testing/web-platform/tests/permissions-policy/private-state-token-issue-disabled-by-permissions-policy.tentative.https.sub.html


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67

<!DOCTYPE html>
<body>
  <script src=/resources/testharness.js></script>
  <script src=/resources/testharnessreport.js></script>
  <script src=/permissions-policy/resources/permissions-policy.js></script>
  <script>
  'use strict';
  var same_origin_src = '/permissions-policy/resources/permissions-policy-private-state-token-issuance.html';
  var cross_origin_src = 'https://{{domains[www]}}:{{ports[https][0]}}' +
    same_origin_src;
  var test_desc_begin = 'Permissions policy header "private-state-token-issuance=()"';

  test(() => {

    assert_throws_dom('NotAllowedError', () => {
      const issue_request = new Request("https://issuer.example/", {
        privateToken: {
          version: 1,
          operation: "token-request"
        }
      });
    });

    assert_throws_dom('NotAllowedError', () => {
      const xhr = new XMLHttpRequest();
      xhr.open("GET", "https://issuer.example/");
      xhr.setPrivateToken({
        version: 1,
        operation: "token-request"
      });
    });

  }, test_desc_begin + ' disallows the top-level document.');

  async_test(t => {
    test_feature_availability('Private State Token issuance request', t,
        same_origin_src,
        (data, desc) => {
          assert_equals(data.num_operations_enabled, 0, desc);
        });
  }, test_desc_begin + ' disallows same-origin iframes.');

  async_test(t => {
    test_feature_availability('Private State Token issuance request', t,
        cross_origin_src,
        (data, desc) => {
          assert_equals(data.num_operations_enabled, 0, desc);
        });
  }, test_desc_begin + ' disallows cross-origin iframes.');

  async_test(t => {
    test_feature_availability(
        'Private State Token issuance request', t, same_origin_src,
        (data, desc) => {
          assert_equals(data.num_operations_enabled, 0, desc);
        }, 'private-state-token-issuance');
  }, test_desc_begin + ' and allow="private-state-token-issuance" disallows same-origin iframes.');

  async_test(t => {
    test_feature_availability(
        'Private State Token issuance request', t, cross_origin_src,
        (data, desc) => {
          assert_equals(data.num_operations_enabled, 0, desc);
        }, 'private-state-token-issuance');
  }, test_desc_begin + ' and allow="private-state-token-issuance" disallows cross-origin iframes.');
  </script>
</body>