From 65887fb7efe174363ed57e0134ffe6c9c0e10420 Mon Sep 17 00:00:00 2001
From: Khafra <maitken033380023@gmail.com>
Date: Thu, 4 May 2023 01:09:28 -0400
Subject: [PATCH] update wpts (#2108)

---
 CONTRIBUTING.md                               |   9 +-
 test/wpt/status/fetch.status.json             |   8 +
 test/wpt/tests/.azure-pipelines.yml           |  37 +++
 test/wpt/tests/.gitignore                     |   1 -
 test/wpt/tests/.taskcluster.yml               |   2 +-
 test/wpt/tests/CODEOWNERS                     |   3 -
 .../tests/fetch/api/basic/keepalive.any.js    |  10 -
 .../wpt/tests/fetch/api/body/mime-type.any.js |  87 ++++++++
 .../api/redirect/redirect-keepalive.any.js    | 118 ++++++----
 .../fetch/api/resources/keepalive-helper.js   |   8 +-
 .../resources/keepalive-redirect-window.html  |  18 +-
 .../fetch/api/response/response-clone.any.js  |  16 +-
 .../tests/fetch/data-urls/navigate.window.js  |  75 +++++++
 ...fetch-from-treat-as-public.https.window.js |  20 +-
 .../iframe.tentative.https.window.js          |  19 +-
 .../redirect.https.window.js                  | 187 +++++++++++++++-
 .../resources/support.sub.js                  |   2 +
 .../service-worker-fetch.https.window.js      |  21 +-
 .../service-worker-update.https.window.js     |  23 +-
 .../service-worker.https.window.js            |  29 +--
 .../shared-worker-blob-fetch.https.window.js  |  25 ++-
 .../shared-worker-fetch.https.window.js       |  21 +-
 .../shared-worker.https.window.js             |  24 --
 .../worker.https.window.js                    |  34 +--
 .../xhr-from-treat-as-public.https.window.js  |  15 +-
 test/wpt/tests/lint.ignore                    | 210 +-----------------
 .../chromium/mock-pressure-service.js         |  18 +-
 .../partitioned-cookies.tentative.https.html  |  85 +++++++
 ...ioned-cookies-3p-credentialless-frame.html |  69 ++++++
 .../partitioned-cookies-3p-frame.html         |  67 ++++++
 .../resources/partitioned-cookies-3p-sw.js    |  30 +++
 .../partitioned-cookies-3p-window.html        |  35 +++
 .../resources/partitioned-cookies-sw.js       |  30 +++
 ...kets_storage_policy.tentative.https.any.js |  25 +++
 .../buckets/resources/cached-resource.txt     |   1 +
 .../tests/storage/buckets/resources/util.js   |  42 ++++
 .../storage/estimate-indexeddb.https.any.js   |  58 +----
 37 files changed, 1024 insertions(+), 458 deletions(-)
 create mode 100644 test/wpt/tests/fetch/data-urls/navigate.window.js
 create mode 100644 test/wpt/tests/service-workers/service-worker/partitioned-cookies.tentative.https.html
 create mode 100644 test/wpt/tests/service-workers/service-worker/resources/partitioned-cookies-3p-credentialless-frame.html
 create mode 100644 test/wpt/tests/service-workers/service-worker/resources/partitioned-cookies-3p-frame.html
 create mode 100644 test/wpt/tests/service-workers/service-worker/resources/partitioned-cookies-3p-sw.js
 create mode 100644 test/wpt/tests/service-workers/service-worker/resources/partitioned-cookies-3p-window.html
 create mode 100644 test/wpt/tests/service-workers/service-worker/resources/partitioned-cookies-sw.js
 create mode 100644 test/wpt/tests/storage/buckets/resources/cached-resource.txt

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index c6e8b57f357..2d67ba7f9e4 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -91,14 +91,17 @@ Here are the steps to update them.
 ```bash
 git clone --depth 1 --single-branch --branch epochs/daily --filter=blob:none --sparse https://github.com/web-platform-tests/wpt.git test/wpt/tests
 cd test/wpt/tests
+
+git sparse-checkout add /resources
+git sparse-checkout add /interfaces
+git sparse-checkout add /common
 git sparse-checkout add /fetch
 git sparse-checkout add /FileAPI
 git sparse-checkout add /xhr
 git sparse-checkout add /websockets
-git sparse-checkout add /resources
-git sparse-checkout add /common
 git sparse-checkout add /mimesniff
-git sparse-checkout add /interfaces
+git sparse-checkout add /storage
+git sparse-checkout add /service-workers
 ```
 </details>
 
diff --git a/test/wpt/status/fetch.status.json b/test/wpt/status/fetch.status.json
index 72930388cb3..cb5949579cf 100644
--- a/test/wpt/status/fetch.status.json
+++ b/test/wpt/status/fetch.status.json
@@ -99,6 +99,14 @@
         ]
       }
     },
+    "body": {
+      "mime-type.any.js": {
+        "note": "fails on all platforms, https://wpt.fyi/results/fetch/api/body/mime-type.any.html?label=master&label=experimental&product=chrome&product=firefox&product=safari&product=node.js&product=deno&aligned",
+        "fail": [
+          "Response: Extract a MIME type with clone"
+        ]
+      }
+    },
     "cors": {
       "note": "undici doesn't implement CORs",
       "skip": true
diff --git a/test/wpt/tests/.azure-pipelines.yml b/test/wpt/tests/.azure-pipelines.yml
index aacd78815ad..20d5ec0f431 100644
--- a/test/wpt/tests/.azure-pipelines.yml
+++ b/test/wpt/tests/.azure-pipelines.yml
@@ -541,3 +541,40 @@ jobs:
   parameters:
     dependsOn: results_safari_preview
     artifactName: safari-preview-results
+
+- job: results_wktr_preview
+  displayName: 'all tests: WebKitTestRunner'
+  condition: |
+    or(eq(variables['Build.SourceBranch'], 'refs/heads/triggers/wktr_preview'),
+       and(eq(variables['Build.Reason'], 'Manual'), variables['run_all_wktr_preview']))
+  strategy:
+    parallel: 8 # chosen to make runtime ~2h
+  timeoutInMinutes: 180
+  pool:
+    vmImage: 'macOS-12'
+  steps:
+  - task: UsePythonVersion@0
+    inputs:
+      versionSpec: '3.10'
+  - template: tools/ci/azure/checkout.yml
+  - template: tools/ci/azure/pip_install.yml
+    parameters:
+      packages: virtualenv
+  - template: tools/ci/azure/install_certs.yml
+  - template: tools/ci/azure/update_hosts.yml
+  - template: tools/ci/azure/update_manifest.yml
+  - script: |
+      set -eux -o pipefail
+      export SYSTEM_VERSION_COMPAT=0
+      ./wpt run --no-manifest-update --no-restart-on-unexpected --no-fail-on-unexpected --this-chunk=$(System.JobPositionInPhase) --total-chunks=$(System.TotalJobsInPhase) --chunk-type hash --log-wptreport $(Build.ArtifactStagingDirectory)/wpt_report_$(System.JobPositionInPhase).json --log-wptscreenshot $(Build.ArtifactStagingDirectory)/wpt_screenshot_$(System.JobPositionInPhase).txt --log-mach - --log-mach-level info --channel main --install-browser wktr
+    displayName: 'Run tests'
+  - task: PublishBuildArtifacts@1
+    displayName: 'Publish results'
+    inputs:
+      artifactName: 'wktr-preview-results'
+  - template: tools/ci/azure/publish_logs.yml
+  - template: tools/ci/azure/sysdiagnose.yml
+- template: tools/ci/azure/fyi_hook.yml
+  parameters:
+    dependsOn: results_wktr_preview
+    artifactName: wktr-preview-results
diff --git a/test/wpt/tests/.gitignore b/test/wpt/tests/.gitignore
index 23f0370c4d0..061700a9604 100644
--- a/test/wpt/tests/.gitignore
+++ b/test/wpt/tests/.gitignore
@@ -45,7 +45,6 @@ scratch
 /css/build-temp
 /css/dist
 /css/dist_last
-/css/tools/cache
 /url/tools/IdnaTestV2.txt
 /webaudio/idl/*
 
diff --git a/test/wpt/tests/.taskcluster.yml b/test/wpt/tests/.taskcluster.yml
index f830bff668f..c80e92af204 100644
--- a/test/wpt/tests/.taskcluster.yml
+++ b/test/wpt/tests/.taskcluster.yml
@@ -57,7 +57,7 @@ tasks:
             owner: ${owner}
             source: ${event.repository.clone_url}
           payload:
-            image: webplatformtests/wpt:0.52
+            image: webplatformtests/wpt:0.53
             maxRunTime: 7200
             artifacts:
               public/results:
diff --git a/test/wpt/tests/CODEOWNERS b/test/wpt/tests/CODEOWNERS
index 2372633782e..140e0c6545b 100644
--- a/test/wpt/tests/CODEOWNERS
+++ b/test/wpt/tests/CODEOWNERS
@@ -1,6 +1,3 @@
-# Prevent accidentially touching CSS subtree
-/css/tools/apiclient/ @plinss @web-platform-tests/wpt-core-team
-
 # Require review for changes that often need an RFC
 /resources/testdriver* @web-platform-tests/wpt-core-team
 /resources/testharness* @web-platform-tests/wpt-core-team
diff --git a/test/wpt/tests/fetch/api/basic/keepalive.any.js b/test/wpt/tests/fetch/api/basic/keepalive.any.js
index 047f1ed2348..4f33284d0c7 100644
--- a/test/wpt/tests/fetch/api/basic/keepalive.any.js
+++ b/test/wpt/tests/fetch/api/basic/keepalive.any.js
@@ -27,13 +27,3 @@ for (const method of ['GET', 'POST']) {
     assertStashedTokenAsync(`simple ${method} request: no payload`, token1);
   }, `simple ${method} request: no payload; setting up`);
 }
-
-promise_test(async (test) => {
-  const w = window.open(`${
-      HTTP_NOTSAMESITE_ORIGIN}/fetch/api/resources/keepalive-redirect-window.html`);
-  const token = await getTokenFromMessage();
-  w.close();
-
-  assertStashedTokenAsync(
-      'keepalive in onunload in nested frame in another window', token);
-}, 'keepalive in onunload in nested frame in another window; setting up');
diff --git a/test/wpt/tests/fetch/api/body/mime-type.any.js b/test/wpt/tests/fetch/api/body/mime-type.any.js
index a0f90a0abdf..67c9af7da2d 100644
--- a/test/wpt/tests/fetch/api/body/mime-type.any.js
+++ b/test/wpt/tests/fetch/api/body/mime-type.any.js
@@ -38,3 +38,90 @@
     assert_equals(blob.type, newMIMEType);
   }, `${bodyContainer.constructor.name}: setting missing Content-Type`);
 });
+
+[
+  () => new Request("about:blank", { method: "POST" }),
+  () => new Response(),
+].forEach(bodyContainerCreator => {
+  const bodyContainer = bodyContainerCreator();
+  promise_test(async t => {
+    const blob = await bodyContainer.blob();
+    assert_equals(blob.type, "");
+  }, `${bodyContainer.constructor.name}: MIME type for Blob from empty body`);
+});
+
+[
+  () => new Request("about:blank", { method: "POST", headers: [["Content-Type", "Mytext/Plain"]] }),
+  () => new Response("", { headers: [["Content-Type", "Mytext/Plain"]] })
+].forEach(bodyContainerCreator => {
+  const bodyContainer = bodyContainerCreator();
+  promise_test(async t => {
+    const blob = await bodyContainer.blob();
+    assert_equals(blob.type, 'mytext/plain');
+  }, `${bodyContainer.constructor.name}: MIME type for Blob from empty body with Content-Type`);
+});
+
+[
+  () => new Request("about:blank", { body: new Blob([""]), method: "POST" }),
+  () => new Response(new Blob([""]))
+].forEach(bodyContainerCreator => {
+  const bodyContainer = bodyContainerCreator();
+  promise_test(async t => {
+    const blob = await bodyContainer.blob();
+    assert_equals(blob.type, "");
+    assert_equals(bodyContainer.headers.get("Content-Type"), null);
+  }, `${bodyContainer.constructor.name}: MIME type for Blob`);
+});
+
+[
+  () => new Request("about:blank", { body: new Blob([""], { type: "Text/Plain" }), method: "POST" }),
+  () => new Response(new Blob([""], { type: "Text/Plain" }))
+].forEach(bodyContainerCreator => {
+  const bodyContainer = bodyContainerCreator();
+  promise_test(async t => {
+    const blob = await bodyContainer.blob();
+    assert_equals(blob.type, "text/plain");
+    assert_equals(bodyContainer.headers.get("Content-Type"), "text/plain");
+  }, `${bodyContainer.constructor.name}: MIME type for Blob with non-empty type`);
+});
+
+[
+  () => new Request("about:blank", { method: "POST", body: new Blob([""], { type: "Text/Plain" }), headers: [["Content-Type", "Text/Html"]] }),
+  () => new Response(new Blob([""], { type: "Text/Plain" }, { headers: [["Content-Type", "Text/Html"]] }))
+].forEach(bodyContainerCreator => {
+  const bodyContainer = bodyContainerCreator();
+  const cloned = bodyContainer.clone();
+  promise_test(async t => {
+    const blobs = [await bodyContainer.blob(), await cloned.blob()];
+    assert_equals(blobs[0].type, "text/html");
+    assert_equals(blobs[1].type, "text/html");
+    assert_equals(bodyContainer.headers.get("Content-Type"), "Text/Html");
+    assert_equals(cloned.headers.get("Content-Type"), "Text/Html");
+  }, `${bodyContainer.constructor.name}: Extract a MIME type with clone`);
+});
+
+[
+  () => new Request("about:blank", { body: new Blob([], { type: "text/plain" }), method: "POST", headers: [["Content-Type", "text/html"]] }),
+  () => new Response(new Blob([], { type: "text/plain" }), { headers: [["Content-Type", "text/html"]] }),
+].forEach(bodyContainerCreator => {
+  const bodyContainer = bodyContainerCreator();
+  promise_test(async t => {
+    assert_equals(bodyContainer.headers.get("Content-Type"), "text/html");
+    const blob = await bodyContainer.blob();
+    assert_equals(blob.type, "text/html");
+  }, `${bodyContainer.constructor.name}: Content-Type in headers wins Blob"s type`);
+});
+
+[
+  () => new Request("about:blank", { body: new Blob([], { type: "text/plain" }), method: "POST" }),
+  () => new Response(new Blob([], { type: "text/plain" })),
+].forEach(bodyContainerCreator => {
+  const bodyContainer = bodyContainerCreator();
+  promise_test(async t => {
+    assert_equals(bodyContainer.headers.get("Content-Type"), "text/plain");
+    const newMIMEType = "text/html";
+    bodyContainer.headers.set("Content-Type", newMIMEType);
+    const blob = await bodyContainer.blob();
+    assert_equals(blob.type, newMIMEType);
+  }, `${bodyContainer.constructor.name}: setting missing Content-Type in headers and it wins Blob"s type`);
+});
diff --git a/test/wpt/tests/fetch/api/redirect/redirect-keepalive.any.js b/test/wpt/tests/fetch/api/redirect/redirect-keepalive.any.js
index 9f7cca7dbf7..bcfc444f5a6 100644
--- a/test/wpt/tests/fetch/api/redirect/redirect-keepalive.any.js
+++ b/test/wpt/tests/fetch/api/redirect/redirect-keepalive.any.js
@@ -14,43 +14,81 @@ const {
   HTTP_REMOTE_ORIGIN_WITH_DIFFERENT_PORT
 } = get_host_info();
 
