1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
|
<!DOCTYPE html>
<meta charset="utf-8"/>
<meta name="timeout" content="long">
<title>Test third-party cookies</title>
<title>Test partitioned cookies</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/common/get-host-info.sub.js"></script>
<script src="/cookies/resources/cookie-helper.sub.js"></script>
<script src="/cookies/third-party-cookies/resources/test-helpers.js"></script>
<body>
<script>
document.body.onload = async () => {
// Set SameSite=None cookie in a 1P context using HTTP.
const attributes = "Secure;Path=/;SameSite=None";
const httpCookieName = "1P_http";
await credFetch(
`${self.origin}/cookies/resources/set.py?${httpCookieName}=foobar;${
attributes}`);
// Set another cookie using document.cookie.
const domCookieName = "1P_dom";
document.cookie = `${domCookieName}=foobar;${attributes}`;
const cookieNames = [httpCookieName, domCookieName];
// Set another cookie using the CookieStore API, if supported.
if (window.cookieStore) {
const cookieStoreCookieName = "1P_cs";
await cookieStore.set({
name: cookieStoreCookieName,
value: "foobar",
path: "/",
sameSite: "none",
});
cookieNames.push(cookieStoreCookieName);
}
// Test that the cookie is available in a first-party context via HTTP.
testHttpCookies({
desc: "1P window",
origin: self.origin,
cookieNames,
expectsCookie: true,
});
// // Verify that the cookies are available to the DOM as well.
testDomCookies({
desc: "1P window",
cookieNames,
expectsCookie: true,
});
testCookieStoreCookies({
desc: "1P window",
cookieNames,
expectsCookie: true,
});
// Open a cross-site window which will embed the current origin in a
// third-party context.
const crossSiteUrl = new URL(
`./resources/third-party-cookies-cross-site-embedder.html?origin=${
encodeURIComponent(self.origin)}`,
get_host_info().HTTPS_NOTSAMESITE_ORIGIN + self.location.pathname);
const popup = window.open(crossSiteUrl);
fetch_tests_from_window(popup);
};
</script>
</body>
|