diff options
Diffstat (limited to 'testing/web-platform/tests/secure-contexts/shared-worker-insecure-first.https.html')
-rw-r--r-- | testing/web-platform/tests/secure-contexts/shared-worker-insecure-first.https.html | 111 |
1 files changed, 111 insertions, 0 deletions
diff --git a/testing/web-platform/tests/secure-contexts/shared-worker-insecure-first.https.html b/testing/web-platform/tests/secure-contexts/shared-worker-insecure-first.https.html new file mode 100644 index 0000000000..00db9517d0 --- /dev/null +++ b/testing/web-platform/tests/secure-contexts/shared-worker-insecure-first.https.html @@ -0,0 +1,111 @@ +<!doctype html> +<html> + <head> + <meta charset=utf-8> + <title>Test SharedWorkerGlobalScope.isSecureContext for HTTP creator</title> + <meta name="help" href="https://w3c.github.io/webappsec-secure-contexts/#monkey-patching-global-object"> + <script src=/resources/testharness.js></script> + <script src=/resources/testharnessreport.js></script> + <script src="server-locations.sub.js"></script> + </head> + <body> + <script> + /* + * The goal of this test is to check that we do the right thing if the + * same SharedWorker is used first from an insecure context and then from + * a secure context. + * + * To do this, we first open an insecure (http) popup, which loads a + * subframe that is same-origin with us but not a secure context, since + * its parent is http, not https. Then this subframe loads a SharedWorker + * and communicates back to us whether that worker and a child dedicated + * worker it spawns think they are secure contexts. Async tests t3 and t4 + * track these two workers. + * + * After we have heard from both workers in the popup, we directly load + * the same exact subframe ourselves and see what the workers in it + * report. Async tests t1 and t2 track these two workers. + */ + var t1 = async_test("Shared worker in subframe"); + var t2 = async_test("Nested worker in shared worker in subframe"); + var t3 = async_test("Shared worker in popup"); + var t4 = async_test("Nested worker from shared worker in popup"); + + var messageCount = 0; + var popup = null; + onmessage = function(e) { + ++messageCount; + // Make sure to not close the popup until we've run the iframe part of + // the test! We need to keep those shared workers alive. + if (messageCount == 4 && popup) { + popup.close(); + } + var data = e.data; + if (data.type == "shared") { + // This is a message from our shared worker; check whether it's the + // one in the popup or in our subframe. + if (data.fromPopup) { + t3.step(function() { + assert_false(data.exception, "SharedWorker should not throw an exception."); + assert_false(data.error, "SharedWorker connection should not generate an error."); + assert_false(data.isSecureContext, "SharedWorker is not a secure context"); + }); + t3.done(); + } else { + t1.step(function() { + assert_false(data.exception, "SharedWorker should not throw an exception."); + assert_true(data.error, "SharedWorker connection should generate an error."); + }); + t1.done(); + } + } else if (data.type == "nested") { + // This is a message from our shared worker's nested dedicated worker; + // check whether it's the one in the popup or in our subframe. + if (data.fromPopup) { + t4.step(function() { + assert_false(data.exception, "SharedWorker should not throw an exception."); + assert_false(data.error, "SharedWorker connection should not generate an error."); + assert_false(data.isSecureContext); + }); + t4.done(); + } else { + t2.step(function() { + assert_false(data.exception, "SharedWorker should not throw an exception."); + assert_true(data.error, "SharedWorker connection should generate an error."); + }); + t2.done(); + } + } else { + if (popup) { + popup.close(); + } + t1.step(function() { + assert_unreached("Unknown message"); + }); + t1.done(); + t2.step(function() { + assert_unreached("Unknown message"); + }); + t2.done(); + t3.step(function() { + assert_unreached("Unknown message"); + }); + t3.done(); + t4.step(function() { + assert_unreached("Unknown message"); + }); + t4.done(); + } + + if (messageCount == 2) { + // Got both messages from our popup; time to create our child. + var ifr = document.createElement("iframe"); + ifr.src = https_dir5 + "support/https-subframe-shared.html"; + document.body.appendChild(ifr); + } + } + + popup = window.open(http_dir + "support/shared-worker-insecure-popup.html?https_dir5"); + </script> + </body> +</html> |