serviceworker-accessors.https.sub.html (1653B)
1 <!DOCTYPE html> 2 <!-- 3 This test verifies that Fetch Metadata headers are not exposed to Service 4 Workers via the request's `headers` accessor. 5 --> 6 <meta charset="utf-8"/> 7 <script src=/resources/testharness.js></script> 8 <script src=/resources/testharnessreport.js></script> 9 <script src=/fetch/metadata/resources/helper.js></script> 10 <script src=/service-workers/service-worker/resources/test-helpers.sub.js></script> 11 <script src=/common/utils.js></script> 12 <script> 13 const SCOPE = 'resources/serviceworker-accessors-frame.html'; 14 const SCRIPT = 'resources/serviceworker-accessors.sw.js'; 15 16 function assert_headers_not_seen_in_service_worker(frame) { 17 return new Promise((resolve, reject) => { 18 frame.contentWindow.fetch(SCOPE, {mode:'no-cors'}); 19 frame.contentWindow.navigator.serviceWorker.addEventListener('message', e => { 20 assert_header_equals(e.data, { 21 "dest": null, 22 "mode": null, 23 "site": null, 24 "user": null 25 }); 26 resolve(); 27 }); 28 }); 29 } 30 31 promise_test(async function(t) { 32 const reg = await service_worker_unregister_and_register(t, SCRIPT, SCOPE); 33 34 t.add_cleanup(async () => { 35 if (reg) 36 await reg.unregister(); 37 }); 38 39 await wait_for_state(t, reg.installing, 'activated'); 40 41 const frame = await with_iframe(SCOPE); 42 t.add_cleanup(async () => { 43 if (frame) 44 frame.remove(); 45 }); 46 47 // Trigger a fetch that will go through the service worker, and validate 48 // the visible headers. 49 await assert_headers_not_seen_in_service_worker(frame); 50 }, 'Sec-Fetch headers in Service Worker fetch handler.'); 51 </script>