summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/storage-access-api
diff options
context:
space:
mode:
Diffstat (limited to 'testing/web-platform/tests/storage-access-api')
-rw-r--r--testing/web-platform/tests/storage-access-api/requestStorageAccess-dedicated-worker.tentative.sub.https.window.js8
-rw-r--r--testing/web-platform/tests/storage-access-api/resources/bless_cross_site_permissions.html17
-rw-r--r--testing/web-platform/tests/storage-access-api/resources/embedded_responder.js2
-rw-r--r--testing/web-platform/tests/storage-access-api/resources/embedded_worker.js17
-rw-r--r--testing/web-platform/tests/storage-access-api/resources/embedded_worker.py31
-rw-r--r--testing/web-platform/tests/storage-access-api/resources/get_cookies.py10
-rw-r--r--testing/web-platform/tests/storage-access-api/resources/set_cookies.py10
-rw-r--r--testing/web-platform/tests/storage-access-api/resources/shared-worker-cookies.py37
-rw-r--r--testing/web-platform/tests/storage-access-api/resources/shared-worker-relay.js10
-rw-r--r--testing/web-platform/tests/storage-access-api/resources/storage-access-beyond-cookies-iframe-iframe.html46
-rw-r--r--testing/web-platform/tests/storage-access-api/resources/storage-access-beyond-cookies-iframe.sub.html34
-rw-r--r--testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.BroadcastChannel.tentative.sub.https.window.js5
-rw-r--r--testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.SharedWorker.tentative.sub.https.window.js48
-rw-r--r--testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.blobStorage.tentative.sub.https.window.js5
-rw-r--r--testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.caches.tentative.sub.https.window.js5
-rw-r--r--testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.cookies.tentative.sub.https.window.js5
-rw-r--r--testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.estimate.tentative.sub.https.window.js5
-rw-r--r--testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.getDirectory.tentative.sub.https.window.js5
-rw-r--r--testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.indexedDB.tentative.sub.https.window.js5
-rw-r--r--testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.localStorage.tentative.sub.https.window.js5
-rw-r--r--testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.locks.tentative.sub.https.window.js5
-rw-r--r--testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.none.tentative.sub.https.window.js5
-rw-r--r--testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.sessionStorage.tentative.sub.https.window.js5
23 files changed, 273 insertions, 52 deletions
diff --git a/testing/web-platform/tests/storage-access-api/requestStorageAccess-dedicated-worker.tentative.sub.https.window.js b/testing/web-platform/tests/storage-access-api/requestStorageAccess-dedicated-worker.tentative.sub.https.window.js
index f2d766575d..6c3d616e26 100644
--- a/testing/web-platform/tests/storage-access-api/requestStorageAccess-dedicated-worker.tentative.sub.https.window.js
+++ b/testing/web-platform/tests/storage-access-api/requestStorageAccess-dedicated-worker.tentative.sub.https.window.js
@@ -38,6 +38,9 @@
await StartDedicatedWorker(frame);
assert_true(cookieStringHasCookie("cookie", "unpartitioned",
+ await MessageWorker(frame, {command: "load"})),
+ "Worker's load was credentialed.");
+ assert_true(cookieStringHasCookie("cookie", "unpartitioned",
await MessageWorker(frame, {command: "fetch", url: altRootEchoCookies})),
"Worker's fetch is credentialed.");
}, "Workers inherit storage access");
@@ -47,9 +50,14 @@
await SetFirstPartyCookieAndUnsetStorageAccessPermission(altRoot);
