Skip to content

Add WPT for no challenge in the Secure-Session-Registration header #56947

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
chromium-wpt-export-bot merged 1 commit into from
Jan 6, 2026

Add WPT for no challenge in the Secure-Session-Registration header

a35db0f
Select commit
Loading
Failed to load commit list.
Merged

Add WPT for no challenge in the Secure-Session-Registration header #56947

Add WPT for no challenge in the Secure-Session-Registration header
a35db0f
Select commit
Loading
Failed to load commit list.
Community-TC Integration / wpt-chrome-dev-results succeeded Jan 6, 2026 in 11m 36s

Community-TC (pull_request)

Collect results for all tests affected by a pull request in chrome.

Details

View task in Taskcluster | View logs in Taskcluster | View task group in Taskcluster

Task Status

Started: 2026-01-06T17:55:17.388Z
Resolved: 2026-01-06T18:05:55.618Z
Task Execution Time: 10 minutes, 38 seconds, 230 milliseconds
Task Status: completed
Reason Resolved: completed
RunId: 0

Artifacts

- public/logs/live_backing.log
- public/logs/live.log
- public/results/checkrun.md
- public/results/wpt_report.json.gz
- public/results/wpt_screenshot.txt.gz

WPT Command: python3 ./wpt run --channel=dev --no-fail-on-unexpected --log-wptreport=../artifacts/wpt_report.json --log-wptscreenshot=../artifacts/wpt_screenshot.txt --affected base_head --log-mach-level=info --log-mach=- -y --no-pause --no-restart-on-unexpected --install-fonts --verify-log-full --no-headless --enable-swiftshader --install-browser --install-webdriver chrome

[taskcluster 2026-01-06 17:55:17.489Z] Task ID: fbyWogL9SFihKP_5xs71Eg
[taskcluster 2026-01-06 17:55:17.489Z] Worker ID: 4958334837723296445
[taskcluster 2026-01-06 17:55:17.489Z] Worker Group: us-east4-b
[taskcluster 2026-01-06 17:55:17.489Z] Worker Node Type: projects/757942385826/machineTypes/n2-standard-4
[taskcluster 2026-01-06 17:55:17.489Z] Worker Pool: proj-wpt/ci
[taskcluster 2026-01-06 17:55:17.489Z] Worker Version: 46.1.0
[taskcluster 2026-01-06 17:55:17.489Z] Public IP: 34.85.242.173
[taskcluster 2026-01-06 17:55:17.489Z] Hostname: proj-wpt-ci-azap7g-5t4-pdwrl2xtota

ac811f28856d - Started downloading
ac811f28856d - Downloaded in 0.006 seconds
40516d781e70 - Started downloading
8f84a9f2102e - Started downloading
44ebbf800033 - Started downloading
44ebbf800033 - Downloaded in 0.01 seconds
a8884b21e40e - Started downloading
8f84a9f2102e - Downloaded in 0.19 seconds
4f4fb700ef54 - Started downloading
4f4fb700ef54 - Downloaded in 0.001 seconds
79c347416ee8 - Started downloading

...(610 lines hidden)...

