permissions-policy-private-state-token-redemption.html (1562B)
1 <!DOCTYPE html> 2 <script> 3 'use strict'; 4 5 window.onload = function() { 6 // When the private-state-token-redemption permissions policy is enabled, redemption 7 // and signing ("send-redemption-record") should both be available; when it's disabled, 8 // they should both be unavailable. Send the number of available operations 9 // upstream in order to enforce this in assertions. 10 let num_enabled = 4; 11 try { 12 new Request("https://issuer.example/", { 13 privateToken: { 14 version: 1, 15 operation: "token-redemption" 16 } 17 }); 18 } catch (e) { 19 num_enabled--; 20 } 21 try { 22 new Request("https://destination.example/", { 23 privateToken: { 24 version: 1, 25 operation: "send-redemption-record", 26 issuers: ["https://issuer.example/"] 27 } 28 }); 29 } catch (e) { 30 num_enabled--; 31 } 32 33 try { 34 const xhr = new XMLHttpRequest(); 35 xhr.open("GET", "https://issuer.example/"); 36 xhr.setPrivateToken({ 37 version: 1, 38 operation: "token-redemption" 39 }); 40 } catch (e) { 41 num_enabled--; 42 } 43 44 try { 45 const xhr = new XMLHttpRequest(); 46 xhr.open("GET", "https://destination.example/"); 47 xhr.setPrivateToken({ 48 version: 1, 49 operation: "send-redemption-record", 50 issuers: ["https://issuer.example/"] 51 }); 52 } catch (e) { 53 num_enabled--; 54 } 55 56 parent.postMessage({ 57 type: 'availability-result', 58 num_operations_enabled: num_enabled, 59 }, '*'); 60 } 61 </script>