const frame = await SetUpResponderFrame(t, altRootResponder);
+ assert_false(await FrameHasStorageAccess(frame), "frame lacks storage access before request.");
+ assert_false(await HasUnpartitionedCookie(frame), "frame lacks access to cookies before request.");
await StartDedicatedWorker(frame);
assert_false(cookieStringHasCookie("cookie", "unpartitioned",
+ await MessageWorker(frame, {command: "load"})),
+ "Worker's load was uncredentialed.");
+ assert_false(cookieStringHasCookie("cookie", "unpartitioned",
await MessageWorker(frame, {command: "fetch", url: altRootEchoCookies})),
"Worker's first fetch is uncredentialed.");
diff --git a/testing/web-platform/tests/storage-access-api/resources/bless_cross_site_permissions.html b/testing/web-platform/tests/storage-access-api/resources/bless_cross_site_permissions.html
new file mode 100644
index 0000000000..c3c5b6c0b0
--- /dev/null
+++ b/testing/web-platform/tests/storage-access-api/resources/bless_cross_site_permissions.html
@@ -0,0 +1,17 @@
+<!doctype html>
+<meta charset="utf-8">
+<script src="/resources/testdriver.js"></script>
+<script src="/resources/testdriver-vendor.js"></script>
+<body>
+<script>
+// In order to enable `requestStorageAccess` in a third-party context for some
+// origin we must first act in a window where that same origin is the top-frame
+// due to the following requirements:
+// (1) The origin must be `bless`ed when it's in the top-frame
+// (2) `set_permission` always operates on the top-frame origin
+test_driver.set_test_context(window.opener.top);
+test_driver.bless("fake interaction", () => {}, window);
+test_driver.set_permission({ name: 'storage-access' }, 'granted');
+window.opener.postMessage("blessed", "*");
+</script>
+</body>
diff --git a/testing/web-platform/tests/storage-access-api/resources/embedded_responder.js b/testing/web-platform/tests/storage-access-api/resources/embedded_responder.js
index bc13c7e7e8..228a262f16 100644
--- a/testing/web-platform/tests/storage-access-api/resources/embedded_responder.js
+++ b/testing/web-platform/tests/storage-access-api/resources/embedded_responder.js
@@ -79,7 +79,7 @@ window.addEventListener("message", async (event) => {
reply(await fetch(event.data.url, {mode: 'no-cors', credentials: 'include'}).then((resp) => resp.text()));
break;
case "start_dedicated_worker":
- worker = new Worker("embedded_worker.js");
+ worker = new Worker("embedded_worker.py");
reply(undefined);
break;
case "message_worker": {
diff --git a/testing/web-platform/tests/storage-access-api/resources/embedded_worker.js b/testing/web-platform/tests/storage-access-api/resources/embedded_worker.js
deleted file mode 100644
index f3a0fb257a..0000000000
--- a/testing/web-platform/tests/storage-access-api/resources/embedded_worker.js
+++ /dev/null
@@ -1,17 +0,0 @@
-"use strict";
-
-self.onmessage = async (message) => {
- function reply(data) {
- self.postMessage({data});
- }
-
- switch (message.data.command) {
- case "fetch": {
- const response = await fetch(message.data.url, {mode: 'cors', credentials: 'include'})
- .then((resp) => resp.text());
- reply(response);
- break;
- }
- default:
- }
-};
diff --git a/testing/web-platform/tests/storage-access-api/resources/embedded_worker.py b/testing/web-platform/tests/storage-access-api/resources/embedded_worker.py
new file mode 100644
index 0000000000..0aa457657f
--- /dev/null
+++ b/testing/web-platform/tests/storage-access-api/resources/embedded_worker.py
@@ -0,0 +1,31 @@
+from cookies.resources.helpers import setNoCacheAndCORSHeaders
+
+# This worker messages how many connections have been made and checks what cookies are available.
