third-party-cookies-cross-site-embed.html (1524B)
1 <!DOCTYPE html> 2 <meta charset="utf-8"/> 3 <meta name="timeout" content="long"> 4 <title>Test site embedded in a cross-site context</title> 5 <script src="/resources/testharness.js"></script> 6 <script src="/resources/testharnessreport.js"></script> 7 <script src="/common/get-host-info.sub.js"></script> 8 <script src="/cookies/resources/cookie-helper.sub.js"></script> 9 <script src="/cookies/third-party-cookies/resources/test-helpers.js"></script> 10 <body> 11 <script> 12 13 // Cookies set by the parent window in a 1P context. 14 const cookieNames = ["1P_http", "1P_dom"]; 15 if (window.cookieStore) { 16 cookieNames.push("1P_cs"); 17 } 18 19 testDomCookies({ 20 desc: "3P embed", 21 cookieNames, 22 expectsCookie: false, 23 }); 24 25 testCookieStoreCookies({ 26 desc: "3P embed", 27 cookieNames, 28 expectsCookie: false, 29 }); 30 31 test(() => { 32 const thirdPartyDomCookieName = "3P_dom"; 33 document.cookie = 34 `${thirdPartyDomCookieName}=foobar;Secure;Path=/;SameSite=None`; 35 36 assertDomCanAccessCookie([thirdPartyDomCookieName], false); 37 }, "Cross site embed setting DOM cookies"); 38 39 if (window.cookieStore) { 40 promise_test(async () => { 41 const thirdPartyCsCookieName = "3P_cs"; 42 await cookieStore.set({ 43 name: thirdPartyCsCookieName, 44 value: "foobar", 45 path: "/", 46 sameSite: "none", 47 }).then( 48 // The promise should reject. 49 () => { assert_unreached(); }, 50 () => {}); 51 52 await assertCookieStoreCanAccessCookies([thirdPartyCsCookieName], false); 53 }, "Cross site embed setting CookieStore cookies"); 54 } 55 56 </script> 57 </body>