[fetch-later] Allow fetchLater() to be used with HTTP localhost URLs.

mingyc · Chromium LUCI CQ · commit cda6cf783138 · 2025-08-31T20:56:35.000-07:00
The [current spec][1] says ``` If request’s URL’s scheme is not an HTTP(S) scheme, then throw a TypeError. ``` Also, [previous spec discussion][2] concludes that http localhost should be supported in addition to https urls. [1]: https://fetch.spec.whatwg.org/#dom-window-fetchlater [2]: whatwg/fetch#1647 (comment) Bug: 440277813 Change-Id: I8a3257570ad8fbde5b2e7243fb024b7690d5d733 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6894278 Commit-Queue: Ming-Ying Chung <mych@chromium.org> Reviewed-by: Andrew Paseltiner <apaseltiner@chromium.org> Reviewed-by: Nidhi Jaju <nidhijaju@chromium.org> Cr-Commit-Position: refs/heads/main@{#1508981}
diff --git a/third_party/blink/renderer/core/fetch/fetch_manager.cc b/third_party/blink/renderer/core/fetch/fetch_manager.cc
@@ -1675,10 +1675,11 @@ FetchLaterResult* FetchLaterManager::FetchLater(
     return nullptr;
   }
 
-  // 8. If request’s URL’s scheme is not an HTTPS scheme, then throw a
+  // 8. If request’s URL’s scheme is not an HTTP(S) scheme, then throw a
   // TypeError.
-  if (!request->Url().ProtocolIs(g_https_atom)) {
-    exception_state.ThrowTypeError("fetchLater is only supported over HTTPS.");
+  if (!request->Url().ProtocolIsInHTTPFamily()) {
+    exception_state.ThrowTypeError(
+        "fetchLater is only supported over HTTP(S).");
     return nullptr;
   }
   // 9. If request’s URL is not a potentially trustworthy url, then throw a
diff --git a/third_party/blink/renderer/core/fetch/fetch_manager_test.cc b/third_party/blink/renderer/core/fetch/fetch_manager_test.cc
@@ -5,6 +5,9 @@
 #include "third_party/blink/renderer/core/fetch/fetch_manager.h"
 
 #include <optional>
+#include <string>
+#include <string_view>
+#include <utility>
 
 #include "base/memory/scoped_refptr.h"
 #include "base/strings/strcat.h"
@@ -56,43 +59,43 @@ using ::testing::Eq;
 using ::testing::IsNull;
 using ::testing::Not;
 
-MATCHER_P(HasRangeError,
-          expected_message,
-          base::StrCat({"has ", negation ? "no " : "", "RangeError('",
-                        expected_message, "')"})) {
+MATCHER_P2(HasException,
+           error_name,
+           expected_message,
+           base::StrCat({"has ", negation ? "no " : "", error_name, "('",
+                         expected_message, "')"})) {
   const DummyExceptionStateForTesting& exception_state = arg;
   if (!exception_state.HadException()) {
     *result_listener << "no exception";
     return false;
   }
-  if (exception_state.CodeAs<ESErrorType>() != ESErrorType::kRangeError) {
-    *result_listener << "exception is not RangeError";
-    return false;
-  }
-  if (exception_state.Message() != expected_message) {
-    *result_listener << "unexpected message from RangeError: "
-                     << exception_state.Message();
-    return false;
-  }
-  return true;
-}
 
-MATCHER_P(HasAbortError,
-          expected_message,
-          base::StrCat({"has ", negation ? "no " : "", "AbortError('",
-                        expected_message, "')"})) {
-  const DummyExceptionStateForTesting& exception_state = arg;
-  if (!exception_state.HadException()) {
-    *result_listener << "no exception";
+  bool type_matches = false;
+  const std::string_view err(error_name);
+  if (err == "RangeError") {
+    type_matches =
+        exception_state.CodeAs<ESErrorType>() == ESErrorType::kRangeError;
+  } else if (err == "AbortError") {
+    type_matches = exception_state.CodeAs<DOMExceptionCode>() ==
+                   DOMExceptionCode::kAbortError;
+  } else if (err == "TypeError") {
+    type_matches =
+        exception_state.CodeAs<ESErrorType>() == ESErrorType::kTypeError;
+  } else if (err == "SecurityError") {
+    type_matches = exception_state.CodeAs<DOMExceptionCode>() ==
+                   DOMExceptionCode::kSecurityError;
+  } else {
+    *result_listener << "unsupported error name in matcher: " << error_name;
     return false;
   }
-  if (exception_state.CodeAs<DOMExceptionCode>() !=
-      DOMExceptionCode::kAbortError) {
-    *result_listener << "exception is not AbortError";
+
+  if (!type_matches) {
+    *result_listener << "exception is not " << error_name;
     return false;
   }
+
   if (exception_state.Message() != expected_message) {
-    *result_listener << "unexpected message from AbortError: "
+    *result_listener << "unexpected message from " << error_name << ": "
                      << exception_state.Message();
     return false;
   }
@@ -186,9 +189,9 @@ MATCHER_P(MatchNetworkResourceRequest,
 