 2:34.16 TEST_START: /device-bound-session-credentials/refresh-does-not-send-challenge.https.html
 2:39.43 pid:2209 error: XDG_RUNTIME_DIR not set in the environment.
 2:39.43 pid:2209 error: XDG_RUNTIME_DIR not set in the environment.
 2:39.43 pid:2209 Warning: maxDynamicUniformBuffersPerPipelineLayout artificially reduced from 1000000 to 16 to fit dynamic offset allocation limit.
 2:39.43 pid:2209 Warning: maxDynamicStorageBuffersPerPipelineLayout artificially reduced from 1000000 to 16 to fit dynamic offset allocation limit.
 2:39.43 pid:2209 Warning: maxDynamicUniformBuffersPerPipelineLayout artificially reduced from 72 to 16 to fit dynamic offset allocation limit.
 2:39.43 pid:2209 Warning: maxDynamicStorageBuffersPerPipelineLayout artificially reduced from 64 to 16 to fit dynamic offset allocation limit.
 2:44.38 TEST_END: Test TIMEOUT, expected OK. Subtests passed 0/1. Unexpected 1
TIMEOUT Refresh does not send back Secure-Session-Challenge - Test timed outTIMEOUT /device-bound-session-credentials/refresh-does-not-send-challenge.https.html
 2:44.38 TEST_START: /device-bound-session-credentials/refresh-replaces-config.https.html
mem avail: 14022 of 15806 MiB (88.71%), swap free:    0 of    0 MiB ( 0.00%)
 2:54.64 TEST_END: Test TIMEOUT, expected OK. Subtests passed 0/2. Unexpected 2
TIMEOUT Refresh can replace session config - Test timed outNOTRUN Refresh cannot replace session identifierTIMEOUT /device-bound-session-credentials/refresh-replaces-config.https.html
 2:54.64 TEST_START: /device-bound-session-credentials/refresh-with-continue-false.https.html
 3:04.91 TEST_END: Test TIMEOUT, expected OK. Subtests passed 0/1. Unexpected 1
TIMEOUT A session ended with continue:false does not refresh cookies - Test timed outTIMEOUT /device-bound-session-credentials/refresh-with-continue-false.https.html
 3:04.91 TEST_START: /device-bound-session-credentials/registration-no-challenge.https.html
 3:15.14 TEST_END: Test TIMEOUT, expected OK. Subtests passed 0/1. Unexpected 1
TIMEOUT Registration header doesn't need a challenge - Test timed outTIMEOUT /device-bound-session-credentials/registration-no-challenge.https.html
 3:15.14 TEST_START: /device-bound-session-credentials/registration-sends-challenge.https.html
 3:25.37 TEST_END: Test TIMEOUT, expected OK. Subtests passed 0/2. Unexpected 2
TIMEOUT Registration can't send back 403 with challenge - Test timed outNOTRUN Registration can send back challenge with session instructionsTIMEOUT /device-bound-session-credentials/registration-sends-challenge.https.html
 3:25.37 TEST_START: /device-bound-session-credentials/requests-have-query-params.https.html
 3:35.64 TEST_END: Test TIMEOUT, expected OK. Subtests passed 0/1. Unexpected 1
TIMEOUT Registration and refresh endpoints can contain query params - Test timed outTIMEOUT /device-bound-session-credentials/requests-have-query-params.https.html
 3:35.64 TEST_START: /device-bound-session-credentials/resolving-urls.https.html
 3:39.46 pid:2209 error: XDG_RUNTIME_DIR not set in the environment.
 3:39.46 pid:2209 error: XDG_RUNTIME_DIR not set in the environment.
 3:39.46 pid:2209 Warning: maxDynamicUniformBuffersPerPipelineLayout artificially reduced from 1000000 to 16 to fit dynamic offset allocation limit.
 3:39.46 pid:2209 Warning: maxDynamicStorageBuffersPerPipelineLayout artificially reduced from 1000000 to 16 to fit dynamic offset allocation limit.
 3:45.87 TEST_END: Test TIMEOUT, expected OK. Subtests passed 0/3. Unexpected 3
