ancestor-throttle.https.html (3680B)
1 <!DOCTYPE html> 2 <html> 3 <title>Test frame-ancestor</title> 4 <meta name="timeout" content="long"> 5 <script src="/resources/testharness.js"></script> 6 <script src="/resources/testharnessreport.js"></script> 7 <script src="resources/utils.js"></script> 8 <script src="/common/utils.js"></script> 9 <script src="/common/get-host-info.sub.js"></script> 10 <body> 11 12 <script> 13 async function runTest(embed_url, 14 cross_origin_to_top_level_fenced_frame, cross_origin_to_top_level_iframe, 15 expected_result) { 16 const ancestor_key = token(); 17 18 // Generate the url for the top level fenced frame, including the information 19 // needed to pass on to its nested iframe 20 const origin = get_host_info().HTTPS_REMOTE_ORIGIN; 21 let fenced_frame_url = generateURL( 22 "resources/ancestor-throttle-inner.https.html", 23 [ancestor_key, embed_url, cross_origin_to_top_level_iframe], true); 24 if (cross_origin_to_top_level_fenced_frame) 25 fenced_frame_url = getRemoteOriginURL(fenced_frame_url, true); 26 27 const fenced_frame_config = await generateURNFromFledgeRawURL( 28 fenced_frame_url, [], true); 29 30 attachFencedFrame(fenced_frame_config); 31 32 // There is no API to observe whether the document in the FencedFrame loaded 33 // or not. Instead, set up a timeout. If the document loads, "loaded" will be 34 // sent to the server. Otherwise "blocked" will be sent after 3 seconds. 35 step_timeout(() => { 36 writeValueToServer(ancestor_key, "blocked"); 37 }, 3000); 38 39 // Get the result for the fenced frame's nested iframe. 40 const fenced_frame_result = await nextValueFromServer(ancestor_key); 41 assert_equals(fenced_frame_result, expected_result, 42 "The inner iframe was " + expected_result + "."); 43 } 44 45 promise_test(async () => { 46 return runTest("fenced-frame/resources/" + 47 "ancestor-throttle-nested.https.html?" + 48 "nested_url=ancestor-throttle-iframe-csp.https.html", 49 true, false, "blocked"); 50 }, "root(origin1)->fenced(origin2)->iframe(origin1) should honor " + 51 "CSP frame-ancestors headers up until the fenced frame root"); 52 53 promise_test(async () => { 54 return runTest("fenced-frame/resources/" + 55 "ancestor-throttle-nested.https.html?" + 56 "nested_url=ancestor-throttle-iframe-csp.https.html", 57 true, false, "blocked"); 58 }, "root(origin1)->fenced(origin2)->iframe(origin1) should honor " + 59 "XFO SAMEORIGIN headers up until the fenced frame root"); 60 61 promise_test(async () => { 62 return runTest("fenced-frame/resources/" + 63 "ancestor-throttle-iframe-csp.https.html", true, true, "loaded"); 64 }, "root(origin1)->fenced(origin2)->iframe(origin2) should honor " + 65 "CSP frame-ancestors headers up until the fenced frame root"); 66 67 promise_test(async () => { 68 return runTest("fenced-frame/resources/" + 69 "ancestor-throttle-iframe-xfo.https.html", true, true, "loaded"); 70 }, "root(origin1)->fenced(origin2)->iframe(origin2) should honor " + 71 "XFO SAMEORIGIN headers up until the fenced frame root"); 72 73 promise_test(async () => { 74 return runTest("fenced-frame/resources/" + 75 "ancestor-throttle-nested.https.html?" + 76 "nested_url=ancestor-throttle-iframe-csp.https.html", 77 false, true, "blocked"); 78 }, "root(origin1)->fenced(origin1)->iframe(origin2)->iframe(origin2) should " + 79 "honor CSP frame-ancestors headers up until the fenced frame root"); 80 81 promise_test(async () => { 82 return runTest("fenced-frame/resources/" + 83 "ancestor-throttle-nested.https.html?" + 84 "nested_url=ancestor-throttle-iframe-csp.https.html", 85 false, true, "blocked"); 86 }, "root(origin1)->fenced(origin1)->iframe(origin2)->iframe(origin2) should " + 87 "honor XFO SAMEORIGIN headers up until the fenced frame root"); 88 </script> 89 </body> 90 </html>