Test and document resources/server endpoints

Author: JannisBush

_hp/hp/test_internals.py

@@ -1,16 +1,110 @@
 import pytest
+import json
+import httpx
 
 from hp.tools.crawler.selenium_run_specific import config, run_specific
 from hp.tools.crawler.utils import generate_short_uuid
 
+with open("_hp/wpt-config.json", "r") as f:
+    wpt_config = json.load(f)
+
 
 def test_generate_short_uuid():
+    """Assert length of generate_shot_uuid is correct."""
     assert len(generate_short_uuid(3)) == 3
 
 
 def test_selenium_test_specific():
-    url = "http://sub.headers.websec.saarland/_hp/tests/referrer-access-rp.sub.html?resp_type=basic&browser_id=1&label=RP&first_id=199&last_id=199&scheme=http&t_resp_id=199&t_element_relation=iframe_window.open&t_resp_origin=http://sub.headers.websec.saarland"
+    """Smoke test for run_specific: function runs without crashing, browser can visit one of our test pages."""
+    url = f"http://sub.{wpt_config['browser_host']}/_hp/tests/referrer-access-rp.sub.html?resp_type=basic&browser_id=1&label=RP&first_id=199&last_id=199&scheme=http&t_resp_id=199&t_element_relation=iframe_window.open&t_resp_origin=http://sub.{wpt_config['browser_host']}"
     for browser_name, browser_version, binary_location, arguments, _ in config:
         run_specific(url, browser_name, browser_version, binary_location, arguments)
 
     assert True
+
+
+def test_get_resp_ids():
+    """Check that server returns resp_ids: 2 entries for label=XFO&resp_type=debug"""
+    assert wpt_config["browser_host"]
+    assert wpt_config["alternate_hosts"]["alt"]
+    base_host = f"sub.{wpt_config['browser_host']}"
+    label = "XFO"
+    resp_type = "debug"
+
+    resp_ids = httpx.get(
+        f"https://{base_host}/_hp/server/get_resp_ids.py?label={label}&resp_type={resp_type}",
+        verify=False,
+    ).json()
+
+    assert len(resp_ids) == 2
+
+
+def test_notify_runner_clients():
+    """Check that notify_runner_clients.py works"""
+    base_host = f"sub.{wpt_config['browser_host']}"
+    run_id = "does_not_exist"
+
+    resp = httpx.get(
+        f"https://{base_host}/_hp/server/notify_runner_clients.py?run_id={run_id}",
+        verify=False,
+    ).json()
+
+    assert resp == {"result": "done"}
+
+
+def test_responses():
+    """Check that responses.py returns valid responses"""
+    base_host = f"sub.{wpt_config['browser_host']}"
+    resp_id = 1
+    resp = 1
+    feature_group = "framing"
+
+    resp = httpx.get(
+        f"https://{base_host}/_hp/server/responses.py?resp={resp}&resp_id={resp_id}&feature_group={feature_group}",
+        verify=False,
+    )
+
+    assert resp.status_code == 200
+
+
+def test_store_results():
+    """Check that store_results.py works"""
+    base_host = f"sub.{wpt_config['browser_host']}"
+
+    resp = httpx.post(
+        f"https://{base_host}/_hp/server/store_results.py", verify=False
+    ).json()
+
+    # Empty body/non-json body should be rejected
+    assert resp == {"Error": "Expecting value: line 1 column 1 (char 0)"}
+
+    # Correct entry should be saved
+    body = {
+        "tests": [
+            {
+                "name": "referrer_iframe|false|window.open|http://sub.headers.websec.saarland|199",
+                "outcome": "document.referrer: http://sub.headers.websec.saarland/_hp/server/responses.py?feature_group=rp&resp_id=199&count=1&nest=1&origin=http://sub.headers.websec.saarland&element=window.open&resp=1",
+                "status": 0,
+                "message": None,
+                "stack": None,
+                "resp_scheme": "http",
+                "resp_host": "sub.headers.websec.saarland",
+                "relation": "window.open",
+            }
+        ],
+        "browser_id": "1",
+        "test": "http://sub.headers.websec.saarland/_hp/tests/referrer-access-rp.sub.html?resp_type=basic&browser_id=1&label=RP&first_id=199&last_id=199&scheme=http&t_resp_id=199&t_element_relation=iframe_window.open&t_resp_origin=http://sub.headers.websec.saarland",
+        "status": 0,
+        "message": None,
+        "stack": None,
+        "org_scheme": "http",
+        "org_host": "sub.headers.websec.saarland",
+        "full_url": "http://sub.headers.websec.saarland/_hp/tests/referrer-access-rp.sub.html?resp_type=basic&browser_id=1&label=RP&first_id=199&last_id=199&scheme=http&t_resp_id=199&t_element_relation=iframe_window.open&t_resp_origin=http://sub.headers.websec.saarland",
+    }
+
+    resp = httpx.post(
+        f"https://{base_host}/_hp/server/store_results.py", verify=False, json=body
+    ).json()
+
+    # Correct body should be saved
+    assert resp == {'Status': 'Success'}

