tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

feature-policy-nested-header-policy-allowed-for-all.https.sub.html (3304B)

      1 <!DOCTYPE html>
      2 <html>
      3 <head>
      4  <meta name="timeout" content="long">
      5 </head>
      6 <body>
      7  <script src=/resources/testharness.js></script>
      8  <script src=/resources/testharnessreport.js></script>
      9  <script src=/feature-policy/resources/featurepolicy.js></script>
     10  <script>
     11  /*
     12  fullscreen is allowed for all at the top-level document. It can be disabled by
     13  subframes.
     14  */
     15  'use strict';
     16  const same_origin = 'https://{{domains[]}}:{{ports[https][0]}}';
     17  const cross_origin = 'https://{{domains[www]}}:{{ports[https][0]}}';
     18  const same_origin_src = '/feature-policy/resources/feature-policy-nested-subframe-policy.https.sub.html';
     19  const cross_origin_src = cross_origin + same_origin_src;
     20 
     21  /* ------------------------------------------
     22     |  top-level document                    |
     23     |  ------------------------------------  |
     24     |  |  same-origin iframe              |  |
     25     |  |  ------------------------------  |  |
     26     |  |  |  local and remote iframes  |  |  |
     27     |  |  ------------------------------  |  |
     28     |  ------------------------------------  |
     29     ------------------------------------------ */
     30  test_subframe_header_policy('fullscreen', '*', same_origin_src,
     31      {local_all: true, local_self: true, local_none: false,
     32      remote_all: false, remote_self: false, remote_none: false},
     33      'Test nested header policy with local iframe on policy "fullscreen *"');
     34  test_subframe_header_policy('fullscreen', '\'self\'', same_origin_src,
     35      {local_all: true, local_self: true, local_none: false,
     36      remote_all: false, remote_self: false, remote_none: false},
     37      'Test nested header policy with local iframe on policy "fullscreen \'self\'"');
     38  test_subframe_header_policy('fullscreen', '\'none\'', same_origin_src,
     39      {local_all: false, local_self: false, local_none: false,
     40      remote_all: false, remote_self: false, remote_none: false},
     41      'Test nested header policy with local iframe on policy "fullscreen \'none\'"');
     42 
     43  /* -------------------------------------------
     44     |  top-level document                     |
     45     |  -------------------------------------  |
     46     |  |  cross-origin iframe              |  |
     47     |  |  -------------------------------  |  |
     48     |  |  |  local and remote iframes   |  |  |
     49     |  |  -------------------------------  |  |
     50     |  -------------------------------------  |
     51     ------------------------------------------- */
     52  test_subframe_header_policy('fullscreen', '*', cross_origin_src,
     53      {local_all: false, local_self: false, local_none: false,
     54      remote_all: false, remote_self: false, remote_none: false},
     55      'Test nested header policy with remote iframe on policy "fullscreen *"');
     56  test_subframe_header_policy('fullscreen', '\'self\'', cross_origin_src,
     57      {local_all: false, local_self: false, local_none: false,
     58      remote_all: false, remote_self: false, remote_none: false},
     59      'Test nested header policy with remote iframe on policy "fullscreen \'self\'"');
     60  test_subframe_header_policy('fullscreen', '\'none\'', cross_origin_src,
     61      {local_all: false, local_self: false, local_none: false,
     62      remote_all: false, remote_self: false, remote_none: false},
     63      'Test nested header policy with remote iframe on policy "fullscreen \'none\'"');
     64  </script>
     65 </body>
     66 </html>