25 lines
1,014 B
HTML
25 lines
1,014 B
HTML
<!doctype html>
|
|
<meta charset=utf-8>
|
|
<script src="/resources/testharness.js"></script>
|
|
<script src="/resources/testharnessreport.js"></script>
|
|
<script src="/common/get-host-info.sub.js"></script>
|
|
<script src="resources/script-factory.js"></script>
|
|
<div id=log></div>
|
|
<script>
|
|
async_test(t => {
|
|
window.addEventListener("message", t.step_func_done(({ data }) => {
|
|
assert_equals(data.id, "");
|
|
assert_equals(data.origin, window.origin);
|
|
assert_true(data.sameOriginNoCORPSuccess);
|
|
assert_true(data.crossOriginNoCORPFailure, "Cross-origin without CORP did not fail");
|
|
}));
|
|
const frame = document.createElement("iframe");
|
|
t.add_cleanup(() => frame.remove());
|
|
frame.src = "resources/coep-frame.html";
|
|
frame.onload = t.step_func(() => {
|
|
frame.onload = null;
|
|
frame.src = `javascript:${encodeURIComponent(createScript(window.origin, get_host_info().HTTPS_NOTSAMESITE_ORIGIN))}`;
|
|
});
|
|
document.body.append(frame);
|
|
}, "Cross-Origin-Embedder-Policy frame and javascript: URLs");
|
|
</script>
|