-promise_test(async (test) => {
-  const token1 = token();
-  const iframe = document.createElement('iframe');
-  iframe.src = getKeepAliveAndRedirectIframeUrl(
-      token1, '', '', /*withPreflight=*/ false);
-  document.body.appendChild(iframe);
-  await iframeLoaded(iframe);
-  assert_equals(await getTokenFromMessage(), token1);
-  iframe.remove();
-
-  assertStashedTokenAsync('same-origin redirect', token1);
-}, 'same-origin redirect; setting up');
-
-promise_test(async (test) => {
-  const token1 = token();
-  const iframe = document.createElement('iframe');
-  iframe.src = getKeepAliveAndRedirectIframeUrl(
-      token1, HTTP_REMOTE_ORIGIN, HTTP_REMOTE_ORIGIN_WITH_DIFFERENT_PORT,
-      /*withPreflight=*/ false);
-  document.body.appendChild(iframe);
-  await iframeLoaded(iframe);
-  assert_equals(await getTokenFromMessage(), token1);
-  iframe.remove();
-
-  assertStashedTokenAsync('cross-origin redirect', token1);
-}, 'cross-origin redirect; setting up');
-
-promise_test(async (test) => {
-  const token1 = token();
-  const iframe = document.createElement('iframe');
-  iframe.src = getKeepAliveAndRedirectIframeUrl(
-      token1, HTTP_REMOTE_ORIGIN, HTTP_REMOTE_ORIGIN_WITH_DIFFERENT_PORT,
-      /*withPreflight=*/ true);
-  document.body.appendChild(iframe);
-  await iframeLoaded(iframe);
-  assert_equals(await getTokenFromMessage(), token1);
-  iframe.remove();
-
-  assertStashedTokenAsync('cross-origin redirect with preflight', token1);
-}, 'cross-origin redirect with preflight; setting up');
+/**
+ * In an iframe, test to fetch a keepalive URL that involves in redirect to
+ * another URL.
+ */
+function keepaliveRedirectTest(
+    desc, {origin1 = '', origin2 = '', withPreflight = false} = {}) {
+  desc = `[keepalive] ${desc}`;
+  promise_test(async (test) => {
+    const tokenToStash = token();
+    const iframe = document.createElement('iframe');
+    iframe.src = getKeepAliveAndRedirectIframeUrl(
+        tokenToStash, origin1, origin2, withPreflight);
+    document.body.appendChild(iframe);
+    await iframeLoaded(iframe);
+    assert_equals(await getTokenFromMessage(), tokenToStash);
+    iframe.remove();
+
+    assertStashedTokenAsync(desc, tokenToStash);
+  }, `${desc}; setting up`);
+}
+
+/**
+ * Opens a different site window, and in `unload` event handler, test to fetch
+ * a keepalive URL that involves in redirect to another URL.
+ */
+function keepaliveRedirectInUnloadTest(desc, {
+  origin1 = '',
+  origin2 = '',
+  url2 = '',
+  withPreflight = false,
+  shouldPass = true
+} = {}) {
+  desc = `[keepalive][new window][unload] ${desc}`;
+
+  promise_test(async (test) => {
+    const targetUrl =
+        `${HTTP_NOTSAMESITE_ORIGIN}/fetch/api/resources/keepalive-redirect-window.html?` +
+        `origin1=${origin1}&` +
+        `origin2=${origin2}&` +
+        `url2=${url2}&` + (withPreflight ? `with-headers` : ``);
+    const w = window.open(targetUrl);
+    const token = await getTokenFromMessage();
+    w.close();
+
+    assertStashedTokenAsync(desc, token, {shouldPass});
+  }, `${desc}; setting up`);
+}
+
+keepaliveRedirectTest(`same-origin redirect`);
+keepaliveRedirectTest(
+    `same-origin redirect + preflight`, {withPreflight: true});
+keepaliveRedirectTest(`cross-origin redirect`, {
+  origin1: HTTP_REMOTE_ORIGIN,
+  origin2: HTTP_REMOTE_ORIGIN_WITH_DIFFERENT_PORT
+});
+keepaliveRedirectTest(`cross-origin redirect + preflight`, {
+  origin1: HTTP_REMOTE_ORIGIN,
+  origin2: HTTP_REMOTE_ORIGIN_WITH_DIFFERENT_PORT,
+  withPreflight: true
+});
+
+keepaliveRedirectInUnloadTest('same-origin redirect');
+keepaliveRedirectInUnloadTest(
+    'same-origin redirect + preflight', {withPreflight: true});
+keepaliveRedirectInUnloadTest('cross-origin redirect', {
+  origin1: HTTP_REMOTE_ORIGIN,
+  origin2: HTTP_REMOTE_ORIGIN_WITH_DIFFERENT_PORT
+});
+keepaliveRedirectInUnloadTest('cross-origin redirect + preflight', {
+  origin1: HTTP_REMOTE_ORIGIN,
+  origin2: HTTP_REMOTE_ORIGIN_WITH_DIFFERENT_PORT,
+  withPreflight: true
+});
+keepaliveRedirectInUnloadTest(
+    'redirect to file URL', {url2: 'file://tmp/bar.txt', shouldPass: false});
+keepaliveRedirectInUnloadTest(
+    'redirect to data URL',
+    {url2: 'data:text/plain;base64,cmVzcG9uc2UncyBib2R5', shouldPass: false});
diff --git a/test/wpt/tests/fetch/api/resources/keepalive-helper.js b/test/wpt/tests/fetch/api/resources/keepalive-helper.js
index 42f20ac30af..c7048d1ff33 100644
--- a/test/wpt/tests/fetch/api/resources/keepalive-helper.js
+++ b/test/wpt/tests/fetch/api/resources/keepalive-helper.js
@@ -60,7 +60,7 @@ async function queryToken(token) {
 // for the rest of the work. Note that we want the serialized behavior
 // for the steps so far, so we don't want to make the entire test case
 // an async_test.
-function assertStashedTokenAsync(testName, token) {
+function assertStashedTokenAsync(testName, token, {shouldPass = true} = {}) {
   async_test((test) => {
     new Promise((resolve) => test.step_timeout(resolve, 3000))
         .then(() => {
@@ -73,7 +73,11 @@ function assertStashedTokenAsync(testName, token) {
           test.done();
         })
         .catch(test.step_func((e) => {
-          assert_unreached(e);
+          if (shouldPass) {
+            assert_unreached(e);
+          } else {
+            test.done();
+          }
         }));
   }, testName);
 }
diff --git a/test/wpt/tests/fetch/api/resources/keepalive-redirect-window.html b/test/wpt/tests/fetch/api/resources/keepalive-redirect-window.html
index 6ccf484644c..c18650796cc 100644
--- a/test/wpt/tests/fetch/api/resources/keepalive-redirect-window.html
+++ b/test/wpt/tests/fetch/api/resources/keepalive-redirect-window.html
@@ -10,20 +10,28 @@
   HTTP_REMOTE_ORIGIN,
   HTTP_REMOTE_ORIGIN_WITH_DIFFERENT_PORT
 } = get_host_info();
-const REDIRECT_DESTINATION =
-  `${HTTP_REMOTE_ORIGIN_WITH_DIFFERENT_PORT}/fetch/api/resources/stash-put.py` +
+
+const SEARCH_PARAMS = new URL(location.href).searchParams;
+const WITH_HEADERS = !!SEARCH_PARAMS.has('with-headers');
+const ORIGIN1 = SEARCH_PARAMS.get('origin1') || '';
+const ORIGIN2 = SEARCH_PARAMS.get('origin2') || '';
+const URL2 = SEARCH_PARAMS.get('url2') || '';
+
+const REDIRECT_DESTINATION = URL2 ? URL2 :
+  `${ORIGIN2}/fetch/api/resources/stash-put.py` +
   `?key=${TOKEN}&value=on`;
-const URL =
-    `${HTTP_REMOTE_ORIGIN}/fetch/api/resources/redirect.py?` +
+const FROM_URL =
+    `${ORIGIN1}/fetch/api/resources/redirect.py?` +
     `delay=500&` +
     `allow_headers=foo&` +
     `location=${encodeURIComponent(REDIRECT_DESTINATION)}`;
 
 addEventListener('load', () => {
+  const headers = WITH_HEADERS ? {'foo': 'bar'} : undefined;
   const iframe = document.createElement('iframe');
   document.body.appendChild(iframe);
   iframe.contentWindow.addEventListener('unload', () => {
-    iframe.contentWindow.fetch(URL, {keepalive: true, headers: {foo: 'bar'}});
+    iframe.contentWindow.fetch(FROM_URL, {keepalive: true, headers});
   });
 
