diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 19:33:14 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 19:33:14 +0000 |
commit | 36d22d82aa202bb199967e9512281e9a53db42c9 (patch) | |
tree | 105e8c98ddea1c1e4784a60a5a6410fa416be2de /testing/web-platform/tests/workers/modules/shared-worker-import-data-url-cross-origin.html | |
parent | Initial commit. (diff) | |
download | firefox-esr-36d22d82aa202bb199967e9512281e9a53db42c9.tar.xz firefox-esr-36d22d82aa202bb199967e9512281e9a53db42c9.zip |
Adding upstream version 115.7.0esr.upstream/115.7.0esr
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'testing/web-platform/tests/workers/modules/shared-worker-import-data-url-cross-origin.html')
-rw-r--r-- | testing/web-platform/tests/workers/modules/shared-worker-import-data-url-cross-origin.html | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/testing/web-platform/tests/workers/modules/shared-worker-import-data-url-cross-origin.html b/testing/web-platform/tests/workers/modules/shared-worker-import-data-url-cross-origin.html new file mode 100644 index 0000000000..3f22c5094d --- /dev/null +++ b/testing/web-platform/tests/workers/modules/shared-worker-import-data-url-cross-origin.html @@ -0,0 +1,43 @@ +<!DOCTYPE html> +<title>SharedWorker: ES modules for data URL workers</title> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +<script> + +const import_from_data_url_worker_test = (importType, isDataURL, expectation) => { + promise_test(async () => { + const importURL = new URL(`resources/${importType}-import-` + + `${isDataURL ? 'data-url' : 'script'}-block-cross-origin.js`, + location.href) + '?pipe=header(Access-Control-Allow-Origin, *)'; + const dataURL = `data:text/javascript,import "${importURL}";`; + const worker = new SharedWorker(dataURL, { type: 'module' }); + worker.port.postMessage('Send message for tests from main script.'); + const msgEvent = + await new Promise(resolve => worker.port.onmessage = resolve); + assert_array_equals(msgEvent.data, + expectation === 'blocked' ? ['ERROR'] + : ['export-block-cross-origin.js']); + }, `${importType} import ${isDataURL ? 'data url' : 'script'} from data: ` + + `URL should be ${expectation}.`); +} + +// Static import should obey the outside settings. +// SecurityOrigin of the outside settings is decided by Window. +import_from_data_url_worker_test('static', true, 'allowed'); +import_from_data_url_worker_test('static', false, 'allowed'); + + +// Dynamic import should obey the inside settings. +// SecurityOrigin of the inside settings is a unique opaque origin. +// +// Data url script is cross-origin to the inside settings' SecurityOrigin, but +// dynamic importing it is allowed. +// https://fetch.spec.whatwg.org/#concept-main-fetch +// Step 5: request’s current URL’s scheme is "data" [spec text] +import_from_data_url_worker_test('dynamic', true, 'allowed'); + +// Non-data url script is cross-origin to the inside settings' SecurityOrigin. +// It should be blocked. +import_from_data_url_worker_test('dynamic', false, 'blocked'); + +</script> |