test_storagePermissionsLimitForeign.html (1641B)
1 <html xmlns="http://www.w3.org/1999/xhtml"> 2 <head> 3 <title>Storage Permission Restrictions</title> 4 5 <script src="/tests/SimpleTest/SimpleTest.js"></script> 6 <script type="text/javascript" src="storagePermissionsUtils.js"></script> 7 <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> 8 </head> 9 <body> 10 <iframe></iframe> 11 12 <script type="text/javascript"> 13 14 task(async function() { 15 await setCookieBehavior(BEHAVIOR_LIMIT_FOREIGN); 16 17 await runTestInWindow(async function() { 18 // We should be able to access storage 19 await storageAllowed(); 20 21 // Same origin iframes should be allowed. 22 await runIFrame("frameStorageAllowed.html"); 23 await runIFrame("frameStorageChrome.html?allowed=yes"); 24 25 // Null principal iframes should not. 26 await runIFrame("frameStorageNullprincipal.sjs"); 27 28 // Sandboxed iframes should have the null principal, and thus can't access storage 29 document.querySelector('iframe').setAttribute('sandbox', 'allow-scripts'); 30 await runIFrame("frameStoragePrevented.html#nullprincipal"); 31 await runIFrame("frameStorageNullprincipal.sjs"); 32 document.querySelector('iframe').removeAttribute('sandbox'); 33 34 // Thirdparty iframes should be blocked, even when accessed from chrome over Xrays. 35 await runIFrame(thirdparty + "frameStoragePrevented.html#thirdparty"); 36 await runIFrame(thirdparty + "frameStorageNullprincipal.sjs"); 37 await runIFrame(thirdparty + "frameStorageChrome.html?allowed=no"); 38 39 // Workers should be unable to access storage 40 await runWorker("workerStorageAllowed.js"); 41 }); 42 }); 43 44 </script> 45 </body> 46 </html>