+def main(request, response):
+ headers = setNoCacheAndCORSHeaders(request, response)
+ headers[0] = (b"Content-Type", b"text/javascript")
+ cookie_header = request.headers.get(b"Cookie", b"")
+ document = b"""
+"use strict";
+
+self.onmessage = async (message) => {
+ function reply(data) {
+ self.postMessage({data});
+ }
+
+ switch (message.data.command) {
+ case "fetch": {
+ const response = await fetch(message.data.url, {mode: 'cors', credentials: 'include'})
+ .then((resp) => resp.text());
+ reply(response);
+ break;
+ }
+ case "load": {
+ reply(\"""" + cookie_header + b"""");
+ break;
+ }
+ default:
+ }
+};
+"""
+ return headers, document
diff --git a/testing/web-platform/tests/storage-access-api/resources/get_cookies.py b/testing/web-platform/tests/storage-access-api/resources/get_cookies.py
new file mode 100644
index 0000000000..07e8c2dae3
--- /dev/null
+++ b/testing/web-platform/tests/storage-access-api/resources/get_cookies.py
@@ -0,0 +1,10 @@
+import json
+from cookies.resources.helpers import makeCookieHeader, readCookies, setNoCacheAndCORSHeaders
+
+from wptserve.utils import isomorphic_decode
+
+def main(request, response):
+ headers = setNoCacheAndCORSHeaders(request, response)
+ cookies = readCookies(request)
+ decoded_cookies = {isomorphic_decode(key): isomorphic_decode(val) for key, val in cookies.items()}
+ return headers, json.dumps(decoded_cookies) \ No newline at end of file
diff --git a/testing/web-platform/tests/storage-access-api/resources/set_cookies.py b/testing/web-platform/tests/storage-access-api/resources/set_cookies.py
new file mode 100644
index 0000000000..fe182dd00c
--- /dev/null
+++ b/testing/web-platform/tests/storage-access-api/resources/set_cookies.py
@@ -0,0 +1,10 @@
+from cookies.resources.helpers import makeCookieHeader, setNoCacheAndCORSHeaders
+
+def main(request, response):
+ headers = setNoCacheAndCORSHeaders(request, response)
+ headers[0] = (b"Content-Type", b"text/html; charset=utf-8")
+ headers.append(makeCookieHeader(b"samesite_strict", b"test", {b"SameSite":b"Strict", b"path":b"/", b"Secure":b""}))
+ headers.append(makeCookieHeader(b"samesite_lax", b"test", {b"SameSite":b"Lax", b"path":b"/", b"Secure":b""}))
+ headers.append(makeCookieHeader(b"samesite_none", b"test", {b"SameSite":b"None", b"path":b"/", b"Secure":b""}))
+ document = b"<!DOCTYPE html>"
+ return headers, document
diff --git a/testing/web-platform/tests/storage-access-api/resources/shared-worker-cookies.py b/testing/web-platform/tests/storage-access-api/resources/shared-worker-cookies.py
new file mode 100644
index 0000000000..9307c4112c
--- /dev/null
+++ b/testing/web-platform/tests/storage-access-api/resources/shared-worker-cookies.py
@@ -0,0 +1,37 @@
+from cookies.resources.helpers import makeCookieHeader, readCookies, setNoCacheAndCORSHeaders
+
+# This worker messages how many connections have been made and checks what cookies are available.
+def main(request, response):
+ headers = setNoCacheAndCORSHeaders(request, response)
+ headers[0] = (b"Content-Type", b"text/javascript")
+ cookies = readCookies(request)
+ message = b"ReadOnLoad:"
+ if b"samesite_strict" in cookies:
+ message += b"Strict"
+ if b"samesite_lax" in cookies:
+ message += b"Lax"
+ if b"samesite_none" in cookies:
+ message += b"None"
+ document = b"""
+let connection_count = 0;
+self.onconnect = (e) => {
+ connection_count++;
+ fetch("/storage-access-api/resources/get_cookies.py", {credentials: 'include'}).then((resp) => {
+ resp.json().then((cookies) => {
+ let message = \"""" + message + b""",ReadOnFetch:";
+ if (cookies.hasOwnProperty("samesite_strict")) {
+ message += "Strict";
+ }
+ if (cookies.hasOwnProperty("samesite_lax")) {
+ message += "Lax";
+ }
+ if (cookies.hasOwnProperty("samesite_none")) {
+ message += "None";
+ }
+ message += ",ConnectionsMade:" + connection_count;
+ e.ports[0].postMessage(message);
+ });
+ });
+}
+"""
+ return headers, document \ No newline at end of file
diff --git a/testing/web-platform/tests/storage-access-api/resources/shared-worker-relay.js b/testing/web-platform/tests/storage-access-api/resources/shared-worker-relay.js
new file mode 100644
index 0000000000..c94acefec9
--- /dev/null
+++ b/testing/web-platform/tests/storage-access-api/resources/shared-worker-relay.js
@@ -0,0 +1,10 @@
+// This worker relays any messages received to the first connection.
