iframe.window.js (1638B)
1 // META: timeout=long 2 // META: script=/common/get-host-info.sub.js 3 // META: script=/common/utils.js 4 // META: script=/common/dispatcher/dispatcher.js 5 // META: script=./resources/common.js 6 const same_origin = get_host_info().HTTPS_ORIGIN; 7 const cross_origin = get_host_info().HTTPS_REMOTE_ORIGIN; 8 const cookie_key = "coep_redirect"; 9 const cookie_same_origin = "same_origin"; 10 const cookie_cross_origin = "cross_origin"; 11 12 // Operate on a window with COEP:credentialless. 13 const w_token = token(); 14 const w_url = same_origin + executor_path + coep_credentialless + 15 `&uuid=${w_token}` 16 const w = window.open(w_url); 17 add_completion_callback(() => w.close()); 18 19 // Check whether COEP:credentialless applies to navigation request. It 20 // shouldn't. 21 const iframeTest = function(name, origin, expected_cookies) { 22 promise_test_parallel(async test => { 23 const token_request = token(); 24 const url = showRequestHeaders(origin, token_request); 25 26 send(w_token, ` 27 const iframe = document.createElement("iframe"); 28 iframe.src = "${url}"; 29 document.body.appendChild(iframe); 30 `); 31 32 const headers = JSON.parse(await receive(token_request)); 33 assert_equals(parseCookies(headers)[cookie_key], expected_cookies); 34 }, name) 35 }; 36 37 promise_test_parallel(async test => { 38 await Promise.all([ 39 setCookie(same_origin, cookie_key, cookie_same_origin + 40 cookie_same_site_none), 41 setCookie(cross_origin, cookie_key, cookie_cross_origin + 42 cookie_same_site_none), 43 ]); 44 45 iframeTest("same-origin", same_origin, cookie_same_origin); 46 iframeTest("cross-origin", cross_origin, cookie_cross_origin); 47 }, "Setup");