<!DOCTYPE html> <body> <script src=/resources/testharness.js></script> <script src=/resources/testharnessreport.js></script> <script src=/permissions-policy/resources/permissions-policy.js></script> <script> 'use strict'; var same_origin_src = '/permissions-policy/resources/permissions-policy-payment.html'; var cross_origin_src = 'https://{{domains[www]}}:{{ports[https][0]}}' + same_origin_src; var header = 'permissions policy header "payment=*"'; test(() => { var supportedMethods = [ { supportedMethods: 'https://{{domains[nonexistent]}}/payment-request' } ]; var details = { total: { label: 'Test', amount: { currency: 'USD', value: '5.00' } } }; try { new PaymentRequest(supportedMethods, details); } catch (e) { assert_unreached(); } }, header + ' allows the top-level document.'); async_test(t => { test_feature_availability('PaymentRequest()', t, same_origin_src, expect_feature_available_default); }, header + ' allows same-origin iframes.'); async_test(t => { test_feature_availability('PaymentRequest()', t, cross_origin_src, expect_feature_unavailable_default); }, header + ' disallows cross-origin iframes.'); async_test(t => { test_feature_availability('PaymentRequest()', t, cross_origin_src, expect_feature_available_default, 'payment'); }, header + ' allow="payment" allows cross-origin iframes.'); </script> </body>