+let port;
+self.onconnect = (e) => {
+ if (port == undefined) {
+ port = e.ports[0];
+ }
+ e.ports[0].onmessage = (e) => {
+ port.postMessage(e.data);
+ }
+}
diff --git a/testing/web-platform/tests/storage-access-api/resources/storage-access-beyond-cookies-iframe-iframe.html b/testing/web-platform/tests/storage-access-api/resources/storage-access-beyond-cookies-iframe-iframe.html
index ffb419f799..2d5e22fa71 100644
--- a/testing/web-platform/tests/storage-access-api/resources/storage-access-beyond-cookies-iframe-iframe.html
+++ b/testing/web-platform/tests/storage-access-api/resources/storage-access-beyond-cookies-iframe-iframe.html
@@ -17,7 +17,7 @@
case "none": {
let couldRequestStorageAccessForNone = true;
try {
- await document.requestStorageAccess({});
+ await test_driver.bless("fake user interaction", () => document.requestStorageAccess({}));
} catch (_) {
couldRequestStorageAccessForNone = false;
}
@@ -26,7 +26,7 @@
}
let couldRequestStorageAccessForAllFalse = true;
try {
- await document.requestStorageAccess({all:false});
+ await test_driver.bless("fake user interaction", () => document.requestStorageAccess({all:false}));
} catch (_) {
couldRequestStorageAccessForAllFalse = false;
}
@@ -44,7 +44,7 @@
if (hasUnpartitionedCookieAccess || document.cookie.includes("test="+id)) {
message = "First-party cookies should not be readable before handle is loaded.";
}
- await document.requestStorageAccess({cookies: true});
+ await test_driver.bless("fake user interaction", () => document.requestStorageAccess({cookies: true}));
hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess();
if (!hasUnpartitionedCookieAccess || !document.cookie.includes("test="+id)) {
message = "First-party cookies should be readable if cookies were requested.";
@@ -52,7 +52,7 @@
break;
}
case "sessionStorage": {
- const handle = await document.requestStorageAccess({sessionStorage: true});
+ const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({sessionStorage: true}));
let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess();
if (hasUnpartitionedCookieAccess) {
message = "First-party cookies should not be readable if not requested.";
@@ -77,7 +77,7 @@
break;
}
case "localStorage": {
- const handle = await document.requestStorageAccess({localStorage: true});
+ const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({localStorage: true}));
let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess();
if (hasUnpartitionedCookieAccess) {
message = "First-party cookies should not be readable if not requested.";
@@ -102,7 +102,7 @@
break;
}
case "indexedDB": {
- const handle = await document.requestStorageAccess({indexedDB: true});
+ const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({indexedDB: true}));
let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess();
if (hasUnpartitionedCookieAccess) {
message = "First-party cookies should not be readable if not requested.";
@@ -119,7 +119,7 @@
break;
}
case "locks": {
- const handle = await document.requestStorageAccess({locks: true});
+ const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({locks: true}));
let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess();
if (hasUnpartitionedCookieAccess) {
message = "First-party cookies should not be readable if not requested.";
@@ -136,7 +136,7 @@
break;
}
case "caches": {
- const handle = await document.requestStorageAccess({caches: true});
+ const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({caches: true}));
let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess();
if (hasUnpartitionedCookieAccess) {
message = "First-party cookies should not be readable if not requested.";
@@ -153,7 +153,7 @@
break;
}
case "getDirectory": {
- const handle = await document.requestStorageAccess({getDirectory: true});
+ const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({getDirectory: true}));
let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess();
if (hasUnpartitionedCookieAccess) {
message = "First-party cookies should not be readable if not requested.";
@@ -172,7 +172,7 @@
break;
}