   window.opener.postMessage(TOKEN, '*');
diff --git a/test/wpt/tests/fetch/api/response/response-clone.any.js b/test/wpt/tests/fetch/api/response/response-clone.any.js
index 9f4f36ed2d1..f5cda75149e 100644
--- a/test/wpt/tests/fetch/api/response/response-clone.any.js
+++ b/test/wpt/tests/fetch/api/response/response-clone.any.js
@@ -103,7 +103,21 @@ function testReadableStreamClone(initialBuffer, bufferType)
             return stream2.getReader().read();
         }).then(function(data) {
             assert_false(data.done);
-            assert_array_equals(data.value, initialBuffer, "Cloned buffer chunks have the same content");
+            if (initialBuffer instanceof ArrayBuffer) {
+              assert_true(data.value instanceof ArrayBuffer, "Cloned buffer is ArrayBufer");
+              assert_equals(initialBuffer.byteLength, data.value.byteLength, "Length equal");
+              assert_array_equals(new Uint8Array(data.value), new Uint8Array(initialBuffer), "Cloned buffer chunks have the same content");
+            } else if (initialBuffer instanceof DataView) {
+              assert_true(data.value instanceof DataView, "Cloned buffer is DataView");
+              assert_equals(initialBuffer.byteLength, data.value.byteLength, "Lengths equal");
+              assert_equals(initialBuffer.byteOffset, data.value.byteOffset, "Offsets equal");
+              for (let i = 0; i < initialBuffer.byteLength; ++i) {
+                assert_equals(
+                    data.value.getUint8(i), initialBuffer.getUint8(i), "Mismatch at byte ${i}");
+              }
+            } else {
+              assert_array_equals(data.value, initialBuffer, "Cloned buffer chunks have the same content");
+            }
             assert_equals(Object.getPrototypeOf(data.value), Object.getPrototypeOf(initialBuffer), "Cloned buffers have the same type");
             assert_not_equals(data.value, initialBuffer, "Buffer of cloned response stream is a clone of the original buffer");
         });
diff --git a/test/wpt/tests/fetch/data-urls/navigate.window.js b/test/wpt/tests/fetch/data-urls/navigate.window.js
new file mode 100644
index 00000000000..b532a006830
--- /dev/null
+++ b/test/wpt/tests/fetch/data-urls/navigate.window.js
@@ -0,0 +1,75 @@
+// META: timeout=long
+//
+// Test some edge cases around navigation to data: URLs to ensure they use the same code path
+
+[
+  {
+    input: "data:text/html,<script>parent.postMessage(1, '*')</script>",
+    result: 1,
+    name: "Nothing fancy",
+  },
+  {
+    input: "data:text/html;base64,PHNjcmlwdD5wYXJlbnQucG9zdE1lc3NhZ2UoMiwgJyonKTwvc2NyaXB0Pg==",
+    result: 2,
+    name: "base64",
+  },
+  {
+    input: "data:text/html;base64,PHNjcmlwdD5wYXJlbnQucG9zdE1lc3NhZ2UoNCwgJyonKTwvc2NyaXB0Pr+/",
+    result: 4,
+    name: "base64 with code points that differ from base64url"
+  },
+  {
+    input: "data:text/html;base64,PHNjcml%09%20%20%0A%0C%0DwdD5wYXJlbnQucG9zdE1lc3NhZ2UoNiwgJyonKTwvc2NyaXB0Pg==",
+    result: 6,
+    name: "ASCII whitespace in the input is removed"
+  }
+].forEach(({ input, result, name }) => {
+  // Use promise_test so they go sequentially
+  promise_test(async t => {
+    const event = await new Promise((resolve, reject) => {
+      self.addEventListener("message", t.step_func(resolve), { once: true });
+      const frame = document.body.appendChild(document.createElement("iframe"));
+      t.add_cleanup(() => frame.remove());
+
+      // The assumption is that postMessage() is quicker
+      t.step_timeout(reject, 500);
+      frame.src = input;
+    });
+    assert_equals(event.data, result);
+  }, name);
+});
+
+// Failure cases
+[
+  {
+    input: "data:text/html;base64,PHNjcmlwdD5wYXJlbnQucG9zdE1lc3NhZ2UoMywgJyonKTwvc2NyaXB0Pg=",
+    name: "base64 with incorrect padding",
+  },
+  {
+    input: "data:text/html;base64,PHNjcmlwdD5wYXJlbnQucG9zdE1lc3NhZ2UoNSwgJyonKTwvc2NyaXB0Pr-_",
+    name: "base64url is not supported"
+  },
+  {
+    input: "data:text/html;base64,%0BPHNjcmlwdD5wYXJlbnQucG9zdE1lc3NhZ2UoNywgJyonKTwvc2NyaXB0Pg==",
+    name: "Vertical tab in the input leads to an error"
+  }
+].forEach(({ input, name }) => {
+  // Continue to use promise_test so they go sequentially
+  promise_test(async t => {
+    const event = await new Promise((resolve, reject) => {
+      self.addEventListener("message", t.step_func(reject), { once: true });
+      const frame = document.body.appendChild(document.createElement("iframe"));
+      t.add_cleanup(() => frame.remove());
+
+      // The assumption is that postMessage() is quicker
+      t.step_timeout(resolve, 500);
+      frame.src = input;
+    });
+  }, name);
+});
+
+// I found some of the interesting code point cases above through brute force:
+//
+// for (i = 0; i < 256; i++) {
+//   w(btoa("<script>parent.postMessage(5, '*')<\/script>" + String.fromCodePoint(i) + String.fromCodePoint(i)));
+// }
diff --git a/test/wpt/tests/fetch/local-network-access/fetch-from-treat-as-public.https.window.js b/test/wpt/tests/fetch/local-network-access/fetch-from-treat-as-public.https.window.js
index 90f7feb6341..084e03282f4 100644
--- a/test/wpt/tests/fetch/local-network-access/fetch-from-treat-as-public.https.window.js
+++ b/test/wpt/tests/fetch/local-network-access/fetch-from-treat-as-public.https.window.js
@@ -12,7 +12,10 @@ promise_test(t => fetchTest(t, {
     server: Server.HTTPS_LOCAL,
     treatAsPublic: true,
   },
-  target: { server: Server.HTTPS_LOCAL },
+  target: {
+    server: Server.OTHER_HTTPS_LOCAL,
+    preflight: PreflightBehavior.noPnaHeader(token()),
+  },
   expected: FetchTestResult.FAILURE,
 }), "treat-as-public-address to local: failed preflight.");
 
@@ -22,15 +25,24 @@ promise_test(t => fetchTest(t, {
     treatAsPublic: true,
   },
   target: {
-    server: Server.HTTPS_LOCAL,
+    server: Server.OTHER_HTTPS_LOCAL,
     behavior: {
-      preflight: PreflightBehavior.optionalSuccess(token()),
-      // Interesting: no need for CORS headers on same-origin final response.
+      preflight: PreflightBehavior.success(token()),
+      response: ResponseBehavior.allowCrossOrigin(),
     },
   },
   expected: FetchTestResult.SUCCESS,
 }), "treat-as-public-address to local: success.");
 
+promise_test(t => fetchTest(t, {
+  source: {
+    server: Server.HTTPS_LOCAL,
+    treatAsPublic: true,
+  },
+  target: { server: Server.HTTPS_LOCAL },
+  expected: FetchTestResult.SUCCESS,
+}), "treat-as-public-address to local (same-origin): no preflight required.");
+
 promise_test(t => fetchTest(t, {
   source: {
     server: Server.HTTPS_LOCAL,
diff --git a/test/wpt/tests/fetch/local-network-access/iframe.tentative.https.window.js b/test/wpt/tests/fetch/local-network-access/iframe.tentative.https.window.js
index 48bd6420fd9..6a83b88d3ff 100644
--- a/test/wpt/tests/fetch/local-network-access/iframe.tentative.https.window.js
+++ b/test/wpt/tests/fetch/local-network-access/iframe.tentative.https.window.js
@@ -154,10 +154,19 @@ makePreflightTests({
   sourceServer: Server.HTTPS_LOCAL,
   sourceTreatAsPublic: true,
   sourceName: "treat-as-public-address",
-  targetServer: Server.HTTPS_LOCAL,
+  targetServer: Server.OTHER_HTTPS_LOCAL,
   targetName: "local",
 });
 
+promise_test_parallel(t => iframeTest(t, {
+  source: {
+    server: Server.HTTPS_LOCAL,
+    treatAsPublic: true,
+  },
+  target: { server: Server.HTTPS_LOCAL },
+  expected: IframeTestResult.SUCCESS,
+}), "treat-as-public-address to local (same-origin): no preflight required.");
+
 makePreflightTests({
   sourceServer: Server.HTTPS_LOCAL,
   sourceTreatAsPublic: true,
@@ -196,6 +205,14 @@ iframeGrandparentTest({
   name: "local to local, grandparent navigates: no preflight required.",
   grandparentServer: Server.HTTPS_LOCAL,
   child: { server: Server.HTTPS_PUBLIC },
+  grandchild: { server: Server.OTHER_HTTPS_LOCAL },
+  expected: IframeTestResult.SUCCESS,
+});
+
+iframeGrandparentTest({
+  name: "local to local (same-origin), grandparent navigates: no preflight required.",
+  grandparentServer: Server.HTTPS_LOCAL,
+  child: { server: Server.HTTPS_PUBLIC },
   grandchild: { server: Server.HTTPS_LOCAL },
   expected: IframeTestResult.SUCCESS,
 });
diff --git a/test/wpt/tests/fetch/local-network-access/redirect.https.window.js b/test/wpt/tests/fetch/local-network-access/redirect.https.window.js
index edbd5a19fbc..efbd8f31f93 100644
--- a/test/wpt/tests/fetch/local-network-access/redirect.https.window.js
+++ b/test/wpt/tests/fetch/local-network-access/redirect.https.window.js
@@ -244,7 +244,7 @@ promise_test(t => fetchTest(t, {
     treatAsPublic: true,
   },
   target: {
-    server: Server.HTTPS_LOCAL,
+    server: Server.OTHER_HTTPS_LOCAL,
     behavior: {
       redirect: preflightUrl({
         server: Server.HTTPS_PRIVATE,
@@ -253,6 +253,7 @@ promise_test(t => fetchTest(t, {
           response: ResponseBehavior.allowCrossOrigin(),
         },
       }),
+      response: ResponseBehavior.allowCrossOrigin(),
     }
   },
   expected: FetchTestResult.FAILURE,
@@ -264,7 +265,7 @@ promise_test(t => fetchTest(t, {
     treatAsPublic: true,
   },
   target: {
-    server: Server.HTTPS_LOCAL,
+    server: Server.OTHER_HTTPS_LOCAL,
     behavior: {
       preflight: PreflightBehavior.success(token()),
       redirect: preflightUrl({
@@ -274,6 +275,7 @@ promise_test(t => fetchTest(t, {
           response: ResponseBehavior.allowCrossOrigin(),
         },
       }),
+      response: ResponseBehavior.allowCrossOrigin(),
     }
   },
   expected: FetchTestResult.FAILURE,
@@ -285,7 +287,7 @@ promise_test(t => fetchTest(t, {
     treatAsPublic: true,
   },
   target: {
-    server: Server.HTTPS_LOCAL,
+    server: Server.OTHER_HTTPS_LOCAL,
     behavior: {
       preflight: PreflightBehavior.success(token()),
       redirect: preflightUrl({
@@ -295,6 +297,7 @@ promise_test(t => fetchTest(t, {
           response: ResponseBehavior.allowCrossOrigin(),
         },
       }),
+      response: ResponseBehavior.allowCrossOrigin(),
     }
   },
   expected: FetchTestResult.SUCCESS,
@@ -306,7 +309,7 @@ promise_test(t => fetchTest(t, {
     treatAsPublic: true,
   },
   target: {
-    server: Server.HTTPS_LOCAL,
+    server: Server.OTHER_HTTPS_LOCAL,
     behavior: {
       redirect: preflightUrl({
         server: Server.HTTPS_PRIVATE,
@@ -324,7 +327,7 @@ promise_test(t => fetchTest(t, {
     treatAsPublic: true,
   },
   target: {
-    server: Server.HTTPS_LOCAL,
+    server: Server.OTHER_HTTPS_LOCAL,
     behavior: {
       preflight: PreflightBehavior.success(token()),
       redirect: preflightUrl({ server: Server.HTTPS_PRIVATE }),
@@ -340,7 +343,7 @@ promise_test(t => fetchTest(t, {
     treatAsPublic: true,
   },
   target: {
-    server: Server.HTTPS_LOCAL,
+    server: Server.OTHER_HTTPS_LOCAL,
     behavior: {
       preflight: PreflightBehavior.success(token()),
       redirect: preflightUrl({
@@ -353,6 +356,88 @@ promise_test(t => fetchTest(t, {
   expected: FetchTestResult.OPAQUE,
 }), "treat-as-public to local to private: no-cors success.");
 
+// treat-as-public -> local (same-origin) -> private
+
+// Request 1 (treat-as-public -> local (same-origin)): no preflight required.
+// Request 2 (treat-as-public -> private): preflight required.
+
+// This verifies that PNA checks are applied only to the second step in a
+// redirect chain if the first step is same-origin and the origin is potentially
+// trustworthy.
+
+promise_test(t => fetchTest(t, {
+  source: {
+    server: Server.HTTPS_LOCAL,
+    treatAsPublic: true,
+  },
+  target: {
+    server: Server.HTTPS_LOCAL,
+    behavior: {
+      redirect: preflightUrl({
+        server: Server.HTTPS_PRIVATE,
+        behavior: {
+          preflight: PreflightBehavior.noPnaHeader(token()),
+          response: ResponseBehavior.allowCrossOrigin(),
+        },
+      }),
+    }
+  },
+  expected: FetchTestResult.FAILURE,
+}), "treat-as-public to local (same-origin) to private: failed second preflight.");
+
+promise_test(t => fetchTest(t, {
+  source: {
+    server: Server.HTTPS_LOCAL,
+    treatAsPublic: true,
+  },
+  target: {
+    server: Server.HTTPS_LOCAL,
+    behavior: {
+      redirect: preflightUrl({
+        server: Server.HTTPS_PRIVATE,
+        behavior: {
+          preflight: PreflightBehavior.success(token()),
+          response: ResponseBehavior.allowCrossOrigin(),
+        },
+      }),
+    }
+  },
+  expected: FetchTestResult.SUCCESS,
+}), "treat-as-public to local (same-origin) to private: success.");
+
+promise_test(t => fetchTest(t, {
+  source: {
+    server: Server.HTTPS_LOCAL,
+    treatAsPublic: true,
+  },
+  target: {
+    server: Server.HTTPS_LOCAL,
+    behavior: {
+      redirect: preflightUrl({ server: Server.HTTPS_PRIVATE }),
+    }
+  },
+  fetchOptions: { mode: "no-cors" },
+  expected: FetchTestResult.FAILURE,
+}), "treat-as-public to local (same-origin) to private: no-cors failed second preflight.");
+
+promise_test(t => fetchTest(t, {
+  source: {
+    server: Server.HTTPS_LOCAL,
+    treatAsPublic: true,
+  },
+  target: {
+    server: Server.HTTPS_LOCAL,
+    behavior: {
+      redirect: preflightUrl({
+        server: Server.HTTPS_PRIVATE,
+        behavior: { preflight: PreflightBehavior.success(token()) },
+      }),
+    }
+  },
+  fetchOptions: { mode: "no-cors" },
+  expected: FetchTestResult.OPAQUE,
+}), "treat-as-public to local (same-origin) to private: no-cors success.");
+
 // treat-as-public -> private -> local
 
