diff options
Diffstat (limited to 'testing/web-platform/tests/shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-origin.tentative.https.sub.html')
-rw-r--r-- | testing/web-platform/tests/shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-origin.tentative.https.sub.html | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/testing/web-platform/tests/shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-origin.tentative.https.sub.html b/testing/web-platform/tests/shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-origin.tentative.https.sub.html new file mode 100644 index 0000000000..4195d09fc0 --- /dev/null +++ b/testing/web-platform/tests/shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-origin.tentative.https.sub.html @@ -0,0 +1,28 @@ +<!doctype html> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +<script src="/common/utils.js"></script> +<script src="/shared-storage/resources/util.js"></script> +<script src="/fenced-frame/resources/utils.js"></script> + +<body> +<script> +'use strict'; + +promise_test(async t => { + const ancestor_key = token(); + const crossOrigin = 'https://{{domains[www]}}:{{ports[https][0]}}'; + const helper_url = crossOrigin + + `/shared-storage/resources/credentials-test-helper.py` + + `&access_control_allow_credentials_header=true` + + `&token=${ancestor_key}`; + + return promise_rejects_dom(t, "OperationError", + sharedStorage.createWorklet( + helper_url + `&action=store-cookie`, + { credentials: "include" })); +}, 'createWorklet() with cross-origin module script and credentials ' + + '"include", and without the Access-Control-Allow-Origin response header'); + +</script> +</body> |