summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/storage-access-api/requestStorageAccess.sub.https.window.js
blob: e1a8b934503c9f60b0aa6c41c4c3714049842204 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
// META: script=helpers.js
// META: script=/cookies/resources/cookie-helper.sub.js
// META: script=/resources/testdriver.js
// META: script=/resources/testdriver-vendor.js
'use strict';

// Document-level test config flags:
//
// testPrefix: Prefix each test case with an indicator so we know what context
// they are run in if they are used in multiple iframes.
//
// topLevelDocument: Keep track of if we run these tests in a nested context, we
// don't want to recurse forever.
const {testPrefix, topLevelDocument} = processQueryParams();

if (!topLevelDocument) {
  // WPT synthesizes a top-level HTML test for this JS file, and in that case we
  // don't want to, or need to, call set_test_context.
  test_driver.set_test_context(window.top);
}

// Common tests to run in all frames.
promise_test(async () => {
  assert_not_equals(document.requestStorageAccess, undefined);
}, "[" + testPrefix + "] document.requestStorageAccess() should exist on the document interface");

// Most tests need to start with the feature in "prompt" state.
async function CommonSetup() {
  await test_driver.set_permission({ name: 'storage-access' }, 'prompt');
}

promise_test(
    async t => {
      await CommonSetup();
      if (topLevelDocument || !testPrefix.includes('cross-site') ||
          testPrefix.includes('ABA')) {
        await document.requestStorageAccess().catch(t.unreached_func(
            'document.requestStorageAccess() call should resolve in top-level frame or same-site iframe.'));

        assert_true(await CanAccessCookiesViaHTTP(), 'After obtaining storage access, subresource requests from the frame should send and set cookies.');
        assert_true(CanAccessCookiesViaJS(), 'After obtaining storage access, scripts in the frame should be able to access cookies.');
      } else {
        return promise_rejects_dom(
            t, "NotAllowedError", document.requestStorageAccess(),
            "document.requestStorageAccess() call without user gesture.");
      }
    },
    '[' + testPrefix +
        '] document.requestStorageAccess() should resolve in top-level frame or same-site iframe, otherwise reject with a NotAllowedError with no user gesture.');

promise_test(
    async (t) => {
      await CommonSetup();
      await MaybeSetStorageAccess("*", "*", "blocked");
      await test_driver.set_permission({name: 'storage-access'}, 'granted');
      t.add_cleanup(async () => {
        await test_driver.delete_all_cookies();
      });

      await document.requestStorageAccess();

      assert_true(await CanAccessCookiesViaHTTP(), 'After obtaining storage access, subresource requests from the frame should send and set cookies.');
      assert_true(CanAccessCookiesViaJS(), 'After obtaining storage access, scripts in the frame should be able to access cookies.');
    },
    '[' + testPrefix +
        '] document.requestStorageAccess() should be resolved with no user gesture when a permission grant exists, and ' +
        'should allow cookie access');

if (testPrefix.includes('cross-site')) {
  promise_test(
      async t => {
        await CommonSetup();
        await RunCallbackWithGesture(() => {
          return promise_rejects_dom(t, "NotAllowedError", document.requestStorageAccess(),
            "document.requestStorageAccess() call without permission");
        });
      },
      '[' + testPrefix +
          '] document.requestStorageAccess() should be rejected with a NotAllowedError without permission grant');

  promise_test(
      async t => {
        await test_driver.set_permission(
            {name: 'storage-access'}, 'denied');

        await RunCallbackWithGesture(() => {
          return promise_rejects_dom(t, "NotAllowedError", document.requestStorageAccess(),
            "document.requestStorageAccess() call without permission");
        });
      },
      '[' + testPrefix +
          '] document.requestStorageAccess() should be rejected with a NotAllowedError with denied permission');
} else {
  promise_test(
      async () => {
        await CommonSetup();
        await document.requestStorageAccess();

        assert_true(await CanAccessCookiesViaHTTP(), 'After obtaining storage access, subresource requests from the frame should send and set cookies.');
        assert_true(CanAccessCookiesViaJS(), 'After obtaining storage access, scripts in the frame should be able to access cookies.');
      },
      `[${testPrefix}] document.requestStorageAccess() should resolve without permission grant or user gesture`);

  promise_test(
      async () => {
        await test_driver.set_permission(
            {name: 'storage-access'}, 'denied');

        await document.requestStorageAccess();

        assert_true(await CanAccessCookiesViaHTTP(), 'After obtaining storage access, subresource requests from the frame should send and set cookies.');
        assert_true(CanAccessCookiesViaJS(), 'After obtaining storage access, scripts in the frame should be able to access cookies.');
      },
      `[${testPrefix}] document.requestStorageAccess() should resolve with denied permission`);
}