diff options
Diffstat (limited to 'testing/web-platform/tests/cookies/third-party-cookies/resources/test-helpers.js')
-rw-r--r-- | testing/web-platform/tests/cookies/third-party-cookies/resources/test-helpers.js | 27 |
1 files changed, 25 insertions, 2 deletions
diff --git a/testing/web-platform/tests/cookies/third-party-cookies/resources/test-helpers.js b/testing/web-platform/tests/cookies/third-party-cookies/resources/test-helpers.js index 2ae2c46a37..c76ac71616 100644 --- a/testing/web-platform/tests/cookies/third-party-cookies/resources/test-helpers.js +++ b/testing/web-platform/tests/cookies/third-party-cookies/resources/test-helpers.js @@ -1,10 +1,10 @@ function testHttpCookies({desc, origin, cookieNames, expectsCookie}) { promise_test(async () => { - await assertOriginCanAccessCookies({origin, cookieNames, expectsCookie}); + await assertHttpOriginCanAccessCookies({ origin, cookieNames, expectsCookie }); }, getCookieTestName(expectsCookie, desc, "HTTP")); } -async function assertOriginCanAccessCookies({ +async function assertHttpOriginCanAccessCookies({ origin, cookieNames, expectsCookie, @@ -18,6 +18,29 @@ async function assertOriginCanAccessCookies({ } } +async function assertThirdPartyHttpCookies({ desc, origin, cookieNames, expectsCookie }) { + // Test that these cookies are not available on cross-site subresource requests to the + // origin that set them. + testHttpCookies({ + desc, + origin, + cookieNames, + expectsCookie, + }); + + promise_test(async () => { + const thirdPartyHttpCookie = "3P_http" + await credFetch( + `${origin}/cookies/resources/set.py?${thirdPartyHttpCookie}=foobar;` + + "Secure;Path=/;SameSite=None"); + await assertHttpOriginCanAccessCookies({ + origin, + cookieNames: [thirdPartyHttpCookie], + expectsCookie, + }); + }, desc + ": Cross site window setting HTTP cookies"); +} + function testDomCookies({desc, cookieNames, expectsCookie}) { test(() => { assertDomCanAccessCookie(cookieNames, expectsCookie); |