partitioned-cookies.tentative.https.html (2611B)
1 <!DOCTYPE html> 2 <meta charset="utf-8"/> 3 <meta name="timeout" content="long"> 4 <meta name="help" href="https://github.com/WICG/CHIPS#chips-cookies-having-independent-partitioned-state"> 5 <title>Test partitioned cookies</title> 6 <script src="/resources/testharness.js"></script> 7 <script src="/resources/testharnessreport.js"></script> 8 <script src="/common/get-host-info.sub.js"></script> 9 <script src="/cookies/resources/cookie-helper.sub.js"></script> 10 <script src="/cookies/partitioned-cookies/resources/test-helpers.js"></script> 11 12 <body> 13 <script> 14 15 document.body.onload = async () => { 16 // First, the test sets a SameSite=None;Partitioned; cookie. 17 const attributes = "Secure;Path=/;SameSite=None;Partitioned"; 18 const httpCookieName = "__Host-pchttp"; 19 await credFetch( 20 `${self.origin}/cookies/resources/set.py?${httpCookieName}=foobar;${ 21 attributes}`); 22 23 // Set another partitioned cookie using document.cookie. 24 const domCookieName = "__Host-pcdom"; 25 document.cookie = `${domCookieName}=foobar;${attributes}`; 26 27 // Set another partitioned cookie using the CookieStore API, if supported. 28 if (window.cookieStore) { 29 const cookieStoreCookieName = "__Host-pccookiestore"; 30 await cookieStore.set({ 31 name: cookieStoreCookieName, 32 value: "foobar", 33 path: "/", 34 sameSite: "none", 35 partitioned: true, 36 }); 37 } 38 39 const cookieNames = getCookieNames(); 40 41 // Verify that the cookies are sent in requests from this top-level site. 42 testHttpPartitionedCookies({ 43 origin: self.origin, 44 cookieNames, 45 expectsCookie: true, 46 }); 47 48 // Verify that the cookies are exposed to the DOM on this top-level site. 49 testDomPartitionedCookies({ 50 cookieNames, 51 expectsCookie: true, 52 }); 53 testCookieStorePartitionedCookies({ 54 cookieNames, 55 expectsCookie: true, 56 }); 57 58 // Open a cross-site window which will make a request to this window's origin. 59 // If partitioned cookies are disabled, then the cookies set above will still 60 // be accessible. 61 // If partitioned cookies are enabled, then the cookies should not be 62 // accessible to their origin in a window with a different top-level site. 63 const crossSiteUrl = new URL( 64 `./resources/partitioned-cookies-cross-site-window.html?origin=${ 65 encodeURIComponent(self.origin)}`, 66 get_host_info().HTTPS_NOTSAMESITE_ORIGIN + self.location.pathname); 67 const popup = window.open(crossSiteUrl); 68 await fetch_tests_from_window(popup); 69 70 for (const cookieName of cookieNames) { 71 erase_cookie_from_js(cookieName, "Secure; Path=/; SameSite=None; Partitioned"); 72 } 73 }; 74 75 </script> 76 </body>