case "estimate": {
- const handle = await document.requestStorageAccess({estimate: true});
+ const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({estimate: true}));
let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess();
if (hasUnpartitionedCookieAccess) {
message = "First-party cookies should not be readable if not requested.";
@@ -188,7 +188,7 @@
break;
}
case "blobStorage": {
- const handle = await document.requestStorageAccess({createObjectURL: true, revokeObjectURL: true});
+ const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({createObjectURL: true, revokeObjectURL: true}));
let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess();
if (hasUnpartitionedCookieAccess) {
message = "First-party cookies should not be readable if not requested.";
@@ -230,7 +230,7 @@
break;
}
case "BroadcastChannel": {
- const handle = await document.requestStorageAccess({BroadcastChannel: true});
+ const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({BroadcastChannel: true}));
let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess();
if (hasUnpartitionedCookieAccess) {
message = "First-party cookies should not be readable if not requested.";
@@ -243,6 +243,26 @@
local_channel.close();
break;
}
+ case "SharedWorker": {
+ const local_shared_worker = new SharedWorker("/storage-access-api/resources/shared-worker-relay.js", id);
+ local_shared_worker.port.start();
+ local_shared_worker.port.postMessage("Same-origin local access");
+ const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({SharedWorker: true}));
+ let couldRequestAllCookies = true;
+ try {
+ handle.SharedWorker("/storage-access-api/resources/shared-worker-relay.js", {name: id, sameSiteCookies: 'all'});
+ } catch (_) {
+ couldRequestAllCookies = false;
+ }
+ if (couldRequestAllCookies) {
+ message = "Shared Workers in a third-party context should not be able to request SameSite cookies.";
+ }
+ handle.SharedWorker("/storage-access-api/resources/shared-worker-cookies.py", id).port.start();
+ const handle_shared_worker = handle.SharedWorker("/storage-access-api/resources/shared-worker-relay.js", {name: id, sameSiteCookies: 'none'});
+ handle_shared_worker.port.start();
+ handle_shared_worker.port.postMessage("Same-origin handle access");
+ break;
+ }
default: {
message = "Unexpected type " + type;
break;
@@ -254,6 +274,6 @@
// Step 7 (storage-access-api/storage-access-beyond-cookies.{}.tentative.sub.https.html)
await MaybeSetStorageAccess("*", "*", "allowed");
await test_driver.set_permission({ name: 'storage-access' }, 'prompt');
- window.top.postMessage(message, "*");
+ window.top.postMessage({type: "result", message: message}, "*");
})();
</script>
diff --git a/testing/web-platform/tests/storage-access-api/resources/storage-access-beyond-cookies-iframe.sub.html b/testing/web-platform/tests/storage-access-api/resources/storage-access-beyond-cookies-iframe.sub.html
index 8c30973416..a9247a0002 100644
--- a/testing/web-platform/tests/storage-access-api/resources/storage-access-beyond-cookies-iframe.sub.html
+++ b/testing/web-platform/tests/storage-access-api/resources/storage-access-beyond-cookies-iframe.sub.html
@@ -5,7 +5,10 @@
<script src="/storage-access-api/helpers.js"></script>
<body>
<script>
-(async function() {
+window.addEventListener("message", async (e) => {
+ if (e.data != "blessed") {
+ return;
+ }
test_driver.set_test_context(window.top);
const type = (new URLSearchParams(window.location.search)).get("type");
const id = (new URLSearchParams(window.location.search)).get("id");
@@ -14,14 +17,18 @@
try {
await MaybeSetStorageAccess("*", "*", "blocked");
await test_driver.set_permission({ name: 'storage-access' }, 'granted');
- let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess();
- if (hasUnpartitionedCookieAccess) {
- message = "First-party cookies should not be readable before handle is loaded.";
+ if (type == "cookies") {
+ let hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess();
+ if (hasUnpartitionedCookieAccess) {
+ message = "First-party cookies should not be readable before handle is loaded.";
