<!DOCTYPE HTML> <html> <!-- https://bugzilla.mozilla.org/show_bug.cgi?id=643051 --> <head> <title>Cookies set from iframe in content process</title> <script src="/tests/SimpleTest/SimpleTest.js"></script> <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/> </head> <body> <a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1331680">Mozilla Bug 1331680</a> <p id="display"></p> <div id="content" style="display: none"> <script type="application/javascript"> SimpleTest.waitForExplicitFinish(); const IFRAME_COOKIE_NAMES = ["if1", "if2_1", "if2_2"]; const ID = ["if_1", "if_2", "if_3"]; var gScript = SpecialPowers.loadChromeScript(SimpleTest.getTestFileURL('file_1331680.js')); /* Test iframe * 1. Create three iframes, and one of the iframe will create two cookies. * 2. Confirm the cookies can be proessed from observer. * 3. Confirm document.cookie can get cookies "if2_1" and "if2_2". * 4. Confirm the iframe whose source is "about:blank" can get parent's cookies. */ function createIframe(id, src, sandbox_flags) { return new Promise(resolve => { var ifr = document.createElement("iframe"); ifr.id = id; ifr.src = src; ifr.sandbox = sandbox_flags; ifr.addEventListener("load", resolve); document.body.appendChild(ifr); }); }; function confirmCookies(id) { is(document.cookie, "if2_1=if2_val1; if2_2=if2_val2", "Confirm the cookies can get after iframe was deleted"); var new_ifr = document.getElementById(id); is(new_ifr.contentDocument.cookie, document.cookie, "Confirm the inner document.cookie = parent document.cookie"); document.cookie = IFRAME_COOKIE_NAMES[1] + "=; expires=Thu, 01-Jan-1970 00:00:01 GMT"; document.cookie = IFRAME_COOKIE_NAMES[2] + "=; expires=Thu, 01-Jan-1970 00:00:01 GMT"; is(document.cookie, "", "Removed all cookies"); SpecialPowers.clearUserPref("network.cookie.sameSite.laxByDefault"); SimpleTest.finish(); } addEventListener("message", function(event) { is(event.data, document.cookie, "Confirm the iframe 2 can communicate with iframe"); }); SpecialPowers.pushPrefEnv({ // Bug 1617611: Fix all the tests broken by "cookies SameSite=lax by default" set: [["network.cookie.sameSite.laxByDefault", false]], }).then(_ => createIframe(ID[0], "file_iframe_allow_scripts.html", "allow-scripts")) .then(_ => createIframe(ID[1], "file_iframe_allow_same_origin.html", "allow-scripts allow-same-origin")) .then(_ => createIframe(ID[2], "about:blank", "allow-scripts allow-same-origin")) .then(_ => confirmCookies(ID[2])); </script> </div> <pre id="test"> </pre> </body> </html>