document-policy/experimental-features/document-write.tentative.html - external/github.com/web-platform-tests/wpt - Git at Google

 <!doctype html>
 <title>'document-write' tests</title>
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/document-policy/experimental-features/resources/common.js"></script>
 <style>
 html, body {
   height: 100%;
   width: 100%;
 }
 </style>
 <body>
 <script>
   "use strict";

   function newIframe() {
     var i = document.createElement("iframe");
     document.body.appendChild(i);
     return i;
   }

   let iframeElement = document.querySelector("iframe");
   const allowed_url = url_base + "document-write-allowed.html";
   const disallowed_url = url_base + "document-write-disallowed.html";

   let text_to_write = "<div>FOO<\/div>";
   let test_cases = [{
                       api: "open",
                       query: "body",
                       expected_value_enabled: false,
                     },
                     {
                       api: "close"
                     },
                     {
                       api: "write",
                       args: text_to_write,
                       query: "div",
                       expected_value_enabled: "FOO"
                     },
                     {
                       api: "writeln",
                       args: text_to_write,
                       query: "div",
                       expected_value_enabled: "FOO"
                     }];

   // The feature 'document-write' is enabled by default and when it
   // is enabled, all dynamic markup insertion API work as intended.
   test_cases.forEach((tc) => {
     promise_test(async() => {
       let iframeElement = newIframe();
       await loadUrlInIframe(iframeElement, allowed_url);
       await sendMessageAndGetResponse(iframeElement.contentWindow, tc).then((response) => {
         assert_false(
           response.did_throw_exception,
           `When feature is disabled, invoking 'document.${tc.api}' should not` +
           " throw an exception.");
         if (tc.query) {
           assert_equals(
             response.value,
             tc.expected_value_enabled,
             `The added script tag by 'document.${tc.api}' must have run.`);
         }
       });
     }, `Verify 'document.${tc.api}' is not normally blocked.` );
   });


   // Disabling 'document-write' throws exception on the included API.
   test_cases.forEach((tc) => {
     promise_test(async() => {
       let iframeElement = newIframe();
       await loadUrlInIframe(iframeElement, disallowed_url);
       await sendMessageAndGetResponse(iframeElement.contentWindow, tc).then((response) => {
         assert_true(
           response.did_throw_exception,
           `When feature is enabled, invoking 'document.${tc.api}' should ` +
           " throw an exception.");
         if (tc.query) {
           assert_not_equals(
             response.value,
             tc.expected_value_enabled,
             `The added script tag by 'document.${tc.api}' must not have run.`);
         }
       });
     }, `Verify 'document.${tc.api}' is blocked when the feature is disabled.` );
   });

 </script>
 </body>
	<!doctype html>
	<title>'document-write' tests</title>
	<script src="/resources/testharness.js"></script>
	<script src="/resources/testharnessreport.js"></script>
	<script src="/document-policy/experimental-features/resources/common.js"></script>
	<style>
	html, body {
	height: 100%;
	width: 100%;
	}
	</style>
	<body>
	<script>
	"use strict";

	function newIframe() {
	var i = document.createElement("iframe");
	document.body.appendChild(i);
	return i;
	}

	let iframeElement = document.querySelector("iframe");
	const allowed_url = url_base + "document-write-allowed.html";
	const disallowed_url = url_base + "document-write-disallowed.html";

	let text_to_write = "<div>FOO<\/div>";
	let test_cases = [{
	api: "open",
	query: "body",
	expected_value_enabled: false,
	},
	{
	api: "close"
	},
	{
	api: "write",
	args: text_to_write,
	query: "div",
	expected_value_enabled: "FOO"
	},
	{
	api: "writeln",
	args: text_to_write,
	query: "div",
	expected_value_enabled: "FOO"
	}];

	// The feature 'document-write' is enabled by default and when it
	// is enabled, all dynamic markup insertion API work as intended.
	test_cases.forEach((tc) => {
	promise_test(async() => {
	let iframeElement = newIframe();
	await loadUrlInIframe(iframeElement, allowed_url);
	await sendMessageAndGetResponse(iframeElement.contentWindow, tc).then((response) => {
	assert_false(
	response.did_throw_exception,
	`When feature is disabled, invoking 'document.${tc.api}' should not` +
	" throw an exception.");
	if (tc.query) {
	assert_equals(
	response.value,
	tc.expected_value_enabled,
	`The added script tag by 'document.${tc.api}' must have run.`);
	}
	});
	}, `Verify 'document.${tc.api}' is not normally blocked.` );
	});


	// Disabling 'document-write' throws exception on the included API.
	test_cases.forEach((tc) => {
	promise_test(async() => {
	let iframeElement = newIframe();
	await loadUrlInIframe(iframeElement, disallowed_url);
	await sendMessageAndGetResponse(iframeElement.contentWindow, tc).then((response) => {
	assert_true(
	response.did_throw_exception,
	`When feature is enabled, invoking 'document.${tc.api}' should ` +
	" throw an exception.");
	if (tc.query) {
	assert_not_equals(
	response.value,
	tc.expected_value_enabled,
	`The added script tag by 'document.${tc.api}' must not have run.`);
	}
	});
	}, `Verify 'document.${tc.api}' is blocked when the feature is disabled.` );
	});

	</script>
	</body>