_hp/resources/store_results.sub.js

@@ -1,12 +1,16 @@
-// More helper functions here!
+/*
+Functions and helpers to run the "Head(er)s Up!" browser tests and store the final results in the database
+*/
+// Scheme and host of the top-level file (original scheme/host)
 var org_scheme = location.port == 9000 ? "http2" : location.protocol == "http:" ? "http" : "https";
 var org_host = location.hostname;
 
+// String to search for on the page; Only necessary for manual debugging of the COEP bug
 let search = urlParams.get('search') || undefined;
 
 // We always visit the testpages at http://sub.headers.websec.saarland or https://sub.headers.websec.saarland
-// We then create tests for http, https, ~~and http2~~ for the following cases:
-// same-org, 2x same-site (parent-domain + sub-domain), cross-site
+// We then create tests for the following origins:
+// (https and https) X same-org, 2x same-site (parent-domain + sub-domain), cross-site
 function get_test_origins(resp_type) {
   const same_host = 'sub.{{host}}';
   const parent = '{{host}}';
@@ -24,13 +28,16 @@ function get_test_origins(resp_type) {
       origins.push(`http://${host}`);
     }
     origins.push(`https://${host}`);
-    // H2 has a process leak? after a while 7k+ processes are open and everything crashes
+
+    // The WPT HTTP/2 server has a process leak: after a while 7k+ processes are open and everything crashes
     // Occurs for both with/without settings to allow for invalid responses
+    // For now do not test HTTP/2
     //origins.push(`https://${host}:{{ports[h2][0]}}`);
   }
   return origins;
 };
 
+// Helper to wait for a postMessage from a specific frame
 function waitForMessageFrom(frame, test) {
   return new Promise(resolve => {
     window.addEventListener("message", test.step_func(e => {
@@ -41,32 +48,38 @@ function waitForMessageFrom(frame, test) {
   });
 }
 
-// Run all tests for origin relations and similar!
+// Run all declared tests for the specified origins
 function run_tests(test_declarations, path, label, origins) {
-  const resp_type = urlParams.get("resp_type") || "debug"; // Default resp_type is debug
+  // Which tests to run: debug (default), basic, parsing
+  const resp_type = urlParams.get("resp_type") || "debug";
+  // Which tests to run (from first_id to last_id)
   const first_id = parseInt(urlParams.get("first_id"), 10) || null;
   const last_id = parseInt(urlParams.get("last_id"), 10) || null;
+  // If tests open popups, which to run (from first_popup to last_popup)
   const first_popup = parseInt(urlParams.get("first_popup"), 10) || 0;
   const last_popup = parseInt(urlParams.get("last_popup"), 10) || Infinity;
+  // Do not run any popup tests
   const run_no_popup = urlParams.get("run_no_popup") || 'yes';
 