 // Request 1 (treat-as-public -> private): preflight required.
@@ -371,7 +456,7 @@ promise_test(t => fetchTest(t, {
       preflight: PreflightBehavior.noPnaHeader(token()),
       response: ResponseBehavior.allowCrossOrigin(),
       redirect: preflightUrl({
-        server: Server.HTTPS_LOCAL,
+        server: Server.OTHER_HTTPS_LOCAL,
         behavior: {
           preflight: PreflightBehavior.success(token()),
           response: ResponseBehavior.allowCrossOrigin(),
@@ -393,7 +478,7 @@ promise_test(t => fetchTest(t, {
       preflight: PreflightBehavior.success(token()),
       response: ResponseBehavior.allowCrossOrigin(),
       redirect: preflightUrl({
-        server: Server.HTTPS_LOCAL,
+        server: Server.OTHER_HTTPS_LOCAL,
         behavior: { response: ResponseBehavior.allowCrossOrigin() },
       }),
     }
@@ -412,7 +497,7 @@ promise_test(t => fetchTest(t, {
       preflight: PreflightBehavior.success(token()),
       response: ResponseBehavior.allowCrossOrigin(),
       redirect: preflightUrl({
-        server: Server.HTTPS_LOCAL,
+        server: Server.OTHER_HTTPS_LOCAL,
         behavior: {
           preflight: PreflightBehavior.success(token()),
           response: ResponseBehavior.allowCrossOrigin(),
@@ -432,7 +517,7 @@ promise_test(t => fetchTest(t, {
     server: Server.HTTPS_PRIVATE,
     behavior: {
       redirect: preflightUrl({
-        server: Server.HTTPS_LOCAL,
+        server: Server.OTHER_HTTPS_LOCAL,
         behavior: { preflight: PreflightBehavior.success(token()) },
       }),
     }
@@ -450,7 +535,7 @@ promise_test(t => fetchTest(t, {
     server: Server.HTTPS_PRIVATE,
     behavior: {
       preflight: PreflightBehavior.success(token()),
-      redirect: preflightUrl({ server: Server.HTTPS_LOCAL }),
+      redirect: preflightUrl({ server: Server.OTHER_HTTPS_LOCAL }),
     }
   },
   fetchOptions: { mode: "no-cors" },
@@ -467,7 +552,7 @@ promise_test(t => fetchTest(t, {
     behavior: {
       preflight: PreflightBehavior.success(token()),
       redirect: preflightUrl({
-        server: Server.HTTPS_LOCAL,
+        server: Server.OTHER_HTTPS_LOCAL,
         behavior: { preflight: PreflightBehavior.success(token()) },
       }),
     }
@@ -475,3 +560,81 @@ promise_test(t => fetchTest(t, {
   fetchOptions: { mode: "no-cors" },
   expected: FetchTestResult.OPAQUE,
 }), "treat-as-public to private to local: no-cors success.");
+
+// treat-as-public -> private -> local (same-origin)
+
+// Request 1 (treat-as-public -> private): preflight required.
+// Request 2 (treat-as-public -> local (same-origin)): no preflight required.
+
+// This verifies that PNA checks are only applied to the first step in a
+// redirect chain if the second step is same-origin and the origin is
+// potentially trustworthy.
+
+promise_test(t => fetchTest(t, {
+  source: {
+    server: Server.HTTPS_LOCAL,
+    treatAsPublic: true,
+  },
+  target: {
+    server: Server.HTTPS_PRIVATE,
+    behavior: {
+      preflight: PreflightBehavior.noPnaHeader(token()),
+      response: ResponseBehavior.allowCrossOrigin(),
+      redirect: preflightUrl({
+        server: Server.HTTPS_LOCAL,
+        behavior: { response: ResponseBehavior.allowCrossOrigin() },
+      }),
+    }
+  },
+  expected: FetchTestResult.FAILURE,
+}), "treat-as-public to private to local (same-origin): failed first preflight.");
+
+promise_test(t => fetchTest(t, {
+  source: {
+    server: Server.HTTPS_LOCAL,
+    treatAsPublic: true,
+  },
+  target: {
+    server: Server.HTTPS_PRIVATE,
+    behavior: {
+      preflight: PreflightBehavior.success(token()),
+      response: ResponseBehavior.allowCrossOrigin(),
+      redirect: preflightUrl({
+        server: Server.HTTPS_LOCAL,
+        behavior: { response: ResponseBehavior.allowCrossOrigin() },
+      }),
+    }
+  },
+  expected: FetchTestResult.SUCCESS,
+}), "treat-as-public to private to local (same-origin): success.");
+
+promise_test(t => fetchTest(t, {
+  source: {
+    server: Server.HTTPS_LOCAL,
+    treatAsPublic: true,
+  },
+  target: {
+    server: Server.HTTPS_PRIVATE,
+    behavior: {
+      redirect: preflightUrl({ server: Server.HTTPS_LOCAL }),
+    }
+  },
+  fetchOptions: { mode: "no-cors" },
+  expected: FetchTestResult.FAILURE,
+}), "treat-as-public to private to local (same-origin): no-cors failed first preflight.");
+
+promise_test(t => fetchTest(t, {
+  source: {
+    server: Server.HTTPS_LOCAL,
+    treatAsPublic: true,
+  },
+  target: {
+    server: Server.HTTPS_PRIVATE,
+    behavior: {
+      preflight: PreflightBehavior.success(token()),
+      redirect: preflightUrl({ server: Server.HTTPS_LOCAL }),
+    }
+  },
+  fetchOptions: { mode: "no-cors" },
+  expected: FetchTestResult.OPAQUE,
+}), "treat-as-public to private to local (same-origin): no-cors success.");
diff --git a/test/wpt/tests/fetch/local-network-access/resources/support.sub.js b/test/wpt/tests/fetch/local-network-access/resources/support.sub.js
index 0cf3d2532e7..a09c46031f5 100644
--- a/test/wpt/tests/fetch/local-network-access/resources/support.sub.js
+++ b/test/wpt/tests/fetch/local-network-access/resources/support.sub.js
@@ -81,6 +81,7 @@ const SERVER_PORTS = {
   },
   "https": {
     "loopback": {{ports[https][0]}},
+    "other-loopback": {{ports[https][1]}},
     "local": {{ports[https-private][0]}},
     "public": {{ports[https-public][0]}},
   },
@@ -130,6 +131,7 @@ class Server {
   static HTTP_PRIVATE = Server.get("http", "local");
   static HTTP_PUBLIC = Server.get("http", "public");
   static HTTPS_LOCAL = Server.get("https", "loopback");
+  static OTHER_HTTPS_LOCAL = Server.get("https", "other-loopback");
   static HTTPS_PRIVATE = Server.get("https", "local");
   static HTTPS_PUBLIC = Server.get("https", "public");
   static WS_LOCAL = Server.get("ws", "loopback");
diff --git a/test/wpt/tests/fetch/local-network-access/service-worker-fetch.https.window.js b/test/wpt/tests/fetch/local-network-access/service-worker-fetch.https.window.js
index 5645d784561..3d0f6d8097a 100644
--- a/test/wpt/tests/fetch/local-network-access/service-worker-fetch.https.window.js
+++ b/test/wpt/tests/fetch/local-network-access/service-worker-fetch.https.window.js
@@ -161,7 +161,10 @@ promise_test(t => makeTest(t, {
     server: Server.HTTPS_LOCAL,
     treatAsPublic: true,
   },
-  target: { server: Server.HTTPS_LOCAL },
+  target: {
+    server: Server.OTHER_HTTPS_LOCAL,
+    behavior: { response: ResponseBehavior.allowCrossOrigin() },
+  },
   expected: TestResult.FAILURE,
 }), "treat-as-public to local: failed preflight.");
 
@@ -171,12 +174,24 @@ promise_test(t => makeTest(t, {
     treatAsPublic: true,
   },
   target: {
-    server: Server.HTTPS_LOCAL,
-    behavior: { preflight: PreflightBehavior.success(token()) },
+    server: Server.OTHER_HTTPS_LOCAL,
+    behavior: {
+      preflight: PreflightBehavior.success(token()),
+      response: ResponseBehavior.allowCrossOrigin(),
+    },
   },
   expected: TestResult.SUCCESS,
 }), "treat-as-public to local: success.");
 
+promise_test(t => makeTest(t, {
+  source: {
+    server: Server.HTTPS_LOCAL,
+    treatAsPublic: true,
+  },
+  target: { server: Server.HTTPS_LOCAL },
+  expected: TestResult.SUCCESS,
+}), "treat-as-public to local (same-origin): no preflight required.");
+
 promise_test(t => makeTest(t, {
   source: {
     server: Server.HTTPS_LOCAL,
diff --git a/test/wpt/tests/fetch/local-network-access/service-worker-update.https.window.js b/test/wpt/tests/fetch/local-network-access/service-worker-update.https.window.js
index fe2bf58f660..4882d235bb0 100644
--- a/test/wpt/tests/fetch/local-network-access/service-worker-update.https.window.js
+++ b/test/wpt/tests/fetch/local-network-access/service-worker-update.https.window.js
@@ -3,9 +3,10 @@
 //
 // Spec: https://wicg.github.io/private-network-access/#integration-fetch
 //
-// These tests check that `ServiceWorker` script update fetches are subject to
-// Private Network Access checks, just like regular `fetch()` calls. The client
-// of the fetch, for PNA purposes, is taken to be the previous script.
+// These tests check that `ServiceWorker` script update fetches are exempt from
+// Private Network Access checks because they are always same-origin and the
+// origin is potentially trustworthy. The client of the fetch, for PNA purposes,
+// is taken to be the previous script.
 //
 // The tests is carried out by instantiating a service worker from a resource
 // that carries the `Content-Security-Policy: treat-as-public-address` header,
@@ -91,27 +92,11 @@ async function makeTest(t, { target, expected }) {
 
 promise_test(t => makeTest(t, {
   target: { server: Server.HTTPS_LOCAL },
-  expected: TestResult.FAILURE,
-}), "update public to local: failed preflight.");
-
-promise_test(t => makeTest(t, {
-  target: {
-    server: Server.HTTPS_LOCAL,
-    behavior: { preflight: PreflightBehavior.serviceWorkerSuccess(token()) },
-  },
   expected: TestResult.SUCCESS,
 }), "update public to local: success.");
 
 promise_test(t => makeTest(t, {
   target: { server: Server.HTTPS_PRIVATE },
-  expected: TestResult.FAILURE,
-}), "update public to private: failed preflight.");
-
-promise_test(t => makeTest(t, {
-  target: {
-    server: Server.HTTPS_PRIVATE,
-    behavior: { preflight: PreflightBehavior.serviceWorkerSuccess(token()) },
-  },
   expected: TestResult.SUCCESS,
 }), "update public to private: success.");
 
diff --git a/test/wpt/tests/fetch/local-network-access/service-worker.https.window.js b/test/wpt/tests/fetch/local-network-access/service-worker.https.window.js
index 8dc631f65a8..046f662a127 100644
--- a/test/wpt/tests/fetch/local-network-access/service-worker.https.window.js
+++ b/test/wpt/tests/fetch/local-network-access/service-worker.https.window.js
@@ -3,8 +3,9 @@
 //
 // Spec: https://wicg.github.io/private-network-access/#integration-fetch
 //
-// These tests check that initial `ServiceWorker` script fetches are subject to
-// Private Network Access checks, just like a regular `fetch()`.
+// These tests check that initial `ServiceWorker` script fetches are exempt from
+// Private Network Access checks because they are always same-origin and the
+// origin is potentially trustworthy.
 //
 // See also: worker.https.window.js
 
@@ -64,18 +65,6 @@ promise_test(t => makeTest(t, {
     treatAsPublic: true,
   },
   target: { server: Server.HTTPS_LOCAL },
-  expected: TestResult.FAILURE,
-}), "treat-as-public to local: failed preflight.");
-
-promise_test(t => makeTest(t, {
-  source: {
-    server: Server.HTTPS_LOCAL,
-    treatAsPublic: true,
-  },
-  target: {
-    server: Server.HTTPS_LOCAL,
-    behavior: { preflight: PreflightBehavior.serviceWorkerSuccess(token()) },
-  },
   expected: TestResult.SUCCESS,
 }), "treat-as-public to local: success.");
 
