tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

create-enabled-on-self-origin-by-permissions-policy.https.sub.html (2519B)

      1 <!DOCTYPE html>
      2 <meta charset="utf-8" />
      3 <script src="/resources/testharness.js"></script>
      4 <script src="/resources/testharnessreport.js"></script>
      5 <script src="/resources/testdriver.js"></script>
      6 <script src="/resources/testdriver-vendor.js"></script>
      7 <script src="/permissions-policy/resources/permissions-policy.js"></script>
      8 <script src="/common/get-host-info.sub.js"></script>
      9 <body></body>
     10 <script type="module">
     11    import { makeCreateOptions } from "./support/helper.js";
     12    const { HTTPS_REMOTE_ORIGIN } = get_host_info();
     13    const create_same_origin_src =
     14        "/digital-credentials/permissions-policy/create.html";
     15    const create_cross_origin_src = new URL(create_same_origin_src, HTTPS_REMOTE_ORIGIN).href;
     16 
     17    promise_test(async (test) => {
     18        await test_driver.bless("user activation");
     19        await promise_rejects_js(
     20            test,
     21            TypeError,
     22            navigator.credentials.create(makeCreateOptions({protocol: []}))
     23        );
     24    }, "Permissions-Policy header digital-credentials-create=(self) allows the top-level document.");
     25 
     26    promise_test(async (test) => {
     27        await test_feature_availability({
     28            feature_description: "Digital Credential API",
     29            test,
     30            src: create_same_origin_src,
     31            expect_feature_available: expect_feature_available_default,
     32            is_promise_test: true,
     33            needs_focus: true,
     34        });
     35    }, "Permissions-Policy header digital-credentials-create=(self) allows same-origin iframes.");
     36 
     37    promise_test(async (test) => {
     38        await test_feature_availability({
     39            feature_description: "Digital Credential API",
     40            test,
     41            src: create_cross_origin_src,
     42            expect_feature_available: expect_feature_unavailable_default,
     43            is_promise_test: true,
     44            needs_focus: true,
     45        });
     46    }, "Permissions-Policy header digital-credentials-create=(self) disallows cross-origin iframes.");
     47 
     48    promise_test(async (test) => {
     49        await test_feature_availability({
     50            feature_description: "Digital Credential API",
     51            test,
     52            src: create_cross_origin_src,
     53            expect_feature_available: expect_feature_unavailable_default,
     54            feature_name: "digital-credentials-create",
     55            is_promise_test: true,
     56            needs_focus: true,
     57        });
     58    }, "Permissions-Policy header explicitly set to digital-credentials-create=(self) cannot be overridden by allow attribute.");
     59 </script>