diff options
Diffstat (limited to 'testing/web-platform/tests/html/semantics/embedded-content/the-iframe-element/sandbox-top-navigation-escalate-privileges.tentative.sub.window.js')
| -rw-r--r-- | testing/web-platform/tests/html/semantics/embedded-content/the-iframe-element/sandbox-top-navigation-escalate-privileges.tentative.sub.window.js | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/testing/web-platform/tests/html/semantics/embedded-content/the-iframe-element/sandbox-top-navigation-escalate-privileges.tentative.sub.window.js b/testing/web-platform/tests/html/semantics/embedded-content/the-iframe-element/sandbox-top-navigation-escalate-privileges.tentative.sub.window.js new file mode 100644 index 0000000000..a5cda9b0b9 --- /dev/null +++ b/testing/web-platform/tests/html/semantics/embedded-content/the-iframe-element/sandbox-top-navigation-escalate-privileges.tentative.sub.window.js @@ -0,0 +1,63 @@ +// META: title=Top-level navigation tests with frames that try to give themselves top-nav permission +// META: script=/common/dispatcher/dispatcher.js +// META: script=/common/get-host-info.sub.js +// META: script=/common/utils.js +// META: script=/resources/testdriver.js +// META: script=/resources/testdriver-vendor.js +// META: script=/html/browsers/browsing-the-web/remote-context-helper/resources/remote-context-helper.js +// META: script=./resources/sandbox-top-navigation-helper.js + +'use strict'; + +promise_test(async t => { + const main = await setupTest(); + const iframe_1 = await createNestedIframe(main, + "HTTP_REMOTE_ORIGIN", "", ""); + const iframe_2 = await createNestedIframe(iframe_1, + "HTTP_REMOTE_ORIGIN", "allow-top-navigation", ""); + + await attemptTopNavigation(iframe_2, false); +}, "A cross origin unsandboxed frame can't escalate privileges in a child \ + frame"); + +promise_test(async t => { + const main = await setupTest(); + const iframe_1 = await createNestedIframe(main, + "HTTP_REMOTE_ORIGIN", "allow-top-navigation", ""); + const iframe_2 = await createNestedIframe(iframe_1, + "OTHER_ORIGIN", "", ""); + + await attemptTopNavigation(iframe_2, true); +}, "An unsandboxed grandchild inherits its parents ability to navigate top."); + +promise_test(async t => { + const main = await setupTest(); + const iframe_1 = await createNestedIframe(main, + "HTTP_ORIGIN", "", ""); + const iframe_2 = await createNestedIframe(iframe_1, + "HTTP_ORIGIN", "allow-top-navigation", ""); + + await attemptTopNavigation(iframe_2, true); +}, "A same-origin grandchild with frame allow-top can navigate top"); + +promise_test(async t => { + const main = await setupTest(); + const iframe_1 = await createNestedIframe(main, + "HTTP_ORIGIN", "", ""); + const iframe_2 = await createNestedIframe(iframe_1, + "HTTP_ORIGIN", "", "allow-top-navigation"); + + await attemptTopNavigation(iframe_2, false); +}, "A sandboxed same-origin grandchild without allow-same-origin can't \ + escalate its own top-nav privileges"); + +promise_test(async t => { + const main = await setupTest(); + const iframe_1 = await createNestedIframe(main, + "HTTP_ORIGIN", "", ""); + const iframe_2 = await createNestedIframe(iframe_1, + "HTTP_ORIGIN", "", "allow-same-origin allow-top-navigation"); + + await attemptTopNavigation(iframe_2, true); +}, "A sandboxed same-origin grandchild with allow-same-origin can \ + give itself top-nav privileges"); |