@@ -85,18 +74,6 @@ promise_test(t => makeTest(t, {
     treatAsPublic: true,
   },
   target: { server: Server.HTTPS_PRIVATE },
-  expected: TestResult.FAILURE,
-}), "treat-as-public to private: failed preflight.");
-
-promise_test(t => makeTest(t, {
-  source: {
-    server: Server.HTTPS_PRIVATE,
-    treatAsPublic: true,
-  },
-  target: {
-    server: Server.HTTPS_PRIVATE,
-    behavior: { preflight: PreflightBehavior.serviceWorkerSuccess(token()) },
-  },
   expected: TestResult.SUCCESS,
 }), "treat-as-public to private: success.");
 
diff --git a/test/wpt/tests/fetch/local-network-access/shared-worker-blob-fetch.https.window.js b/test/wpt/tests/fetch/local-network-access/shared-worker-blob-fetch.https.window.js
index ad9cd09c31b..269abb7edc4 100644
--- a/test/wpt/tests/fetch/local-network-access/shared-worker-blob-fetch.https.window.js
+++ b/test/wpt/tests/fetch/local-network-access/shared-worker-blob-fetch.https.window.js
@@ -7,8 +7,8 @@
 // loaded from blob URLs are subject to Private Network Access checks, just like
 // fetches from within documents.
 //
-// This file covers only those tests that must execute in a non-secure context.
-// Other tests are defined in: shared-worker-blob-fetch.https.window.js
+// This file covers only those tests that must execute in a secure context.
+// Other tests are defined in: shared-worker-blob-fetch.window.js
 
 promise_test(t => sharedWorkerBlobFetchTest(t, {
   source: { server: Server.HTTPS_LOCAL },
@@ -96,7 +96,10 @@ promise_test(t => sharedWorkerBlobFetchTest(t, {
     server: Server.HTTPS_LOCAL,
     treatAsPublic: true,
   },
-  target: { server: Server.HTTPS_LOCAL },
+  target: {
+    server: Server.OTHER_HTTPS_LOCAL,
+    behavior: { response: ResponseBehavior.allowCrossOrigin() },
+  },
   expected: WorkerFetchTestResult.FAILURE,
 }), "treat-as-public to local: failed preflight.");
 
@@ -106,12 +109,24 @@ promise_test(t => sharedWorkerBlobFetchTest(t, {
     treatAsPublic: true,
   },
   target: {
-    server: Server.HTTPS_LOCAL,
-    behavior: { preflight: PreflightBehavior.success(token()) },
+    server: Server.OTHER_HTTPS_LOCAL,
+    behavior: {
+      preflight: PreflightBehavior.success(token()),
+      response: ResponseBehavior.allowCrossOrigin(),
+    },
   },
   expected: WorkerFetchTestResult.SUCCESS,
 }), "treat-as-public to local: success.");
 
+promise_test(t => sharedWorkerBlobFetchTest(t, {
+  source: {
+    server: Server.HTTPS_LOCAL,
+    treatAsPublic: true,
+  },
+  target: { server: Server.HTTPS_LOCAL },
+  expected: WorkerFetchTestResult.SUCCESS,
+}), "treat-as-public to local (same-origin): no preflight required.");
+
 promise_test(t => sharedWorkerBlobFetchTest(t, {
   source: {
     server: Server.HTTPS_LOCAL,
diff --git a/test/wpt/tests/fetch/local-network-access/shared-worker-fetch.https.window.js b/test/wpt/tests/fetch/local-network-access/shared-worker-fetch.https.window.js
index 7066b359caa..e5f2b949202 100644
--- a/test/wpt/tests/fetch/local-network-access/shared-worker-fetch.https.window.js
+++ b/test/wpt/tests/fetch/local-network-access/shared-worker-fetch.https.window.js
@@ -95,7 +95,10 @@ promise_test(t => sharedWorkerFetchTest(t, {
     server: Server.HTTPS_LOCAL,
     treatAsPublic: true,
   },
-  target: { server: Server.HTTPS_LOCAL },
+  target: {
+    server: Server.OTHER_HTTPS_LOCAL,
+    behavior: { response: ResponseBehavior.allowCrossOrigin() },
+  },
   expected: WorkerFetchTestResult.FAILURE,
 }), "treat-as-public to local: failed preflight.");
 
@@ -105,12 +108,24 @@ promise_test(t => sharedWorkerFetchTest(t, {
     treatAsPublic: true,
   },
   target: {
-    server: Server.HTTPS_LOCAL,
-    behavior: { preflight: PreflightBehavior.optionalSuccess(token()) },
+    server: Server.OTHER_HTTPS_LOCAL,
+    behavior: {
+      preflight: PreflightBehavior.success(token()),
+      response: ResponseBehavior.allowCrossOrigin(),
+    },
   },
   expected: WorkerFetchTestResult.SUCCESS,
 }), "treat-as-public to local: success.");
 
+promise_test(t => sharedWorkerFetchTest(t, {
+  source: {
+    server: Server.HTTPS_LOCAL,
+    treatAsPublic: true,
+  },
+  target: { server: Server.HTTPS_LOCAL },
+  expected: WorkerFetchTestResult.SUCCESS,
+}), "treat-as-public to local (same-origin): no preflight required.");
+
 promise_test(t => sharedWorkerFetchTest(t, {
   source: {
     server: Server.HTTPS_LOCAL,
diff --git a/test/wpt/tests/fetch/local-network-access/shared-worker.https.window.js b/test/wpt/tests/fetch/local-network-access/shared-worker.https.window.js
index ecb70c41245..24ae1087828 100644
--- a/test/wpt/tests/fetch/local-network-access/shared-worker.https.window.js
+++ b/test/wpt/tests/fetch/local-network-access/shared-worker.https.window.js
@@ -15,18 +15,6 @@ promise_test(t => sharedWorkerScriptTest(t, {
     treatAsPublic: true,
   },
   target: { server: Server.HTTPS_LOCAL },
-  expected: WorkerScriptTestResult.FAILURE,
-}), "treat-as-public to local: failed preflight.");
-
-promise_test(t => sharedWorkerScriptTest(t, {
-  source: {
-    server: Server.HTTPS_LOCAL,
-    treatAsPublic: true,
-  },
-  target: {
-    server: Server.HTTPS_LOCAL,
-    behavior: { preflight: PreflightBehavior.optionalSuccess(token()) },
-  },
   expected: WorkerScriptTestResult.SUCCESS,
 }), "treat-as-public to local: success.");
 
@@ -36,18 +24,6 @@ promise_test(t => sharedWorkerScriptTest(t, {
     treatAsPublic: true,
   },
   target: { server: Server.HTTPS_PRIVATE },
-  expected: WorkerScriptTestResult.FAILURE,
-}), "treat-as-public to private: failed preflight.");
-
-promise_test(t => sharedWorkerScriptTest(t, {
-  source: {
-    server: Server.HTTPS_PRIVATE,
-    treatAsPublic: true,
-  },
-  target: {
-    server: Server.HTTPS_PRIVATE,
-    behavior: { preflight: PreflightBehavior.optionalSuccess(token()) },
-  },
   expected: WorkerScriptTestResult.SUCCESS,
 }), "treat-as-public to private: success.");
 
diff --git a/test/wpt/tests/fetch/local-network-access/worker.https.window.js b/test/wpt/tests/fetch/local-network-access/worker.https.window.js
index 2d0dddd685c..a0f19314ee3 100644
--- a/test/wpt/tests/fetch/local-network-access/worker.https.window.js
+++ b/test/wpt/tests/fetch/local-network-access/worker.https.window.js
@@ -3,11 +3,11 @@
 //
 // Spec: https://wicg.github.io/private-network-access/#integration-fetch
 //
-// These tests check that initial `Worker` script fetches are subject to Private
-// Network Access checks, just like a regular `fetch()`. The main difference is
-// that workers can only be fetched same-origin, so the only way to test this
-// is using the `treat-as-public` CSP directive to artificially place the parent
-// document in the `public` IP address space.
+// These tests check that initial `Worker` script fetches in secure contexts are
+// exempt from Private Network Access checks because workers can only be fetched
+// same-origin and the origin is potentially trustworthy. The only way to test
+// this is using the `treat-as-public` CSP directive to artificially place the
+// parent document in the `public` IP address space.
 //
 // This file covers only those tests that must execute in a secure context.
 // Other tests are defined in: worker.window.js
@@ -18,18 +18,6 @@ promise_test(t => workerScriptTest(t, {
     treatAsPublic: true,
   },
   target: { server: Server.HTTPS_LOCAL },
-  expected: WorkerScriptTestResult.FAILURE,
-}), "treat-as-public to local: failed preflight.");
-
-promise_test(t => workerScriptTest(t, {
-  source: {
-    server: Server.HTTPS_LOCAL,
-    treatAsPublic: true,
-  },
-  target: {
-    server: Server.HTTPS_LOCAL,
-    behavior: { preflight: PreflightBehavior.optionalSuccess(token()) },
-  },
   expected: WorkerScriptTestResult.SUCCESS,
 }), "treat-as-public to local: success.");
 
@@ -39,18 +27,6 @@ promise_test(t => workerScriptTest(t, {
     treatAsPublic: true,
   },
   target: { server: Server.HTTPS_PRIVATE },
-  expected: WorkerScriptTestResult.FAILURE,
-}), "treat-as-public to private: failed preflight.");
-
-promise_test(t => workerScriptTest(t, {
-  source: {
-    server: Server.HTTPS_PRIVATE,
-    treatAsPublic: true,
-  },
-  target: {
-    server: Server.HTTPS_PRIVATE,
-    behavior: { preflight: PreflightBehavior.optionalSuccess(token()) },
-  },
   expected: WorkerScriptTestResult.SUCCESS,
 }), "treat-as-public to private: success.");
 
diff --git a/test/wpt/tests/fetch/local-network-access/xhr-from-treat-as-public.https.window.js b/test/wpt/tests/fetch/local-network-access/xhr-from-treat-as-public.https.window.js
index 04fe5449d19..3aae3050d97 100644
--- a/test/wpt/tests/fetch/local-network-access/xhr-from-treat-as-public.https.window.js
+++ b/test/wpt/tests/fetch/local-network-access/xhr-from-treat-as-public.https.window.js
@@ -13,7 +13,7 @@ promise_test(t => xhrTest(t, {
     treatAsPublic: true,
   },
   target: {
-    server: Server.HTTPS_LOCAL,
+    server: Server.OTHER_HTTPS_LOCAL,
     behavior: { response: ResponseBehavior.allowCrossOrigin() },
   },
   expected: XhrTestResult.FAILURE,
@@ -25,15 +25,24 @@ promise_test(t => xhrTest(t, {
     treatAsPublic: true,
   },
   target: {
-    server: Server.HTTPS_LOCAL,
+    server: Server.OTHER_HTTPS_LOCAL,
     behavior: {
-      preflight: PreflightBehavior.optionalSuccess(token()),
+      preflight: PreflightBehavior.success(token()),
       response: ResponseBehavior.allowCrossOrigin(),
     },
   },
   expected: XhrTestResult.SUCCESS,
 }), "treat-as-public to local: success.");
 
+promise_test(t => xhrTest(t, {
+  source: {
+    server: Server.HTTPS_LOCAL,
+    treatAsPublic: true,
+  },
+  target: { server: Server.HTTPS_LOCAL },
+  expected: XhrTestResult.SUCCESS,
+}), "treat-as-public to local (same-origin): no preflight required.");
+
 promise_test(t => xhrTest(t, {
   source: {
     server: Server.HTTPS_LOCAL,
diff --git a/test/wpt/tests/lint.ignore b/test/wpt/tests/lint.ignore
index 056bbd0c230..6f8ec10470b 100644
--- a/test/wpt/tests/lint.ignore
+++ b/test/wpt/tests/lint.ignore
@@ -161,6 +161,8 @@ SET TIMEOUT: encrypted-media/polyfill/clearkey-polyfill.js
 SET TIMEOUT: encrypted-media/scripts/playback-temporary-events.js
 SET TIMEOUT: fetch/metadata/resources/helper.sub.js
 SET TIMEOUT: fetch/metadata/resources/message-opener.html
+SET TIMEOUT: fenced-frame/resources/history-length-fenced-navigations-replace-do-not-contribute-to-joint-inner.html
+SET TIMEOUT: fenced-frame/resources/utils.js
 SET TIMEOUT: focus/support/iframe-focus-with-different-site-intermediate-frame-outer.sub.html
 SET TIMEOUT: focus/support/iframe-focus-with-different-site-intermediate-frame-middle.sub.html
 SET TIMEOUT: focus/support/iframe-contentwindow-focus-with-different-site-intermediate-frame-outer.sub.html
@@ -365,8 +367,6 @@ SET TIMEOUT: common/rendering-utils.js
 SET TIMEOUT: acid/acid3/test.html
 
