diff options
Diffstat (limited to '')
-rw-r--r-- | testing/web-platform/tests/shared-storage/cross-origin-create-worklet-unrevealed-failure-false-shared-storage-cross-origin-worklet-allowed.tentative.https.sub.html | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/testing/web-platform/tests/shared-storage/cross-origin-create-worklet-unrevealed-failure-false-shared-storage-cross-origin-worklet-allowed.tentative.https.sub.html b/testing/web-platform/tests/shared-storage/cross-origin-create-worklet-unrevealed-failure-false-shared-storage-cross-origin-worklet-allowed.tentative.https.sub.html new file mode 100644 index 0000000000..f1f37b0aff --- /dev/null +++ b/testing/web-platform/tests/shared-storage/cross-origin-create-worklet-unrevealed-failure-false-shared-storage-cross-origin-worklet-allowed.tentative.https.sub.html @@ -0,0 +1,32 @@ +<!doctype html> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +<script src="/common/utils.js"></script> +<script src="/shared-storage/resources/util.js"></script> +<script src="/fenced-frame/resources/utils.js"></script> + +<body> +<script> +'use strict'; + +promise_test(async t => { + const ancestor_key = token(); + const crossOrigin = 'https://{{domains[www]}}:{{ports[https][0]}}'; + const helper_url = crossOrigin + + `/shared-storage/resources/credentials-test-helper.py` + + `?access_control_allow_origin_header=${window.origin}` + + `&access_control_allow_credentials_header=true` + + `&shared_storage_cross_origin_worklet_allowed_header=?0` + + `&token=${ancestor_key}`; + + // The network error for `createWorklet()` won't be revealed to the + // cross-origin caller. + await sharedStorage.createWorklet( + helper_url + `&action=store-cookie`, + { credentials: "include" }); +}, 'createWorklet() with cross-origin module script and credentials ' + + '"include", and with the Shared-Storage-Cross-Origin-Worklet-Allowed ' + + 'response header value set to false (?0)'); + +</script> +</body> |