disallowed-navigation-to-http.https.html (1687B)
1 <!DOCTYPE html> 2 <title>Fenced frame disallowed navigations</title> 3 <meta name="timeout" content="long"> 4 <script src="/resources/testharness.js"></script> 5 <script src="/resources/testharnessreport.js"></script> 6 <script src="/common/dispatcher/dispatcher.js"></script> 7 <script src="/common/get-host-info.sub.js"></script> 8 <script src="/common/utils.js"></script> 9 <script src="resources/utils.js"></script> 10 11 <body> 12 <script> 13 function getTimeoutPromise(t) { 14 return new Promise(resolve => 15 t.step_timeout(() => resolve("NOT LOADED"), 2000)); 16 } 17 18 // The following test ensures that an embedder cannot navigate a 19 // `mode=opaque-ads` fenced frame to an opaque URN that represents a: 20 // - http: URL 21 // We split this into a separate test file because `sharedStorage.selectURL()`, 22 // which is used to generate the URN in the test, has a limit of 3 calls per 23 // origin per pageload. We are unabled to generate this URN from FLEDGE. 24 for (const resolve_to_config of [true, false]) { 25 promise_test(async t => { 26 const key = token(); 27 const http_url = new URL("resources/embeddee.html", 28 get_host_info().HTTP_ORIGIN + location.pathname); 29 const select_url_result = await runSelectURL(http_url, [key], 30 resolve_to_config); 31 const fencedframe = attachFencedFrame(select_url_result, 32 /*mode=*/'opaque-ads'); 33 const loaded_promise = nextValueFromServer(key); 34 const result = await Promise.any([loaded_promise, getTimeoutPromise(t)]); 35 assert_equals(result, "NOT LOADED"); 36 }, "fenced frame " + (resolve_to_config ? "config" : "urn:uuid") + 37 " => http: URL"); 38 } 39 </script> 40 </body>