diff options
Diffstat (limited to 'testing/web-platform/tests/html/cross-origin-embedder-policy/about-blank-popup.https.html')
| -rw-r--r-- | testing/web-platform/tests/html/cross-origin-embedder-policy/about-blank-popup.https.html | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/testing/web-platform/tests/html/cross-origin-embedder-policy/about-blank-popup.https.html b/testing/web-platform/tests/html/cross-origin-embedder-policy/about-blank-popup.https.html new file mode 100644 index 0000000000..2dc73c7561 --- /dev/null +++ b/testing/web-platform/tests/html/cross-origin-embedder-policy/about-blank-popup.https.html @@ -0,0 +1,59 @@ +<!doctype html> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +<script src="resources/script-factory.js"></script> +<script src="/common/get-host-info.sub.js"></script> +<script src="/common/utils.js"></script> +<script> + const origins = get_host_info(); + + promise_test(async t => { + const popup = window.open(); + t.add_cleanup(() => { popup.close(); }); + + let data_from_popup = () => new Promise(resolve => + window.addEventListener("message", (({ data }) => resolve(data)))); + + let check_result = (data, text) => { + assert_equals(data.origin, origin); + assert_true(data.sameOriginNoCORPSuccess, + text + ": Same-origin without CORP did not succeed"); + assert_true(data.crossOriginNoCORPFailure, + text + ": Cross-origin without CORP did not fail"); + }; + + // Check if COEP is inherited by the popup. + let script = popup.document.createElement('script'); + script.innerHTML = + `${createScript(window.origin, origins.HTTPS_REMOTE_ORIGIN, "opener")}`; + popup.document.body.appendChild(script); + check_result(await data_from_popup(), "Initial empty document"); + + // Navigate the popup away. + popup.location = origins.HTTPS_REMOTE_ORIGIN + + "/html/cross-origin-embedder-policy/resources/postmessage-ready.html"; + assert_equals(await new Promise(resolve => + window.addEventListener("message", msg => resolve(msg.data))), + "ready"); + + // Navigate the popup to about:blank and wait for it. + popup.location = "about:blank"; + await t.step_wait( + condition = () => { + try { + return popup.location.href === "about:blank"; + } catch {} + return false; + }, + description = "Wait for the popup to navigate.", + timeout=3000, + interval=50); + + // Check again if COEP is inherited. + script = popup.document.createElement('script'); + script.innerHTML = + `${createScript(window.origin, origins.HTTPS_REMOTE_ORIGIN, "opener")}`; + popup.document.body.appendChild(script); + check_result(await data_from_popup(), "Non-initial about:blank document"); + }, `Cross-Origin-Embedder-Policy is inherited by about:blank popup.`); +</script> |