require-corp-revalidated-images.https.html (2749B)
1 <!doctype html> 2 <html> 3 <title> Images on a page Cross-Origin-Embedder-Policy: require-corp should load the same from the cache or network, even with revalidation</title> 4 <script src="/resources/testharness.js"></script> 5 <script src="/resources/testharnessreport.js"></script> 6 <script src="/common/get-host-info.sub.js"></script> 7 <script src="/common/utils.js"></script> 8 <script> 9 10 function remote(path) { 11 const REMOTE_ORIGIN = get_host_info().HTTPS_REMOTE_ORIGIN; 12 return new URL(path, REMOTE_ORIGIN); 13 } 14 15 // 16 // This test loads a same-origin iframe resources/load-corp-images.html with 17 // Cross-Origin-Embedder-Policy: require-corp 18 // The iframe loads two cross origin images, one with a 19 // Cross-Origin-Resource-Policy: cross-origin header, and one without. 20 // We expect the image with the header to load successfully and the one without 21 // to fail to load. 22 // After the first load we then reload the iframe, with the same expectations 23 // for the image loads when they are loaded from the cache. Because of the 24 // revalidate directive, we will receive a 304 response instead of directly 25 // using the cache response. 26 // 27 28 const RUNS = ["NETWORK", "CACHED"]; 29 const RESOURCE_DESC = ["No CORP image", "CORP image"]; 30 31 let EXPECTED_LOADS = { 32 [`${RUNS[0]} - ${RESOURCE_DESC[0]}`]: false, 33 [`${RUNS[0]} - ${RESOURCE_DESC[1]}`]: true, 34 [`${RUNS[1]} - ${RESOURCE_DESC[0]}`]: false, 35 [`${RUNS[1]} - ${RESOURCE_DESC[1]}`]: true, 36 } 37 38 let TESTS = {}; 39 for (let t in EXPECTED_LOADS) { 40 TESTS[t] = async_test(t); 41 } 42 43 window.addEventListener("load", async () => { 44 const t = async_test("main_test"); 45 const iframe = document.createElement("iframe"); 46 // The token attribute is used to ensure the resource has never been seen by 47 // the HTTP cache. This can be useful if the cache isn't properly flushed in 48 // between two tests. 49 iframe.src = `resources/load-corp-images.html?revalidate=true&token=${token()}`; 50 let runCount = 0; 51 window.addEventListener("message", (event) => { 52 // After the first done event we reload the iframe. 53 if (event.data.done) { 54 ++runCount; 55 if (runCount < RUNS.length) { 56 iframe.contentWindow.location.reload(); 57 } else { 58 // After the second done event the test is finished. 59 t.done(); 60 } 61 return; 62 } 63 64 // Check that each image either loads or doesn't based on the expectations 65 let testName = `${RUNS[runCount]} - ${event.data.corp ? RESOURCE_DESC[1] : RESOURCE_DESC[0]}`; 66 let test = TESTS[testName]; 67 test.step(() => { 68 assert_equals(event.data.loaded, EXPECTED_LOADS[testName], `${testName} should ${EXPECTED_LOADS[testName] ? "" : "not"} succeed`); 69 }); 70 test.done(); 71 }, false); 72 document.body.appendChild(iframe); 73 }); 74 75 </script> 76 </html>