html/cross-origin/null.tentative.html - external/github.com/web-platform-tests/wpt - Git at Google

 <!doctype html>
 <meta name="timeout" content="long">
 <title>Cross-Origin header and nested navigable resource without such header</title>
 <script src=/resources/testharness.js></script>
 <script src=/resources/testharnessreport.js></script>
 <script src="/common/get-host-info.sub.js"></script>
 <div id=log></div>
 <script>
 async_test(t => {
   const frame = document.createElement("iframe");
   frame.onload = t.step_func_done(() => {
     assert_not_equals(frame.contentDocument, null, "The frame should actually load");
   });
   frame.src = "/common/blank.html";
   document.body.append(frame);
   assert_equals(frame.contentDocument.body.localName, "body");
 }, "Top-level with null policy: navigating a frame to a null policy should work.");

 async_test(t => {
   const frame = document.createElement("iframe");
   let firstNavOk = false;
   frame.onload = t.step_func(() => {
     assert_not_equals(frame.contentDocument, null);
     firstNavOk = true;
   });
   t.step_timeout(() => {
     assert_equals(firstNavOk, true, "The initial load should work");
     assert_not_equals(frame.contentDocument, null, "Navigation to null policy should fail");
     t.done();
   }, 500);
   frame.src = "resources/navigate_anonymous.sub.html?to=/common/blank.html";
   document.body.append(frame);
   assert_equals(frame.contentDocument.body.localName, "body");
 }, "Top-level with null policy: parent policy should apply to frame navigation from use-credentials policy to a null. Should succeed.");

 async_test(t => {
   const frame = document.createElement("iframe");
   let firstNavOk = false;
   frame.onload = t.step_func(() => {
     assert_not_equals(frame.contentDocument, null);
     firstNavOk = true;
   });
   t.step_timeout(() => {
     assert_equals(firstNavOk, true, "The initial load should work");
     assert_not_equals(frame.contentDocument, null, "Navigation to null policy should fail");
     t.done();
   }, 500);
   frame.src = "resources/navigate_anonymous.sub.html?to=/common/blank.html";
   document.body.append(frame);
   assert_equals(frame.contentDocument.body.localName, "body");
 }, "Top-level with null policy: parent policy should apply to frame navigation from anonymous policy to a null. Should succeed.");

 async_test(t => {
   let w = window.open(`resources/navigate_null.sub.html?to=navigate_anonymous.sub.html`, "window_name");

   t.add_cleanup(() => w.close());

   t.step_timeout(() => {
     w.history.back();
     t.step_timeout(() => {
       assert_not_equals(w.document, null);
       t.done();
     }, 500);
   }, 500);
 }, "Top-level with null policy: navigating a frame back from a blocked page should work.");

 async_test(t => {
   let pageLoaded = false;
   const CHANNEL_NAME = "usecredentials-null-top-navigation";
   let bc = new BroadcastChannel(CHANNEL_NAME);
   let finished = false;
   bc.onmessage = t.step_func((event) => {
     pageLoaded = true;
     let payload = event.data;
     assert_equals(payload, "loaded");
   });

   const SECOND_CHANNEL = "usecredentials-null-top-navigation-final";
   let bc2 = new BroadcastChannel(SECOND_CHANNEL);
   bc2.onmessage = t.step_func((event) => {
     finished = true;
     let payload = event.data;
     assert_equals(payload, "loaded");
   });

   let win = window.open(`resources/navigate_usecredentials.sub.html?channelName=${CHANNEL_NAME}&to=navigate_null.sub.html?channelName=${SECOND_CHANNEL}`, "_blank", "noopener");

   t.step_timeout(() => {
     assert_equals(pageLoaded, true, "Opening a null window (noopener) from usecredentials window should work");
     assert_equals(finished, true, "Navigating a top level window out of an usecredentials policy should work");
     t.done();
   }, 500);
 }, "Top-level noopener popup with use-credentials policy: navigating to a different (null) policy should work");

 promise_test(t => {
   let host_info = get_host_info();
   return fetch(host_info.HTTP_REMOTE_ORIGIN+"/html/cross-origin/resources/nothing.txt",
         {"mode": "no-cors", "method": "GET", "headers":{}}).then(r => {
     assert_equals(r.type, "opaque", "type should be opaque for cross origin fetch");
   });
 }, "Fetch policy: null policy should not affect the no-cors mode");

