diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 01:47:29 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 01:47:29 +0000 |
commit | 0ebf5bdf043a27fd3dfb7f92e0cb63d88954c44d (patch) | |
tree | a31f07c9bcca9d56ce61e9a1ffd30ef350d513aa /testing/web-platform/tests/fenced-frame/sandbox-attribute.https.html | |
parent | Initial commit. (diff) | |
download | firefox-esr-0ebf5bdf043a27fd3dfb7f92e0cb63d88954c44d.tar.xz firefox-esr-0ebf5bdf043a27fd3dfb7f92e0cb63d88954c44d.zip |
Adding upstream version 115.8.0esr.upstream/115.8.0esr
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'testing/web-platform/tests/fenced-frame/sandbox-attribute.https.html')
-rw-r--r-- | testing/web-platform/tests/fenced-frame/sandbox-attribute.https.html | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/testing/web-platform/tests/fenced-frame/sandbox-attribute.https.html b/testing/web-platform/tests/fenced-frame/sandbox-attribute.https.html new file mode 100644 index 0000000000..1458145e43 --- /dev/null +++ b/testing/web-platform/tests/fenced-frame/sandbox-attribute.https.html @@ -0,0 +1,63 @@ +<!DOCTYPE html> +<title>Test fenced frame sandbox attribute.</title> +<meta name="timeout" content="long"> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +<script src="/common/utils.js"></script> +<script src="/common/dispatcher/dispatcher.js"></script> +<script src="resources/utils.js"></script> + +<body> +<script> + +async function runTest(t, sandbox_flags, success) { + const frame = await attachFencedFrameContext({ + generator_api: 'fledge', resolve_to_config: true, + attributes: [['sandbox', sandbox_flags]]}); + + assert_equals(frame.element.sandbox.value, sandbox_flags); + if (sandbox_flags) { + assert_equals(frame.element.sandbox.length, sandbox_flags.split(' ').length); + } else { + assert_equals(frame.element.sandbox.length, 0); + } + + const result = await Promise.any([ + frame.execute(() => { return 'success';}), + new Promise(resolve => t.step_timeout(() => resolve('failure'), 2000))]); + if (success) { + assert_equals(result, 'success'); + } else { + assert_equals(result, 'failure'); + } +} + +// We omit test cases that lack the sandbox attribute, because that's covered +// by every other test that doesn't explicitly use the `sandbox` attribute. + +promise_test(async t => { + return runTest(t, '', false); +}, 'Navigation fails with no allowed features'); + +promise_test(async t => { + return runTest(t, 'allow-same-origin allow-forms allow-scripts allow-popups allow-popups-to-escape-sandbox allow-top-navigation-by-user-activation', true); +}, 'Navigation succeeds with exactly the required unsandboxed features'); + +promise_test(async t => { + return runTest(t, 'allow-same-origin allow-forms allow-scripts allow-popups allow-popups-to-escape-sandbox allow-top-navigation-by-user-activation allow-pointer-lock', true); +}, 'Navigation succeeds with extra unsandboxed features'); + +promise_test(async t => { + return runTest(t, 'allow-same-origin allow-forms allow-scripts allow-popups allow-popups-to-escape-sandbox', false); +}, 'Navigation fails with too few unsandboxed features'); + +promise_test(async t => { + return runTest(t, 'foo bar baz', false); +}, 'Navigation fails with malformed sandbox flags'); + +promise_test(async t => { + return runTest(t, 'allow-same-origin allow-forms allow-scripts allow-popups allow-popups-to-escape-sandbox allow-top-navigation-by-user-activation allow-foobarbaz', true); +}, 'Navigation fails with the required unsandboxed features, plus some malformed ones'); + +</script> +</body> |