coop-popup-opener-navigates.https.html (3437B)
1 <!doctype html> 2 <title> 3 Cross-Origin-Opener-Policy: opener is lost because the opener navigates. 4 </title> 5 <!-- 6 COOP tests usually assume that the opener is lost because it navigated to a 7 page that triggered a browsing context group swap. It can also happen when 8 the opener navigates instead. This test verifies the behavior. 9 --> 10 <script src=/resources/testharness.js></script> 11 <script src=/resources/testharnessreport.js></script> 12 <script src="/common/dispatcher/dispatcher.js"></script> 13 <script src="/common/get-host-info.sub.js"></script> 14 <script src="/common/utils.js"></script> 15 <script src="resources/common.js"></script> 16 <script> 17 18 const executor_path = "/common/dispatcher/executor.html?pipe="; 19 const coop_same_origin_header = 20 '|header(Cross-Origin-Opener-Policy,same-origin)'; 21 const coop_unsafe_none_header = 22 '|header(Cross-Origin-Opener-Policy,unsafe-none)'; 23 24 function getExecutorPath(uuid, origin, coop_header) { 25 return origin.origin + executor_path + coop_header + `&uuid=${uuid}`; 26 } 27 28 // Note: Because we can not navigate the main page to verify the behavior, 29 // we instead create another layer of popup, and navigate the intermediate 30 // one. We can verify the opener behavior from this page, and the openee 31 // behavior from the second popup. 32 promise_test(async t => { 33 // Set up dispatcher communications. 34 const first_popup_token = token(); 35 const post_navigate_first_popup_token = token(); 36 const second_popup_token = token(); 37 const reply_token = token(); 38 39 const first_popup_url = getExecutorPath( 40 first_popup_token, 41 SAME_ORIGIN, 42 coop_same_origin_header); 43 44 const post_navigate_first_popup_url = getExecutorPath( 45 post_navigate_first_popup_token, 46 SAME_ORIGIN, 47 coop_unsafe_none_header); 48 49 const second_popup_url = getExecutorPath( 50 second_popup_token, 51 SAME_ORIGIN, 52 coop_same_origin_header); 53 54 // We open the first popup and then ping it, it will respond after loading. 55 const first_popup = window.open(first_popup_url); 56 send(first_popup_token, `send('${reply_token}', 'Popup loaded');`); 57 assert_equals(await receive(reply_token), "Popup loaded"); 58 59 // We open the second popup and the ping it, it will respond after loading. 60 send(first_popup_token, 61 `opener.second_popup_url = window.open('${second_popup_url}');`); 62 send(second_popup_token, `send('${reply_token}', 'Popup loaded');`); 63 assert_equals(await receive(reply_token), "Popup loaded"); 64 65 // Both popups are now loaded. We navigate the middle one to a page that 66 // does not have COOP, this should trigger a browsing context group swap. 67 send(first_popup_token, `location.href = '${post_navigate_first_popup_url}'`); 68 send(post_navigate_first_popup_token, 69 `send('${reply_token}', 'Popup navigated');`); 70 assert_equals(await receive(reply_token), "Popup navigated"); 71 72 // Give some time for things to settle across processes etc. before 73 // proceeding with verifications. 74 await new Promise((resolve, reject) => { t.step_timeout(resolve, 1500); }); 75 76 // The reference held by the main page to the first popup should be closed. 77 assert_equals(first_popup.closed, true); 78 79 // The second popup, opened by the first one should have its opener unset. 80 send(second_popup_token, `send('${reply_token}', opener);`); 81 assert_equals(await receive(reply_token), ""); 82 83 }, "Verify that having the opener navigate instead of the openee also triggers COOP swaps."); 84 </script>