4 files changed, 98 insertions, 23 deletions
diff --git a/tests/wpt/web-platform-tests/fetch/api/basic/keepalive.html b/tests/wpt/web-platform-tests/fetch/api/basic/keepalive.html
index 5316410004a..447ef2ddfec 100644
--- a/tests/wpt/web-platform-tests/fetch/api/basic/keepalive.html
+++ b/tests/wpt/web-platform-tests/fetch/api/basic/keepalive.html
@@ -7,25 +7,85 @@
 <script src="/common/get-host-info.sub.js"></script>
 <body>
 <script>
+function getUrl(origin1, origin2, withHeaders) {
+  const frameOrigin = host_info.HTTP_NOTSAMESITE_ORIGIN;
+  return `${frameOrigin}/fetch/api/resources/keepalive-iframe.html?` +
+    `origin1=${origin1}&` +
+    `origin2=${origin2}&` +
+    (withHeaders ? `with-headers` : ``);
+}
+
+async function getToken() {
+  return new Promise((resolve) => {
+    window.addEventListener('message', (event) => {
+      resolve(event.data);
+    }, {once: true});
+  });
+}
+
+async function queryToken(token) {
+  const response = await fetch(`../resources/stash-take.py?key=${token}`);
+  const json = await response.json();
+  return json;
+}
+
+// In order to parallelize the work, we are going to have an async_test
+// for the rest of the work. Note that we want the serialized behavior
+// for the steps so far, so we don't want to make the entire test case
+// an async_test.
+function checkToken(testName, token) {
+  async_test((test) => {
+    new Promise((resolve) => test.step_timeout(resolve, 1000)).then(() => {
+      return queryToken(token);
+    }).then((result) => {
+      assert_equals(result, 'on');
+    }).then(() => {
+      test.done();
+    }).catch(test.step_func((e) => {
+      assert_unreached(e);
+    }));
+  }, testName);
+}
+
 const host_info = get_host_info();
 promise_test(async (test) => {
   const iframe = document.createElement('iframe');
-  iframe.src = host_info.HTTP_REMOTE_ORIGIN +
-    '/fetch/api/resources/keepalive-iframe.html';
+  iframe.src = getUrl('', '', false);
   document.body.appendChild(iframe);
-  const uuid_promise = new Promise((resolve) => {
-    window.addEventListener('message', (event) => {
-      resolve(event.data);
-    });
-  });
+  const tokenPromise = getToken();
   await (new Promise((resolve) => iframe.addEventListener('load', resolve)));
-  const uuid = await uuid_promise;
+  const token = await tokenPromise;
   iframe.remove();
-  await (new Promise((resolve) => test.step_timeout(resolve, 1000)));
-  const response = await fetch(`../resources/stash-take.py?key=${uuid}`);
-  const json = await response.json();
-  assert_equals(json, 'on');
-});
+
+  checkToken('same-origin', token);
+}, 'same-origin; setting up');
+
+promise_test(async (test) => {
+  const iframe = document.createElement('iframe');
+  iframe.src = getUrl(host_info.HTTP_REMOTE_ORIGIN,
+                      host_info.HTTP_REMOTE_ORIGIN_WITH_DIFFERENT_PORT, false);
+  document.body.appendChild(iframe);
+  const tokenPromise = getToken();
+  await (new Promise((resolve) => iframe.addEventListener('load', resolve)));
+  const token = await tokenPromise;
+  iframe.remove();
+
+  checkToken('cross-origin redirect', token);
+}, 'cross-origin redirect; setting up');
+
+promise_test(async (test) => {
+  const iframe = document.createElement('iframe');
+  iframe.src = getUrl(host_info.HTTP_REMOTE_ORIGIN,
+                      host_info.HTTP_REMOTE_ORIGIN_WITH_DIFFERENT_PORT, true);
+  document.body.appendChild(iframe);
+  const tokenPromise = getToken();
+  await (new Promise((resolve) => iframe.addEventListener('load', resolve)));
+  const token = await tokenPromise;
+  iframe.remove();
+
+  checkToken('cross-origin redirect with preflight', token);
+}, 'cross-origin redirect with preflight; setting up');
+
 </script>
 </body>
 </html>
diff --git a/tests/wpt/web-platform-tests/fetch/api/headers/headers-record.html b/tests/wpt/web-platform-tests/fetch/api/headers/headers-record.html
index 85dfadd269d..34acc3b1c55 100644
--- a/tests/wpt/web-platform-tests/fetch/api/headers/headers-record.html
+++ b/tests/wpt/web-platform-tests/fetch/api/headers/headers-record.html
@@ -35,7 +35,7 @@ test(function() {
 }, "Passing undefined to Headers constructor");
 
