testing/web-platform/tests/cookies/third-party-cookies/resources/test-helpers.js


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86

function testHttpCookies({desc, origin, cookieNames, expectsCookie}) {
  promise_test(async () => {
    await assertHttpOriginCanAccessCookies({ origin, cookieNames, expectsCookie });
  }, getCookieTestName(expectsCookie, desc, "HTTP"));
}

async function assertHttpOriginCanAccessCookies({
  origin,
  cookieNames,
  expectsCookie,
}) {
  const resp = await credFetch(`${origin}/cookies/resources/list.py`);
  const cookies = await resp.json();
  for (const cookieName of cookieNames) {
    assert_equals(
      cookies.hasOwnProperty(cookieName), expectsCookie,
      getCookieAssertDesc(expectsCookie, cookieName));
  }
}

async function assertThirdPartyHttpCookies({ desc, origin, cookieNames, expectsCookie }) {
  // Test that these cookies are not available on cross-site subresource requests to the
  // origin that set them.
  testHttpCookies({
    desc,
    origin,
    cookieNames,
    expectsCookie,
  });

  promise_test(async () => {
    const thirdPartyHttpCookie = "3P_http"
    await credFetch(
      `${origin}/cookies/resources/set.py?${thirdPartyHttpCookie}=foobar;` +
      "Secure;Path=/;SameSite=None");
    await assertHttpOriginCanAccessCookies({
      origin,
      cookieNames: [thirdPartyHttpCookie],
      expectsCookie,
    });
  }, desc + ": Cross site window setting HTTP cookies");
}

function testDomCookies({desc, cookieNames, expectsCookie}) {
  test(() => {
    assertDomCanAccessCookie(cookieNames, expectsCookie);
  }, getCookieTestName(expectsCookie, desc, "DOM"));
}

function assertDomCanAccessCookie(cookieNames, expectsCookie) {
  for (const cookieName of cookieNames) {
    assert_equals(
      document.cookie.includes(cookieName + "="), expectsCookie,
      getCookieAssertDesc(expectsCookie, cookieName));
  }
}

function testCookieStoreCookies({desc, cookieNames, expectsCookie}) {
  if (!window.cookieStore) return;
  promise_test(async () => {
    await assertCookieStoreCanAccessCookies(cookieNames, expectsCookie);
  }, getCookieTestName(expectsCookie, desc, "CookieStore"));
}

async function assertCookieStoreCanAccessCookies(cookieNames, expectsCookie) {
  const cookies = await cookieStore.getAll({sameSite: 'none'});
  for (const cookieName of cookieNames) {
    assert_equals(
      !!cookies.find(c => c.name === cookieName), expectsCookie,
      getCookieAssertDesc(expectsCookie, cookieName));
  }
}

function getCookieTestName(expectsCookie, desc, cookieType) {
  if (expectsCookie) {
      return `${desc}: Cookies are accessible via ${cookieType}`;
  }
  return `${desc}: Cookies are not accessible via ${cookieType}`;
}

function getCookieAssertDesc(expectsCookie, cookieName) {
  if (expectsCookie) {
    return `Expected cookie ${cookieName} to be available`;
  }
  return `Expected cookie ${cookieName} to not be available`;
}