Cache API should reject Responses with VARY:*

The Service Worker spec was changed [1] to ensure that Responses with VARY:*
are rejected by Cache API. Implement that and update test results.

[1] Spec: https://github.com/slightlyoff/ServiceWorker/issues/656#issuecomment-88724007

BUG=476814

Review URL: https://codereview.chromium.org/1671993002

Cr-Commit-Position: refs/heads/master@{#375473}

4 files changed, 26 insertions, 70 deletions

diff --git a/third_party/WebKit/LayoutTests/http/tests/cachestorage/serviceworker/cache-put-expected.txt b/third_party/WebKit/LayoutTests/http/tests/cachestorage/serviceworker/cache-put-expected.txt
deleted file mode 100644
index feafe1e..0000000
--- a/third_party/WebKit/LayoutTests/http/tests/cachestorage/serviceworker/cache-put-expected.txt
+++ /dev/null
@@ -1,24 +0,0 @@
-This is a testharness.js-based test.
-PASS Cache.put 
-PASS Cache.put called with simple Request and Response 
-PASS Cache.put called with Request and Response from fetch() 
-PASS Cache.put with Request without a body 
-PASS Cache.put with Response without a body 
-PASS Cache.put with a Response containing an empty URL 
-PASS Cache.put with an empty response body 
-PASS Cache.put with HTTP 500 response 
-PASS Cache.put called twice with matching Requests and different Responses 
-PASS Cache.put called twice with request URLs that differ only by a fragment 
-PASS Cache.put with a string request 
-PASS Cache.put with an invalid response 
-PASS Cache.put with a non-HTTP/HTTPS request 
-PASS Cache.put with a relative URL 
-PASS Cache.put with a non-GET request 
-PASS Cache.put with a null response 
-PASS Cache.put with a POST request 
-PASS Cache.put with a used response body 
-PASS getReader() after Cache.put 
-FAIL Cache.put with a VARY:* Response promise_test: Unhandled rejection with value: "assert_promise_rejects: Cache.put should reject VARY:* Responses with a TypeError. Promise did not reject."
-FAIL Cache.put with an embedded VARY:* Response promise_test: Unhandled rejection with value: "assert_promise_rejects: Cache.put should reject Responses with an embedded VARY:* with a TypeError. Promise did not reject."
-Harness: the test ran to completion.
-
diff --git a/third_party/WebKit/LayoutTests/http/tests/cachestorage/window/cache-put-expected.txt b/third_party/WebKit/LayoutTests/http/tests/cachestorage/window/cache-put-expected.txt
deleted file mode 100644
index e27a34a..0000000
--- a/third_party/WebKit/LayoutTests/http/tests/cachestorage/window/cache-put-expected.txt
+++ /dev/null
@@ -1,23 +0,0 @@
-This is a testharness.js-based test.
-PASS Cache.put called with simple Request and Response 
-PASS Cache.put called with Request and Response from fetch() 
-PASS Cache.put with Request without a body 
-PASS Cache.put with Response without a body 
-PASS Cache.put with a Response containing an empty URL 
-PASS Cache.put with an empty response body 
-PASS Cache.put with HTTP 500 response 
-PASS Cache.put called twice with matching Requests and different Responses 
-PASS Cache.put called twice with request URLs that differ only by a fragment 
-PASS Cache.put with a string request 
-PASS Cache.put with an invalid response 
-PASS Cache.put with a non-HTTP/HTTPS request 
-PASS Cache.put with a relative URL 
-PASS Cache.put with a non-GET request 
-PASS Cache.put with a null response 
-PASS Cache.put with a POST request 
-PASS Cache.put with a used response body 
-PASS getReader() after Cache.put 
-FAIL Cache.put with a VARY:* Response promise_test: Unhandled rejection with value: "assert_promise_rejects: Cache.put should reject VARY:* Responses with a TypeError. Promise did not reject."
-FAIL Cache.put with an embedded VARY:* Response promise_test: Unhandled rejection with value: "assert_promise_rejects: Cache.put should reject Responses with an embedded VARY:* with a TypeError. Promise did not reject."
-Harness: the test ran to completion.
-
diff --git a/third_party/WebKit/LayoutTests/http/tests/cachestorage/worker/cache-put-expected.txt b/third_party/WebKit/LayoutTests/http/tests/cachestorage/worker/cache-put-expected.txt
deleted file mode 100644
index e27a34a..0000000
--- a/third_party/WebKit/LayoutTests/http/tests/cachestorage/worker/cache-put-expected.txt
+++ /dev/null
@@ -1,23 +0,0 @@
-This is a testharness.js-based test.
-PASS Cache.put called with simple Request and Response 
-PASS Cache.put called with Request and Response from fetch() 
-PASS Cache.put with Request without a body 
-PASS Cache.put with Response without a body 
-PASS Cache.put with a Response containing an empty URL 
-PASS Cache.put with an empty response body 
-PASS Cache.put with HTTP 500 response 
-PASS Cache.put called twice with matching Requests and different Responses 
-PASS Cache.put called twice with request URLs that differ only by a fragment 
-PASS Cache.put with a string request 
-PASS Cache.put with an invalid response 
-PASS Cache.put with a non-HTTP/HTTPS request 
-PASS Cache.put with a relative URL 
-PASS Cache.put with a non-GET request 
-PASS Cache.put with a null response 
-PASS Cache.put with a POST request 
-PASS Cache.put with a used response body 
-PASS getReader() after Cache.put 
-FAIL Cache.put with a VARY:* Response promise_test: Unhandled rejection with value: "assert_promise_rejects: Cache.put should reject VARY:* Responses with a TypeError. Promise did not reject."
-FAIL Cache.put with an embedded VARY:* Response promise_test: Unhandled rejection with value: "assert_promise_rejects: Cache.put should reject Responses with an embedded VARY:* with a TypeError. Promise did not reject."
-Harness: the test ran to completion.
-
diff --git a/third_party/WebKit/Source/modules/cachestorage/Cache.cpp b/third_party/WebKit/Source/modules/cachestorage/Cache.cpp
index 27591b76..102ed50 100644
--- a/third_party/WebKit/Source/modules/cachestorage/Cache.cpp
+++ b/third_party/WebKit/Source/modules/cachestorage/Cache.cpp
@@ -197,6 +197,23 @@ void RecordResponseTypeForAdd(const Member<Response>& response)
     responseTypeHistogram.count(static_cast<int>(type));
 };
 
