diff --git a/core/audits/origin-isolation.js b/core/audits/origin-isolation.js index 78ca1e9ed69b..a74be42fd08c 100644 --- a/core/audits/origin-isolation.js +++ b/core/audits/origin-isolation.js @@ -39,7 +39,7 @@ import {Audit} from './audit.js'; >>>>>>> 4d7aa600b (Re-format origin isolation audit and enable it in the default config.) const UIStrings = { - /** Title of a Lighthouse audit that evaluates the security of a page's COOP header for origin isolation. "COOP" stands for "Cross-Origin-Opener-Policy". */ + /** Title of a Lighthouse audit that evaluates the security of a page's COOP header for origin isolation. "COOP" stands for "Cross-Origin-Opener-Policy". */ title: 'Ensure the proper usage of the COOP header to isolate the origin.', /** Description of a Lighthouse audit that evaluates the security of a page's COOP header for origin isolation. This is displayed after a user expands the section to see more. No character length limits. The last sentence starting with 'Learn' becomes link text to additional documentation. "COOP" stands for "Cross-Origin-Opener-Policy". */ description: 'Deployment of the COOP header allows isolation of the top-level document to not share a browsing context group with cross-origin documents. ' + @@ -118,6 +118,7 @@ class OriginIsolation extends Audit { * @param {LH.Audit.Context} context <<<<<<< HEAD <<<<<<< HEAD +<<<<<<< HEAD <<<<<<< HEAD * @return {Promise} */ @@ -166,13 +167,16 @@ class OriginIsolation extends Audit { >>>>>>> b2851bf51 (Adding changes to COOP audit similar to HSTS audit (recommendations from https://github.com/GoogleChrome/lighthouse/pull/16257).) ======= * @return {Promise<{coopHeaders: string[]}>} +======= + * @return {Promise} +>>>>>>> b2851bf51 (Adding changes to COOP audit similar to HSTS audit (recommendations from https://github.com/GoogleChrome/lighthouse/pull/16257).) */ static async getRawCoop(artifacts, context) { const devtoolsLog = artifacts.devtoolsLogs[Audit.DEFAULT_PASS]; const mainResource = await MainResource.request({devtoolsLog, URL: artifacts.URL}, context); - var coopHeaders = + let coopHeaders = mainResource.responseHeaders .filter(h => { return h.name.toLowerCase() === 'cross-origin-opener-policy'; @@ -182,8 +186,12 @@ class OriginIsolation extends Audit { // Sanitize the header value. coopHeaders = coopHeaders.map(v => v.toLowerCase().replace(/\s/g, '')); +<<<<<<< HEAD return {coopHeaders}; >>>>>>> 287296188 (Add Lighthouse audit to check for presence of the COOP header (origin isolation).) +======= + return coopHeaders; +>>>>>>> b2851bf51 (Adding changes to COOP audit similar to HSTS audit (recommendations from https://github.com/GoogleChrome/lighthouse/pull/16257).) } /** @@ -236,6 +244,7 @@ class OriginIsolation extends Audit { directive: undefined, <<<<<<< HEAD <<<<<<< HEAD +<<<<<<< HEAD <<<<<<< HEAD }); ======= @@ -247,6 +256,9 @@ class OriginIsolation extends Audit { ======= }) >>>>>>> 287296188 (Add Lighthouse audit to check for presence of the COOP header (origin isolation).) +======= + }); +>>>>>>> b2851bf51 (Adding changes to COOP audit similar to HSTS audit (recommendations from https://github.com/GoogleChrome/lighthouse/pull/16257).) } for (const actualDirective of coopHeaders) { @@ -262,6 +274,7 @@ class OriginIsolation extends Audit { directive: actualDirective, }); <<<<<<< HEAD +<<<<<<< HEAD ======= if(!allowedDirectives.includes(actualDirective)){ ======= @@ -284,6 +297,8 @@ class OriginIsolation extends Audit { >>>>>>> b2851bf51 (Adding changes to COOP audit similar to HSTS audit (recommendations from https://github.com/GoogleChrome/lighthouse/pull/16257).) ======= >>>>>>> 287296188 (Add Lighthouse audit to check for presence of the COOP header (origin isolation).) +======= +>>>>>>> b2851bf51 (Adding changes to COOP audit similar to HSTS audit (recommendations from https://github.com/GoogleChrome/lighthouse/pull/16257).) } } @@ -324,6 +339,7 @@ class OriginIsolation extends Audit { <<<<<<< HEAD <<<<<<< HEAD +<<<<<<< HEAD <<<<<<< HEAD return {score: violations.length || syntax.length > 1 ? 0 : 1, results}; ======= @@ -335,6 +351,9 @@ class OriginIsolation extends Audit { ======= return {score: violations.length ? 0 : 1, results}; >>>>>>> 287296188 (Add Lighthouse audit to check for presence of the COOP header (origin isolation).) +======= + return {score: violations.length || syntax.length > 1 ? 0 : 1, results}; +>>>>>>> b2851bf51 (Adding changes to COOP audit similar to HSTS audit (recommendations from https://github.com/GoogleChrome/lighthouse/pull/16257).) } /** @@ -345,6 +364,7 @@ class OriginIsolation extends Audit { static async audit(artifacts, context) { <<<<<<< HEAD <<<<<<< HEAD +<<<<<<< HEAD <<<<<<< HEAD const coopHeaders = await this.getRawCoop(artifacts, context); ======= @@ -356,14 +376,17 @@ class OriginIsolation extends Audit { ======= const {coopHeaders} = await this.getRawCoop(artifacts, context); >>>>>>> 287296188 (Add Lighthouse audit to check for presence of the COOP header (origin isolation).) +======= + const coopHeaders = await this.getRawCoop(artifacts, context); +>>>>>>> b2851bf51 (Adding changes to COOP audit similar to HSTS audit (recommendations from https://github.com/GoogleChrome/lighthouse/pull/16257).) const {score, results} = this.constructResults(coopHeaders); /** @type {LH.Audit.Details.Table['headings']} */ const headings = [ /* eslint-disable max-len */ - { key: 'description', valueType: 'text', subItemsHeading: {key: 'description'}, label: str_(i18n.UIStrings.columnDescription)}, - { key: 'directive', valueType: 'code', subItemsHeading: {key: 'directive'}, label: str_(UIStrings.columnDirective)}, - { key: 'severity', valueType: 'text', subItemsHeading: {key: 'severity'}, label: str_(UIStrings.columnSeverity)}, + {key: 'description', valueType: 'text', subItemsHeading: {key: 'description'}, label: str_(i18n.UIStrings.columnDescription)}, + {key: 'directive', valueType: 'code', subItemsHeading: {key: 'directive'}, label: str_(UIStrings.columnDirective)}, + {key: 'severity', valueType: 'text', subItemsHeading: {key: 'severity'}, label: str_(UIStrings.columnSeverity)}, /* eslint-enable max-len */ ]; const details = Audit.makeTableDetails(headings, results); diff --git a/core/config/default-config.js b/core/config/default-config.js index 82f8fcfe3454..0dcb8c32bf19 100644 --- a/core/config/default-config.js +++ b/core/config/default-config.js @@ -552,6 +552,7 @@ const defaultConfig = { {id: 'csp-xss', weight: 0, group: 'best-practices-trust-safety'}, {id: 'has-hsts', weight: 0, group: 'best-practices-trust-safety'}, <<<<<<< HEAD +<<<<<<< HEAD <<<<<<< HEAD {id: 'origin-isolation', weight: 0, group: 'hidden'}, ======= @@ -559,6 +560,9 @@ const defaultConfig = { ======= {id: 'origin-isolation', weight: 0, group: 'best-practices-trust-safety'}, >>>>>>> 4d7aa600b (Re-format origin isolation audit