summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/html/cross-origin-embedder-policy/none-sw-from-none.https.html
blob: b539561effd93df24734d25f1f0fc61a50498adf (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
<!doctype html>
<html>
<script src=/resources/testharness.js></script>
<script src=/resources/testharnessreport.js></script>
<script src="/common/get-host-info.sub.js"></script>
<script src="/service-workers/service-worker/resources/test-helpers.sub.js"></script>
<script>
const SCOPE = new URL(location.href).pathname;
const SCRIPT =
  'resources/sw.js?' +
  `pipe=header(service-worker-allowed,${SCOPE})`;

function remote(path) {
  const REMOTE_ORIGIN = get_host_info().HTTPS_REMOTE_ORIGIN;
  return new URL(path, REMOTE_ORIGIN + '/html/cross-origin-embedder-policy/');
}

promise_test(async (t) => {
  const reg = await service_worker_unregister_and_register(t, SCRIPT, SCOPE);
  add_completion_callback(() => {
      reg.unregister();
  });
  await new Promise(resolve => {
    navigator.serviceWorker.addEventListener('controllerchange', resolve);
  });
}, 'setting up');

promise_test(async (t) => {
  await fetch('resources/nothing-same-origin-corp.txt', {mode: 'no-cors'});
}, 'making a same-origin request for CORP: same-origin');

promise_test(async (t) => {
  await fetch('/common/blank.html', {mode: 'no-cors'});
}, 'making a same-origin request for no CORP');

promise_test(async (t) => {
  await fetch('resources/nothing-cross-origin-corp.txt', {mode: 'no-cors'});
}, 'making a same-origin request for CORP: cross-origin');

promise_test(async (t) => {
  await promise_rejects_js(
    t, TypeError,
    fetch(remote('resources/nothing-same-origin-corp.txt'), {mode: 'no-cors'}));
}, 'making a cross-origin request for CORP: same-origin');

promise_test(async (t) => {
  await fetch(remote('/common/blank.html'), {mode: 'no-cors'});
}, 'making a cross-origin request for no CORP');

promise_test(async (t) => {
  await fetch(
    remote('resources/nothing-cross-origin-corp.txt'),
    {mode: 'no-cors'});
}, 'making a cross-origin request for CORP: cross-origin');

promise_test(async (t) => {
  await promise_rejects_js(
    t, TypeError,
    fetch(remote('resources/nothing-same-origin-corp.txt?passthrough'),
      {mode: 'no-cors'}));
}, 'making a cross-origin request for CORP: same-origin [PASS THROUGH]');

promise_test(async (t) => {
  await fetch(remote('/common/blank.html?passthrough'), {mode: 'no-cors'});
}, 'making a cross-origin request for no CORP [PASS THROUGH]');

promise_test(async (t) => {
  await fetch(
    remote('resources/nothing-cross-origin-corp.txt?passthrough'),
    {mode: 'no-cors'});
}, 'making a cross-origin request for CORP: cross-origin [PASS THROUGH]');

promise_test(async (t) => {
  await promise_rejects_js(
    t, TypeError, fetch(remote('/common/blank.html'), {mode: 'cors'}));
}, 'making a cross-origin request with CORS without ACAO');

promise_test(async (t) => {
  const URL = remote(
    '/common/blank.html?pipe=header(access-control-allow-origin,*)');
  await fetch(URL, {mode: 'cors'});
}, 'making a cross-origin request with CORS');

promise_test(async (t) => {
  const URL = remote('/fetch/api/resources/preflight.py?allow_headers=hoge');
  await fetch(URL, {mode: 'cors', headers: {'hoge': 'fuga'}});
}, 'making a cross-origin request with CORS-preflight');
</script>
</html>