permissions-policy-opaque-origin.https.html (851B)
1 <!DOCTYPE html> 2 <body> 3 <script src=/resources/testharness.js></script> 4 <script src=/resources/testharnessreport.js></script> 5 <script> 6 async_test(t => { 7 // opaque-origin1.html navigates itself to opaque-origin2.html onload. 8 // The 'src' shorthand in allow="fullscreen 'src'" should only match 9 // the initial src of opaque-origin1.html. opaque-origin2.html 10 // should not get access to fullscreen. 11 const iframe = document.createElement('iframe'); 12 iframe.sandbox = 'allow-scripts'; 13 iframe.src = 'resources/opaque-origin1.sub.https.html'; 14 iframe.allow = "fullscreen 'src'"; 15 16 window.addEventListener('message', t.step_func_done(e => { 17 assert_equals(e.data, "fullscreen disabled in opaque-origin2.html"); 18 })); 19 20 document.body.appendChild(iframe); 21 }); 22 </script> 23 </body>