Google Git
Sign in
chromium / external / w3c / web-platform-tests.git / HEAD / . / digital-credentials / allow-attribute-with-create.https.html
blob: 4b1e96fec4cb62d336d3c1358a7c9781e6657f8d [file] [log] [blame]
<!DOCTYPE html>
<html>
<head>
<title>
Test allow attribute with "digital-credentials-create" and
CredentialsContainer's .create() method
</title>
<script src="/common/get-host-info.sub.js"></script>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/resources/testdriver.js"></script>
<script src="/resources/testdriver-vendor.js"></script>
<script>
const hostInfo = get_host_info();
const iframeDetails = [
{
policy: null,
crossOrigin: false,
expectIsAllowed: true,
},
{
policy: null,
crossOrigin: true,
expectIsAllowed: false,
},
{
policy: "digital-credentials-create",
crossOrigin: false,
expectIsAllowed: true,
},
{
policy: "digital-credentials-create",
crossOrigin: true,
expectIsAllowed: true,
},
{
policy: "digital-credentials-create *",
crossOrigin: false,
expectIsAllowed: true,
},
{
policy: "digital-credentials-create *",
crossOrigin: true,
expectIsAllowed: true,
},
{
policy: "digital-credentials-create 'none'",
crossOrigin: false,
expectIsAllowed: false,
},
{
policy: "digital-credentials-create 'none'",
crossOrigin: true,
expectIsAllowed: false,
},
{
policy: "digital-credentials-create 'self'",
crossOrigin: false,
expectIsAllowed: true,
},
{
policy: "digital-credentials-create 'self'",
crossOrigin: true,
expectIsAllowed: false,
},
{
policy: `digital-credentials-create ${hostInfo.HTTPS_REMOTE_ORIGIN}`,
crossOrigin: false,
expectIsAllowed: false,
},
{
policy: `digital-credentials-create ${hostInfo.HTTPS_REMOTE_ORIGIN}`,
crossOrigin: true,
expectIsAllowed: true,
},
];
async function loadIframe({ policy, crossOrigin, expectIsAllowed }) {
const iframe = document.createElement("iframe");
if (policy !== null) {
iframe.allow = policy;
}
await new Promise((resolve) => {
iframe.onload = resolve;
iframe.src = new URL(
"/digital-credentials/support/iframe.html",
crossOrigin
? hostInfo.HTTPS_REMOTE_ORIGIN
: location.origin
).href;
iframe.dataset.expectIsAllowed = expectIsAllowed;
document.body.appendChild(iframe);
});
iframe.focus();
return iframe;
}
function runTests() {
for (const details of iframeDetails) {
promise_test(async (test) => {
const iframe = await loadIframe(details);
const { expectIsAllowed } = details;
const action = "create";
const options = {
digital: {
// Results in TypeError when allowed, NotAllowedError when disallowed
requests: [],
},
mediation: "required",
};
const { data } = await new Promise((resolve) => {
window.addEventListener("message", resolve, {
once: true,
});
iframe.contentWindow.postMessage(
{ action, options, needsActivation: true },
"*"
);
});
const { name, message } = data;
const fullMessage = `${iframe.outerHTML} - ${message}`;
if (expectIsAllowed) {
assert_true(
name == "TypeError" || name == "NotAllowedError",
fullMessage
);
} else {
assert_equals(name, "NotAllowedError", fullMessage);
}
iframe.remove();
}, `With Create: Policy to use: ${details.policy}, is cross-origin: ${details.crossOrigin}, is allowed by policy: ${details.expectIsAllowed}`);
}
}
</script>
</head>
<body onload="runTests()"></body>
</html>