diff options
Diffstat (limited to 'testing/web-platform/tests/html/anonymous-iframe/hasStorageAccess.tentative.https.window.js')
-rw-r--r-- | testing/web-platform/tests/html/anonymous-iframe/hasStorageAccess.tentative.https.window.js | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/testing/web-platform/tests/html/anonymous-iframe/hasStorageAccess.tentative.https.window.js b/testing/web-platform/tests/html/anonymous-iframe/hasStorageAccess.tentative.https.window.js new file mode 100644 index 0000000000..bf33023793 --- /dev/null +++ b/testing/web-platform/tests/html/anonymous-iframe/hasStorageAccess.tentative.https.window.js @@ -0,0 +1,30 @@ +// META: script=/common/get-host-info.sub.js +// META: script=/common/utils.js +// META: script=/common/dispatcher/dispatcher.js +// META: script=/html/cross-origin-embedder-policy/credentialless/resources/common.js +// META: script=./resources/common.js + +setup(() => { + assert_implements(document.hasStorageAccess, + "requestStorageAccess is not supported."); +}) + +const hasStorageAccess = (iframe) => { + const reply = token(); + send(iframe, ` + send("${reply}", await document.hasStorageAccess()); + `); + return receive(reply); +} + +promise_test(async test => { + const same_origin = window.origin; + const iframe = newIframeCredentialless(same_origin); + assert_equals(await hasStorageAccess(iframe), "false"); +}, "Same-origin credentialless iframe can't request storage access"); + +promise_test(async test => { + const cross_origin = get_host_info().HTTPS_REMOTE_ORIGIN; + const iframe = newIframeCredentialless(cross_origin); + assert_equals(await hasStorageAccess(iframe), "false"); +}, "Cross-origin credentialless iframe can't request storage access"); |