TIMEOUT The registration and refresh endpoints can be configured as absolute URLs - Test timed outNOTRUN The registration and refresh endpoints can be configured as relative URLs with leading slashNOTRUN The registration and refresh endpoints can be configured as relative URLs without leading slashTIMEOUT /device-bound-session-credentials/resolving-urls.https.html
 3:45.87 TEST_START: /device-bound-session-credentials/session-cookie-has-no-attributes.https.html
mem avail: 14048 of 15806 MiB (88.88%), swap free:    0 of    0 MiB ( 0.00%)
 3:56.10 TEST_END: Test TIMEOUT, expected OK. Subtests passed 0/1. Unexpected 1
TIMEOUT An established session can refresh a cookie that has all default attributes - Test timed outTIMEOUT /device-bound-session-credentials/session-cookie-has-no-attributes.https.html
 3:56.10 TEST_START: /device-bound-session-credentials/set-authorization.https.html
 4:06.35 TEST_END: Test TIMEOUT, expected OK. Subtests passed 0/1. Unexpected 1
TIMEOUT Session registration sends the authorization value - Test timed outTIMEOUT /device-bound-session-credentials/set-authorization.https.html
 4:06.36 TEST_START: /device-bound-session-credentials/set-early-challenge.https.html
 4:16.56 TEST_END: Test TIMEOUT, expected OK. Subtests passed 0/3. Unexpected 3
TIMEOUT A challenge can be set ahead of time - Test timed outNOTRUN A challenge can be set for multiple sessions ahead of time (single header)NOTRUN A challenge can be set for multiple sessions ahead of time (multiple headers)TIMEOUT /device-bound-session-credentials/set-early-challenge.https.html
 4:16.56 TEST_START: /device-bound-session-credentials/set-scope-origin.https.html
 4:26.79 TEST_END: Test TIMEOUT, expected OK. Subtests passed 0/2. Unexpected 2
TIMEOUT A request within the scope origin refreshes - Test timed outNOTRUN A request outside the scope origin does not refreshTIMEOUT /device-bound-session-credentials/set-scope-origin.https.html
 4:26.79 TEST_START: /device-bound-session-credentials/set-scope-specification.https.html
 4:37.01 TEST_END: Test TIMEOUT, expected OK. Subtests passed 0/1. Unexpected 1
TIMEOUT Scope specification configuration is respected - Test timed outTIMEOUT /device-bound-session-credentials/set-scope-specification.https.html
 4:37.01 TEST_START: /device-bound-session-credentials/subdomain-registration.https.html
mem avail: 14040 of 15806 MiB (88.83%), swap free:    0 of    0 MiB ( 0.00%)
 4:47.24 TEST_END: Test TIMEOUT, expected OK. Subtests passed 0/2. Unexpected 2
TIMEOUT Registration fails without a .well-known - Test timed outNOTRUN Registration succeeds with a .well-knownTIMEOUT /device-bound-session-credentials/subdomain-registration.https.html
 4:47.24 TEST_START: /device-bound-session-credentials/third-party-registration.https.html
 4:57.46 TEST_END: Test TIMEOUT, expected OK. Subtests passed 0/4. Unexpected 4
TIMEOUT Registration of first-party session not allowed in third-party context - Test timed outNOTRUN Registration of session with third-party cookies allowed in third-party contextNOTRUN Set challenge of first-party not allowed in third-party contextNOTRUN Set challenge of session with third-party cookies allowed in third-party contextTIMEOUT /device-bound-session-credentials/third-party-registration.https.html
 4:57.46 TEST_START: /device-bound-session-credentials/websockets.https.html
 5:07.70 TEST_END: Test TIMEOUT, expected OK. Subtests passed 0/1. Unexpected 1
TIMEOUT An established session applies to WebSocket handshakes - Test timed outTIMEOUT /device-bound-session-credentials/websockets.https.html
 5:07.70 INFO No more tests
 5:07.75 INFO Closing logging queue
 5:07.75 INFO queue closed
 5:07.82 SUITE_END

