testing/web-platform/tests/cookies/samesite/about-blank-toplevel.https.html


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30

<!DOCTYPE html>
<head>
  <script src="/resources/testharness.js"></script>
  <script src="/resources/testharnessreport.js"></script>
  <script src="/cookies/resources/cookie-helper.sub.js"></script>
</head>
<body onload="doTests()">
  <script>
  function doTests() {
    promise_test(async function(t) {
      var child = window.open("");
      child.onmessage = (ev) => {
        child.opener.postMessage(ev.data, '*');
      };
      var grandKid = child.document.createElement("iframe");
      child.document.body.appendChild(grandKid);
      var value = "" + Math.random();
      await resetSameSiteCookies(SECURE_ORIGIN, value);

      // Using postToParent.py here to see cookies used when navigating the page.
      grandKid.src = SECURE_ORIGIN + "/cookies/resources/postToParent.py"
      var e = await wait_for_message("COOKIES", SECURE_ORIGIN);
      assert_cookie(SECURE_ORIGIN, e.data, "samesite_unspecified", value, true);
      assert_cookie(SECURE_ORIGIN, e.data, "samesite_lax", value, true);
      assert_cookie(SECURE_ORIGIN, e.data, "samesite_strict", value, true);
      assert_cookie(SECURE_ORIGIN, e.data, "samesite_none", value, true);
    }, "SameSite cookies with top-level about:blank window");
  }
  </script>
</body>