blob: 2bc2581fceed3e3339c67dc4d5ee69e46636394f [file] [edit]
<!DOCTYPE html>
<script src=/resources/testharness.js></script>
<script src=/resources/testharnessreport.js></script>
<script src=/fetch/sec-metadata/resources/helper.js></script>
<body>
<script>
async_test(t => {
let i = document.createElement('iframe');
i.src = "http://{{host}}:{{ports[http][0]}}/fetch/sec-metadata/resources/post-to-owner.py";
window.addEventListener('message', t.step_func(e => {
if (e.source != i.contentWindow)
return;
assert_header_equals(e.data, {
"dest": "",
"site": "",
"user": "",
"mode": "",
});
t.done();
}));
document.body.appendChild(i);
}, "Non-secure same-origin iframe => No headers");
async_test(t => {
let i = document.createElement('iframe');
i.src = "http://{{hosts[][www]}}:{{ports[http][0]}}/fetch/sec-metadata/resources/post-to-owner.py";
window.addEventListener('message', t.step_func(e => {
if (e.source != i.contentWindow)
return;
assert_header_equals(e.data, {
"dest": "",
"site": "",
"user": "",
"mode": "",
});
t.done();
}));
document.body.appendChild(i);
}, "Non-secure same-site iframe => No headers");
async_test(t => {
let i = document.createElement('iframe');
i.src = "http://{{hosts[alt][www]}}:{{ports[http][0]}}/fetch/sec-metadata/resources/post-to-owner.py";
window.addEventListener('message', t.step_func(e => {
if (e.source != i.contentWindow)
return;
assert_header_equals(e.data, {
"dest": "",
"site": "",
"user": "",
"mode": "",
});
t.done();
}));
document.body.appendChild(i);
}, "Non-secure cross-site iframe => No headers.");
async_test(t => {
let i = document.createElement('iframe');
i.src = "https://{{host}}:{{ports[https][0]}}/fetch/sec-metadata/resources/post-to-owner.py";
window.addEventListener('message', t.step_func(e => {
if (e.source != i.contentWindow)
return;
assert_header_equals(e.data, {
"dest": "nested-document",
"site": "cross-site",
"user": "",
"mode": "nested-navigate",
});
t.done();
}));
document.body.appendChild(i);
}, "Secure, cross-site (cross-scheme, same-host) iframe");
</script>