summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/fenced-frame/default-enabled-features-allow-all.https.html
blob: 5d38d7a71050541d7717d0893e91857735529830 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
<!DOCTYPE html>
<title>Test default permission policy features gating (*)</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/common/utils.js"></script>
<script src="/common/dispatcher/dispatcher.js"></script>
<script src="resources/utils.js"></script>
<script src="/common/get-host-info.sub.js"></script>
<script src="resources/default-enabled-features-helper.js"></script>

<body>
<script>
promise_test(async(t) => {
  await runDefaultEnabledFeaturesTest(t, true, get_host_info().ORIGIN);
  await runDefaultEnabledFeaturesTest(t, true, get_host_info().ORIGIN,
      generator_api="sharedstorage");
}, 'Same-origin fenced frame loads when feature policies are *');

promise_test(async(t) => {
  await runDefaultEnabledFeaturesTest(t, true, get_host_info().REMOTE_ORIGIN);
  await runDefaultEnabledFeaturesTest(t, true, get_host_info().REMOTE_ORIGIN,
      generator_api="sharedstorage");
}, 'Cross-origin fenced frame loads when feature policies are *');

promise_test(async(t) => {
  // We do this test the "old fashioned way" because a redirect in a fenced
  // frame remote context will cause it to lose its ability to communicate with
  // the main page (which results in a timeout).
  const page1_key = token();
  const redirect_key = token();

  const fencedframe = attachFencedFrame(
      await generateURNFromFledge(
          "resources/default-enabled-features-navigate.https.html",
          [page1_key, redirect_key]));

  // The fenced frame will send its attribution reporting result and then
  // attempt to redirect to a remote origin page.
  const page1_resp = await nextValueFromServer(page1_key);
  assert_equals(page1_resp, "true",
      "Attribution reporting should be enabled on the original page.");

  // The fenced frame will send its attribution reporting result and then
  // attempt to redirect to a remote origin page.
  const redirect_resp = await nextValueFromServer(redirect_key);
  assert_equals(redirect_resp, "true",
      "Attribution reporting should be enabled on the redirected page.");
}, 'A fenced frame that navigates itself to a cross origin page that allows feature policies ' +
    'can still access the feature policies');

promise_test(async(t) => {
  const fencedframe = await attachFencedFrameContext({
        origin: get_host_info().REMOTE_ORIGIN});

  await fencedframe.execute(async () => {
    assert_true(
        document.featurePolicy.allowsFeature('shared-storage'),
        "Shared storage should be allowed in the fenced frame.");
    assert_true(
        document.featurePolicy.allowsFeature('private-aggregation'),
        "Private aggregation should be allowed in the fenced frame.");
    assert_false(
        document.featurePolicy.allowsFeature('attribution-reporting'),
        "Attribution reporting should be disallowed in the fenced frame.");
    assert_false(
        document.featurePolicy.allowsFeature('sync-xhr'),
        "USB access should be disallowed in the fenced frame.");
  }, []);
}, 'Cross-origin fenced frames default feature policies follow inheritance' +
   ' rules.');

</script>
</body>
</html>