private-state-token-issue-disabled-by-permissions-policy.tentative.https.sub.html (2362B)
1 <!DOCTYPE html> 2 <body> 3 <script src=/resources/testharness.js></script> 4 <script src=/resources/testharnessreport.js></script> 5 <script src=/permissions-policy/resources/permissions-policy.js></script> 6 <script> 7 'use strict'; 8 var same_origin_src = '/permissions-policy/resources/permissions-policy-private-state-token-issuance.html'; 9 var cross_origin_src = 'https://{{domains[www]}}:{{ports[https][0]}}' + 10 same_origin_src; 11 var test_desc_begin = 'Permissions policy header "private-state-token-issuance=()"'; 12 13 test(() => { 14 15 assert_throws_dom('NotAllowedError', () => { 16 const issue_request = new Request("https://issuer.example/", { 17 privateToken: { 18 version: 1, 19 operation: "token-request" 20 } 21 }); 22 }); 23 24 assert_throws_dom('NotAllowedError', () => { 25 const xhr = new XMLHttpRequest(); 26 xhr.open("GET", "https://issuer.example/"); 27 xhr.setPrivateToken({ 28 version: 1, 29 operation: "token-request" 30 }); 31 }); 32 33 }, test_desc_begin + ' disallows the top-level document.'); 34 35 async_test(t => { 36 test_feature_availability('Private State Token issuance request', t, 37 same_origin_src, 38 (data, desc) => { 39 assert_equals(data.num_operations_enabled, 0, desc); 40 }); 41 }, test_desc_begin + ' disallows same-origin iframes.'); 42 43 async_test(t => { 44 test_feature_availability('Private State Token issuance request', t, 45 cross_origin_src, 46 (data, desc) => { 47 assert_equals(data.num_operations_enabled, 0, desc); 48 }); 49 }, test_desc_begin + ' disallows cross-origin iframes.'); 50 51 async_test(t => { 52 test_feature_availability( 53 'Private State Token issuance request', t, same_origin_src, 54 (data, desc) => { 55 assert_equals(data.num_operations_enabled, 0, desc); 56 }, 'private-state-token-issuance'); 57 }, test_desc_begin + ' and allow="private-state-token-issuance" disallows same-origin iframes.'); 58 59 async_test(t => { 60 test_feature_availability( 61 'Private State Token issuance request', t, cross_origin_src, 62 (data, desc) => { 63 assert_equals(data.num_operations_enabled, 0, desc); 64 }, 'private-state-token-issuance'); 65 }, test_desc_begin + ' and allow="private-state-token-issuance" disallows cross-origin iframes.'); 66 </script> 67 </body>