coep-blob-popup.https.html (1945B)
1 <!doctype html> 2 <title>Cross-Origin-Opener-Policy and Cross-Origin-Embedder-Policy: blob URL popup</title> 3 <script src=/resources/testharness.js></script> 4 <script src=/resources/testharnessreport.js></script> 5 <script src=/common/get-host-info.sub.js></script> 6 <script src=../cross-origin-embedder-policy/resources/script-factory.js></script> 7 <script> 8 ["window.open()", "<a>", "<a rel=noopener>"].forEach(type => { 9 promise_test(t => { 10 const origins = get_host_info(); 11 const id = `tut mir leid ${type}`; 12 const blob = new Blob([`<script>${createScript(origins.ORIGIN, origins.HTTPS_REMOTE_ORIGIN, "channel", id)}<\/script>`], {type: "text/html"}); 13 const blobURL = URL.createObjectURL(blob); 14 const bc = new BroadcastChannel(id); 15 16 if (type === "window.open()") { 17 const popup = window.open(blobURL); 18 t.add_cleanup(() => popup.close()); 19 popup.onload = t.step_func(() => { 20 assert_equals(popup.opener, window); 21 assert_equals(popup.location.href, blobURL); 22 assert_equals(popup.document.URL, blobURL); 23 assert_equals(popup.origin, window.origin); 24 }); 25 } else { 26 const a = document.createElement("a"); 27 a.target = type; 28 if (type === "<a rel=noopener>") { 29 a.rel = "noopener"; 30 } 31 a.href = blobURL; 32 a.click(); 33 } 34 35 return new Promise(resolve => { 36 bc.onmessage = t.step_func(({ data }) => { 37 assert_equals(data.id, id); 38 assert_equals(data.origin, window.origin); 39 assert_true(data.sameOriginNoCORPSuccess, "Same-origin without CORP did not succeed"); 40 assert_true(data.crossOriginNoCORPFailure, "Cross-origin without CORP did not fail"); 41 if (type === "<a rel=noopener>") { 42 assert_false(data.opener, 'opener'); 43 } else { 44 assert_true(data.opener, 'opener'); 45 } 46 resolve(); 47 }); 48 }); 49 }, `COOP+COEP blob URL popup: ${type}`); 50 }); 51 </script>