 # Third party code
-*: css/tools/apiclient/*
-*: css/tools/w3ctestlib/*
 *: resources/webidl2/*
 *: tools/*
 *: */third_party/*
@@ -378,9 +378,6 @@ SET TIMEOUT: acid/acid3/test.html
 *: resources/.gitignore
 *: webaudio/.gitignore
 
-# Build system virtualenv
-*: css/tools/_virtualenv/*
-
 ## Third party data files
 TRAILING WHITESPACE: resources/chromium/*
 
@@ -393,36 +390,6 @@ PRINT STATEMENT: css/*
 CONTENT-VISUAL: css/*
 CONTENT-MANUAL: css/*
 
-## Support files not in /support/ or similar
-SUPPORT-WRONG-DIR: css/README.md
-SUPPORT-WRONG-DIR: css/*/reftest.list
-SUPPORT-WRONG-DIR: css/*/README
-SUPPORT-WRONG-DIR: css/*/README.md
-SUPPORT-WRONG-DIR: css/*-README
-SUPPORT-WRONG-DIR: css/*/LICENSE
-SUPPORT-WRONG-DIR: css/*/LICENSE-*
-SUPPORT-WRONG-DIR: css/*/Makefile
-
-# The selectors-3 testsuite has a weird build system
-SUPPORT-WRONG-DIR: css/selectors/*
-
-# Things we should fix
-SUPPORT-WRONG-DIR: css/css-animations/animationevent-interface.js
-SUPPORT-WRONG-DIR: css/css-backgrounds/justfortest.html
-SUPPORT-WRONG-DIR: css/css-backgrounds/background-attachment-local/aqua-yellow-32x32.png
-SUPPORT-WRONG-DIR: css/css-backgrounds/background-clip/list.txt
-SUPPORT-WRONG-DIR: css/css-backgrounds/background-origin/list.txt
-SUPPORT-WRONG-DIR: css/css-color/htaccess
-SUPPORT-WRONG-DIR: css/css-fonts/font-variant-debug.html
-SUPPORT-WRONG-DIR: css/css-masking/clip-path/svg-clipPath.svg
-SUPPORT-WRONG-DIR: css/css-multicol/multicol-red.png
-SUPPORT-WRONG-DIR: css/CSS2/section-index.xht
-SUPPORT-WRONG-DIR: css/CSS2/other-formats/xml/background-18.css
-SUPPORT-WRONG-DIR: css/CSS2/other-formats/xml/background-19-alt.xml
-SUPPORT-WRONG-DIR: css/CSS2/other-formats/xml/background-19.css
-SUPPORT-WRONG-DIR: css/WOFF2/testcaseindex.xht
-
-
 ## Whitespace rules that we can't enforce yet
 INDENT TABS: css/compositing/*
 INDENT TABS: css/CSS2/*
@@ -452,12 +419,17 @@ INDENT TABS: css/WOFF2/*
 CONSOLE: css/css-shapes/shape-outside/supported-shapes/support/test-utils.js
 CONSOLE: css/css-values/viewport-units-css2-001.html
 CONSOLE: css/css-writing-modes/orthogonal-parent-shrink-to-fit-001*.html
-CONSOLE: css/css-writing-modes/tools/generators/gulpfile.js
+CONSOLE: css/css-writing-modes/tools/generators/template.html
+CONSOLE: bluetooth/characteristic/readValue/characteristic-is-removed.https.window.js
+CONSOLE: bluetooth/resources/bluetooth-test.js
 
 TRAILING WHITESPACE: css/css-fonts/support/fonts/gsubtest-lookup3.ufo/features.fea
 
 SET TIMEOUT: css/compositing/mix-blend-mode/mix-blend-mode-parent-with-3D-transform-and-transition.html
 SET TIMEOUT: css/compositing/mix-blend-mode/mix-blend-mode-sibling-with-3D-transform-and-transition.html
+SET TIMEOUT: css/css-backgrounds/color-mix-currentcolor-border-repaint-parent.html
+SET TIMEOUT: css/css-backgrounds/color-mix-currentcolor-border-repaint.html
+SET TIMEOUT: css/css-backgrounds/currentcolor-border-repaint-parent.html
 SET TIMEOUT: css/css-transitions/events-007.html
 SET TIMEOUT: css/css-transitions/support/generalParallelTest.js
 SET TIMEOUT: css/css-transitions/support/runParallelAsyncHarness.js
@@ -492,6 +464,7 @@ SET TIMEOUT: css/css-writing-modes/orthogonal-parent-shrink-to-fit-001v.html
 SET TIMEOUT: css/css-writing-modes/orthogonal-parent-shrink-to-fit-001w.html
 SET TIMEOUT: css/css-writing-modes/orthogonal-parent-shrink-to-fit-001x.html
 SET TIMEOUT: css/css-writing-modes/support/text-orientation.js
+SET TIMEOUT: css/css-writing-modes/tools/generators/template.html
 SET TIMEOUT: css/CSS2/backgrounds/background-root-101.xht
 SET TIMEOUT: css/CSS2/backgrounds/background-root-102.xht
 SET TIMEOUT: css/CSS2/backgrounds/background-root-103.xht
@@ -507,166 +480,13 @@ SET TIMEOUT: css/CSS2/selectors/dom-hover-002.xht
 SET TIMEOUT: css/CSS2/tables/tables-102.xht
 SET TIMEOUT: css/mediaqueries/min-width-tables-001.html
 SET TIMEOUT: css/css-text/crashtests/rendering-rtl-bidi-override-crash.html
+SET TIMEOUT: css/css-backgrounds/color-mix-currentcolor-border-repaint-parent.html
+SET TIMEOUT: svg/painting/color-mix-currentcolor-fill-stroke-repaint.html
+SET TIMEOUT: svg/painting/currentcolor-fill-stroke-repaint.html
 SET TIMEOUT: resource-timing/resources/run-async-tasks-promise.js
 
-## Build system stuff
-CSS-COLLIDING-SUPPORT-NAME: css/*/README
-CSS-COLLIDING-SUPPORT-NAME: css/*/LOCK
-
-# These are all the current "merge mismatch" errors the build system produces
-CSS-COLLIDING-SUPPORT-NAME: css/css-flexbox/support/200x200-green.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-grid/grid-items/support/200x200-green.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-sizing/aspect-ratio/support/200x200-green.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-backgrounds/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-multicol/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-transitions/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/backgrounds/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-backgrounds/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-fonts/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-multicol/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-page/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-transitions/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/backgrounds/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-flexbox/support/solidblue.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-writing-modes/support/swatch-fuchsia.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/support/swatch-fuchsia.png
-
-# More duplicated copies of the above
-CSS-COLLIDING-SUPPORT-NAME: css/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/floats-clear/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/media/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/cssom-view/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/syntax/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/fonts/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/cascade/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-transforms/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/cssom/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-style-attr/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/borders/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/zindex/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/text/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-values/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/margin-padding-clear/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-text/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/box-display/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/colors/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/lists/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/filter-effects/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/selectors/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/values/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-shapes/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/tables/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/bidi-text/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/css1/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/ui/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/normal-flow/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-images/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/generated-content/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-flexbox/support/pattern-rgr-grg-rgr.png
-CSS-COLLIDING-SUPPORT-NAME: css/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-fonts/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-transforms/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/cssom-view/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/fonts/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/selectors/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-shapes/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/ui/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/normal-flow/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/margin-padding-clear/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/syntax/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/zindex/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/colors/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/cascade/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/bidi-text/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-style-attr/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/lists/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-flexbox/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/filter-effects/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/borders/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-text/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/text/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/box-display/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/media/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-values/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-page/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/cssom/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/css1/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/floats-clear/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/generated-content/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-images/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/tables/support/pattern-grg-rgr-grg.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/values/support/pattern-grg-rgr-grg.png
-
-# Duplicate filename not picked up by the build system
-# https:css///github.com/w3c/csswg-test/issues/1236
-CSS-COLLIDING-REF-NAME: css/css-masking/clip-path-svg-content/reference/clip-path-square-001-ref.svg
-CSS-COLLIDING-REF-NAME: css/css-masking/clip-path/reference/clip-path-square-001-ref.html
-CSS-COLLIDING-REF-NAME: css/css-masking/clip-path-svg-content/reference/clip-path-square-002-ref.svg
-CSS-COLLIDING-REF-NAME: css/css-masking/clip-path/reference/clip-path-square-002-ref.html
-
-# Duplicate filename where there's no actual merging
-# (i.e., we're being more aggressive than the build system at forbidding it)
-CSS-COLLIDING-REF-NAME: css/CSS2/text/text-transform-lowercase-001-ref.xht
-CSS-COLLIDING-REF-NAME: css/css-text/text-transform/reference/text-transform-lowercase-001-ref.xht
-CSS-COLLIDING-REF-NAME: css/CSS2/text/text-transform-capitalize-003-ref.xht
-CSS-COLLIDING-REF-NAME: css/css-text/text-transform/reference/text-transform-capitalize-003-ref.html
-CSS-COLLIDING-REF-NAME: css/CSS2/text/text-transform-capitalize-001-ref.xht
-CSS-COLLIDING-REF-NAME: css/css-text/text-transform/reference/text-transform-capitalize-001-ref.html
-CSS-COLLIDING-REF-NAME: css/css-pseudo/first-letter-001-ref.html
-CSS-COLLIDING-REF-NAME: css/CSS2/selectors/first-letter-001-ref.xht
-CSS-COLLIDING-REF-NAME: css/CSS2/text/text-transform-uppercase-001-ref.xht
-CSS-COLLIDING-REF-NAME: css/css-text/text-transform/reference/text-transform-uppercase-001-ref.xht
-CSS-COLLIDING-REF-NAME: css/CSS2/visufx/overflow-applies-to-001-ref.xht
-CSS-COLLIDING-REF-NAME: css/CSS2/ui/overflow-applies-to-001-ref.xht
-CSS-COLLIDING-REF-NAME: css/CSS2/visuren/inline-formatting-context-001-ref.xht
-CSS-COLLIDING-REF-NAME: css/CSS2/linebox/inline-formatting-context-001-ref.xht
-CSS-COLLIDING-REF-NAME: css/css-flexbox/reference/percentage-size-subitems-001-ref.html
-CSS-COLLIDING-REF-NAME: css/css-grid/grid-items/percentage-size-subitems-001-ref.html
-CSS-COLLIDING-SUPPORT-NAME: css/css-backgrounds/support/red.png
-CSS-COLLIDING-SUPPORT-NAME: css/compositing/mix-blend-mode/support/red.png
-CSS-COLLIDING-SUPPORT-NAME: css/compositing/background-blending/support/red.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/normal-flow/support/replaced-min-max-3.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-sizing/support/replaced-min-max-3.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-backgrounds/background-size/support/50x50-green.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-backgrounds/support/50x50-green.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-grid/grid-items/support/50x50-green.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/support/50x50-green.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/ui/support/animated.gif
-CSS-COLLIDING-SUPPORT-NAME: css/css-grid/alignment/support/50x50-green.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-grid/alignment/support/25x50-green.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-grid/grid-items/support/25x50-green.png
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/backgrounds/support/animated.gif
-CSS-COLLIDING-SUPPORT-NAME: css/css-shapes/shape-outside/shape-image/support/animated.gif
-CSS-COLLIDING-SUPPORT-NAME: css/css-display/support/util.js
-CSS-COLLIDING-SUPPORT-NAME: css/CSS2/normal-flow/support/replaced-min-max-1.png
-CSS-COLLIDING-SUPPORT-NAME: css/css-sizing/support/replaced-min-max-1.png
-CSS-COLLIDING-REF-NAME: css/css-multicol/baseline-001-ref.html
-CSS-COLLIDING-REF-NAME: css/css-grid/subgrid/baseline-001-ref.html
-CSS-COLLIDING-REF-NAME: css/css-backgrounds/simple-bg-color-ref.html
-CSS-COLLIDING-REF-NAME: css/css-backgrounds/hidpi/simple-bg-color-ref.html
-
-CSS-COLLIDING-TEST-NAME: css/css-contain/content-visibility/inheritance.html
-CSS-COLLIDING-TEST-NAME: css/css-contain/inheritance.html
-CSS-COLLIDING-TEST-NAME: css/css-grid/grid-items/replaced-element-001.html
-CSS-COLLIDING-TEST-NAME: css/css-grid/grid-items/replaced-element-002.html
-CSS-COLLIDING-TEST-NAME: css/css-grid/grid-items/replaced-element-007.html
-CSS-COLLIDING-TEST-NAME: css/css-grid/grid-items/replaced-element-010.html
-CSS-COLLIDING-TEST-NAME: css/css-sizing/aspect-ratio/parsing/contain-intrinsic-size-computed.html
-CSS-COLLIDING-TEST-NAME: css/css-sizing/aspect-ratio/parsing/contain-intrinsic-size-invalid.html
-CSS-COLLIDING-TEST-NAME: css/css-sizing/aspect-ratio/parsing/contain-intrinsic-size-valid.html
-CSS-COLLIDING-TEST-NAME: css/css-sizing/aspect-ratio/replaced-element-001.html
-CSS-COLLIDING-TEST-NAME: css/css-sizing/aspect-ratio/replaced-element-002.html
-CSS-COLLIDING-TEST-NAME: css/css-sizing/aspect-ratio/replaced-element-007.html
-CSS-COLLIDING-TEST-NAME: css/css-sizing/aspect-ratio/replaced-element-010.html
-CSS-COLLIDING-TEST-NAME: css/css-sizing/contain-intrinsic-size/parsing/contain-intrinsic-size-computed.html
-CSS-COLLIDING-TEST-NAME: css/css-sizing/contain-intrinsic-size/parsing/contain-intrinsic-size-invalid.html
-CSS-COLLIDING-TEST-NAME: css/css-sizing/contain-intrinsic-size/parsing/contain-intrinsic-size-valid.html
-
 # CSS tests that used to be at the top level and weren't subject to lints
 MISSING-LINK: css/css-fonts/matching/fixed-stretch-style-over-weight.html
-SUPPORT-WRONG-DIR: css/css-fonts/matching/font-matching.css
 MISSING-LINK: css/css-fonts/matching/stretch-distance-over-weight-distance.html
 MISSING-LINK: css/css-fonts/matching/style-ranges-over-weight-direction.html
 MISSING-LINK: css/css-fonts/variations/font-parse-numeric-stretch-style-weight.html
@@ -692,10 +512,8 @@ MISSING-LINK: css/css-scroll-anchoring/position-change-heuristic.html
 MISSING-LINK: css/css-scroll-anchoring/start-edge-in-block-layout-direction.html
 MISSING-LINK: css/css-scroll-anchoring/subtree-exclusion.html
 MISSING-LINK: css/css-scroll-anchoring/wrapped-text.html
-SUPPORT-WRONG-DIR: css/css-easing/testcommon.js
 MISSING-LINK: css/css-typed-om/CSSMatrixComponent-DOMMatrix-mutable.html
 MISSING-LINK: css/css-typed-om/declared-styleMap-accepts-inherit.html
-SUPPORT-WRONG-DIR: css/cssom/stylesheet-same-origin.css
 MISSING-LINK: css/cssom-view/DOMRectList.html
 MISSING-LINK: css/cssom-view/elementFromPoint-002.html
 MISSING-LINK: css/cssom-view/elementFromPoint-003.html
@@ -710,7 +528,6 @@ MISSING-LINK: css/cssom-view/elementsFromPoint-table.html
 MISSING-LINK: css/cssom-view/elementsFromPoint.html
 MISSING-LINK: css/cssom-view/historical.html
 MISSING-LINK: css/cssom-view/HTMLBody-ScrollArea_quirksmode.html
-SUPPORT-WRONG-DIR: css/cssom-view/iframe.html
 MISSING-LINK: css/cssom-view/mouseEvent.html
 MISSING-LINK: css/cssom-view/negativeMargins.html
 MISSING-LINK: css/cssom-view/offsetTopLeftInScrollableParent.html
@@ -852,9 +669,6 @@ DUPLICATE-BASENAME-PATH: svg/struct/reftests/reference/green-100x100.svg
 