+ }
}
- const handle = await document.requestStorageAccess({all: true});
- hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess();
- if (!hasUnpartitionedCookieAccess) {
- message = "First-party cookies should be readable after handle is loaded.";
+ const handle = await test_driver.bless("fake user interaction", () => document.requestStorageAccess({all: true}));
+ if (type == "cookies") {
+ hasUnpartitionedCookieAccess = await document.hasUnpartitionedCookieAccess();
+ if (!hasUnpartitionedCookieAccess) {
+ message = "First-party cookies should be readable after handle is loaded.";
+ }
}
switch (type) {
case "none": {
@@ -108,6 +115,12 @@
channel.close();
break;
}
+ case "SharedWorker": {
+ const shared_worker = handle.SharedWorker("/storage-access-api/resources/shared-worker-relay.js", id);
+ shared_worker.port.start();
+ shared_worker.port.postMessage("Cross-origin handle access");
+ break;
+ }
default: {
message = "Unexpected type " + type;
break;
@@ -119,13 +132,14 @@
await MaybeSetStorageAccess("*", "*", "allowed");
await test_driver.set_permission({ name: 'storage-access' }, 'prompt');
if (message) {
- window.top.postMessage(message, "*");
+ window.top.postMessage({type: "result", message: message}, "*");
return;
}
// Step 5 (storage-access-api/storage-access-beyond-cookies.{}.tentative.sub.https.html)
let iframe = document.createElement("iframe");
iframe.src = "https://{{hosts[][]}}:{{ports[https][0]}}/storage-access-api/resources/storage-access-beyond-cookies-iframe-iframe.html?type=" + type + "&id=" + id;
document.body.appendChild(iframe);
-})();
+});
+window.open("https://{{hosts[alt][]}}:{{ports[https][0]}}/storage-access-api/resources/bless_cross_site_permissions.html");
</script>
</body>
diff --git a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.BroadcastChannel.tentative.sub.https.window.js b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.BroadcastChannel.tentative.sub.https.window.js
index d709cdcd10..feb268b4b8 100644
--- a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.BroadcastChannel.tentative.sub.https.window.js
+++ b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.BroadcastChannel.tentative.sub.https.window.js
@@ -17,8 +17,11 @@ async_test(t => {
let broadcasts = [];
// Step 1
window.addEventListener("message", t.step_func(e => {
+ if (e.data.type != "result") {
+ return;
+ }
// Step 8
- assert_equals(e.data, "HasAccess for BroadcastChannel", "Storage Access API should be accessible and return first-party data");
+ assert_equals(e.data.message, "HasAccess for BroadcastChannel", "Storage Access API should be accessible and return first-party data");
assert_array_equals(broadcasts, ["Same-origin handle access"], "Should have only seen same-origin handle broadcasts");
t.done();
}));
diff --git a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.SharedWorker.tentative.sub.https.window.js b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.SharedWorker.tentative.sub.https.window.js
new file mode 100644
index 0000000000..ed4f25517f
--- /dev/null
+++ b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.SharedWorker.tentative.sub.https.window.js
@@ -0,0 +1,48 @@
+// META: script=/resources/testdriver.js
+// META: script=/resources/testdriver-vendor.js
+
+'use strict';
+
+// Here's the set-up for this test:
+// Step 1 (top-frame) Set up fallback failure listener for if the handle cannot be used.
+// Step 2 (top-frame) Set up relay worker to expect "Same-origin handle access".
+// Step 3 (top-frame) Set cookies and embed an iframe that's cross-site with top-frame.
+// Step 4 (sub-frame) Try to use storage access API to access shared worker.
+// Step 5 (sub-frame) Embed an iframe that's same-origin with top-frame.
+// Step 6 (sub-sub-frame) Try to use storage access API to access first-party shared worker.
+// Step 7 (sub-sub-frame) Send "HasAccess for SharedWorker" message to top-frame.
+// Step 8 (top-frame) Set up cookie worker to expect it's already opened.
+// TODO(crbug.com/1484966): Verify access to cookies in shared workers.