and enable it in the default config.) +======= + {id: 'origin-isolation', weight: 0}, +>>>>>>> b2851bf51 (Adding changes to COOP audit similar to HSTS audit (recommendations from https://github.com/GoogleChrome/lighthouse/pull/16257).) // User Experience {id: 'paste-preventing-inputs', weight: 3, group: 'best-practices-ux'}, {id: 'image-aspect-ratio', weight: 1, group: 'best-practices-ux'}, diff --git a/core/test/audits/origin-isolation-test.js b/core/test/audits/origin-isolation-test.js index 7a3242d97aff..56be15a14798 100644 --- a/core/test/audits/origin-isolation-test.js +++ b/core/test/audits/origin-isolation-test.js @@ -27,6 +27,7 @@ it('marked N/A if no violations found', async () => { }; <<<<<<< HEAD <<<<<<< HEAD +<<<<<<< HEAD <<<<<<< HEAD const results = await OriginIsolation.audit(artifacts, {computedCache: new Map()}); @@ -40,6 +41,10 @@ it('marked N/A if no violations found', async () => { ======= const results = await OriginIsolation.audit(artifacts, {computedCache: new Map()}); >>>>>>> 287296188 (Add Lighthouse audit to check for presence of the COOP header (origin isolation).) +======= + const results = + await OriginIsolation.audit(artifacts, {computedCache: new Map()}); +>>>>>>> b2851bf51 (Adding changes to COOP audit similar to HSTS audit (recommendations from https://github.com/GoogleChrome/lighthouse/pull/16257).) expect(results.details.items).toHaveLength(0); expect(results.notApplicable).toBeTruthy(); }); @@ -65,6 +70,7 @@ it('No COOP header found', async () => { <<<<<<< HEAD <<<<<<< HEAD +<<<<<<< HEAD <<<<<<< HEAD const results = await OriginIsolation.audit(artifacts, {computedCache: new Map()}); @@ -89,9 +95,17 @@ it('No COOP header found', async () => { <<<<<<< HEAD ======= const results = await OriginIsolation.audit(artifacts, {computedCache: new Map()}); +======= + const results = + await OriginIsolation.audit(artifacts, {computedCache: new Map()}); +>>>>>>> b2851bf51 (Adding changes to COOP audit similar to HSTS audit (recommendations from https://github.com/GoogleChrome/lighthouse/pull/16257).) expect(results.notApplicable).toBeFalsy(); + expect(results.details.items[0].severity).toBeDisplayString('High'); + expect(results.details.items[0].description) + .toBeDisplayString('No COOP header found'); expect(results.details.items).toMatchObject([ { +<<<<<<< HEAD >>>>>>> 287296188 (Add Lighthouse audit to check for presence of the COOP header (origin isolation).) severity: { i18nId: "core/lib/i18n/i18n.js | itemSeverityHigh", @@ -109,6 +123,8 @@ it('No COOP header found', async () => { >>>>>>> b2851bf51 (Adding changes to COOP audit similar to HSTS audit (recommendations from https://github.com/GoogleChrome/lighthouse/pull/16257).) ======= >>>>>>> 287296188 (Add Lighthouse audit to check for presence of the COOP header (origin isolation).) +======= +>>>>>>> b2851bf51 (Adding changes to COOP audit similar to HSTS audit (recommendations from https://github.com/GoogleChrome/lighthouse/pull/16257).) directive: undefined, }, ]); @@ -135,6 +151,7 @@ it('Messed up directive.', async () => { <<<<<<< HEAD <<<<<<< HEAD +<<<<<<< HEAD <<<<<<< HEAD const results = await OriginIsolation.audit(artifacts, {computedCache: new Map()}); @@ -160,9 +177,17 @@ it('Messed up directive.', async () => { <<<<<<< HEAD ======= const results = await OriginIsolation.audit(artifacts, {computedCache: new Map()}); +======= + const results = + await