Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 9ed47b46a8bef399472fd82703c995ca5a817680
https://github.com/WebKit/WebKit/commit/9ed47b46a8bef399472fd82703c995ca5a817680
Author: Sihui Liu <[email protected]>
Date: 2026-05-20 (Wed, 20 May 2026)
Changed paths:
M LayoutTests/http/tests/security/cross-origin-indexeddb-expected.txt
M LayoutTests/http/tests/security/cross-origin-indexeddb.html
A
LayoutTests/http/tests/security/resources/cross-origin-iframe-for-indexeddb-transience.html
Log Message:
-----------
Rewrite http/tests/security/cross-origin-indexeddb.html to actually verify
storage blocking policy
https://bugs.webkit.org/show_bug.cgi?id=314922
rdar://177202636
Reviewed by Per Arne Vollan.
While debugging cross-origin storage tests under Site Isolation, I noticed this
test passes even when storage blocking
policy is not properly configured under SI. It turns out the test only
exercises an IndexedDB behavior (open() succeeds)
that holds under both `StorageBlockingPolicy::AllowAll` and
`StorageBlockingPolicy::BlockThirdParty`, so the result
tells us nothing about whether the policy is actually applied.
Rewrite the test to verify whether the third-party database is ephemeral
instead: the storage should be ephemeral under
BlockThirdParty policy and persistent under AllowAll policy. With this change,
if the wrong policy is in effect the test
produces a visibly different result instead of silently passing.
* LayoutTests/http/tests/security/cross-origin-indexeddb-expected.txt:
* LayoutTests/http/tests/security/cross-origin-indexeddb.html:
*
LayoutTests/http/tests/security/resources/cross-origin-iframe-for-indexeddb-transience.html:
Added.
Canonical link: https://commits.webkit.org/313633@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