+
+async_test(t => {
+ // Step 1
+ window.addEventListener("message", t.step_func(e => {
+ if (e.data.type != "result") {
+ return;
+ }
+ assert_equals(e.data.message, "HasAccess for SharedWorker", "Storage Access API should be accessible and return first-party data");
+ }));
+
+ // Step 2
+ const id = Date.now();
+ const relay_worker = new SharedWorker("/storage-access-api/resources/shared-worker-relay.js", {name: id, sameSiteCookies: 'none'});
+ relay_worker.port.onmessage = t.step_func(e => {
+ assert_equals(e.data, "Same-origin handle access", "Relay worker should divert messages here");
+ // Step 8
+ const cookie_worker = new SharedWorker("/storage-access-api/resources/shared-worker-cookies.py", {name: id, sameSiteCookies: 'none'});
+ cookie_worker.port.onmessage = t.step_func(e => {
+ assert_equals(e.data, "ReadOnLoad:None,ReadOnFetch:None,ConnectionsMade:2", "Worker should already have been opened and only see SameSite=None cookies");
+ test_driver.delete_all_cookies().then(t.step_func(() => {
+ t.done();
+ }));
+ });
+ });
+
+ // Step 3
+ const cookie_set_window = window.open("/storage-access-api/resources/set_cookies.py");
+ cookie_set_window.onload = t.step_func(_ => {
+ let iframe = document.createElement("iframe");
+ iframe.src = "https://{{hosts[alt][]}}:{{ports[https][0]}}/storage-access-api/resources/storage-access-beyond-cookies-iframe.sub.html?type=SharedWorker&id="+id;
+ document.body.appendChild(iframe);
+ });
+}, "Verify StorageAccessAPIBeyondCookies for Shared Worker");
diff --git a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.blobStorage.tentative.sub.https.window.js b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.blobStorage.tentative.sub.https.window.js
index 6ef0bd08d4..cc2785b6fa 100644
--- a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.blobStorage.tentative.sub.https.window.js
+++ b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.blobStorage.tentative.sub.https.window.js
@@ -16,8 +16,11 @@
async_test(t => {
// Step 1
window.addEventListener("message", t.step_func(e => {
+ if (e.data.type != "result") {
+ return;
+ }
// Step 8
- assert_equals(e.data, "HasAccess for blobStorage", "Storage Access API should be accessible and return first-party data");
+ assert_equals(e.data.message, "HasAccess for blobStorage", "Storage Access API should be accessible and return first-party data");
t.done();
}));
diff --git a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.caches.tentative.sub.https.window.js b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.caches.tentative.sub.https.window.js
index dda1e54565..7907084e63 100644
--- a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.caches.tentative.sub.https.window.js
+++ b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.caches.tentative.sub.https.window.js
@@ -16,8 +16,11 @@
async_test(t => {
// Step 1
window.addEventListener("message", t.step_func(e => {
+ if (e.data.type != "result") {
+ return;
+ }
// Step 8
- assert_equals(e.data, "HasAccess for caches", "Storage Access API should be accessible and return first-party data");
+ assert_equals(e.data.message, "HasAccess for caches", "Storage Access API should be accessible and return first-party data");
t.done();
}));
diff --git a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.cookies.tentative.sub.https.window.js b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.cookies.tentative.sub.https.window.js
index c352ab2935..1ff00fa919 100644
--- a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.cookies.tentative.sub.https.window.js
+++ b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.cookies.tentative.sub.https.window.js
@@ -16,8 +16,11 @@
async_test(t => {
// Step 1
window.addEventListener("message", t.step_func(e => {
+ if (e.data.type != "result") {
+ return;
+ }
// Step 8
- assert_equals(e.data, "HasAccess for cookies", "Storage Access API should be accessible and return first-party data");
+ assert_equals(e.data.message, "HasAccess for cookies", "Storage Access API should be accessible and return first-party data");
test_driver.delete_all_cookies().then(t.step_func(() => {
t.done();
}));
diff --git a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.estimate.tentative.sub.https.window.js b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.estimate.tentative.sub.https.window.js
index 2e9f6eed12..fb15dfee09 100644
--- a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.estimate.tentative.sub.https.window.js
+++ b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.estimate.tentative.sub.https.window.js
@@ -18,8 +18,11 @@ async_test(t => {
// Step 1
window.addEventListener("message", t.step_func(e => {
+ if (e.data.type != "result") {
+ return;
+ }
// Step 8
- assert_equals(e.data, "HasAccess for estimate", "Storage Access API should be accessible and return first-party data");
+ assert_equals(e.data.message, "HasAccess for estimate", "Storage Access API should be accessible and return first-party data");
caches.delete(id).then(() => {
t.done();
});
diff --git a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.getDirectory.tentative.sub.https.window.js b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.getDirectory.tentative.sub.https.window.js