web-platform-test
~~~~~~~~~~~~~~~~~
Ran 83 checks (56 subtests, 27 tests)
Expected results: 2
Unexpected results: 81
  test: 26 (26 timeout)
  subtest: 55 (29 notrun, 26 timeout)

Unexpected Results
------------------
/device-bound-session-credentials/allowed-refresh-initiators.https.html
  TIMEOUT An established session refreshes when initated by the owning site - Test timed out
  NOTRUN An established session refreshes when initated by a host in allowed_refresh_initiators
  NOTRUN An established session does not refresh when initated by a host not in allowed_refresh_initiators
  TIMEOUT /device-bound-session-credentials/allowed-refresh-initiators.https.html
/device-bound-session-credentials/clear-site-data.https.html
  TIMEOUT A session ended with Clear-Site-Data: 'cookies' does not refresh cookies - Test timed out
  NOTRUN A session ended with Clear-Site-Data: 'storage' does not refresh cookies
  TIMEOUT /device-bound-session-credentials/clear-site-data.https.html
/device-bound-session-credentials/create-session.https.html
  TIMEOUT An established session can refresh a cookie - Test timed out
  TIMEOUT /device-bound-session-credentials/create-session.https.html
/device-bound-session-credentials/credentials-matching.https.html
  TIMEOUT Expires attribute in credentials doesn't affect matching - Test timed out
  NOTRUN Max-Age attribute in credentials doesn't affect matching
  NOTRUN HttpOnly attribute in credentials affects matching
  NOTRUN SameSite attribute in credentials affects matching
  NOTRUN Secure attribute in credentials affects matching
  NOTRUN Path attribute in credentials affects matching
  NOTRUN Partition attribute in credentials affects matching
  TIMEOUT /device-bound-session-credentials/credentials-matching.https.html
/device-bound-session-credentials/debug-header.https.html
  TIMEOUT A session that fails to reach the refresh endpoint sets debug header - Test timed out
  NOTRUN Same-site redirects continue to send debug header
  NOTRUN Cross-site redirects do not send debug header
  NOTRUN Two failing sessions both set debug header
  TIMEOUT /device-bound-session-credentials/debug-header.https.html
/device-bound-session-credentials/empty-response.https.html
  TIMEOUT An empty response fails on registration - Test timed out
  NOTRUN An empty response is allowed on refresh
  TIMEOUT /device-bound-session-credentials/empty-response.https.html
/device-bound-session-credentials/federated-session.https.html
  TIMEOUT Successful federated session registration - Test timed out
  NOTRUN Invalid thumbprint
  NOTRUN Invalid provider session id
  NOTRUN Not authorized by .well-known
  TIMEOUT /device-bound-session-credentials/federated-session.https.html
/device-bound-session-credentials/fetch-no-credentials.https.html
  TIMEOUT A cross-site fetch without credentials should not refresh - Test timed out
  TIMEOUT /device-bound-session-credentials/fetch-no-credentials.https.html
/device-bound-session-credentials/include-site.https.html
  TIMEOUT An established session refreshes across origins if the site is included - Test timed out
  NOTRUN An established session does not refresh across origins if the site is not included
  TIMEOUT /device-bound-session-credentials/include-site.https.html
/device-bound-session-credentials/multiple-credentials.https.html
  TIMEOUT A session can have multiple credentials set - Test timed out
  TIMEOUT /device-bound-session-credentials/multiple-credentials.https.html
/device-bound-session-credentials/multiple-registrations.https.html
  TIMEOUT Multiple registrations can be triggered in one response (single header) - Test timed out
  NOTRUN Multiple registrations can be triggered in one response (multiple headers)
  TIMEOUT /device-bound-session-credentials/multiple-registrations.https.html
/device-bound-session-credentials/refresh-does-not-send-challenge.https.html
  TIMEOUT Refresh does not send back Secure-Session-Challenge - Test timed out
  TIMEOUT /device-bound-session-credentials/refresh-does-not-send-challenge.https.html
/device-bound-session-credentials/refresh-replaces-config.https.html
  TIMEOUT Refresh can replace session config - Test timed out
  NOTRUN Refresh cannot replace session identifier
  TIMEOUT /device-bound-session-credentials/refresh-replaces-config.https.html
/device-bound-session-credentials/refresh-with-continue-false.https.html
  TIMEOUT A session ended with continue:false does not refresh cookies - Test timed out
  TIMEOUT /device-bound-session-credentials/refresh-with-continue-false.https.html
/device-bound-session-credentials/registration-no-challenge.https.html
  TIMEOUT Registration header doesn't need a challenge - Test timed out
