From 36d22d82aa202bb199967e9512281e9a53db42c9 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sun, 7 Apr 2024 21:33:14 +0200
Subject: Adding upstream version 115.7.0esr.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 .../serial/getPorts/reject_opaque_origin.https.html  | 14 ++++++++++++++
 .../getPorts/reject_opaque_origin.https.html.headers |  1 +
 .../serial/getPorts/sandboxed_iframe.https.window.js | 20 ++++++++++++++++++++
 3 files changed, 35 insertions(+)
 create mode 100644 testing/web-platform/tests/serial/getPorts/reject_opaque_origin.https.html
 create mode 100644 testing/web-platform/tests/serial/getPorts/reject_opaque_origin.https.html.headers
 create mode 100644 testing/web-platform/tests/serial/getPorts/sandboxed_iframe.https.window.js

(limited to 'testing/web-platform/tests/serial/getPorts')

diff --git a/testing/web-platform/tests/serial/getPorts/reject_opaque_origin.https.html b/testing/web-platform/tests/serial/getPorts/reject_opaque_origin.https.html
new file mode 100644
index 0000000000..b2f630a319
--- /dev/null
+++ b/testing/web-platform/tests/serial/getPorts/reject_opaque_origin.https.html
@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script>
+  'use strict';
+
+  promise_test(async (t) => {
+    await promise_rejects_dom(
+        t, 'SecurityError', navigator.serial.getPorts(),
+        'getPorts() should throw a SecurityError DOMException when called ' +
+        'from a context where the top-level document has an opaque origin.');
+  }, 'Calls to Serial APIs from an origin with opaque top origin get blocked.');
+</script>
diff --git a/testing/web-platform/tests/serial/getPorts/reject_opaque_origin.https.html.headers b/testing/web-platform/tests/serial/getPorts/reject_opaque_origin.https.html.headers
new file mode 100644
index 0000000000..1efcf8c226
--- /dev/null
+++ b/testing/web-platform/tests/serial/getPorts/reject_opaque_origin.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: sandbox allow-scripts
diff --git a/testing/web-platform/tests/serial/getPorts/sandboxed_iframe.https.window.js b/testing/web-platform/tests/serial/getPorts/sandboxed_iframe.https.window.js
new file mode 100644
index 0000000000..0a99f75aae
--- /dev/null
+++ b/testing/web-platform/tests/serial/getPorts/sandboxed_iframe.https.window.js
@@ -0,0 +1,20 @@
+'use strict';
+
+promise_test(async (t) => {
+  let iframe = document.createElement('iframe');
+  await new Promise(resolve => {
+    iframe.src = '../resources/open-in-iframe.html';
+    iframe.sandbox.add('allow-scripts');
+    iframe.allow = 'serial';
+    document.body.appendChild(iframe);
+    iframe.addEventListener('load', resolve);
+  });
+
+  await new Promise(resolve => {
+    window.addEventListener('message', t.step_func(messageEvent => {
+      assert_equals(messageEvent.data, 'Success');
+      resolve();
+    }));
+    iframe.contentWindow.postMessage({type: 'GetPorts'}, '*');
+  });
+}, 'GetPorts from a sandboxed iframe is valid.');
-- 
cgit v1.2.3