 test(function() {
-  assert_throws(new TypeError, function() {
+  assert_throws_js(TypeError, function() {
     var h = new Headers(null);
   });
 }, "Passing null to Headers constructor");
@@ -126,7 +126,7 @@ test(function() {
   this.add_cleanup(clearLog);
   var record = { a: "b", "\uFFFF": "d" };
   var proxy = new Proxy(record, loggingHandler);
-  assert_throws(new TypeError, function() {
+  assert_throws_js(TypeError, function() {
     var h = new Headers(proxy);
   });
 
@@ -151,7 +151,7 @@ test(function() {
   this.add_cleanup(clearLog);
   var record = { a: "\uFFFF", c: "d" }
   var proxy = new Proxy(record, loggingHandler);
-  assert_throws(new TypeError, function() {
+  assert_throws_js(TypeError, function() {
     var h = new Headers(proxy);
   });
 
diff --git a/tests/wpt/web-platform-tests/fetch/api/resources/keepalive-iframe.html b/tests/wpt/web-platform-tests/fetch/api/resources/keepalive-iframe.html
index 742309ab4d2..47de0da7790 100644
--- a/tests/wpt/web-platform-tests/fetch/api/resources/keepalive-iframe.html
+++ b/tests/wpt/web-platform-tests/fetch/api/resources/keepalive-iframe.html
@@ -2,16 +2,24 @@
 <html>
 <meta charset="utf-8">
 <script src="/common/utils.js"></script>
+<script src="/common/get-host-info.sub.js"></script>
 <script>
-const uuid = token();
-const URL =
-    `../resources/redirect.py?` +
-    `delay=100&` +
-    `location=../resources/stash-put.py?key=${uuid}%26value=on`;
+const SEARCH_PARAMS = new URL(location.href).searchParams;
+const ORIGIN1 = SEARCH_PARAMS.get('origin1') || '';
+const ORIGIN2 = SEARCH_PARAMS.get('origin2') || '';
+const WITH_HEADERS = !!SEARCH_PARAMS.has('with-headers');
+const TOKEN = token();
+
+const url =
+    `${ORIGIN1}/fetch/api/resources/redirect.py?` +
+    `delay=500&` +
+    `allow_headers=foo&` +
+    `location=${ORIGIN2}/fetch/api/resources/stash-put.py?key=${TOKEN}%26value=on`;
 
 addEventListener('load', () => {
-  let p = fetch(URL, {keepalive: true});
-  window.parent.postMessage(uuid, '*');
+  const headers = WITH_HEADERS ? {'foo': 'bar'} : undefined;
+  let p = fetch(url, {keepalive: true, headers});
+  window.parent.postMessage(TOKEN, '*');
 });
 </script>
 </html>
diff --git a/tests/wpt/web-platform-tests/fetch/api/resources/stash-put.py b/tests/wpt/web-platform-tests/fetch/api/resources/stash-put.py
index dd84ff1fc85..36527b98b71 100644
--- a/tests/wpt/web-platform-tests/fetch/api/resources/stash-put.py
+++ b/tests/wpt/web-platform-tests/fetch/api/resources/stash-put.py
@@ -1,4 +1,11 @@
 def main(request, response):
+    if request.method == 'OPTIONS':
+        # CORS preflight
+        response.headers.set('Access-Control-Allow-Origin', '*')
+        response.headers.set('Access-Control-Allow-Methods', '*')
+        response.headers.set('Access-Control-Allow-Headers', '*')
+        return 'done'
+
     url_dir = '/'.join(request.url_parts.path.split('/')[:-1]) + '/'
     key = request.GET.first("key")
     value = request.GET.first("value")