diff options
Diffstat (limited to 'testing/web-platform/tests/fetch/security/embedded-credentials.tentative.sub.html')
| -rw-r--r-- | testing/web-platform/tests/fetch/security/embedded-credentials.tentative.sub.html | 89 |
1 files changed, 89 insertions, 0 deletions
diff --git a/testing/web-platform/tests/fetch/security/embedded-credentials.tentative.sub.html b/testing/web-platform/tests/fetch/security/embedded-credentials.tentative.sub.html new file mode 100644 index 0000000000..ca5ee1c87b --- /dev/null +++ b/testing/web-platform/tests/fetch/security/embedded-credentials.tentative.sub.html @@ -0,0 +1,89 @@ +<!DOCTYPE html> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +<body> +<script> + async_test(t => { + var i = document.createElement('img'); + i.onerror = t.step_func_done(); + i.onload = t.unreached_func("'onload' should not fire."); + i.src = "http://user:pass@{{domains[www]}}:{{ports[http][0]}}/images/red.png"; + }, "Embedded credentials are treated as network errors."); + + async_test(t => { + var i = document.createElement('iframe'); + i.src = "./support/embedded-credential-window.sub.html"; + i.onload = t.step_func(_ => { + var c = new MessageChannel(); + c.port1.onmessage = t.step_func_done(e => { + assert_equals(e.data, "Error", "The image should not load."); + i.remove(); + }); + i.contentWindow.postMessage("Hi!", "*", [c.port2]); + }); + document.body.appendChild(i); + }, "Embedded credentials are treated as network errors in frames."); + + async_test(t => { + var w = window.open("./support/embedded-credential-window.sub.html"); + window.addEventListener("message", t.step_func(message => { + if (message.source != w) + return; + + var c = new MessageChannel(); + c.port1.onmessage = t.step_func_done(e => { + w.close(); + assert_equals(e.data, "Error", "The image should not load."); + }); + w.postMessage("absolute", "*", [c.port2]); + })); + }, "Embedded credentials are treated as network errors in new windows."); + + async_test(t => { + var w = window.open(); + w.location.href = "http://user:pass@{{domains[www]}}:{{ports[http][0]}}/fetch/security/support/embedded-credential-window.sub.html"; + window.addEventListener("message", t.step_func(message => { + if (message.source != w) + return; + + var c = new MessageChannel(); + c.port1.onmessage = t.step_func_done(e => { + w.close(); + assert_equals(e.data, "Load", "The image should load."); + }); + w.postMessage("relative", "*", [c.port2]); + })); + }, "Embedded credentials matching the top-level are not treated as network errors for relative URLs."); + + async_test(t => { + var w = window.open(); + w.location.href = "http://user:pass@{{domains[www]}}:{{ports[http][0]}}/fetch/security/support/embedded-credential-window.sub.html"; + window.addEventListener("message", t.step_func(message => { + if (message.source != w) + return; + + var c = new MessageChannel(); + c.port1.onmessage = t.step_func_done(e => { + w.close(); + assert_equals(e.data, "Load", "The image should load."); + }); + w.postMessage("same-origin-matching", "*", [c.port2]); + })); + }, "Embedded credentials matching the top-level are not treated as network errors for same-origin URLs."); + + async_test(t => { + var w = window.open(); + w.location.href = "http://user:pass@{{domains[www]}}:{{ports[http][0]}}/fetch/security/support/embedded-credential-window.sub.html"; + window.addEventListener("message", t.step_func(message => { + if (message.source != w) + return; + + var c = new MessageChannel(); + c.port1.onmessage = t.step_func_done(e => { + w.close(); + assert_equals(e.data, "Error", "The image should load."); + }); + w.postMessage("cross-origin-matching", "*", [c.port2]); + })); + }, "Embedded credentials matching the top-level are treated as network errors for cross-origin URLs."); +</script> |