testing/web-platform/tests/html/cross-origin-opener-policy/popup-coop-by-sw.https.html


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136

<meta name="timeout" content="long">
<meta name="variant" content="?1-4">
<meta name="variant" content="?5-last">
<script src=/resources/testharness.js></script>
<script src=/resources/testharnessreport.js></script>
<script src="/common/subset-tests.js"></script>
<script src="/service-workers/service-worker/resources/test-helpers.sub.js"></script>
<script src="/common/utils.js"></script>
<script src="/common/dispatcher/dispatcher.js"></script>
<script src="/common/get-host-info.sub.js"></script>
<script>

const executor_path = '/common/dispatcher/executor.html?pipe=';
const executor_service_worker_path = '/common/dispatcher/executor-service-worker.js?pipe=';

const coop_header = `|header(Cross-Origin-Opener-Policy,same-origin)`;
const coep_header = `|header(Cross-Origin-Embedder-Policy,require-corp)`;

const https_origin = get_host_info().HTTPS_ORIGIN;

const swap_browsing_context_group = true;
const keep_browsing_context_group = false;

const opener_basic = "";
const opener_coi = coop_header + coep_header;

const sw_basic = "";
const sw_coi = coop_header + coep_header;

const openee_basic = {
  'content-type': 'text/html',
};
const openee_coi = {
  'content-type': 'text/html',
  'cross-origin-embedder-policy': 'require-corp',
  'cross-origin-opener-policy': 'same-origin',
};

// A document opens a popup. The popup's document is served from a synthetic
// response by a ServiceWorker. Check how cross-origin isolation works in this
// case.
const popupCoopBySwTest = (
  description,
  // Test parameters:
  opener_headers,
  openee_headers,
  sw_headers,
  // Test expectations:
  expected_browing_context_group
) => {
  subsetTest(promise_test, async test => {
    const driver_token = token();

    // 1. Create the opener.
    const opener_token = token();
    const opener_url = https_origin + executor_path + opener_headers +
      `&uuid=${opener_token}`;
    const opener_window = window.open(opener_url);
    test.add_cleanup(() => opener_window.close());

    // 2. Define the openee's URL as being served by the service worker.
    const openee_url = https_origin + "/common/dispatcher/proxied?" + token();

    // 3. Register, install and activate a ServiceWorker serving the openee_url.
    const sw_token = token();
    const sw_url = https_origin + executor_service_worker_path + sw_headers +
      `&uuid=${sw_token}`;
    const sw_scope = openee_url; // One-time scope, because of the token.

    const sw_registration =
      await service_worker_unregister_and_register(test, sw_url, sw_scope);
    test.add_cleanup(() => sw_registration.unregister());
    await wait_for_state(test, sw_registration.installing, 'activated');

    send(sw_token, `
      fetchHandler = event => {
        if (!event.request.url.includes("proxied"))
          return;

        const response = new Response(\`
          <script src="/common/dispatcher/dispatcher.js"></scr\`+\`ipt>
          <script>
            send("${driver_token}", opener ? "opener is set"
                                           : "opener is null");
          </scr\` + \`ipt>
        \`, {
          status: 200,
          headers: ${JSON.stringify(openee_headers)},
        });
        event.respondWith(response);
      }

      await clients.claim();

      send("${driver_token}", serviceWorker.state);
    `)
    assert_equals(await receive(driver_token), "activated");

    // 4. The opener opens a popup. Its document is a synthetic response served
    // from the Service Worker.
    send(opener_token, `
        window.open("${openee_url}");
    `);

    assert_equals(await receive(driver_token),
     (expected_browing_context_group == swap_browsing_context_group)
            ? "opener is null"
            : "opener is set");
  }, description);
};

popupCoopBySwTest("opener:basic, openee:basic, sw:basic",
                   opener_basic, openee_basic, sw_basic,
                   keep_browsing_context_group);
popupCoopBySwTest("opener:basic, openee:basic, sw:coi",
                   opener_basic, openee_basic, sw_coi,
                   keep_browsing_context_group);
popupCoopBySwTest("opener:basic, openee:coi, sw:basic",
                   opener_basic, openee_coi, sw_basic,
                   swap_browsing_context_group);
popupCoopBySwTest("opener:basic, openee:coi, sw:coi",
                   opener_basic, openee_coi, sw_coi,
                   swap_browsing_context_group);
popupCoopBySwTest("opener:coi, openee:basic, sw:basic",
                   opener_coi, openee_basic, sw_basic,
                   swap_browsing_context_group);
popupCoopBySwTest("opener:coi, openee:basic, sw:coi",
                   opener_coi, openee_basic, sw_coi,
                   swap_browsing_context_group);
popupCoopBySwTest("opener:coi, openee:coi, sw:basic",
                   opener_coi, openee_coi, sw_basic,
                   keep_browsing_context_group);
popupCoopBySwTest("opener:coi, openee:coi, sw:coi",
                   opener_coi, openee_coi, sw_coi,
                   keep_browsing_context_group);
</script>