summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/html/cross-origin-embedder-policy/cross-origin-isolated-permission-iframe.https.window.js
blob: 9190303206d50d74fa0434b9d3aff776c583ed73 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
// META: script=/common/get-host-info.sub.js
// META: script=/common/utils.js
// META: script=/common/dispatcher/dispatcher.js
// META: script=./credentialless/resources/common.js
// META: script=./resources/common.js

const cors_coep_headers = coep_require_corp + corp_cross_origin;
const same_origin = get_host_info().HTTPS_ORIGIN;
const cross_origin = get_host_info().HTTPS_REMOTE_ORIGIN;

const newIframe = async (
  test,
  parent_origin,
  parent_headers,
  child_origin,
  child_headers
) => {
  const [future_child, future_error] =
    await createIsolatedFrame(parent_origin, parent_headers);
  future_error.then(test.unreached_func('cannot create isolated iframe.'));

  const child = await future_child;
  add_completion_callback(() => child.remove());

  const grand_child_token = token();
  const grand_child = child.contentDocument.createElement('iframe');
  grand_child.src = child_origin + executor_path + child_headers +
    `&uuid=${grand_child_token}`;
  child.contentDocument.body.appendChild(grand_child);
  add_completion_callback(() => grand_child.remove());

  return grand_child_token;
};

const childFrameIsCrossOriginIsolated = async (
  test,
  child_origin,
  parent_permission_coi
) => {
  let parent_headers = cors_coep_headers;
  const child_headers = cors_coep_headers;
  if (parent_permission_coi !== undefined) {
    // Escape right parenthesis in WPT pipe:
    parent_permission_coi = parent_permission_coi.replace(')', '\\)');
    parent_headers += `|header(permissions-policy,` +
                      `cross-origin-isolated=${parent_permission_coi})`;
  }
  const parent_origin = same_origin;
  const iframe = await newIframe(
    test,
    parent_origin,
    parent_headers,
    child_origin,
    child_headers);
  return IsCrossOriginIsolated(iframe);
}

const generate_iframe_test = async (origin, isolation, expect_coi) => {
  promise_test_parallel(async (test) => {
    const isCrossOriginIsolated =
      await childFrameIsCrossOriginIsolated(test, origin, isolation);
    assert_equals(isCrossOriginIsolated, expect_coi)
  }, `iframe (origin: ${origin}) cross origin isolated (${isolation}) ` +
     `permission test`);
}

generate_iframe_test(same_origin, undefined, true);
generate_iframe_test(same_origin, '*', true);
generate_iframe_test(same_origin, 'self', true);
generate_iframe_test(same_origin, '()', false);
generate_iframe_test(cross_origin, undefined, false);
generate_iframe_test(cross_origin, '*', false);
generate_iframe_test(cross_origin, 'self', false);
generate_iframe_test(cross_origin, '()', false);