  TIMEOUT /device-bound-session-credentials/registration-no-challenge.https.html
/device-bound-session-credentials/registration-sends-challenge.https.html
  TIMEOUT Registration can't send back 403 with challenge - Test timed out
  NOTRUN Registration can send back challenge with session instructions
  TIMEOUT /device-bound-session-credentials/registration-sends-challenge.https.html
/device-bound-session-credentials/requests-have-query-params.https.html
  TIMEOUT Registration and refresh endpoints can contain query params - Test timed out
  TIMEOUT /device-bound-session-credentials/requests-have-query-params.https.html
/device-bound-session-credentials/resolving-urls.https.html
  TIMEOUT The registration and refresh endpoints can be configured as absolute URLs - Test timed out
  NOTRUN The registration and refresh endpoints can be configured as relative URLs with leading slash
  NOTRUN The registration and refresh endpoints can be configured as relative URLs without leading slash
  TIMEOUT /device-bound-session-credentials/resolving-urls.https.html
/device-bound-session-credentials/session-cookie-has-no-attributes.https.html
  TIMEOUT An established session can refresh a cookie that has all default attributes - Test timed out
  TIMEOUT /device-bound-session-credentials/session-cookie-has-no-attributes.https.html
/device-bound-session-credentials/set-authorization.https.html
  TIMEOUT Session registration sends the authorization value - Test timed out
  TIMEOUT /device-bound-session-credentials/set-authorization.https.html
/device-bound-session-credentials/set-early-challenge.https.html
  TIMEOUT A challenge can be set ahead of time - Test timed out
  NOTRUN A challenge can be set for multiple sessions ahead of time (single header)
  NOTRUN A challenge can be set for multiple sessions ahead of time (multiple headers)
  TIMEOUT /device-bound-session-credentials/set-early-challenge.https.html
/device-bound-session-credentials/set-scope-origin.https.html
  TIMEOUT A request within the scope origin refreshes - Test timed out
  NOTRUN A request outside the scope origin does not refresh
  TIMEOUT /device-bound-session-credentials/set-scope-origin.https.html
/device-bound-session-credentials/set-scope-specification.https.html
  TIMEOUT Scope specification configuration is respected - Test timed out
  TIMEOUT /device-bound-session-credentials/set-scope-specification.https.html
/device-bound-session-credentials/subdomain-registration.https.html
  TIMEOUT Registration fails without a .well-known - Test timed out
  NOTRUN Registration succeeds with a .well-known
  TIMEOUT /device-bound-session-credentials/subdomain-registration.https.html
/device-bound-session-credentials/third-party-registration.https.html
  TIMEOUT Registration of first-party session not allowed in third-party context - Test timed out
  NOTRUN Registration of session with third-party cookies allowed in third-party context
  NOTRUN Set challenge of first-party not allowed in third-party context
  NOTRUN Set challenge of session with third-party cookies allowed in third-party context
  TIMEOUT /device-bound-session-credentials/third-party-registration.https.html
/device-bound-session-credentials/websockets.https.html
  TIMEOUT An established session applies to WebSocket handshakes - Test timed out
  TIMEOUT /device-bound-session-credentials/websockets.https.html
 5:07.82 INFO Got 26 unexpected results, with 0 unexpected passes
 5:07.82 wptserve INFO Stopped http server on 127.0.0.1:8000
 5:07.82 wptserve INFO Stopped http server on 127.0.0.1:8001
 5:07.82 wptserve INFO Stopped http server on 127.0.0.1:8002
 5:07.82 wptserve INFO Stopped http server on 127.0.0.1:8003
 5:07.83 wptserve INFO Stopped http server on 127.0.0.1:8444
 5:07.83 wptserve INFO Stopped http server on 127.0.0.1:8443
 5:07.83 wptserve INFO Stopped http server on 127.0.0.1:8446
 5:07.83 wptserve INFO Stopped http server on 127.0.0.1:8445
 5:07.83 wptserve INFO Stopped http server on 127.0.0.1:9000
 5:07.83 wptserve INFO Stopped WebTransport over HTTP/3 server on 127.0.0.1:11000
 5:08.18 wptserve INFO Close on: (<AddressFamily.AF_INET: 2>, <SocketKind.SOCK_STREAM: 1>, 6, '', ('127.0.0.1', 8889))
 5:08.18 wptserve INFO Close on: (<AddressFamily.AF_INET: 2>, <SocketKind.SOCK_STREAM: 1>, 6, '', ('127.0.0.1', 8888))
 5:08.23 INFO Removed font: Ahem.ttf
 5:08.25 INFO Closing logging queue
 5:08.25 INFO queue closed
 5:08.25 INFO Tolerating 26 unexpected results
[taskcluster 2026-01-06 18:05:54.036Z] === Task Finished ===
[taskcluster 2026-01-06 18:05:54.905Z] Successful task run with exit code: 0 completed in 637.418 seconds
View more details on Community-TC Integration