summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/IndexedDB/idbfactory-open-opaque-origin.html
blob: a71da9afb3a4c50ec6dfe53198df9e02a0396941 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
<!DOCTYPE html>
<meta charset=utf-8>
<title>IDBFactory.open() and opaque origins</title>
<script src=/resources/testharness.js></script>
<script src=/resources/testharnessreport.js></script>
<script>

function load_iframe(src, sandbox) {
  return new Promise(resolve => {
    const iframe = document.createElement('iframe');
    iframe.onload = () => { resolve(iframe); };
    if (sandbox)
      iframe.sandbox = sandbox;
    iframe.srcdoc = src;
    iframe.style.display = 'none';
    document.documentElement.appendChild(iframe);
  });
}

function wait_for_message(recipient, source) {
  return new Promise(resolve => {
    recipient.onmessage = function listener(e) {
      if (e.source === source) {
        resolve(e.data);
        recipient.removeEventListener('message', listener);
      }
    };
  })
}

const test_code =
  '  const handler = (reply) => {' +
  '    try {' +
  '      indexedDB.deleteDatabase("opaque-origin-test");' +
  '    } catch {}' +
  '    try {' +
  '      const r = indexedDB.open("opaque-origin-test");' +
  '      r.onupgradeneeded = () => { r.transaction.abort(); };' +
  '      reply({result: "no exception"});' +
  '    } catch (ex) {' +
  '      reply({result: ex.name});' +
  '    };' +
  '  };';

const iframe_script =
  '<script>' +
  test_code +
  '  window.onmessage = () => {' +
  '    handler(msg => window.parent.postMessage(msg, "*"));' +
  '  };' +
  '<\/script>';

promise_test(t => {
  return load_iframe(iframe_script)
    .then(iframe => {
      iframe.contentWindow.postMessage({}, '*');
      return wait_for_message(self, iframe.contentWindow);
    })
    .then(message => {
      assert_equals(message.result, 'no exception',
                    'IDBFactory.open() should not throw');
    });
}, 'IDBFactory.open() in non-sandboxed iframe should not throw');

promise_test(t => {
  return load_iframe(iframe_script, 'allow-scripts')
    .then(iframe => {
      iframe.contentWindow.postMessage({}, '*');
      return wait_for_message(self, iframe.contentWindow);
    })
    .then(message => {
      assert_equals(message.result, 'SecurityError',
                    'Exception should be SecurityError');
    });
}, 'IDBFactory.open() in sandboxed iframe should throw SecurityError');

const worker_script = `
${test_code}
// For dedicated workers:
self.addEventListener("message", () => handler(self.postMessage));
// For shared workers:
self.addEventListener("connect", (e) => {
  var port = e.ports[0];
  handler(msg => port.postMessage(msg));
});
`;
const worker_data_url = "data:,".concat(encodeURIComponent(worker_script));

promise_test(async t => {
  let worker = new Worker(worker_data_url);
  t.add_cleanup(() => worker.terminate());
  worker.postMessage({});
  const message = await wait_for_message(worker, null);
  assert_equals(message.result, 'SecurityError',
                'Promise should be rejected with SecurityError');
}, 'IDBFactory.open() in data URL dedicated workers should throw SecurityError');

promise_test(async t => {
  let worker = new SharedWorker(worker_data_url, 'idb_open_opaque');
  worker.port.postMessage({});
  const message = await wait_for_message(worker.port, null);
  assert_equals(message.result, 'SecurityError',
                'Promise should be rejected with SecurityError');
}, 'IDBFactory.open() in data URL shared workers should throw SecurityError');
</script>