summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/browsing-topics/browsing-topics-permissions-policy-none.tentative.https.sub.html
blob: 2f80daa27142c6a2ccd7b0e33005a4659180bf1b (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
<!doctype html>
<body>
  <script src=/resources/testharness.js></script>
  <script src=/resources/testharnessreport.js></script>
  <script src=/browsing-topics/resources/navigation-header-util.sub.js></script>
  <script src=/browsing-topics/resources/permissions-policy-util.sub.js></script>
  <script>
    'use strict';
    const header = 'permissions policy header browsing-topics=()';

    promise_test(async t => {
      try {
        await document.browsingTopics();
      } catch (e) {
        assert_equals(e.message, TOPICS_PERMISSIONS_POLICY_ERROR_MESSAGE);
        return;
      }
      assert_unreached("did not reject");
    }, header + ' disallows document.browsingTopics() in the current page.');

    async_test(t => {
      test_topics_feature_availability_in_subframe(t, /*is_same_origin=*/true,
          expect_topics_feature_unavailable);
    }, header + ' disallows document.browsingTopics() in same-origin iframes.');

    async_test(t => {
      test_topics_feature_availability_in_subframe(t, /*is_same_origin=*/false,
          expect_topics_feature_unavailable);
    }, header + ' disallows document.browsingTopics() in cross-origin iframes.');

    const same_origin_url = '/browsing-topics/resources/check-topics-request-header.py';
    const cross_origin_url = 'https://{{domains[www]}}:{{ports[https][0]}}' +
      same_origin_url;

    promise_test(async t => {
      let response = await fetch(same_origin_url, {browsingTopics: true});
      let topics_header = await response.text();
      assert_equals(topics_header, "NO_TOPICS_HEADER");
    }, header + 'disallows the \'Sec-Browsing-Topics\' header to be sent for the same-origin topics fetch request.');

    promise_test(async t => {
      let response = await fetch(cross_origin_url, {browsingTopics: true});
      let topics_header = await response.text();
      assert_equals(topics_header, "NO_TOPICS_HEADER");
    }, header + 'disallows the \'Sec-Browsing-Topics\' header to be sent for the cross-origin topics fetch request.');

    async_test(t => {
      test_topics_iframe_navigation_header(
          t, /*has_browsing_topics_attribute=*/true, /*is_same_origin=*/true,
          expect_topics_header_unavailable);
    }, header + ' disallows the \'Sec-Browsing-Topics\' header to be sent for the same-origin iframe navigation request.');

    async_test(t => {
      test_topics_iframe_navigation_header(
          t, /*has_browsing_topics_attribute=*/true, /*is_same_origin=*/false,
          expect_topics_header_unavailable);
    }, header + ' disallows the \'Sec-Browsing-Topics\' header to be sent for the cross-origin iframe navigation request.');
  </script>
</body>