Skip to content

Wire up URL request modifiers for fonts and SVG resources #59093

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
chromium-wpt-export-bot wants to merge 1 commit into
base: master
Choose a base branch
from
Draft

Wire up URL request modifiers for fonts and SVG resources #59093

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 20 additions & 0 deletions css/css-values/urls/cross-origin/url-font-cross-origin-anonymous-negative.sub.html
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
<!DOCTYPE html>
<title>Request URL Modifiers: cross-origin(anonymous) negative test for @font-face</title>
<link rel="help" href="https://drafts.csswg.org/css-values-5/#typedef-request-url-modifier-cross-origin-modifier">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<style>
@font-face {
font-family: "TestFont";
src: url("http://{{hosts[][]}}:{{ports[http][1]}}/fonts/Ahem.ttf?pipe=header(Access-Control-Allow-Origin,)" cross-origin(anonymous)) format("truetype");
}
.test { font-family: "TestFont" }
</style>
<div class="test">X</div>
<script>
promise_test(async t => {
await document.fonts.ready;
const loaded = document.fonts.check("16px TestFont");
assert_false(loaded, "Cross-origin font without CORS headers should not load with cross-origin(anonymous)");
}, "cross-origin(anonymous) blocks cross-origin font loading without CORS headers");
</script>
20 changes: 20 additions & 0 deletions css/css-values/urls/cross-origin/url-font-cross-origin-anonymous.sub.html
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
<!DOCTYPE html>
<title>Request URL Modifiers: cross-origin(anonymous) for @font-face</title>
<link rel="help" href="https://drafts.csswg.org/css-values-5/#typedef-request-url-modifier-cross-origin-modifier">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<style>
@font-face {
font-family: "TestFont";
src: url("http://{{hosts[][]}}:{{ports[http][1]}}/fonts/Ahem.ttf?pipe=header(Access-Control-Allow-Origin,*)" cross-origin(anonymous)) format("truetype");
}
.test { font-family: "TestFont" }
</style>
<div class="test">X</div>
<script>
promise_test(async t => {
await document.fonts.ready;
const loaded = document.fonts.check("16px TestFont");
assert_true(loaded, "Cross-origin font with cross-origin(anonymous) should load");
}, "cross-origin(anonymous) allows cross-origin font loading with CORS headers");
</script>
25 changes: 25 additions & 0 deletions css/css-values/urls/cross-origin/url-svg-filter-cross-origin-anonymous-negative.sub.html
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
<!DOCTYPE html>
<html class="reftest-wait">
<head>
<title>Request URL Modifiers: cross-origin(anonymous) negative test for SVG filter</title>
<link rel="help" href="https://drafts.csswg.org/css-values-5/#typedef-request-url-modifier-cross-origin-modifier">
<link rel="match" href="/css/filter-effects/reference/green-100x100.html">
<meta name="assert" content="An SVG filter loaded cross-origin with cross-origin(anonymous) but without CORS headers should not apply.">
<style>
.test {
width: 100px;
height: 100px;
background-color: green;
filter: url("http://{{hosts[][]}}:{{ports[http][1]}}/css/filter-effects/support/hueRotate.svg?pipe=header(Access-Control-Allow-Origin,)#MyFilter" cross-origin(anonymous));
}
</style>
</head>
<body>
<div class="test"></div>
<script>
window.addEventListener("load", () => {
document.documentElement.classList.remove("reftest-wait");
});
</script>
</body>
</html>
25 changes: 25 additions & 0 deletions css/css-values/urls/cross-origin/url-svg-filter-cross-origin-anonymous.sub.html
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
<!DOCTYPE html>
<html class="reftest-wait">
<head>
<title>Request URL Modifiers: cross-origin(anonymous) for SVG filter</title>
<link rel="help" href="https://drafts.csswg.org/css-values-5/#typedef-request-url-modifier-cross-origin-modifier">
<link rel="match" href="/css/filter-effects/reference/green-100x100.html">
<meta name="assert" content="An SVG filter loaded cross-origin with cross-origin(anonymous) and CORS headers should apply.">
<style>
.test {
width: 100px;
height: 100px;
background-color: rgb(71.79%, 28.82%, 0%);
filter: url("http://{{hosts[][]}}:{{ports[http][1]}}/css/filter-effects/support/hueRotate.svg?pipe=header(Access-Control-Allow-Origin,*)#MyFilter" cross-origin(anonymous));
}
</style>
</head>
<body>
<div class="test"></div>
<script>
window.addEventListener("load", () => {
document.documentElement.classList.remove("reftest-wait");
});
</script>
</body>
</html>
58 changes: 58 additions & 0 deletions css/css-values/urls/url-request-modifiers-font-face-parsing.html
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
<!DOCTYPE html>
<title>Request URL Modifiers: @font-face src parsing</title>
<link rel="help" href="https://drafts.csswg.org/css-values-5/#request-url-modifiers">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script>
function test_font_face_src(description, src, valid) {
test(t => {
const style = document.createElement("style");
style.textContent = `@font-face { font-family: "Test"; src: ${src}; }`;
document.head.appendChild(style);
t.add_cleanup(() => style.remove());
const rule = style.sheet.cssRules[0];
if (valid) {
assert_not_equals(rule.style.getPropertyValue("src"), "", "should be valid");
} else {
assert_equals(rule.style.getPropertyValue("src"), "", "should be invalid");
}
}, description);
}

// Valid modifiers in @font-face src
test_font_face_src(
"cross-origin(anonymous) in @font-face src",
'url("fonts/Ahem.ttf" cross-origin(anonymous))',
true);

test_font_face_src(
"referrer-policy(no-referrer) in @font-face src",
'url("fonts/Ahem.ttf" referrer-policy(no-referrer))',
true);

test_font_face_src(
"integrity() in @font-face src",
'url("fonts/Ahem.ttf" integrity("sha384-foobar"))',
true);

test_font_face_src(
"multiple modifiers in @font-face src",
'url("fonts/Ahem.ttf" cross-origin(anonymous) referrer-policy(no-referrer))',
true);

test_font_face_src(
"modifiers with format() in @font-face src",
'url("fonts/Ahem.ttf" cross-origin(anonymous)) format("truetype")',
true);

// Invalid modifiers
test_font_face_src(
"duplicate cross-origin in @font-face src",
'url("fonts/Ahem.ttf" cross-origin(anonymous) cross-origin(anonymous))',
false);

test_font_face_src(
"unknown modifier in @font-face src",
'url("fonts/Ahem.ttf" foobar(baz))',
false);
</script>
Loading