commit 91903eea095ec9f8ec46adab7d6f7765f0f7a1ab
parent bb034c6c91f4144461be3853943e832eb6b40b63
Author: Daniel Rubery <drubery@chromium.org>
Date: Thu, 9 Oct 2025 16:28:22 +0000
Bug 1991180 [wpt PR 55114] - Using cached challenges during refresh, a=testonly
Automatic update from web-platform-tests
Using cached challenges during refresh
Instead of re-parsing the headers, use the existing mechanism for
processing challenge headers and look them up from the session. This is
only visible for sites in the case where they try to do multiple
challenges during registration, which is not technically allowed per the
spec.
Bug: 438783634
Change-Id: I478bc2d336033391f727dbe979b469e8755ce708
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6986901
Commit-Queue: Daniel Rubery <drubery@chromium.org>
Reviewed-by: thefrog <thefrog@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1521449}
--
wpt-commits: 63cd7d36778ac385064a66203e3293f8ec890bc8
wpt-pr: 55114
Diffstat:
1 file changed, 0 insertions(+), 35 deletions(-)
diff --git a/testing/web-platform/tests/device-bound-session-credentials/registration-sends-challenge.https.html b/testing/web-platform/tests/device-bound-session-credentials/registration-sends-challenge.https.html
@@ -1,35 +0,0 @@
-<!DOCTYPE html>
-<meta charset="utf-8">
-<script src="/resources/testharness.js"></script>
-<script src="/resources/testharnessreport.js"></script>
-<script src="helper.js" type="module"></script>
-
-<script type="module">
- import { expireCookie, waitForCookie, addCookieAndSessionCleanup, configureServer, setupShardedServerState, documentHasCookie } from "./helper.js";
-
- promise_test(async t => {
- await setupShardedServerState();
- const expectedCookieAndValue = "auth_cookie=abcdef0123";
- const expectedCookieAndAttributes = `${expectedCookieAndValue};Domain=${location.hostname};Path=/device-bound-session-credentials`;
- addCookieAndSessionCleanup(t);
-
- // Configure server to send back a challenge during registration.
- await configureServer({ registrationSendsChallenge: true });
-
- // Prompt starting a session, and wait until registration completes.
- const loginResponse = await fetch('login.py');
- assert_equals(loginResponse.status, 200);
- await waitForCookie(expectedCookieAndValue, /*expectCookie=*/true);
-
- // Confirm that a request has the cookie set.
- const authResponse = await fetch('verify_authenticated.py');
- assert_equals(authResponse.status, 200);
-
- // Confirm that expiring the cookie still leads to a request with the cookie set (refresh occurs).
- expireCookie(expectedCookieAndAttributes);
- assert_false(documentHasCookie(expectedCookieAndValue));
- const authResponseAfterExpiry = await fetch('verify_authenticated.py');
- assert_equals(authResponseAfterExpiry.status, 200);
- assert_true(documentHasCookie(expectedCookieAndValue));
-}, "Registration can send back Secure-Session-Challenge");
-</script>
