blob: dd6347e463171db65de24a9b57d6f1a754b78331 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
<!doctype html>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/common/utils.js"></script>
<script src="/shared-storage/resources/util.js"></script>
<script src="/fenced-frame/resources/utils.js"></script>
<body>
<script>
'use strict';
promise_test(async t => {
const ancestor_key = token();
const crossOrigin = 'https://{{domains[www]}}:{{ports[https][0]}}';
const helper_url = crossOrigin +
`/shared-storage/resources/credentials-test-helper.py` +
`?access_control_allow_origin_header=${window.origin}` +
`&shared_storage_cross_origin_worklet_allowed_header=?1` +
`&token=${ancestor_key}`;
// The network error for `createWorklet()` won't be revealed to the
// cross-origin caller.
await sharedStorage.createWorklet(
helper_url + `&action=store-cookie`,
{ credentials: "include" });
}, 'createWorklet() with cross-origin module script and credentials ' +
'"include", and without the Access-Control-Allow-Credentials response ' +
'header');
</script>
</body>
|