summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/cookies/schemeful-same-site/schemeful-iframe-subresource.tentative.html
blob: 13397d241ade942ec2376ac99c6d4f75f11df7f3 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
<!DOCTYPE html>
<head>
  <script src="/resources/testharness.js"></script>
  <script src="/resources/testharnessreport.js"></script>
  <script src="/cookies/resources/cookie-helper.sub.js"></script>
</head>
<body onload="doTests()">
  <iframe id="if">
  </iframe>
  <script>
  function doTests() {
    promise_test(async function(t) {
      var value = "" + Math.random();
      await resetSameSiteCookies(SECURE_ORIGIN, value);
      var child = document.getElementById("if");
      child.src = SECURE_ORIGIN + "/cookies/samesite/resources/iframe-subresource-report.html";

      // the iframe nested inside if should post COOKIES to here.
      var e = await wait_for_message("COOKIES");
      // Cross-scheme iframes should be cross-site and thus the subresources
      // shouldn't get Lax or Strict cookies.
      assert_cookie(SECURE_ORIGIN, e.data, "samesite_lax", value, false);
      assert_cookie(SECURE_ORIGIN, e.data, "samesite_strict", value, false);
      assert_cookie(SECURE_ORIGIN, e.data, "samesite_none", value, true);
    }, "SameSite cookies with intervening cross-scheme iframe and subresources");
  }
  </script>
</body>