blob: 15e07fc1245c4df5f6ae32f5354b75c00f310f68 [file] [log] [blame]
<!DOCTYPE html>
<title>Credential Manager: store() basics.</title>
<script src="../resources/testharness.js"></script>
<script src="../resources/testharnessreport.js"></script>
<script src="/gen/layout_test_data/mojo/public/js/mojo_bindings.js"></script>
<script src="/gen/third_party/blink/public/mojom/credentialmanager/credential_manager.mojom.js"></script>
<script src="/gen/third_party/blink/public/platform/modules/webauthn/authenticator.mojom.js"></script>
<script src="resources/test-inputs.js"></script>
<script src="resources/mock-navigator-credentials.js"></script>
<script>
add_completion_callback(() => {
mockCredentialManager.reset();
});
function CreatePasswordCredentialWithIconURL(url) {
return new PasswordCredential({
id: 'id',
password: 'pencil',
name: 'name',
iconURL: url
});
}
function CreateFederatedCredentialWithIconURL(url) {
return new FederatedCredential({
id: 'id',
provider: 'https://federation.test/',
name: 'name',
iconURL: url
});
}
promise_test((t) => {
return promise_rejects(t, new TypeError(), navigator.credentials.store());
}, "navigator.credential.store() with no arguments should reject.");
promise_test((t) => {
return promise_rejects(t, new TypeError(),
navigator.credentials.store("string, not a credential"));
}, "navigator.credential.store([string]) should reject.");
promise_test(() => {
let local = CreatePasswordCredentialWithIconURL("https://foo/icon.png");
return navigator.credentials.store(local);
}, "navigator.credential.store([PasswordCredential]) should succeed.");
promise_test(() => {
let federated = CreateFederatedCredentialWithIconURL("https://foo/icon.png");
return navigator.credentials.store(federated);
}, "navigator.credentials.store([FederatedCredential]) should succeed.");
const A_PRIORI_AUTHENTICATED_URLS = [
'https://foo/icon.png',
'wss://foo/icon.png',
'file:///etc/shadow',
'data:image/png;base64,',
'about:blank',
'about:srcdoc',
'http://127.0.0.123/icon.png',
'http://[::1]/icon.png',
'filesystem:https://foo/icon.png',
'filesystem:file:///etc/shadow',
'blob:https://foo/blob-id',
'blob:file:///blob-id',
];
const NON_A_PRIORI_AUTHENTICATED_URLS = [
'http://foo:443/icon.png',
'javascript:alert()',
'ws://foo/icon.png',
'ftp://foo/icon.png',
'gopher://foo/icon.png',
'http://128.0.0.0/icon.png',
'http://[::2]/icon.png',
'http:///icon.png',
'filesystem:http://foo/icon.png',
'blob:http://foo/blob-id',
'blob:null/blob-id',
];
for (let url of A_PRIORI_AUTHENTICATED_URLS) {
promise_test(() => {
let local = CreatePasswordCredentialWithIconURL(url);
return navigator.credentials.store(local);
}, "navigator.credential.store([PasswordCredential]) with |iconURL| " + url + " should succeed.");
promise_test(() => {
let federated = CreateFederatedCredentialWithIconURL(url);
return navigator.credentials.store(federated);
}, "navigator.credentials.store([FederatedCredential]) with |iconURL| " + url + " should succeed.");
}
for (let url of NON_A_PRIORI_AUTHENTICATED_URLS) {
promise_test((t) => {
let local = CreatePasswordCredentialWithIconURL(url);
return promise_rejects(t, "SecurityError",
navigator.credentials.store(local));
}, "navigator.credentials.store([PasswordCredential]) with insecure |iconURL| " + url + " should reject.");
promise_test((t) => {
let federated = CreateFederatedCredentialWithIconURL(url);
return promise_rejects(t, "SecurityError",
navigator.credentials.store(federated));
}, "navigator.credentials.store([FederatedCredential]) with insecure |iconURL| " + url + " should reject.");
}
</script>