 SET TIMEOUT: mediacapture-insertable-streams/MediaStreamTrackProcessor-video.https.html
 
-CSS-COLLIDING-REF-NAME: css/css-backgrounds/reference/background-image-001-ref.html
-CSS-COLLIDING-REF-NAME: css/css-break/background-image-001-ref.html
-
 # Ported crashtests from Mozilla
 SET TIMEOUT: editing/crashtests/backcolor-in-nested-editing-host-td-from-DOMAttrModified.html
 SET TIMEOUT: editing/crashtests/contenteditable-will-be-blurred-by-focus-event-listener.html
diff --git a/test/wpt/tests/resources/chromium/mock-pressure-service.js b/test/wpt/tests/resources/chromium/mock-pressure-service.js
index 21811ed52da..02d10f856ae 100644
--- a/test/wpt/tests/resources/chromium/mock-pressure-service.js
+++ b/test/wpt/tests/resources/chromium/mock-pressure-service.js
@@ -1,5 +1,5 @@
 import {PressureManager, PressureManagerReceiver, PressureStatus} from '/gen/services/device/public/mojom/pressure_manager.mojom.m.js'
-import {PressureFactor, PressureSource, PressureState} from '/gen/services/device/public/mojom/pressure_update.mojom.m.js'
+import {PressureSource, PressureState} from '/gen/services/device/public/mojom/pressure_update.mojom.m.js'
 
 class MockPressureService {
   constructor() {
@@ -15,10 +15,6 @@ class MockPressureService {
       ['nominal', PressureState.kNominal], ['fair', PressureState.kFair],
       ['serious', PressureState.kSerious], ['critical', PressureState.kCritical]
     ]);
-    this.mojomFactorType_ = new Map([
-      ['thermal', PressureFactor.kThermal],
-      ['power-supply', PressureFactor.kPowerSupply]
-    ]);
     this.pressureServiceReadingTimerId_ = null;
   }
 
@@ -109,26 +105,16 @@ class MockPressureService {
     return this.updatesDelivered_;
   }
 
-  setPressureUpdate(source, state, factors) {
+  setPressureUpdate(source, state) {
     if (!this.mojomSourceType_.has(source))
       throw new Error(`PressureSource '${source}' is invalid`);
 
     if (!this.mojomStateType_.has(state))
       throw new Error(`PressureState '${state}' is invalid`);
 
-    let pressureFactors = [];
-    if (Array.isArray(factors)) {
-      for (const factor of factors) {
-        if (!this.mojomFactorType_.has(factor))
-          throw new Error(`PressureFactor '${factor}' is invalid`);
-        pressureFactors.push(this.mojomFactorType_.get(factor));
-      }
-    }
-
     this.pressureUpdate_ = {
       source: this.mojomSourceType_.get(source),
       state: this.mojomStateType_.get(state),
-      factors: pressureFactors,
     };
   }
 
