summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/web-share/disabled-by-permissions-policy-cross-origin.https.sub.html
diff options
context:
space:
mode:
Diffstat (limited to 'testing/web-platform/tests/web-share/disabled-by-permissions-policy-cross-origin.https.sub.html')
-rw-r--r--testing/web-platform/tests/web-share/disabled-by-permissions-policy-cross-origin.https.sub.html122
1 files changed, 122 insertions, 0 deletions
diff --git a/testing/web-platform/tests/web-share/disabled-by-permissions-policy-cross-origin.https.sub.html b/testing/web-platform/tests/web-share/disabled-by-permissions-policy-cross-origin.https.sub.html
new file mode 100644
index 0000000000..773da84c0c
--- /dev/null
+++ b/testing/web-platform/tests/web-share/disabled-by-permissions-policy-cross-origin.https.sub.html
@@ -0,0 +1,122 @@
+<!DOCTYPE html>
+<html>
+ <head>
+ <meta charset="utf-8" />
+ <title>WebShare Test: is disabled by permissions policy cross-origin</title>
+ <link
+ rel="help"
+ href="https://w3c.github.io/web-share/#permissions-policy"
+ />
+ <script src="/resources/testharness.js"></script>
+ <script src="/resources/testharnessreport.js"></script>
+ </head>
+ <body></body>
+ <script>
+ const crossOrigin = "https://{{hosts[alt][]}}:{{ports[https][0]}}";
+ const sameOriginPath = "/web-share/resources/post-message.html";
+ const crossOriginSrc = `${crossOrigin}${sameOriginPath}`;
+ const shareData = {
+ title: "WebShare Test",
+ text: "This is a test of the Web Share API",
+ url: "https://example.com/",
+ };
+
+ function waitForMessage(message) {
+ return new Promise((resolve) => {
+ window.addEventListener("message", function listener(event) {
+ if (event.data.action !== message) return;
+ window.removeEventListener("message", listener);
+ resolve(event.data);
+ });
+ });
+ }
+
+ async function loadIframe(t, src, allowList) {
+ const iframe = document.createElement("iframe");
+ if (allowList !== undefined) iframe.allow = allowList;
+ t.add_cleanup(() => {
+ iframe.remove();
+ });
+ await new Promise((resolve) => {
+ iframe.src = src;
+ document.body.appendChild(iframe);
+ iframe.onload = resolve;
+ });
+ await waitForMessage("loaded");
+ return iframe;
+ }
+
+ promise_test(async (t) => {
+ assert_true("share" in navigator, "navigator.share is exposed");
+ const iframe = await loadIframe(t, crossOriginSrc);
+ const iframeWindow = iframe.contentWindow;
+ iframeWindow.postMessage({ action: "share", data: shareData }, "*");
+ const data = await waitForMessage("share");
+ assert_equals(data.result, "error");
+ assert_equals(data.error, "NotAllowedError");
+ }, "share() is disabled by default 'self' by permissions policy for cross-origin iframes");
+
+ promise_test(async (t) => {
+ assert_true("share" in navigator, "navigator.share is exposed");
+ const iframe = await loadIframe(t, crossOriginSrc, "web-share 'none'");
+ const iframeWindow = iframe.contentWindow;
+ iframeWindow.postMessage({ action: "share", data: shareData }, "*");
+ const data = await waitForMessage("share");
+ assert_equals(data.result, "error");
+ assert_equals(data.error, "NotAllowedError");
+ }, "share() is disabled explicitly by permissions policy for cross-origin iframe");
+
+ promise_test(async (t) => {
+ assert_true("share" in navigator, "navigator.share is exposed");
+ const iframe = await loadIframe(t, crossOriginSrc, "web-share 'self'");
+ const iframeWindow = iframe.contentWindow;
+ iframeWindow.postMessage({ action: "share", data: shareData }, "*");
+ const data = await waitForMessage("share");
+ assert_equals(data.result, "error");
+ assert_equals(data.error, "NotAllowedError");
+ }, "share() not allowed, as only allowed to share with self");
+
+ promise_test(async (t) => {
+ assert_true("canShare" in navigator, "navigator.canShare is exposed");
+ const iframe = await loadIframe(t, crossOriginSrc);
+ const iframeWindow = iframe.contentWindow;
+ iframeWindow.postMessage({ action: "canShare", data: shareData }, "*");
+ const data = await waitForMessage("canShare");
+ assert_equals(data.result, false, "Expected false, as it can't share.");
+ }, "canShare() not allowed to share by default permissions policy cross-origin");
+
+ promise_test(async (t) => {
+ assert_true("canShare" in navigator, "navigator.canShare is exposed");
+ const iframe = await loadIframe(
+ t,
+ crossOriginSrc,
+ `web-share ${crossOrigin}`
+ );
+ iframe.contentWindow.postMessage(
+ { action: "canShare", data: shareData },
+ "*"
+ );
+ const data = await waitForMessage("canShare");
+ assert_equals(
+ data.result,
+ true,
+ `Expected true, is it can now share on ${origin}.`
+ );
+ }, "canShare() is allowed by permissions policy to share cross-origin on a particular origin");
+
+ promise_test(async (t) => {
+ assert_true("canShare" in navigator, "navigator.canShare is exposed");
+ const iframe = await loadIframe(t, sameOriginPath, "web-share 'self'");
+ iframe.contentWindow.postMessage(
+ { action: "canShare", data: shareData },
+ "*"
+ );
+ const data = await waitForMessage("canShare");
+ assert_equals(
+ data.result,
+ true,
+ "Expected true, at it can share with self."
+ );
+ }, "canShare() with self");
+ </script>
+</html>