 </script>
	<!doctype html>
	<meta name="timeout" content="long">
	<title>Cross-Origin header and nested navigable resource without such header</title>
	<script src=/resources/testharness.js></script>
	<script src=/resources/testharnessreport.js></script>
	<script src="/common/get-host-info.sub.js"></script>
	<div id=log></div>
	<script>
	async_test(t => {
	const frame = document.createElement("iframe");
	frame.onload = t.step_func_done(() => {
	assert_not_equals(frame.contentDocument, null, "The frame should actually load");
	});
	frame.src = "/common/blank.html";
	document.body.append(frame);
	assert_equals(frame.contentDocument.body.localName, "body");
	}, "Top-level with null policy: navigating a frame to a null policy should work.");

	async_test(t => {
	const frame = document.createElement("iframe");
	let firstNavOk = false;
	frame.onload = t.step_func(() => {
	assert_not_equals(frame.contentDocument, null);
	firstNavOk = true;
	});
	t.step_timeout(() => {
	assert_equals(firstNavOk, true, "The initial load should work");
	assert_not_equals(frame.contentDocument, null, "Navigation to null policy should fail");
	t.done();
	}, 500);
	frame.src = "resources/navigate_anonymous.sub.html?to=/common/blank.html";
	document.body.append(frame);
	assert_equals(frame.contentDocument.body.localName, "body");
	}, "Top-level with null policy: parent policy should apply to frame navigation from use-credentials policy to a null. Should succeed.");

	async_test(t => {
	const frame = document.createElement("iframe");
	let firstNavOk = false;
	frame.onload = t.step_func(() => {
	assert_not_equals(frame.contentDocument, null);
	firstNavOk = true;
	});
	t.step_timeout(() => {
	assert_equals(firstNavOk, true, "The initial load should work");
	assert_not_equals(frame.contentDocument, null, "Navigation to null policy should fail");
	t.done();
	}, 500);
	frame.src = "resources/navigate_anonymous.sub.html?to=/common/blank.html";
	document.body.append(frame);
	assert_equals(frame.contentDocument.body.localName, "body");
	}, "Top-level with null policy: parent policy should apply to frame navigation from anonymous policy to a null. Should succeed.");

	async_test(t => {
	let w = window.open(`resources/navigate_null.sub.html?to=navigate_anonymous.sub.html`, "window_name");

	t.add_cleanup(() => w.close());

	t.step_timeout(() => {
	w.history.back();
	t.step_timeout(() => {
	assert_not_equals(w.document, null);
	t.done();
	}, 500);
	}, 500);
	}, "Top-level with null policy: navigating a frame back from a blocked page should work.");

	async_test(t => {
	let pageLoaded = false;
	const CHANNEL_NAME = "usecredentials-null-top-navigation";
	let bc = new BroadcastChannel(CHANNEL_NAME);
	let finished = false;
	bc.onmessage = t.step_func((event) => {
	pageLoaded = true;
	let payload = event.data;
	assert_equals(payload, "loaded");
	});

	const SECOND_CHANNEL = "usecredentials-null-top-navigation-final";
	let bc2 = new BroadcastChannel(SECOND_CHANNEL);
	bc2.onmessage = t.step_func((event) => {
	finished = true;
	let payload = event.data;
	assert_equals(payload, "loaded");
	});

	let win = window.open(`resources/navigate_usecredentials.sub.html?channelName=${CHANNEL_NAME}&to=navigate_null.sub.html?channelName=${SECOND_CHANNEL}`, "_blank", "noopener");

	t.step_timeout(() => {
	assert_equals(pageLoaded, true, "Opening a null window (noopener) from usecredentials window should work");
	assert_equals(finished, true, "Navigating a top level window out of an usecredentials policy should work");
	t.done();
	}, 500);
	}, "Top-level noopener popup with use-credentials policy: navigating to a different (null) policy should work");

	promise_test(t => {
	let host_info = get_host_info();
	return fetch(host_info.HTTP_REMOTE_ORIGIN+"/html/cross-origin/resources/nothing.txt",
	{"mode": "no-cors", "method": "GET", "headers":{}}).then(r => {
	assert_equals(r.type, "opaque", "type should be opaque for cross origin fetch");
	});
	}, "Fetch policy: null policy should not affect the no-cors mode");

	</script>