// META: script=/common/get-host-info.sub.js
// META: script=/common/utils.js
// META: script=/common/dispatcher/dispatcher.js
// META: script=/html/cross-origin-embedder-policy/credentialless/resources/common.js
// META: script=./resources/common.js

setup(() => {
  assert_implements(document.hasStorageAccess,
    "requestStorageAccess is not supported.");
})

const hasStorageAccess = (iframe) => {
  const reply = token();
  send(iframe, `
    send("${reply}", await document.hasStorageAccess());
  `);
  return receive(reply);
}

promise_test(async test => {
  const same_origin = window.origin;
  const iframe = newIframeCredentialless(same_origin);
  assert_equals(await hasStorageAccess(iframe), "false");
}, "Same-origin credentialless iframe can't request storage access");

promise_test(async test => {
  const cross_origin = get_host_info().HTTPS_REMOTE_ORIGIN;
  const iframe = newIframeCredentialless(cross_origin);
  assert_equals(await hasStorageAccess(iframe), "false");
}, "Cross-origin credentialless iframe can't request storage access");