 }  // namespace
 
-class FetchLaterTest : public testing::Test {
+class FetchLaterTestBase : public testing::Test {
  public:
-  FetchLaterTest()
+  FetchLaterTestBase()
       : task_runner_(base::MakeRefCounted<base::TestMockTimeTaskRunner>()) {
     feature_list_.InitAndEnableFeature(blink::features::kFetchLaterAPI);
   }
@@ -261,6 +264,8 @@ class FetchLaterTest : public testing::Test {
   base::HistogramTester histogram_;
 };
 
+class FetchLaterTest : public FetchLaterTestBase {};
+
 // A FetchLater request where its URL has same-origin as its execution context.
 TEST_F(FetchLaterTest, CreateSameOriginFetchLaterRequest) {
   FetchLaterTestingScope scope(FrameClient(), GetSourcePageURL());
@@ -317,7 +322,8 @@ TEST_F(FetchLaterTest, NegativeActivateAfterThrowRangeError) {
 
   EXPECT_THAT(result, IsNull());
   EXPECT_THAT(exception_state,
-              HasRangeError("fetchLater's activateAfter cannot be negative."));
+              HasException("RangeError",
+                           "fetchLater's activateAfter cannot be negative."));
   EXPECT_EQ(fetch_later_manager->NumLoadersForTesting(), 0u);
   Histogram().ExpectTotalCount("FetchLater.Renderer.Total", 0);
 }
@@ -345,8 +351,9 @@ TEST_F(FetchLaterTest, AbortBeforeFetchLater) {
       request->signal(), /*activate_after_ms=*/std::nullopt, exception_state);
 
   EXPECT_THAT(result, IsNull());
-  EXPECT_THAT(exception_state,
-              HasAbortError("The user aborted a fetchLater request."));
+  EXPECT_THAT(
+      exception_state,
+      HasException("AbortError", "The user aborted a fetchLater request."));
   EXPECT_EQ(fetch_later_manager->NumLoadersForTesting(), 0u);
   Histogram().ExpectTotalCount("FetchLater.Renderer.Total", 0);
 }
@@ -495,5 +502,120 @@ TEST_F(FetchLaterTest, ForcedSendingWithBackgroundSyncOff) {
                                  3 /*kActivatedOnEnteredBackForwardCache*/, 1);
 }
 
