1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
<!DOCTYPE html>
<head>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/cookies/resources/cookie-helper.sub.js"></script>
</head>
<body onload="doTests()">
<iframe id="if">
</iframe>
<script>
function doTests() {
promise_test(async function(t) {
var value = "" + Math.random();
await resetSameSiteCookies(SECURE_ORIGIN, value);
var child = document.getElementById("if");
child.src = SECURE_ORIGIN + "/cookies/samesite/resources/iframe-subresource-report.html";
// the iframe nested inside if should post COOKIES to here.
var e = await wait_for_message("COOKIES");
// Cross-scheme iframes should be cross-site and thus the subresources
// shouldn't get Lax or Strict cookies.
assert_cookie(SECURE_ORIGIN, e.data, "samesite_lax", value, false);
assert_cookie(SECURE_ORIGIN, e.data, "samesite_strict", value, false);
assert_cookie(SECURE_ORIGIN, e.data, "samesite_none", value, true);
}, "SameSite cookies with intervening cross-scheme iframe and subresources");
}
</script>
</body>
|