OriginIsolation.audit(artifacts, {computedCache: new Map()}); +>>>>>>> b2851bf51 (Adding changes to COOP audit similar to HSTS audit (recommendations from https://github.com/GoogleChrome/lighthouse/pull/16257).) expect(results.notApplicable).toBeFalsy(); + expect(results.details.items[0].severity).toBeDisplayString('Low'); + expect(results.details.items[0].description) + .toBeDisplayString('Invalid syntax'); expect(results.details.items).toMatchObject([ { +<<<<<<< HEAD >>>>>>> 287296188 (Add Lighthouse audit to check for presence of the COOP header (origin isolation).) severity: { i18nId: "core/lib/i18n/i18n.js | itemSeverityLow", @@ -182,6 +207,9 @@ it('Messed up directive.', async () => { >>>>>>> b2851bf51 (Adding changes to COOP audit similar to HSTS audit (recommendations from https://github.com/GoogleChrome/lighthouse/pull/16257).) ======= >>>>>>> 287296188 (Add Lighthouse audit to check for presence of the COOP header (origin isolation).) +======= + directive: 'foodirective', +>>>>>>> b2851bf51 (Adding changes to COOP audit similar to HSTS audit (recommendations from https://github.com/GoogleChrome/lighthouse/pull/16257).) }, ]); }); @@ -210,6 +238,7 @@ describe('getRawCoop', () => { }; <<<<<<< HEAD <<<<<<< HEAD +<<<<<<< HEAD <<<<<<< HEAD const coopHeaders = ======= @@ -221,6 +250,9 @@ describe('getRawCoop', () => { ======= const {coopHeaders} = >>>>>>> 287296188 (Add Lighthouse audit to check for presence of the COOP header (origin isolation).) +======= + const coopHeaders = +>>>>>>> b2851bf51 (Adding changes to COOP audit similar to HSTS audit (recommendations from https://github.com/GoogleChrome/lighthouse/pull/16257).) await OriginIsolation.getRawCoop(artifacts, {computedCache: new Map()}); expect(coopHeaders).toEqual([ `same-origin`, @@ -250,6 +282,7 @@ describe('getRawCoop', () => { }; <<<<<<< HEAD <<<<<<< HEAD +<<<<<<< HEAD <<<<<<< HEAD const coopHeaders = ======= @@ -261,6 +294,9 @@ describe('getRawCoop', () => { ======= const {coopHeaders} = >>>>>>> 287296188 (Add Lighthouse audit to check for presence of the COOP header (origin isolation).) +======= + const coopHeaders = +>>>>>>> b2851bf51 (Adding changes to COOP audit similar to HSTS audit (recommendations from https://github.com/GoogleChrome/lighthouse/pull/16257).) await OriginIsolation.getRawCoop(artifacts, {computedCache: new Map()}); expect(coopHeaders).toEqual([ ``, @@ -290,6 +326,7 @@ describe('getRawCoop', () => { }; <<<<<<< HEAD <<<<<<< HEAD +<<<<<<< HEAD <<<<<<< HEAD const coopHeaders = ======= @@ -301,6 +338,9 @@ describe('getRawCoop', () => { ======= const {coopHeaders} = >>>>>>> 287296188 (Add Lighthouse audit to check for presence of the COOP header (origin isolation).) +======= + const coopHeaders = +>>>>>>> b2851bf51 (Adding changes to COOP audit similar to HSTS audit (recommendations from https://github.com/GoogleChrome/lighthouse/pull/16257).) await OriginIsolation.getRawCoop(artifacts, {computedCache: new Map()}); expect(coopHeaders).toEqual([ ``, @@ -312,6 +352,7 @@ describe('constructResults', () => { it('passes with no findings', () => { <<<<<<< HEAD <<<<<<< HEAD +<<<<<<< HEAD <<<<<<< HEAD const {score, results} = OriginIsolation.constructResults(['same-origin']); ======= @@ -323,6 +364,9 @@ describe('constructResults', () => { ======= const {score, results} = OriginIsolation.constructResults([ 'same-origin' ]); >>>>>>> 287296188 (Add Lighthouse audit to check for presence of the COOP header (origin isolation).) +======= + const {score, results} = OriginIsolation.constructResults(['same-origin']); +>>>>>>> b2851bf51 (Adding changes to COOP audit similar to HSTS audit (recommendations from https://github.com/GoogleChrome/lighthouse/pull/16257).) expect(score).toEqual(1); expect(results).toEqual([]); }); @@ -330,6 +374,7 @@ describe('constructResults', () => { it('constructs result based on misconfigured COOP header', () => { <<<<<<< HEAD <<<<<<< HEAD +<<<<<<< HEAD <<<<<<< HEAD const {score, results} = OriginIsolation.constructResults(['foo-directive']); @@ -356,15 +401,18 @@ describe('constructResults', () => { <<<<<<< HEAD ======= const {score, results} = OriginIsolation.constructResults([ 'foo-directive' ]); +======= + const {score, results} = + OriginIsolation.constructResults(['foo-directive']); +>>>>>>> b2851bf51 (Adding changes to COOP audit similar to HSTS audit (recommendations from https://github.com/GoogleChrome/lighthouse/pull/16257).) expect(score).toEqual(1); + expect(results[0].severity).toBeDisplayString('Low'); + expect(results[0].description) + .toBeDisplayString('Invalid syntax'); expect(results).toMatchObject([ { - description: { - formattedDefault: 'Invalid syntax', - i18nId: 'core/audits/origin-isolation.js | invalidSyntax', - values: undefined, - }, directive: 'foo-directive', +<<<<<<< HEAD >>>>>>> 287296188 (Add Lighthouse audit to check for presence of the COOP header (origin isolation).) severity: { formattedDefault: 'Low', @@ -377,6 +425,8 @@ describe('constructResults', () => { >>>>>>> b2851bf51 (Adding changes to COOP audit similar to HSTS audit (recommendations from https://github.com/GoogleChrome/lighthouse/pull/16257).) ======= >>>>>>> 287296188 (Add Lighthouse audit to check for presence of the COOP header (origin isolation).) +======= +>>>>>>> b2851bf51 (Adding changes to COOP audit similar to HSTS audit (recommendations from https://github.com/GoogleChrome/lighthouse/pull/16257).) }, ]); }); @@ -386,6 +436,7 @@ describe('constructResults', () => { expect(score).toEqual(0); <<<<<<< HEAD <<<<<<< HEAD +<<<<<<< HEAD <<<<<<< HEAD expect(results[0].severity).toBeDisplayString('High'); expect(results[0].description) @@ -404,14 +455,15 @@ describe('constructResults', () => { directive: undefined, <<<<<<< HEAD ======= +======= + expect(results[0].severity).toBeDisplayString('High'); + expect(results[0].description) + .toBeDisplayString('No COOP header found'); +>>>>>>> b2851bf51 (Adding changes to COOP audit similar to HSTS audit (recommendations from https://github.com/GoogleChrome/lighthouse/pull/16257).) expect(results).toMatchObject([ { - description: { - formattedDefault: 'No COOP header found', - i18nId: 'core/audits/origin-isolation.js | noCoop', - values: undefined, - }, directive: undefined, +<<<<<<< HEAD >>>>>>> 287296188 (Add Lighthouse audit to check for presence of the COOP header (origin isolation).) severity: { formattedDefault: 'High', @@ -425,6 +477,8 @@ describe('constructResults', () => { >>>>>>> b2851bf51 (Adding changes to COOP audit similar to HSTS audit (recommendations from https://github.com/GoogleChrome/lighthouse/pull/16257).) ======= >>>>>>> 287296188 (Add Lighthouse audit to check for presence of the COOP header (origin isolation).) +======= +>>>>>>> b2851bf51 (Adding changes to COOP audit similar to HSTS audit (recommendations from https://github.com/GoogleChrome/lighthouse/pull/16257).) }, ]); });