+// Base class for fetchLater() URL validation tests.
+class FetchLaterUrlTestBase : public FetchLaterTestBase {
+ protected:
+  std::pair<Persistent<FetchLaterManager>, Persistent<FetchLaterResult>>
+  CallFetchLater(V8TestingScope& scope, const std::string& url) {
+    auto* manager =
+        MakeGarbageCollected<FetchLaterManager>(scope.GetExecutionContext());
+    auto* controller = AbortController::Create(scope.GetScriptState());
+    auto& exception_state = scope.GetExceptionState();
+    auto* request = CreateFetchLaterRequest(scope, String::FromUTF8(url),
+                                            controller->signal());
+    auto* result = manager->FetchLater(
+        scope.GetScriptState(),
+        request->PassRequestData(scope.GetScriptState(), exception_state),
+        controller->signal(), /*activate_after=*/std::nullopt, exception_state);
+    return {manager, result};
+  }
+};
+
+struct UrlTestParam {
+  const std::string test_name;
+  const std::string url;
+};
+
+// This test verifies that fetchLater() only accepts URLs with HTTP or HTTPS
+// schemes. It covers various valid and invalid URL schemes, including http(s),
+// localhost, IP addresses, and non-http schemes like data:, file:, etc.
+class FetchLaterWithValidUrlTest
+    : public FetchLaterUrlTestBase,
+      public testing::WithParamInterface<UrlTestParam> {};
+
+INSTANTIATE_TEST_SUITE_P(All,
+                         FetchLaterWithValidUrlTest,
+                         testing::ValuesIn(std::vector<UrlTestParam>{
+                             {"https_example", "https://example.com/"},
+                             {"http_localhost", "http://localhost/"},
+                             {"https_localhost", "https://localhost/"},
+                             {"http_127_0_0_1", "http://127.0.0.1/"},
+                             {"https_127_0_0_1", "https://127.0.0.1/"},
+                             {"http_ipv6_localhost", "http://[::1]/"},
+                             {"https_ipv6_localhost", "https://[::1]/"},
+                         }),
+                         [](const testing::TestParamInfo<UrlTestParam>& info) {
+                           return info.param.test_name;
+                         });
+
+// Verifies that fetchLater() succeeds with valid URLs, including HTTPS URLs and
+// potentially trustworthy HTTP URLs like localhost.
+TEST_P(FetchLaterWithValidUrlTest, Succeeds) {
+  FetchLaterTestingScope scope(FrameClient(), GetSourcePageURL());
+
+  auto [manager, result] = CallFetchLater(scope, GetParam().url);
+
+  EXPECT_THAT(result, Not(IsNull()));
+  EXPECT_FALSE(scope.GetExceptionState().HadException());
+  EXPECT_EQ(manager->NumLoadersForTesting(), 1u);
+}
+
+class FetchLaterWithInsecureUrlTest
+    : public FetchLaterUrlTestBase,
+      public testing::WithParamInterface<UrlTestParam> {};
+
+INSTANTIATE_TEST_SUITE_P(All,
+                         FetchLaterWithInsecureUrlTest,
+                         testing::ValuesIn(std::vector<UrlTestParam>{
+                             {"http_example", "http://example.com/"},
+                         }),
+                         [](const testing::TestParamInfo<UrlTestParam>& info) {
+                           return info.param.test_name;
+                         });
+
+// Verifies that fetchLater() throws a SecurityError for insecure URLs, such as
+// an HTTP URL that is not localhost.
+TEST_P(FetchLaterWithInsecureUrlTest, FailsWithSecurityError) {
+  FetchLaterTestingScope scope(FrameClient(), GetSourcePageURL());
+
+  auto [manager, result] = CallFetchLater(scope, GetParam().url);
+
+  EXPECT_THAT(result, IsNull());
+  EXPECT_THAT(
+      scope.GetExceptionState(),
+      HasException("SecurityError", "fetchLater was passed an insecure URL."));
+  EXPECT_EQ(manager->NumLoadersForTesting(), 0u);
+}
+
+class FetchLaterWithInvalidSchemeUrlTest
+    : public FetchLaterUrlTestBase,
+      public testing::WithParamInterface<UrlTestParam> {};
+
+INSTANTIATE_TEST_SUITE_P(All,
+                         FetchLaterWithInvalidSchemeUrlTest,
+                         testing::ValuesIn(std::vector<UrlTestParam>{
+                             {"data", "data:text/plain,Hello"},
+                             {"file", "file:///etc/passwd"},
+                             {"ftp", "ftp://example.com/"},
+                             {"javascript", "javascript:alert(1)"},
+                             {"blob", "blob:https://example.com/some-uuid"},
+                         }),
+                         [](const testing::TestParamInfo<UrlTestParam>& info) {
+                           return info.param.test_name;
+                         });
+
+// Verifies that fetchLater() throws a TypeError for URLs with schemes other
+// than HTTP or HTTPS.
+TEST_P(FetchLaterWithInvalidSchemeUrlTest, FailsWithTypeError) {
+  FetchLaterTestingScope scope(FrameClient(), GetSourcePageURL());
+
+  auto [manager, result] = CallFetchLater(scope, GetParam().url);
+
+  EXPECT_THAT(result, IsNull());
+  EXPECT_THAT(
+      scope.GetExceptionState(),
+      HasException("TypeError", "fetchLater is only supported over HTTP(S)."));
+  EXPECT_EQ(manager->NumLoadersForTesting(), 0u);
+}
 
 }  // namespace blink
diff --git a/third_party/blink/web_tests/external/wpt/fetch/fetch-later/basic.tentative.https.window.js b/third_party/blink/web_tests/external/wpt/fetch/fetch-later/basic.tentative.https.window.js
@@ -5,13 +5,91 @@ test(() => {
 }, `fetchLater() cannot be called without request.`);
 
