shared-storage-permissions-policy-none.tentative.https.sub.html (1971B)
1 <!doctype html> 2 <body> 3 <script src=/resources/testharness.js></script> 4 <script src=/resources/testharnessreport.js></script> 5 <script src=/permissions-policy/resources/permissions-policy.js></script> 6 <script src="/shared-storage/resources/util.js"></script> 7 <script> 8 'use strict'; 9 const same_origin_src = '/shared-storage/resources/shared-storage-permissions-policy-helper.html'; 10 const same_origin_script = '/shared-storage/resources/simple-module.js'; 11 const cross_origin = 'https://{{domains[www]}}:{{ports[https][0]}}'; 12 const cross_origin_src = cross_origin + same_origin_src; 13 const cross_origin_script = cross_origin + same_origin_script; 14 const header = 'permissions policy header shared-storage=()'; 15 16 promise_test(async t => { 17 const allowed = await AreRegularSharedStorageMethodsAllowed(); 18 assert_false(allowed); 19 }, header + ' disallows sharedStorage in the current page.'); 20 21 promise_test(async t => { 22 return promise_rejects_dom(t, "InvalidAccessError", 23 sharedStorage.createWorklet( 24 same_origin_script, 25 { credentials: "omit" })); 26 }, header + ' disallows sharedStorage.createWorklet() with same-origin script'); 27 28 promise_test(async t => { 29 return promise_rejects_dom(t, "InvalidAccessError", 30 sharedStorage.createWorklet( 31 cross_origin_script, 32 { credentials: "omit", dataOrigin: "script-origin" })); 33 }, header + ' disallows sharedStorage.createWorklet() with cross-origin script'); 34 35 async_test(t => { 36 test_feature_availability('shared-storage', t, same_origin_src, 37 expect_feature_unavailable_default); 38 }, header + ' disallows sharedStorage in same-origin iframes.'); 39 40 async_test(t => { 41 test_feature_availability('shared-storage', t, cross_origin_src, 42 expect_feature_unavailable_default); 43 }, header + ' disallows sharedStorage in cross-origin iframes.'); 44 </script> 45 </body>