89 lines
3.1 KiB
HTML
89 lines
3.1 KiB
HTML
<!doctype html>
|
|
<html>
|
|
<script src=/resources/testharness.js></script>
|
|
<script src=/resources/testharnessreport.js></script>
|
|
<script src="/common/get-host-info.sub.js"></script>
|
|
<script src="/service-workers/service-worker/resources/test-helpers.sub.js"></script>
|
|
<script>
|
|
const SCOPE = new URL(location.href).pathname;
|
|
const SCRIPT =
|
|
'resources/sw.js?' +
|
|
`pipe=header(service-worker-allowed,${SCOPE})`;
|
|
|
|
function remote(path) {
|
|
const REMOTE_ORIGIN = get_host_info().HTTPS_REMOTE_ORIGIN;
|
|
return new URL(path, REMOTE_ORIGIN + '/html/cross-origin-embedder-policy/');
|
|
}
|
|
|
|
promise_test(async (t) => {
|
|
const reg = await service_worker_unregister_and_register(t, SCRIPT, SCOPE);
|
|
add_completion_callback(() => {
|
|
reg.unregister();
|
|
});
|
|
await new Promise(resolve => {
|
|
navigator.serviceWorker.addEventListener('controllerchange', resolve);
|
|
});
|
|
}, 'setting up');
|
|
|
|
promise_test(async (t) => {
|
|
await fetch('resources/nothing-same-origin-corp.txt', {mode: 'no-cors'});
|
|
}, 'making a same-origin request for CORP: same-origin');
|
|
|
|
promise_test(async (t) => {
|
|
await fetch('/common/blank.html', {mode: 'no-cors'});
|
|
}, 'making a same-origin request for no CORP');
|
|
|
|
promise_test(async (t) => {
|
|
await fetch('resources/nothing-cross-origin-corp.js', {mode: 'no-cors'});
|
|
}, 'making a same-origin request for CORP: cross-origin');
|
|
|
|
promise_test(async (t) => {
|
|
await promise_rejects_js(
|
|
t, TypeError,
|
|
fetch(remote('resources/nothing-same-origin-corp.txt'), {mode: 'no-cors'}));
|
|
}, 'making a cross-origin request for CORP: same-origin');
|
|
|
|
promise_test(async (t) => {
|
|
await fetch(remote('/common/blank.html'), {mode: 'no-cors'});
|
|
}, 'making a cross-origin request for no CORP');
|
|
|
|
promise_test(async (t) => {
|
|
await fetch(
|
|
remote('resources/nothing-cross-origin-corp.js'),
|
|
{mode: 'no-cors'});
|
|
}, 'making a cross-origin request for CORP: cross-origin');
|
|
|
|
promise_test(async (t) => {
|
|
await promise_rejects_js(
|
|
t, TypeError,
|
|
fetch(remote('resources/nothing-same-origin-corp.txt?passthrough'),
|
|
{mode: 'no-cors'}));
|
|
}, 'making a cross-origin request for CORP: same-origin [PASS THROUGH]');
|
|
|
|
promise_test(async (t) => {
|
|
await fetch(remote('/common/blank.html?passthrough'), {mode: 'no-cors'});
|
|
}, 'making a cross-origin request for no CORP [PASS THROUGH]');
|
|
|
|
promise_test(async (t) => {
|
|
await fetch(
|
|
remote('resources/nothing-cross-origin-corp.js?passthrough'),
|
|
{mode: 'no-cors'});
|
|
}, 'making a cross-origin request for CORP: cross-origin [PASS THROUGH]');
|
|
|
|
promise_test(async (t) => {
|
|
await promise_rejects_js(
|
|
t, TypeError, fetch(remote('/common/blank.html'), {mode: 'cors'}));
|
|
}, 'making a cross-origin request with CORS without ACAO');
|
|
|
|
promise_test(async (t) => {
|
|
const URL = remote(
|
|
'/common/blank.html?pipe=header(access-control-allow-origin,*)');
|
|
await fetch(URL, {mode: 'cors'});
|
|
}, 'making a cross-origin request with CORS');
|
|
|
|
promise_test(async (t) => {
|
|
const URL = remote('/fetch/api/resources/preflight.py?allow_headers=hoge');
|
|
await fetch(URL, {mode: 'cors', headers: {'hoge': 'fuga'}});
|
|
}, 'making a cross-origin request with CORS-preflight');
|
|
</script>
|
|
</html>
|