Run test for absence of SubtleCrypto in ShadowRealm scopes ShadowRealm scopes, even when created in a secure context, should not be able to access crypto.subtle, SubtleCrypto, or CryptoKey, because those are not [Exposed=*].
diff --git a/WebCryptoAPI/historical.any.js b/WebCryptoAPI/historical.any.js index 67ca9d9..19dcdbe 100644 --- a/WebCryptoAPI/historical.any.js +++ b/WebCryptoAPI/historical.any.js
@@ -1,6 +1,8 @@ -// META: global=window,dedicatedworker,sharedworker +// META: global=window,dedicatedworker,sharedworker,shadowrealm // -// Do not run this in a service worker as that's always in a secure context +// Do not run this in a service worker as that's always in a secure context. +// ShadowRealm scopes created from secure contexts are OK, because SubtleCrypto +// is not [Exposed=*]. test(() => { assert_equals(self.crypto.subtle, undefined);