-  // Manual confirmation mode
+  // Settings for the manual confirmation mode
+  // Only run this exact test instance
   const t_resp_id = parseInt(urlParams.get("t_resp_id"), 10) || null;
   const t_resp_origin = urlParams.get("t_resp_origin") || null;
   const element_relation = urlParams.get("t_element_relation") || null;
 
-  // Fetch origin relations if not specified
+  // If no origin relations are specified, run for the default origins of the `resp_type`
   if (!origins) {
     origins = get_test_origins(resp_type);
   }
 
-  // If &first_id=<first_id>&last_id=<last_id>; run on the specified ids
+  // For automated testing run on the specified ids (&first_id=<first_id>&last_id=<last_id>;)
   let popup_count = 0;
   if (first_id && last_id) {
     for (var response_id = first_id; response_id < last_id + 1; response_id++) {
       for (var origin of origins) {
         for (let test of test_declarations) {
-          // Only run exactly one test in the manual confirmation mode (the manual confirmation mode has to use clean_urls without popup_settings!)
+          // Only run exactly one test in the manual confirmation mode
+          // (the manual confirmation mode has to use clean_urls without popup_settings!)
           if (t_resp_id) {
             if (t_resp_id != response_id) {
               continue
@@ -108,6 +121,7 @@ function run_tests(test_declarations, path, label, origins) {
   console.log(`All popups: ${popup_count}`);
 }
 
+// Helper to create nested tests
 function nested_test(frame_element, sandbox, url, response_id, element, test_info, test_name) {
   async_test(t => {
     t.set_test_info(url, test_info);
@@ -145,19 +159,20 @@ function nested_test(frame_element, sandbox, url, response_id, element, test_inf
   }, test_name);
 }
 
-// Store result helpers!
+// Store all the results on our database
 async function save_result(tests, status) {
   console.log(tests);
+  // Convert the WPT test results to our format
   var test_results = tests.map(function (x) {
     return {
       name: x.name, outcome: x.outcome, status: x.status, message: x.message, stack: x.stack,
       resp_scheme: x.resp_scheme, resp_host: x.resp_host, relation: x.relation
     }
   });
   var data = {
-    // Results for the individual tests + metainfo (which browser)
+    // Results for the individual tests + metainfo (e.g., which browser)
     tests: test_results,
-    browser_id: urlParams.get('browser_id') || 1, // One is the unknown browser!
+    browser_id: urlParams.get('browser_id') || 1, // "1" is the unknown browser!
     // Other metadata (status etc. of the complete test file run)
     test: window.location.href,
     status: status.status,
@@ -167,6 +182,7 @@ async function save_result(tests, status) {
     org_host: org_host,
     full_url: document.location.href
   };
+  // Store the results at the database
   await fetch('https://{{host}}:{{ports[https][0]}}/_hp/server/store_results.py', {
     method: 'POST',
     body: JSON.stringify(data),
@@ -181,12 +197,13 @@ async function save_result(tests, status) {
   d.id = "finished";
   document.body.appendChild(d);
 
-  // Try to stop the page runner
+  // Stop the run_id page runner by notifying the runner via postgres
   let run_id = urlParams.get('run_id') || undefined;
   if (run_id) {
     await fetch(`${location.origin}/_hp/server/notify_runner_clients.py?run_id=${run_id}`);
   }
 
+  // For manual debugging of the COEP test only
   if (search) {
     // Get the content of the webpage
     const webpageContent = document.body.innerText;
@@ -209,10 +226,11 @@ async function save_result(tests, status) {
   try {
     window.opener.postMessage("finished", "*");
   } catch (e) {
-    // Openere page does not exist; test opened directly
+    // Opener page does not exist; test opened directly
     console.log(e);
   }
 
 
 };
-add_completion_callback(save_result);
+// Save the results if the tests are finished
+add_completion_callback(save_result);