firefox/testing/web-platform/tests/permissions-policy/permissions-policy-frame-policy-timing.https.sub.html

<!doctype html>
<html>
  <header>
    <title>allow/sandbox attr changed after document creation, before response</title>
    <script src=/resources/testharness.js></script>
    <script src=/resources/testharnessreport.js></script>
    <script>
        let lastCallbackId = 0;
        const callbacks = {};

        function postMessageToFrame(frame, cb, id) {
          callbacks[id] = cb;
          frame.contentWindow.postMessage('test', '*');
          step_timeout(() => {
            if (id in callbacks) {
              callbacks[id]('timeout');
              delete callbacks[id];
            }
          }, 1000);
        }

        window.onmessage = function(e) {
          const message = e.data;
          const id = message['id'];
          const callback = callbacks[id];
          delete callbacks[id];
          callback(message.result);
        };
        // @param {string} url
        // @param {Function} iframe_pre_nav_callback - a callback with signature (iframe) => () which gets
        //                                            triggered before setting src attribute.
        // @param {Function} iframe_post_nav_callback - a callback with signature (iframe) => () which gets
        //                                             triggered after setting src attribute but before commit
        //                                             of navigation.
        // @param {Function} result_handler - a callback that handles the result posted back from iframe.
        // @param {string} test_name
        function timing_test(url,
          iframe_pre_nav_callback,
          iframe_post_nav_callback,
          result_handler, test_name) {
          async_test((t) => {
            var id = ++lastCallbackId;
            const iframe = document.createElement('iframe');
            document.body.appendChild(iframe);
            callbacks[id] = t.step_func((result) => {
              assert_equals(result, 'ready');
              iframe_post_nav_callback(iframe);
              postMessageToFrame(iframe, t.step_func_done(result_handler), id);
            });
            iframe_pre_nav_callback(iframe);
            iframe.src = url + '?id=' + id;
          }, test_name);
        }

        const path = location.pathname.substring(0, location.pathname.lastIndexOf('/') + 1);
        const same_origin = path;
        const cross_origin = "https://{{domains[www1]}}:{{ports[https][0]}}" + path;

        const cameraUrl = 'permissions-policy-frame-policy-timing-iframe-camera.https.sub.html';
        function disallowCamera(iframe) { iframe.allow = "camera 'none'"; }
        function allowCamera(iframe) { iframe.allow = 'camera *'; }
        function verifyCamera(result) { assert_equals(result, 'NotAllowedError'); }
        timing_test(same_origin + cameraUrl, disallowCamera, allowCamera, verifyCamera, 'allow attr timing test same origin');
        timing_test(cross_origin + cameraUrl, disallowCamera, allowCamera, verifyCamera, 'allow attr timing test diff origin');
        </script>
  </header>
  <body>
    <div id="log"></div>
  </body>
</html>