summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/credential-management/support/fedcm/accounts_check_same_site_strict.py
diff options
context:
space:
mode:
Diffstat (limited to 'testing/web-platform/tests/credential-management/support/fedcm/accounts_check_same_site_strict.py')
-rw-r--r--testing/web-platform/tests/credential-management/support/fedcm/accounts_check_same_site_strict.py28
1 files changed, 28 insertions, 0 deletions
diff --git a/testing/web-platform/tests/credential-management/support/fedcm/accounts_check_same_site_strict.py b/testing/web-platform/tests/credential-management/support/fedcm/accounts_check_same_site_strict.py
new file mode 100644
index 0000000000..a6f385feac
--- /dev/null
+++ b/testing/web-platform/tests/credential-management/support/fedcm/accounts_check_same_site_strict.py
@@ -0,0 +1,28 @@
+import importlib
+error_checker = importlib.import_module("credential-management.support.fedcm.request-params-check")
+
+def main(request, response):
+ request_error = error_checker.accountsCheck(request)
+ if (request_error):
+ return request_error
+ if request.cookies.get(b"same_site_strict") == b"1":
+ return (546, [], "Should not send SameSite=Strict cookies")
+ if request.headers.get(b"Sec-Fetch-Site") != b"cross-site":
+ return (538, [], "Wrong Sec-Fetch-Site header")
+
+ response.headers.set(b"Content-Type", b"application/json")
+
+ return """
+{
+ "accounts": [{
+ "id": "1234",
+ "given_name": "John",
+ "name": "John Doe",
+ "email": "john_doe@idp.example",
+ "picture": "https://idp.example/profile/123",
+ "approved_clients": ["123", "456", "789"],
+ "login_hints": ["john_doe"],
+ "domain_hints": ["idp.example", "example"]
+ }]
+}
+"""
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-21 01:06:00 +0000