diff options
Diffstat (limited to 'testing/web-platform/tests/credential-management/federatedcredential-framed-get.sub.https.html')
| -rw-r--r-- | testing/web-platform/tests/credential-management/federatedcredential-framed-get.sub.https.html | 76 |
1 files changed, 76 insertions, 0 deletions
diff --git a/testing/web-platform/tests/credential-management/federatedcredential-framed-get.sub.https.html b/testing/web-platform/tests/credential-management/federatedcredential-framed-get.sub.https.html new file mode 100644 index 0000000000..7883c8ebf2 --- /dev/null +++ b/testing/web-platform/tests/credential-management/federatedcredential-framed-get.sub.https.html @@ -0,0 +1,76 @@ +<!DOCTYPE html> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +<script> +assert_implements('FederatedCredential' in window, "`FederatedCredential` is supported."); + +// Ensure that the check is "same origin", not "same origin-domain". +document.domain = window.location.hostname; + +function create_iframe_test(origin, expectation) { + return function (t) { + window.addEventListener("load", _ => { + var iframe = document.createElement("iframe"); + iframe.src = origin + "/credential-management/support/federatedcredential-get.html"; + window.addEventListener("message", t.step_func(e => { + if (e.source == iframe.contentWindow) { + if (expectation == "blocked") { + assert_equals(e.data.exception, "NotAllowedError"); + } else { + if (e.data.exception) + assert_not_equals(e.data.exception, "NotAllowedError"); + } + t.done(); + } + })); + document.body.appendChild(iframe); + }); + }; +} + +function create_nested_iframe_test(outerOrigin, innerOrigin, expectation) { + return function (t) { + window.addEventListener("load", _ => { + var iframe = document.createElement("iframe"); + iframe.src = outerOrigin + "/credential-management/support/echoing-nester.html?origin=" + innerOrigin + "&file=federatedcredential-get.html"; + window.addEventListener("message", t.step_func(e => { + if (e.source == iframe.contentWindow) { + if (expectation == "blocked") { + assert_equals(e.data.exception, "NotAllowedError"); + } else { + assert_equals(e.data.exception, null); + } + t.done(); + } + })); + document.body.appendChild(iframe); + }); + }; +} + +const SAME_ORIGIN = window.origin; +const CROSS_ORIGIN = "https://{{domains[élève]}}:{{ports[https][0]}}"; + +async_test( + create_iframe_test(SAME_ORIGIN, "allowed"), + "Same-origin IFrame does not throw."); +async_test( + create_iframe_test(CROSS_ORIGIN, "blocked"), + "Cross-origin IFrame throws 'NotAllowedError'."); + +async_test( + create_nested_iframe_test(SAME_ORIGIN, SAME_ORIGIN, "allowed"), + "Same-origin IFrame in same-origin IFrame does not throw."); + +async_test( + create_nested_iframe_test(SAME_ORIGIN, CROSS_ORIGIN, "blocked"), + "Same-origin IFrame in same-origin IFrame throws 'NotAllowedError'."); + +async_test( + create_nested_iframe_test(CROSS_ORIGIN, SAME_ORIGIN, "blocked"), + "Cross-origin IFrame in same-origin IFrame throws 'NotAllowedError'."); + +async_test( + create_nested_iframe_test(CROSS_ORIGIN, CROSS_ORIGIN, "blocked"), + "Cross-origin IFrame in same-cross-origin throws 'NotAllowedError'."); +</script> |