blob: b7fbcd84eb020dc30510ed779c18e80d0453b895 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
// META: script=/common/get-host-info.sub.js
// META: script=/common/utils.js
// META: script=/common/dispatcher/dispatcher.js
// META: script=/html/cross-origin-embedder-policy/credentialless/resources/common.js
// META: script=./resources/common.js
setup(() => {
assert_implements(document.requestStorageAccess,
"requestStorageAccess is not supported.");
})
const requestStorageAccess = (iframe) => {
const reply = token();
send(iframe, `
try {
await document.requestStorageAccess();
send("${reply}", "success");
} catch {
send("${reply}", "failed");
}
`);
return receive(reply);
}
promise_test(async test => {
const same_origin = window.origin;
const iframe = newIframeCredentialless(same_origin);
assert_equals(await requestStorageAccess(iframe), "failed");
}, "Same-origin credentialless iframe can't request storage access");
promise_test(async test => {
const cross_origin = get_host_info().HTTPS_REMOTE_ORIGIN;
const iframe = newIframeCredentialless(cross_origin);
assert_equals(await requestStorageAccess(iframe), "failed");
}, "Cross-origin credentialless iframe can't request storage access");
|