diff options
Diffstat (limited to 'testing/web-platform/tests/html/semantics/scripting-1/the-script-element/json-module/credentials.sub.html')
| -rw-r--r-- | testing/web-platform/tests/html/semantics/scripting-1/the-script-element/json-module/credentials.sub.html | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/testing/web-platform/tests/html/semantics/scripting-1/the-script-element/json-module/credentials.sub.html b/testing/web-platform/tests/html/semantics/scripting-1/the-script-element/json-module/credentials.sub.html new file mode 100644 index 0000000000..a6df506e21 --- /dev/null +++ b/testing/web-platform/tests/html/semantics/scripting-1/the-script-element/json-module/credentials.sub.html @@ -0,0 +1,55 @@ +<!DOCTYPE html> +<meta charset="utf-8"> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> + +<script> +document.cookie = 'milk=1'; + +const setCookiePromise = fetch( + 'http://{{domains[www2]}}:{{ports[http][0]}}/cookies/resources/set-cookie.py?name=milk&path=/html/semantics/scripting-1/the-script-element/json-module/', + { + mode: 'no-cors', + credentials: 'include', + }); + +const windowLoadPromise = new Promise(resolve => { + window.addEventListener('load', () => { + resolve(); + }); +}); + +promise_test(t => { + const iframe = document.createElement('iframe'); + + return Promise.all([setCookiePromise, windowLoadPromise]).then(() => { + const messagePromise = new Promise(resolve => { + window.addEventListener('message', event => { + resolve(); + }); + }); + + iframe.src = 'credentials-iframe.sub.html'; + document.body.appendChild(iframe); + + return messagePromise; + }).then(() => { + const w = iframe.contentWindow; + + assert_equals(w.sameOriginNoneDescendant, true, + 'Descendant JSON modules should be loaded with the credentials when the crossOrigin attribute is not specified and the target is same-origin'); + assert_equals(w.sameOriginAnonymousDescendant, true, + 'Descendant JSON modules should be loaded with the credentials when the crossOrigin attribute is specified with "anonymous" as its value and the target is same-origin'); + assert_equals(w.sameOriginUseCredentialsDescendant, true, + 'Descendant JSON modules should be loaded with the credentials when the crossOrigin attribute is specified with "use-credentials" as its value and the target is same-origin'); + assert_equals(w.crossOriginNoneDescendant, false, + 'Descendant JSON modules should not be loaded with the credentials when the crossOrigin attribute is not specified and the target is cross-origin'); + assert_equals(w.crossOriginAnonymousDescendant, false, + 'Descendant JSON modules should not be loaded with the credentials when the crossOrigin attribute is specified with "anonymous" as its value and the target is cross-origin'); + assert_equals(w.crossOriginUseCredentialsDescendant, true, + 'Descendant JSON modules should be loaded with the credentials when the crossOrigin attribute is specified with "use-credentials" as its value and the target is cross-origin'); +}); +}, 'JSON Modules should be loaded with or without the credentials based on the same-origin-ness and the crossOrigin attribute'); +</script> +<body> +</body> |