diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 09:22:09 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 09:22:09 +0000 |
commit | 43a97878ce14b72f0981164f87f2e35e14151312 (patch) | |
tree | 620249daf56c0258faa40cbdcf9cfba06de2a846 /testing/web-platform/tests/fs/opaque-origin.https.window.js | |
parent | Initial commit. (diff) | |
download | firefox-43a97878ce14b72f0981164f87f2e35e14151312.tar.xz firefox-43a97878ce14b72f0981164f87f2e35e14151312.zip |
Adding upstream version 110.0.1.upstream/110.0.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'testing/web-platform/tests/fs/opaque-origin.https.window.js')
-rw-r--r-- | testing/web-platform/tests/fs/opaque-origin.https.window.js | 75 |
1 files changed, 75 insertions, 0 deletions
diff --git a/testing/web-platform/tests/fs/opaque-origin.https.window.js b/testing/web-platform/tests/fs/opaque-origin.https.window.js new file mode 100644 index 0000000000..94b4cd7978 --- /dev/null +++ b/testing/web-platform/tests/fs/opaque-origin.https.window.js @@ -0,0 +1,75 @@ +'use strict'; + +const kSandboxWindowUrl = 'resources/opaque-origin-sandbox.html'; + +function add_iframe(test, src, sandbox) { + const iframe = document.createElement('iframe'); + iframe.src = src; + if (sandbox !== undefined) { + iframe.sandbox = sandbox; + } + document.body.appendChild(iframe); + test.add_cleanup(() => { + iframe.remove(); + }); +} + +// Creates a data URI iframe that uses postMessage() to provide its parent +// with the test result. The iframe checks for the existence of +// |property_name| on the window. +async function verify_does_exist_in_data_uri_iframe( + test, property_name) { + const iframe_content = + '<script>' + + ' const is_property_name_defined = ' + + ` (self.${property_name} !== undefined);` + + ' parent.postMessage({is_property_name_defined}, "*")' + + '</script>'; + + const data_uri = `data:text/html,${encodeURIComponent(iframe_content)}`; + add_iframe(test, data_uri); + + const event_watcher = new EventWatcher(test, self, 'message'); + const message_event = await event_watcher.wait_for('message') + + assert_true(message_event.data.is_property_name_defined, + `Data URI iframes must define '${property_name}'.`); +} + +// |kSandboxWindowUrl| sends the result of navigator.storage.getDirectory() to +// this window. For windows using sandbox='allow-scripts', this must produce a +// rejected promise. +async function verify_results_from_sandboxed_child_window(test) { + const event_watcher = new EventWatcher(test, self, 'message'); + + const message_event = await event_watcher.wait_for('message'); + assert_equals(message_event.data, + 'navigator.storage.getDirectory(): REJECTED: SecurityError'); +} + +promise_test(async test => { + await verify_does_exist_in_data_uri_iframe( + test, 'FileSystemDirectoryHandle'); +}, 'FileSystemDirectoryHandle must be defined for data URI iframes.'); + +promise_test( + async test => { + add_iframe(test, kSandboxWindowUrl, /*sandbox=*/ 'allow-scripts'); + await verify_results_from_sandboxed_child_window(test); + }, + 'navigator.storage.getDirectory() must reject in a sandboxed iframe.'); + +promise_test( + async test => { + const child_window_url = kSandboxWindowUrl + + '?pipe=header(Content-Security-Policy, sandbox allow-scripts)'; + + const child_window = window.open(child_window_url); + test.add_cleanup(() => { + child_window.close(); + }); + + await verify_results_from_sandboxed_child_window(test); + }, + 'navigator.storage.getDirectory() ' + + 'must reject in a sandboxed opened window.'); |