1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
|
// META: script=helpers.js
// META: script=/resources/testdriver.js
// META: script=/resources/testdriver-vendor.js
'use strict';
// Document-level test config flags:
//
// testPrefix: Prefix each test case with an indicator so we know what context
// they are run in if they are used in multiple iframes.
//
// topLevelDocument: Keep track of if we run these tests in a nested context, we
// don't want to recurse forever.
const {testPrefix, topLevelDocument} = processQueryParams();
// Common tests to run in all frames.
test(() => {
assert_not_equals(document.requestStorageAccess, undefined);
}, "[" + testPrefix + "] document.requestStorageAccess() should exist on the document interface");
promise_test(t => {
return promise_rejects_dom(t, "NotAllowedError", document.requestStorageAccess(),
"document.requestStorageAccess() call without user gesture");
}, "[" + testPrefix + "] document.requestStorageAccess() should be rejected in insecure context");
// Logic to load test cases within combinations of iFrames.
if (topLevelDocument) {
// This specific test will run only as a top level test (not as a worker).
// Specific requestStorageAccess() scenarios will be tested within the context
// of various iFrames
promise_test(t => {
const description = "document.requestStorageAccess() call in a detached frame";
// Can't use `promise_rejects_dom` here, since the error comes from the wrong global.
return RunRequestStorageAccessInDetachedFrame()
.then(t.unreached_func("Should have rejected: " + description), (e) => {
assert_equals(e.name, 'InvalidStateError', description);
});
}, "[non-fully-active] document.requestStorageAccess() should reject when run in a detached frame");
promise_test(t => {
return promise_rejects_dom(t, 'InvalidStateError', RunRequestStorageAccessViaDomParser(),
"document.requestStorageAccess() in a detached DOMParser result");
}, "[non-fully-active] document.requestStorageAccess() should reject when run in a detached DOMParser document");
// Create a test with a single-child same-origin iframe.
const sameOriginFramePromise = RunTestsInIFrame(
'resources/requestStorageAccess-iframe.html?testCase=same-origin-frame&rootdocument=false');
// Create a test with a single-child cross-origin iframe.
const crossOriginFramePromise = RunTestsInIFrame(
'http://{{domains[www]}}:{{ports[http][0]}}/storage-access-api/resources/requestStorageAccess-iframe.html?testCase=cross-origin-frame&rootdocument=false');
// Validate the nested-iframe scenario where the same-origin frame
// containing the tests is not the first child.
const nestedSameOriginFramePromise = RunTestsInNestedIFrame(
'resources/requestStorageAccess-iframe.html?testCase=nested-same-origin-frame&rootdocument=false');
// Validate the nested-iframe scenario where the cross-origin frame
// containing the tests is not the first child.
const nestedCrossOriginFramePromise = RunTestsInNestedIFrame(
'http://{{domains[www]}}:{{ports[http][0]}}/storage-access-api/resources/requestStorageAccess-iframe.html?testCase=nested-cross-origin-frame&rootdocument=false');
// Because the iframe tests expect no user activation, and because they
// load asynchronously, we want to first run those tests before simulating
// clicks on the page.
Promise
.all([
sameOriginFramePromise,
crossOriginFramePromise,
nestedSameOriginFramePromise,
nestedCrossOriginFramePromise,
])
.then(() => {
promise_test(
async t => {
await RunCallbackWithGesture(() => {
return promise_rejects_dom(t, "NotAllowedError", document.requestStorageAccess(),
"should reject in insecure context");
});
},
'[' + testPrefix +
'] document.requestStorageAccess() should be rejected when called with a user gesture in insecure context');
});
}
|