testing/web-platform/tests/html/semantics/scripting-1/the-script-element/css-module/credentials.sub.html


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55

<!DOCTYPE html>
<meta charset="utf-8">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>

<script>
document.cookie = 'milk=1';

const setCookiePromise = fetch(
    'http://{{domains[www2]}}:{{ports[http][0]}}/cookies/resources/set-cookie.py?name=milk&path=/html/semantics/scripting-1/the-script-element/css-module/',
    {
      mode: 'no-cors',
      credentials: 'include',
    });

const windowLoadPromise = new Promise(resolve => {
  window.addEventListener('load', () => {
    resolve();
  });
});

promise_test(t => {
  const iframe = document.createElement('iframe');

  return Promise.all([setCookiePromise, windowLoadPromise]).then(() => {
    const messagePromise = new Promise(resolve => {
      window.addEventListener('message', event => {
        resolve();
      });
    });

    iframe.src = 'resources/credentials-iframe.sub.html';
    document.body.appendChild(iframe);

    return messagePromise;
  }).then(() => {
    const w = iframe.contentWindow;

    assert_equals(w.sameOriginNoneDescendant, true,
                  'Descendant CSS modules should be loaded with the credentials when the crossOrigin attribute is not specified and the target is same-origin');
    assert_equals(w.sameOriginAnonymousDescendant, true,
                  'Descendant CSS modules should be loaded with the credentials when the crossOrigin attribute is specified with "anonymous" as its value and the target is same-origin');
    assert_equals(w.sameOriginUseCredentialsDescendant, true,
                  'Descendant CSS modules should be loaded with the credentials when the crossOrigin attribute is specified with "use-credentials" as its value and the target is same-origin');
    assert_equals(w.crossOriginNoneDescendant, false,
                  'Descendant CSS modules should not be loaded with the credentials when the crossOrigin attribute is not specified and the target is cross-origin');
    assert_equals(w.crossOriginAnonymousDescendant, false,
                  'Descendant CSS modules should not be loaded with the credentials when the crossOrigin attribute is specified with "anonymous" as its value and the target is cross-origin');
    assert_equals(w.crossOriginUseCredentialsDescendant, true,
                  'Descendant CSS modules should be loaded with the credentials when the crossOrigin attribute is specified with "use-credentials" as its value and the target is cross-origin');
});
}, 'CSS Modules should be loaded with or without the credentials based on the same-origin-ness and the crossOrigin attribute');
</script>
<body>
</body>