| <!DOCTYPE html> |
| <title>Test default permission policy features gating ()</title> |
| <script src="/resources/testharness.js"></script> |
| <script src="/resources/testharnessreport.js"></script> |
| <script src="/common/utils.js"></script> |
| <script src="/common/dispatcher/dispatcher.js"></script> |
| <script src="resources/utils.js"></script> |
| <script src="/common/get-host-info.sub.js"></script> |
| <script src="resources/default-enabled-features-helper.js"></script> |
| |
| <body> |
| <script> |
| // Note: Shared storage will refuse to run selectURL() on this page because its |
| // permissions policy is disabled. Therefore, we can only test the FLEDGE case. |
| promise_test(async(t) => { |
| await runDefaultEnabledFeaturesTest(t, false, get_host_info().ORIGIN); |
| }, 'Same-origin fenced frame does not load when feature policies are none'); |
| |
| promise_test(async(t) => { |
| await runDefaultEnabledFeaturesTest(t, false, get_host_info().REMOTE_ORIGIN); |
| }, 'Cross-origin fenced frame does not load when feature policies are none'); |
| |
| promise_test(async(t) => { |
| const fencedframe = await attachFencedFrameContext({ |
| origin: get_host_info().REMOTE_ORIGIN}); |
| |
| await fencedframe.execute(async () => { |
| assert_false( |
| document.featurePolicy.allowsFeature('shared-storage'), |
| "Shared storage should be disallowed in the fenced frame."); |
| assert_false( |
| document.featurePolicy.allowsFeature('private-aggregation'), |
| "Private aggregation should be disallowed in the fenced frame."); |
| assert_false( |
| document.featurePolicy.allowsFeature('attribution-reporting'), |
| "Attribution reporting should be disallowed in the fenced frame."); |
| assert_false( |
| document.featurePolicy.allowsFeature('sync-xhr'), |
| "USB access should be disallowed in the fenced frame."); |
| }, []); |
| }, 'Flexible permissions fenced frames can have permissions restricted from ' + |
| 'parent.'); |
| |
| </script> |
| </body> |
| </html> |
