embedded-credentials.tentative.sub.html (3598B)
1 <!DOCTYPE html> 2 <script src="/resources/testharness.js"></script> 3 <script src="/resources/testharnessreport.js"></script> 4 <body> 5 <script> 6 async_test(t => { 7 var i = document.createElement('img'); 8 i.onerror = t.step_func_done(); 9 i.onload = t.unreached_func("'onload' should not fire."); 10 i.src = "http://user:pass@{{domains[www]}}:{{ports[http][0]}}/images/red.png"; 11 }, "Embedded credentials are treated as network errors."); 12 13 async_test(t => { 14 var i = document.createElement('iframe'); 15 i.src = "./support/embedded-credential-window.sub.html"; 16 i.onload = t.step_func(_ => { 17 var c = new MessageChannel(); 18 c.port1.onmessage = t.step_func_done(e => { 19 assert_equals(e.data, "Error", "The image should not load."); 20 i.remove(); 21 }); 22 i.contentWindow.postMessage("Hi!", "*", [c.port2]); 23 }); 24 document.body.appendChild(i); 25 }, "Embedded credentials are treated as network errors in frames."); 26 27 async_test(t => { 28 var w = window.open("./support/embedded-credential-window.sub.html"); 29 window.addEventListener("message", t.step_func(message => { 30 if (message.source != w) 31 return; 32 33 var c = new MessageChannel(); 34 c.port1.onmessage = t.step_func_done(e => { 35 w.close(); 36 assert_equals(e.data, "Error", "The image should not load."); 37 }); 38 w.postMessage("absolute", "*", [c.port2]); 39 })); 40 }, "Embedded credentials are treated as network errors in new windows."); 41 42 async_test(t => { 43 var w = window.open(); 44 w.location.href = "http://user:pass@{{domains[www]}}:{{ports[http][0]}}/fetch/security/support/embedded-credential-window.sub.html"; 45 window.addEventListener("message", t.step_func(message => { 46 if (message.source != w) 47 return; 48 49 var c = new MessageChannel(); 50 c.port1.onmessage = t.step_func_done(e => { 51 w.close(); 52 assert_equals(e.data, "Load", "The image should load."); 53 }); 54 w.postMessage("relative", "*", [c.port2]); 55 })); 56 }, "Embedded credentials matching the top-level are not treated as network errors for relative URLs."); 57 58 async_test(t => { 59 var w = window.open(); 60 w.location.href = "http://user:pass@{{domains[www]}}:{{ports[http][0]}}/fetch/security/support/embedded-credential-window.sub.html"; 61 window.addEventListener("message", t.step_func(message => { 62 if (message.source != w) 63 return; 64 65 var c = new MessageChannel(); 66 c.port1.onmessage = t.step_func_done(e => { 67 w.close(); 68 assert_equals(e.data, "Load", "The image should load."); 69 }); 70 w.postMessage("same-origin-matching", "*", [c.port2]); 71 })); 72 }, "Embedded credentials matching the top-level are not treated as network errors for same-origin URLs."); 73 74 async_test(t => { 75 var w = window.open(); 76 w.location.href = "http://user:pass@{{domains[www]}}:{{ports[http][0]}}/fetch/security/support/embedded-credential-window.sub.html"; 77 window.addEventListener("message", t.step_func(message => { 78 if (message.source != w) 79 return; 80 81 var c = new MessageChannel(); 82 c.port1.onmessage = t.step_func_done(e => { 83 w.close(); 84 assert_equals(e.data, "Error", "The image should load."); 85 }); 86 w.postMessage("cross-origin-matching", "*", [c.port2]); 87 })); 88 }, "Embedded credentials matching the top-level are treated as network errors for cross-origin URLs."); 89 </script>