diff options
Diffstat (limited to 'testing/web-platform/tests/web-bundle/subresource-loading/subframe-from-web-bundle.https.tentative.html')
| -rw-r--r-- | testing/web-platform/tests/web-bundle/subresource-loading/subframe-from-web-bundle.https.tentative.html | 134 |
1 files changed, 134 insertions, 0 deletions
diff --git a/testing/web-platform/tests/web-bundle/subresource-loading/subframe-from-web-bundle.https.tentative.html b/testing/web-platform/tests/web-bundle/subresource-loading/subframe-from-web-bundle.https.tentative.html new file mode 100644 index 0000000000..9e08ccdd29 --- /dev/null +++ b/testing/web-platform/tests/web-bundle/subresource-loading/subframe-from-web-bundle.https.tentative.html @@ -0,0 +1,134 @@ +<!DOCTYPE html> +<title>Subframe loading from Web Bundles</title> +<link + rel="help" + href="https://github.com/WICG/webpackage/blob/main/explainers/subresource-loading.md" +/> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +<script src="../resources/test-helpers.js"></script> +<body> + <script> + setup(() => { + assert_true(HTMLScriptElement.supports("webbundle")); + }); + + promise_test(async (t) => { + const bundle_url = "../resources/wbn/uuid-in-package.wbn"; + const frame_url = "uuid-in-package:429fcc4e-0696-4bad-b099-ee9175f023ae"; + const iframe = await createWebBundleElementAndIframe( + t, + bundle_url, + frame_url + ); + // The iframe is cross-origin. So accessing iframe.contentWindow.location + // should throw a SecurityError. + assert_throws_dom("SecurityError", () => { + iframe.contentWindow.location.href; + }); + }, "The uuid-in-package: URL iframe must be cross-origin."); + + uuid_iframe_test( + "location.href", + "uuid-in-package:429fcc4e-0696-4bad-b099-ee9175f023ae", + "location.href in opaque-origin iframe." + ); + + uuid_iframe_test( + "(" + + (() => { + try { + let result = window.localStorage; + return "no error"; + } catch (e) { + return e.name; + } + }).toString() + + ")()", + "SecurityError", + "Accesing window.localStorage should throw a SecurityError." + ); + + uuid_iframe_test( + "(" + + (() => { + try { + let result = window.sessionStorage; + return "no error"; + } catch (e) { + return e.name; + } + }).toString() + + ")()", + "SecurityError", + "Accesing window.sessionStorage should throw a SecurityError." + ); + + uuid_iframe_test( + "(" + + (() => { + try { + let result = document.cookie; + return "no error"; + } catch (e) { + return e.name; + } + }).toString() + + ")()", + "SecurityError", + "Accesing document.cookie should throw a SecurityError." + ); + + uuid_iframe_test( + "(" + + (() => { + try { + let request = window.indexedDB.open("db"); + return "no error"; + } catch (e) { + return e.name; + } + }).toString() + + ")()", + "SecurityError", + "Opening an indexedDB should throw a SecurityError." + ); + + uuid_iframe_test( + "window.caches === undefined", + true, + "window.caches should be undefined." + ); + + function uuid_iframe_test(code, expected, name) { + promise_test(async (t) => { + const bundle_url = "../resources/wbn/uuid-in-package.wbn"; + const frame_url = + "uuid-in-package:429fcc4e-0696-4bad-b099-ee9175f023ae"; + const iframe = await createWebBundleElementAndIframe( + t, + bundle_url, + frame_url + ); + assert_equals(await evalInIframe(iframe, code), expected); + }, name + "uuid-in-package"); + } + + async function createWebBundleElementAndIframe(t, bundle_url, frame_url) { + const element = createWebBundleElement(bundle_url, [frame_url]); + document.body.appendChild(element); + const iframe = document.createElement("iframe"); + t.add_cleanup(() => { + document.body.removeChild(element); + document.body.removeChild(iframe); + }); + iframe.src = frame_url; + const load_promise = new Promise((resolve) => { + iframe.addEventListener("load", resolve); + }); + document.body.appendChild(iframe); + await load_promise; + return iframe; + } + </script> +</body> |