet, the code is doing the wrong checks via IsFeatureEnabled(...) (for all "shared-storage", "shared-storage-select-url", and "private-aggregation"). It should instead be policy->IsFeatureEnabledForOrigin(...) which checks against the script origin (i.e. the worklet/data/security origin), as specified in the spec. We move the permissions check to after the "was addModule invoked" check. This way, we can use a single `worklet_host_` state to track both "addModule invoked" status and "shared_storage_origin_" eligibility, reducing state management overhead. As a result: - This also eliminates redundant checks for the "shared-storage" permissions policy during selectURL() & run(). - We'd have to relax some assertions in WPT by not asserting the exact error messages. This is nevertheless the desired pattern, as the error messages are not part of the spec. Bug: 347047842 Change-Id: I9e14810e803af20fb0b5cc7837c6b434f887ab9a Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5630917 Reviewed-by: Cammie Smith Barnes <cammie@chromium.org> Commit-Queue: Cammie Smith Barnes <cammie@chromium.org> Cr-Commit-Position: refs/heads/main@{#1315333} -- wpt-commits: a4d4567d9ea1a42921f8c8e0292b3d41e4e08a55 wpt-pr: 46763
2 lines
43 B
Plaintext
2 lines
43 B
Plaintext
Permissions-Policy: private-aggregation=()
|