index 5038afc969..b3b8f7e8e2 100644
--- a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.getDirectory.tentative.sub.https.window.js
+++ b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.getDirectory.tentative.sub.https.window.js
@@ -16,8 +16,11 @@
async_test(t => {
// Step 1
window.addEventListener("message", t.step_func(e => {
+ if (e.data.type != "result") {
+ return;
+ }
// Step 8
- assert_equals(e.data, "HasAccess for getDirectory", "Storage Access API should be accessible and return first-party data");
+ assert_equals(e.data.message, "HasAccess for getDirectory", "Storage Access API should be accessible and return first-party data");
t.done();
}));
diff --git a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.indexedDB.tentative.sub.https.window.js b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.indexedDB.tentative.sub.https.window.js
index 18c4317bbe..8e9420da0d 100644
--- a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.indexedDB.tentative.sub.https.window.js
+++ b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.indexedDB.tentative.sub.https.window.js
@@ -16,8 +16,11 @@
async_test(t => {
// Step 1
window.addEventListener("message", t.step_func(e => {
+ if (e.data.type != "result") {
+ return;
+ }
// Step 8
- assert_equals(e.data, "HasAccess for indexedDB", "Storage Access API should be accessible and return first-party data");
+ assert_equals(e.data.message, "HasAccess for indexedDB", "Storage Access API should be accessible and return first-party data");
t.done();
}));
diff --git a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.localStorage.tentative.sub.https.window.js b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.localStorage.tentative.sub.https.window.js
index 6243cb1fa8..8002131779 100644
--- a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.localStorage.tentative.sub.https.window.js
+++ b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.localStorage.tentative.sub.https.window.js
@@ -16,7 +16,10 @@
async_test(t => {
// Step 1
window.addEventListener("message", t.step_func(e => {
- assert_equals(e.data, "HasAccess for localStorage", "Storage Access API should be accessible and return first-party data");
+ if (e.data.type != "result") {
+ return;
+ }
+ assert_equals(e.data.message, "HasAccess for localStorage", "Storage Access API should be accessible and return first-party data");
window.localStorage.setItem("window_event", id);
}));
diff --git a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.locks.tentative.sub.https.window.js b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.locks.tentative.sub.https.window.js
index 83aa28c018..ed7d6ea484 100644
--- a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.locks.tentative.sub.https.window.js
+++ b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.locks.tentative.sub.https.window.js
@@ -16,8 +16,11 @@
async_test(t => {
// Step 1
window.addEventListener("message", t.step_func(e => {
+ if (e.data.type != "result") {
+ return;
+ }
// Step 8
- assert_equals(e.data, "HasAccess for locks", "Storage Access API should be accessible and return first-party data");
+ assert_equals(e.data.message, "HasAccess for locks", "Storage Access API should be accessible and return first-party data");
t.done();
}));
diff --git a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.none.tentative.sub.https.window.js b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.none.tentative.sub.https.window.js
index 3715fdf39e..ba5ea3279d 100644
--- a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.none.tentative.sub.https.window.js
+++ b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.none.tentative.sub.https.window.js
@@ -17,7 +17,10 @@ async_test(t => {
// Step 1
window.addEventListener("message", t.step_func(e => {
// Step 8
- assert_equals(e.data, "HasAccess for none", "Storage Access API should not allow access for empty requests.");
+ if (e.data.type != "result") {
+ return;
+ }
+ assert_equals(e.data.message, "HasAccess for none", "Storage Access API should not allow access for empty requests.");
t.done();
}));
diff --git a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.sessionStorage.tentative.sub.https.window.js b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.sessionStorage.tentative.sub.https.window.js
index 1b12f133b2..93b243f6c1 100644
--- a/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.sessionStorage.tentative.sub.https.window.js
+++ b/testing/web-platform/tests/storage-access-api/storage-access-beyond-cookies.sessionStorage.tentative.sub.https.window.js
@@ -16,7 +16,10 @@
async_test(t => {
// Step 1
window.addEventListener("message", t.step_func(e => {
- assert_equals(e.data, "HasAccess for sessionStorage", "Storage Access API should be accessible and return first-party data");
+ if (e.data.type != "result") {
+ return;
+ }
+ assert_equals(e.data.message, "HasAccess for sessionStorage", "Storage Access API should be accessible and return first-party data");
window.sessionStorage.setItem("window_event", id);
}));