idbfactory-databases-opaque-origin.html (3357B)
1 <!DOCTYPE html> 2 <meta charset=utf-8> 3 <title>IDBFactory.databases() and opaque origins</title> 4 <script src="/resources/testharness.js"></script> 5 <script src="/resources/testharnessreport.js"></script> 6 <script> 7 8 function load_iframe(src, sandbox) { 9 return new Promise(resolve => { 10 const iframe = document.createElement('iframe'); 11 iframe.onload = () => { resolve(iframe); }; 12 if (sandbox) 13 iframe.sandbox = sandbox; 14 iframe.srcdoc = src; 15 iframe.style.display = 'none'; 16 document.documentElement.appendChild(iframe); 17 }); 18 } 19 20 function wait_for_message(recipient, source) { 21 return new Promise(resolve => { 22 recipient.onmessage = function listener(e) { 23 if (e.source === source) { 24 resolve(e.data); 25 recipient.removeEventListener('message', listener); 26 } 27 }; 28 }) 29 } 30 31 const test_code = 32 ' const handler = (reply) => {' + 33 ' try { ' + 34 ' if (!indexedDB || !indexedDB.databases) {' + 35 ' reply({result: "indexedDB.databases undefined"});' + 36 ' }' + 37 ' indexedDB.databases().then(' + 38 ' () => reply({result: "no exception"}),' + 39 ' ex => reply({result: ex.name}));' + 40 ' } catch(e) { ' + 41 ' reply({result: e.name + " thrown, not rejected"});' + 42 ' }' + 43 ' };'; 44 45 const iframe_script = 46 '<script>' + 47 test_code + 48 ' window.onmessage = () => {' + 49 ' handler(msg => window.parent.postMessage(msg, "*"));' + 50 ' };' + 51 '<\/script>'; 52 53 promise_test(async t => { 54 const iframe = await load_iframe(iframe_script); 55 iframe.contentWindow.postMessage({}, '*'); 56 const message = await wait_for_message(self, iframe.contentWindow); 57 assert_equals(message.result, 'no exception', 58 'IDBFactory.databases() should not reject'); 59 }, 'IDBFactory.databases() in non-sandboxed iframe should not reject'); 60 61 promise_test(async t => { 62 const iframe = await load_iframe(iframe_script, 'allow-scripts'); 63 iframe.contentWindow.postMessage({}, '*'); 64 const message = await wait_for_message(self, iframe.contentWindow); 65 assert_equals(message.result, 'SecurityError', 66 'Promise should be rejected with SecurityError'); 67 }, 'IDBFactory.databases() in sandboxed iframe should reject'); 68 69 const worker_script = ` 70 ${test_code} 71 // For dedicated workers: 72 self.addEventListener("message", () => handler(self.postMessage)); 73 // For shared workers: 74 self.addEventListener("connect", (e) => { 75 var port = e.ports[0]; 76 handler(msg => port.postMessage(msg)); 77 }); 78 `; 79 const worker_data_url = "data:,".concat(encodeURIComponent(worker_script)); 80 81 promise_test(async t => { 82 let worker = new Worker(worker_data_url); 83 t.add_cleanup(() => worker.terminate()); 84 worker.postMessage({}); 85 const message = await wait_for_message(worker, null); 86 assert_equals(message.result, 'SecurityError', 87 'Promise should be rejected with SecurityError'); 88 }, 'IDBFactory.databases() in data URL dedicated worker should throw SecurityError'); 89 90 promise_test(async t => { 91 let worker = new SharedWorker(worker_data_url, 'idb_databases_opaque'); 92 worker.port.postMessage({}); 93 const message = await wait_for_message(worker.port, null); 94 assert_equals(message.result, 'SecurityError', 95 'Promise should be rejected with SecurityError'); 96 }, 'IDBFactory.databases() in data URL shared worker should throw SecurityError'); 97 </script>