 test(() => {
-  assert_throws_js(TypeError, () => fetchLater('http://www.google.com'));
+  const result = fetchLater('/');
+  assert_false(result.activated, `result.activated should be false for '/'`);
+}, `fetchLater() with same-origin (https) URL does not throw.`);
+
+test(() => {
+  const url = 'http://localhost';
+  const result = fetchLater(url);
+  assert_false(result.activated, `result.activated should be false for ${url}`);
+}, `fetchLater() with http://localhost URL does not throw.`);
+
+test(() => {
+  const url = 'https://localhost';
+  const result = fetchLater(url);
+  assert_false(result.activated, `result.activated should be false for ${url}`);
+}, `fetchLater() with https://localhost URL does not throw.`);
+
+test(() => {
+  const url = 'http://127.0.0.1';
+  const result = fetchLater(url);
+  assert_false(result.activated, `result.activated should be false for ${url}`);
+}, `fetchLater() with http://127.0.0.1 URL does not throw.`);
+
+test(() => {
+  const url = 'https://127.0.0.1';
+  const result = fetchLater(url);
+  assert_false(result.activated, `result.activated should be false for ${url}`);
+}, `fetchLater() with https://127.0.0.1 URL does not throw.`);
+
+test(() => {
+  const url = 'http://[::1]';
+  const result = fetchLater(url);
+  assert_false(result.activated, `result.activated should be false for ${url}`);
+}, `fetchLater() with http://[::1] URL does not throw.`);
+
+test(() => {
+  const url = 'https://[::1]';
+  const result = fetchLater(url);
+  assert_false(result.activated, `result.activated should be false for ${url}`);
+}, `fetchLater() with https://[::1] URL does not throw.`);
+
+test(() => {
+  const url = 'https://example.com';
+  const result = fetchLater(url);
+  assert_false(result.activated, `result.activated should be false for ${url}`);
+}, `fetchLater() with https://example.com URL does not throw.`);
+
+test(() => {
+  const httpUrl = 'http://example.com';
+  assert_throws_dom(
+      'SecurityError', () => fetchLater(httpUrl),
+      `should throw SecurityError for insecure http url ${httpUrl}`);
+}, `fetchLater() throws SecurityError on non-trustworthy http URL.`);
+
+test(() => {
   assert_throws_js(TypeError, () => fetchLater('file://tmp'));
+}, `fetchLater() throws TypeError on file:// scheme.`);
+
+test(() => {
+  assert_throws_js(TypeError, () => fetchLater('ftp://example.com'));
+}, `fetchLater() throws TypeError on ftp:// scheme.`);
+
+test(() => {
   assert_throws_js(TypeError, () => fetchLater('ssh://example.com'));
+}, `fetchLater() throws TypeError on ssh:// scheme.`);
+
+test(() => {
   assert_throws_js(TypeError, () => fetchLater('wss://example.com'));
+}, `fetchLater() throws TypeError on wss:// scheme.`);
+
+test(() => {
   assert_throws_js(TypeError, () => fetchLater('about:blank'));
+}, `fetchLater() throws TypeError on about: scheme.`);
+
+test(() => {
   assert_throws_js(TypeError, () => fetchLater(`javascript:alert('');`));
-}, `fetchLater() throws TypeError on non-HTTPS URL.`);
+}, `fetchLater() throws TypeError on javascript: scheme.`);
+
+test(() => {
+  assert_throws_js(TypeError, () => fetchLater('data:text/plain,Hello'));
+}, `fetchLater() throws TypeError on data: scheme.`);
+
+test(() => {
+  assert_throws_js(
+      TypeError, () => fetchLater('blob:https://example.com/some-uuid'));
+}, `fetchLater() throws TypeError on blob: scheme.`);
 
 test(() => {
   assert_throws_js(

Original file line number	Diff line number	Diff line change
`@@ -1675,10 +1675,11 @@ FetchLaterResult* FetchLaterManager::FetchLater(`
`1675`	`1675`	`return nullptr;`
`1676`	`1676`	`}`
`1677`	`1677`
`1678`		`- // 8. If request’s URL’s scheme is not an HTTPS scheme, then throw a`
	`1678`	`+ // 8. If request’s URL’s scheme is not an HTTP(S) scheme, then throw a`
`1679`	`1679`	`// TypeError.`
`1680`		`- if (!request->Url().ProtocolIs(g_https_atom)) {`
`1681`		`- exception_state.ThrowTypeError("fetchLater is only supported over HTTPS.");`
	`1680`	`+ if (!request->Url().ProtocolIsInHTTPFamily()) {`
	`1681`	`+ exception_state.ThrowTypeError(`
	`1682`	`+ "fetchLater is only supported over HTTP(S).");`
`1682`	`1683`	`return nullptr;`
`1683`	`1684`	`}`
`1684`	`1685`	`// 9. If request’s URL is not a potentially trustworthy url, then throw a`