+bool varyHeaderContainsAsterisk(const Response* response)
+{
+    const FetchHeaderList* headers = response->headers()->headerList();
+    for (size_t i = 0; i < headers->size(); ++i) {
+        const FetchHeaderList::Header& header = headers->entry(i);
+        if (header.first == "vary") {
+            Vector<String> fields;
+            header.second.split(',', fields);
+            for (size_t j = 0; j < fields.size(); ++j) {
+                if (fields[j].stripWhiteSpace() == "*")
+                    return true;
+            }
+        }
+    }
+    return false;
+}
+
 } // namespace
 
 // TODO(nhiroki): Unfortunately, we have to go through V8 to wait for the fetch
@@ -219,6 +236,10 @@ public:
                 ScriptPromise rejection = ScriptPromise::reject(scriptState(), V8ThrowException::createTypeError(scriptState()->isolate(), "Request failed"));
                 return ScriptValue(scriptState(), rejection.v8Value());
             }
+            if (varyHeaderContainsAsterisk(response)) {
+                ScriptPromise rejection = ScriptPromise::reject(scriptState(), V8ThrowException::createTypeError(scriptState()->isolate(), "Vary header contains *"));
+                return ScriptValue(scriptState(), rejection.v8Value());
+            }
         }
 
         for (const auto& response : responses)
@@ -547,6 +568,11 @@ ScriptPromise Cache::putImpl(ScriptState* scriptState, const HeapVector<Member<R
         }
         ASSERT(!requests[i]->hasBody());
 
+        if (varyHeaderContainsAsterisk(responses[i])) {
+            barrierCallback->onError("Vary header contains *");
+            return promise;
+        }
+
         if (responses[i]->isBodyLocked() || responses[i]->bodyUsed()) {
             barrierCallback->onError("Response body is already used");
             return promise;