sandbox-allow-same-site-none-cookies-value.tentative.https.html (1655B)
1 <!doctype html> 2 3 <head> 4 <script src="/resources/testharness.js"></script> 5 <script src="/resources/testharnessreport.js"></script> 6 <script src="/cookies/resources/cookie-helper.sub.js"></script> 7 <script src="/common/get-host-info.sub.js"></script> 8 9 </head> 10 11 <body onload="doTests()"> 12 <script> 13 function doTests() { 14 promise_test(async function (t) { 15 const value = String(Math.random()); 16 await resetSameSiteCookies(SECURE_ORIGIN, value); 17 18 const child = document.createElement("iframe"); 19 child.src = SECURE_ORIGIN + "/cookies/samesite/resources/iframe-subresource-report.html"; 20 child.sandbox = "allow-scripts allow-same-site-none-cookies"; 21 document.body.appendChild(child); 22 const e = await wait_for_message("COOKIES"); 23 24 assert_cookie(SECURE_ORIGIN, e.data, "samesite_lax", value, false); 25 assert_cookie(SECURE_ORIGIN, e.data, "samesite_strict", value, false); 26 assert_cookie(SECURE_ORIGIN, e.data, "samesite_none", value, true); 27 }, "SameSite=None cookies should be allowed in the iframe by the `allow-same-site-none-cookies` value"); 28 29 promise_test(async function (t) { 30 await resetSameSiteCookies(SECURE_ORIGIN, Math.random()); 31 32 const iframeB = document.createElement("iframe"); 33 iframeB.src = SECURE_CROSS_SITE_ORIGIN + "/cookies/samesite/resources/cross-site-frame-with-sandboxed-embed.html"; 34 document.body.appendChild(iframeB); 35 36 await fetch_tests_from_window(iframeB.contentWindow); 37 38 }, "SameSite=None cookies are not present in a frame with a cross-site ancestor (A->B->A)"); 39 } 40 </script> 41 </body>