diff --git a/test/wpt/tests/service-workers/service-worker/partitioned-cookies.tentative.https.html b/test/wpt/tests/service-workers/service-worker/partitioned-cookies.tentative.https.html
new file mode 100644
index 00000000000..6744edc0eac
--- /dev/null
+++ b/test/wpt/tests/service-workers/service-worker/partitioned-cookies.tentative.https.html
@@ -0,0 +1,85 @@
+<!DOCTYPE html>
+<head>
+<meta charset="utf-8"/>
+<meta name="timeout" content="long">
+<title>Service Worker: Partitioned Cookies</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="resources/test-helpers.sub.js"></script>
+<script src="/common/get-host-info.sub.js"></script>
+</head>
+
+<!--
+  This test exercises partitioned service workers' interaction with partitioned cookies.
+  Partitioned service workers should only be able to interact with partitioned cookies whose
+  partition key matches the worker's partition.
+-->
+
+<body>
+<script>
+
+promise_test(async t => {
+  const script = './resources/partitioned-cookies-sw.js'
+  const scope = './resources/partitioned-cookies-'
+  const absolute_scope = new URL(scope, window.location).href;
+
+  const reg = await service_worker_unregister_and_register(t, script, scope);
+  await wait_for_state(t, reg.installing, 'activated');
+  t.add_cleanup(() => reg.unregister());
+
+  // on_message will be reassigned below based on the expected reply from the service worker.
+  let on_message;
+  self.addEventListener('message', ev => on_message(ev));
+  navigator.serviceWorker.addEventListener('message', evt => {
+    self.postMessage(evt.data, '*');
+  });
+
+  const retrieved_registrations =
+        await navigator.serviceWorker.getRegistrations();
+  // It's possible that other tests have left behind other service workers.
+  // This steps filters those other SWs out.
+  const filtered_registrations =
+    retrieved_registrations.filter(reg => reg.scope == absolute_scope);
+
+  // First test that the worker script started correctly and message passing is enabed.
+  let resolve_wait_promise;
+  let wait_promise = new Promise(resolve => {
+    resolve_wait_promise = resolve;
+  });
+  let got;
+  on_message = ev => {
+    got = ev.data;
+    resolve_wait_promise();
+  };
+  filtered_registrations[0].active.postMessage({type: 'test_message'});
+  await wait_promise;
+  assert_true(got.ok, 'Message passing');
+
+  // Set a Partitioned cookie.
+  document.cookie = '__Host-partitioned=123; Secure; Path=/; SameSite=None; Partitioned;';
+  assert_true(document.cookie.includes('__Host-partitioned=123'));
+
+  // Test that the partitioned cookie is available to this worker.
+  wait_promise = new Promise(resolve => {
+    resolve_wait_promise = resolve;
+  });
+  on_message = ev => {
+    got = ev.data;
+    resolve_wait_promise();
+  };
+  filtered_registrations[0].active.postMessage({type: 'echo_cookies'});
+  await wait_promise;
+  assert_true(got.ok, 'Get cookies');
+  assert_true(got.cookies.includes('__Host-partitioned'), 'Can access partitioned cookie');
+
+  const popup = window.open(
+      new URL(
+          `./resources/partitioned-cookies-3p-window.html?origin=${
+              encodeURIComponent(self.location.origin)}`,
+          get_host_info().HTTPS_NOTSAMESITE_ORIGIN + self.location.pathname));
+  await fetch_tests_from_window(popup);
+});
+
+</script>
+</body>
+</html>
\ No newline at end of file
diff --git a/test/wpt/tests/service-workers/service-worker/resources/partitioned-cookies-3p-credentialless-frame.html b/test/wpt/tests/service-workers/service-worker/resources/partitioned-cookies-3p-credentialless-frame.html
new file mode 100644
index 00000000000..ff24bf3670c
--- /dev/null
+++ b/test/wpt/tests/service-workers/service-worker/resources/partitioned-cookies-3p-credentialless-frame.html
@@ -0,0 +1,69 @@
+<!DOCTYPE html>
+<head>
+<meta charset="utf-8"/>
+<meta name="timeout" content="long">
+<title>Service Worker: Partitioned Cookies 3P Credentialless Iframe</title>
+<script src="/resources/testharness.js"></script>
+<script src="test-helpers.sub.js"></script>
+<script src="/common/get-host-info.sub.js"></script>
+</head>
+
+<body>
+<script>
+
+// Check workers registered by a credentialless frame can access cookies set in that frame.
+promise_test(async t => {
+  const script = './partitioned-cookies-3p-sw.js';
+  const scope = './partitioned-cookies-3p-';
+  const absolute_scope = new URL(scope, window.location).href;
+
+  // Set a Partitioned cookie.
+  document.cookie = '__Host-partitioned=123; Secure; Path=/; SameSite=None; Partitioned;';
+  assert_true(document.cookie.includes('__Host-partitioned=123'));
+
+  const reg = await service_worker_unregister_and_register(t, script, scope);
+  await wait_for_state(t, reg.installing, 'activated');
+
+  let retrieved_registrations =
+        await navigator.serviceWorker.getRegistrations();
+  let filtered_registrations =
+      retrieved_registrations.filter(reg => reg.scope == absolute_scope);
+
+  // on_message will be reassigned below based on the expected reply from the service worker.
+  let on_message;
+  self.addEventListener('message', ev => on_message(ev));
+  navigator.serviceWorker.addEventListener('message', evt => {
+    self.postMessage(evt.data, '*');
+  });
+
+  // First test that the worker script started correctly and message passing is enabled.
+  let resolve_wait_promise;
+  let wait_promise = new Promise(resolve => {
+    resolve_wait_promise = resolve;
+  });
+  let got;
+  on_message = ev => {
+    got = ev.data;
+    resolve_wait_promise();
+  };
+  filtered_registrations[0].active.postMessage({type: 'test_message'});
+  await wait_promise;
+  assert_true(got.ok, 'Message passing');
+
+  // Test that the partitioned cookie is available to this worker.
+  wait_promise = new Promise(resolve => {
+    resolve_wait_promise = resolve;
+  });
+  on_message = ev => {
+    got = ev.data;
+    resolve_wait_promise();
+  };
+  filtered_registrations[0].active.postMessage({type: 'echo_cookies'});
+  await wait_promise;
+  assert_true(got.ok, 'Get cookies');
+  assert_true(got.cookies.includes('__Host-partitioned'), 'Can access partitioned cookie');;
+});
+
+</script>
+</body>
+</html>
\ No newline at end of file
diff --git a/test/wpt/tests/service-workers/service-worker/resources/partitioned-cookies-3p-frame.html b/test/wpt/tests/service-workers/service-worker/resources/partitioned-cookies-3p-frame.html
new file mode 100644
index 00000000000..d3962d2e600
--- /dev/null
+++ b/test/wpt/tests/service-workers/service-worker/resources/partitioned-cookies-3p-frame.html
@@ -0,0 +1,67 @@
+<!DOCTYPE html>
+<head>
+<meta charset="utf-8"/>
+<meta name="timeout" content="long">
+<title>Service Worker: Partitioned Cookies 3P Iframe</title>
+<script src="/resources/testharness.js"></script>
+<script src="test-helpers.sub.js"></script>
+</head>
+
+<body>
+<script>
+
+promise_test(async t => {
+  const script = './partitioned-cookies-3p-sw.js';
+  const scope = './partitioned-cookies-3p-';
+  const absolute_scope = new URL(scope, window.location).href;
+
+  assert_false(document.cookie.includes('__Host-partitioned=123'), 'DOM cannot access partitioned cookie');
+
+  const reg = await service_worker_unregister_and_register(t, script, scope);
+  await wait_for_state(t, reg.installing, 'activated');
+
+  let retrieved_registrations =
+        await navigator.serviceWorker.getRegistrations();
+  let filtered_registrations =
+    retrieved_registrations.filter(reg => reg.scope == absolute_scope);
+
+  // on_message will be reassigned below based on the expected reply from the service worker.
+  let on_message;
+  self.addEventListener('message', ev => on_message(ev));
+  navigator.serviceWorker.addEventListener('message', evt => {
+    self.postMessage(evt.data, '*');
+  });
+
+  // First test that the worker script started correctly and message passing is enabled.
+  let resolve_wait_promise;
+  let wait_promise = new Promise(resolve => {
+    resolve_wait_promise = resolve;
+  });
+  let got;
+  on_message = ev => {
+    got = ev.data;
+    resolve_wait_promise();
+  };
+  filtered_registrations[0].active.postMessage({type: 'test_message'});
+  await wait_promise;
+  assert_true(got.ok, 'Message passing');
+
+  // Test that the partitioned cookie is not available to this worker.
+  wait_promise = new Promise(resolve => {
+    resolve_wait_promise = resolve;
+  });
+  on_message = ev => {
+    got = ev.data;
+    resolve_wait_promise();
+  };
+  filtered_registrations[0].active.postMessage({type: 'echo_cookies'});
+  await wait_promise;
+  assert_true(got.ok, 'Get cookies');
+  assert_false(
+      got.cookies.includes('__Host-partitioned'),
+      'Worker cannot access partitioned cookie');
+});
+
+</script>
+</body>
+</html>
\ No newline at end of file
diff --git a/test/wpt/tests/service-workers/service-worker/resources/partitioned-cookies-3p-sw.js b/test/wpt/tests/service-workers/service-worker/resources/partitioned-cookies-3p-sw.js
new file mode 100644
index 00000000000..2f54a984b19
--- /dev/null
+++ b/test/wpt/tests/service-workers/service-worker/resources/partitioned-cookies-3p-sw.js
@@ -0,0 +1,30 @@
+self.addEventListener('message', ev => ev.waitUntil(onMessage(ev)));
+
+async function onMessage(event) {
+  if (!event.data)
+    return;
+  switch (event.data.type) {
+    case 'test_message':
+      return onTestMessage(event);
+    case 'echo_cookies':
+      return onEchoCookies(event);
+    default:
+      return;
+  }
+}
+
+// test_message just verifies that the message passing is working.
+async function onTestMessage(event) {
+  event.source.postMessage({ok: true});
+}
+
+// echo_cookies returns the names of all of the cookies available to the worker.
+async function onEchoCookies(event) {
+  try {
+    const cookie_objects = await self.cookieStore.getAll();
+    const cookies = cookie_objects.map(c => c.name);
+    event.source.postMessage({ok: true, cookies});
+  } catch (err) {
+    event.source.postMessage({ok: false});
+  }
+}
diff --git a/test/wpt/tests/service-workers/service-worker/resources/partitioned-cookies-3p-window.html b/test/wpt/tests/service-workers/service-worker/resources/partitioned-cookies-3p-window.html
new file mode 100644
index 00000000000..8e90609da22
--- /dev/null
+++ b/test/wpt/tests/service-workers/service-worker/resources/partitioned-cookies-3p-window.html
@@ -0,0 +1,35 @@
+<!DOCTYPE html>
+<head>
+<meta charset="utf-8"/>
+<meta name="timeout" content="long">
+<title>Service Worker: Partitioned Cookies 3P Window</title>
+<script src="/resources/testharness.js"></script>
+</head>
+
+<body>
+<script>
+
+promise_test(async t => {
+  assert_true(
+      location.search.includes('origin='), 'First party origin passed');
+  const first_party_origin = decodeURIComponent(
+      location.search.split('origin=')[1]);
+  const iframe = document.createElement('iframe');
+  iframe.src = new URL(
+      './partitioned-cookies-3p-frame.html',
+      first_party_origin + location.pathname).href;
+  document.body.appendChild(iframe);
+  fetch_tests_from_window(iframe.contentWindow);
+
+  const credentialless_frame = document.createElement('iframe');
+  credentialless_frame.credentialless = true;
+  credentialless_frame.src = new URL(
+      './partitioned-cookies-3p-credentialless-frame.html',
+      first_party_origin + location.pathname).href;
+  document.body.appendChild(credentialless_frame);
+  fetch_tests_from_window(credentialless_frame.contentWindow);
+});
+
+</script>
+</body>
+</html>
diff --git a/test/wpt/tests/service-workers/service-worker/resources/partitioned-cookies-sw.js b/test/wpt/tests/service-workers/service-worker/resources/partitioned-cookies-sw.js
new file mode 100644
index 00000000000..2f54a984b19
--- /dev/null
+++ b/test/wpt/tests/service-workers/service-worker/resources/partitioned-cookies-sw.js
@@ -0,0 +1,30 @@
+self.addEventListener('message', ev => ev.waitUntil(onMessage(ev)));
+
+async function onMessage(event) {
+  if (!event.data)
+    return;
+  switch (event.data.type) {
+    case 'test_message':
+      return onTestMessage(event);
+    case 'echo_cookies':
+      return onEchoCookies(event);
+    default:
+      return;
+  }
+}
+
+// test_message just verifies that the message passing is working.
+async function onTestMessage(event) {
+  event.source.postMessage({ok: true});
+}
+
+// echo_cookies returns the names of all of the cookies available to the worker.
+async function onEchoCookies(event) {
+  try {
+    const cookie_objects = await self.cookieStore.getAll();
+    const cookies = cookie_objects.map(c => c.name);
+    event.source.postMessage({ok: true, cookies});
+  } catch (err) {
+    event.source.postMessage({ok: false});
+  }
+}
diff --git a/test/wpt/tests/storage/buckets/buckets_storage_policy.tentative.https.any.js b/test/wpt/tests/storage/buckets/buckets_storage_policy.tentative.https.any.js
index d6dce3675d0..a66fd81cd43 100644
--- a/test/wpt/tests/storage/buckets/buckets_storage_policy.tentative.https.any.js
+++ b/test/wpt/tests/storage/buckets/buckets_storage_policy.tentative.https.any.js
@@ -19,3 +19,28 @@ promise_test(async testCase => {
       navigator.storageBuckets.open(
           'above_max', {quota: Number.MAX_SAFE_INTEGER + 1}));
 }, 'The open promise should reject with a TypeError when quota is requested outside the range of 1 to Number.MAX_SAFE_INTEGER.');
+
+
+promise_test(async testCase => {
+  await prepareForBucketTest(testCase);
+
+  // IndexedDB
+  {
+    const quota = 1;
+    const bucket = await navigator.storageBuckets.open('idb', {quota});
+
+    const objectStoreName = 'store';
+    const db = await indexedDbOpenRequest(
+        testCase, bucket.indexedDB, 'db', (db_to_upgrade) => {
+          db_to_upgrade.createObjectStore(objectStoreName);
+        });
+
+    const overflowBuffer = new Uint8Array(quota + 1);
+
+    const txn = db.transaction(objectStoreName, 'readwrite');
+    txn.objectStore(objectStoreName).add('', overflowBuffer);
+
+    await promise_rejects_dom(
+        testCase, 'QuotaExceededError', transactionPromise(txn));
+  }
+}, 'A QuotaExceededError is thrown when a storage API exceeds the quota of the bucket its in.');
diff --git a/test/wpt/tests/storage/buckets/resources/cached-resource.txt b/test/wpt/tests/storage/buckets/resources/cached-resource.txt
new file mode 100644
index 00000000000..c57eff55ebc
--- /dev/null
+++ b/test/wpt/tests/storage/buckets/resources/cached-resource.txt
@@ -0,0 +1 @@
+Hello World!
\ No newline at end of file
diff --git a/test/wpt/tests/storage/buckets/resources/util.js b/test/wpt/tests/storage/buckets/resources/util.js
index 50abce14cdc..425303ce2c9 100644
--- a/test/wpt/tests/storage/buckets/resources/util.js
+++ b/test/wpt/tests/storage/buckets/resources/util.js
@@ -13,3 +13,45 @@ async function prepareForBucketTest(test) {
     }
   });
 }
+
+function indexedDbOpenRequest(t, idb, dbname, upgrade_func) {
+  return new Promise((resolve, reject) => {
+    const openRequest = idb.open(dbname);
+    t.add_cleanup(() => {
+      indexedDbDeleteRequest(idb, dbname);
+    });
+
+    openRequest.onerror = () => {
+      reject(openRequest.error);
+    };
+    openRequest.onsuccess = () => {
+      resolve(openRequest.result);
+    };
+    openRequest.onupgradeneeded = event => {
+      upgrade_func(openRequest.result);
+    };
+  });
+}
+
+function indexedDbDeleteRequest(idb, name) {
+  return new Promise((resolve, reject) => {
+    const deleteRequest = idb.deleteDatabase(name);
+    deleteRequest.onerror = () => {
+      reject(deleteRequest.error);
+    };
+    deleteRequest.onsuccess = () => {
+      resolve();
+    };
+  });
+}
+
+function transactionPromise(txn) {
+  return new Promise((resolve, reject) => {
+    txn.onabort = () => {
+      reject(txn.error);
+    };
+    txn.oncomplete = () => {
+      resolve();
+    };
+  });
+}
diff --git a/test/wpt/tests/storage/estimate-indexeddb.https.any.js b/test/wpt/tests/storage/estimate-indexeddb.https.any.js
index b0c6b944dd6..f0b82b9fa09 100644
--- a/test/wpt/tests/storage/estimate-indexeddb.https.any.js
+++ b/test/wpt/tests/storage/estimate-indexeddb.https.any.js
@@ -1,46 +1,5 @@
 // META: title=StorageManager: estimate() for indexeddb
-
-function indexedDbOpenRequest(t, dbname, upgrade_func) {
-  return new Promise((resolve, reject) => {
-    const openRequest = indexedDB.open(dbname);
-    t.add_cleanup(() => {
-      indexedDbDeleteRequest(dbname);
-    });
-
-    openRequest.onerror = () => {
-      reject(openRequest.error);
-    };
-    openRequest.onsuccess = () => {
-      resolve(openRequest.result);
-    };
-    openRequest.onupgradeneeded = event => {
-      upgrade_func(openRequest.result);
-    };
-  });
-}
-
-function indexedDbDeleteRequest(name) {
-  return new Promise((resolve, reject) => {
-    const deleteRequest = indexedDB.deleteDatabase(name);
-    deleteRequest.onerror = () => {
-      reject(deleteRequest.error);
-    };
-    deleteRequest.onsuccess = () => {
-      resolve();
-    };
-  });
-}
-
-function transactionPromise(txn) {
-  return new Promise((resolve, reject) => {
-    txn.onabort = () => {
-      reject(txn.error);
-    };
-    txn.oncomplete = () => {
-      resolve();
-    };
-  });
-}
+// META: script=/storage/buckets/resources/util.js
 
 test(t => {
   assert_true('estimate' in navigator.storage);
@@ -60,16 +19,17 @@ promise_test(async t => {
 promise_test(async t => {
   const arraySize = 1e6;
   const objectStoreName = "storageManager";
-  const dbname = this.window ? window.location.pathname :
-        "estimate-worker.https.html";
+  const dbname =
+      this.window ? window.location.pathname : 'estimate-worker.https.html';
 
-  await indexedDbDeleteRequest(dbname);
+  await indexedDbDeleteRequest(indexedDB, dbname);
   let estimate = await navigator.storage.estimate();
 
   const usageBeforeCreate = estimate.usage;
-  const db = await indexedDbOpenRequest(t, dbname, (db_to_upgrade) => {
-    db_to_upgrade.createObjectStore(objectStoreName);
-  });
+  const db =
+      await indexedDbOpenRequest(t, indexedDB, dbname, (db_to_upgrade) => {
+        db_to_upgrade.createObjectStore(objectStoreName);
+      });
 
   estimate = await navigator.storage.estimate();
   const usageAfterCreate = estimate.usage;
@@ -86,7 +46,7 @@ promise_test(async t => {
     view[i] = Math.floor(Math.random() * 255);
   }
 
-  const testBlob = new Blob([buffer], {type: "binary/random"});
+  const testBlob = new Blob([buffer], {type: 'binary/random'});
   txn.objectStore(objectStoreName).add(testBlob, 1);
 
   await transactionPromise(txn);