schemeful-navigation.tentative.html (1802B)
1 <!DOCTYPE html> 2 <meta charset="utf-8"> 3 <meta name="timeout" content="long"> 4 <script src="/resources/testharness.js"></script> 5 <script src="/resources/testharnessreport.js"></script> 6 <script src="/cookies/resources/cookie-helper.sub.js"></script> 7 <script> 8 function schemeful_navigation_test(target, expectedSameSiteStatus, title) { 9 promise_test(async function(t) { 10 let value = "" + Math.random(); 11 document.cookie = `samesite_strict=${value}; sameSite=strict; path=/`; 12 document.cookie = `samesite_lax=${value}; sameSite=lax; path=/`; 13 14 let url = target + "/cookies/schemeful-same-site/resources/navigateToInsecurePostToParent.html"; 15 16 await new Promise((resolve, reject) => { 17 window.onmessage = t.step_func(e => { 18 if (e.source == window.open("", "testwindow" + value)) { 19 e.source.close(); 20 const cookies = e.data; 21 22 assert_equals(cookies["samesite_lax"], value, "SameSite=lax cookies can be sent in both cases"); 23 if (expectedSameSiteStatus === SameSiteStatus.STRICT) { 24 assert_equals(cookies["samesite_strict"], value, "SameSite=strict cookies can be sent to same-scheme navigations"); 25 } else if (expectedSameSiteStatus === SameSiteStatus.LAX) { 26 assert_not_equals(cookies["samesite_strict"], value, "SameSite=strict cookies cannot be sent to cross-scheme navigations"); 27 } 28 29 resolve(); 30 } 31 else {reject();} 32 }); 33 34 var w = window.open(url, "testwindow" + value); 35 }); 36 37 },title);} 38 39 schemeful_navigation_test(INSECURE_ORIGIN, SameSiteStatus.STRICT, "Navigate same-scheme"); 40 schemeful_navigation_test(SECURE_ORIGIN, SameSiteStatus.LAX, "Navigate cross-scheme"); 41 </script>