Write some simple tests to look at about:blank partitioning
Change-Id: I48083f5c84bc22e5f6c34d08fee9b0a1784ac4f5
Co-Authored-By: Mike Taylor <miketaylr@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3254685
Reviewed-by: Stephen Chenney <schenney@chromium.org>
Commit-Queue: Mike Taylor <miketaylr@chromium.org>
Auto-Submit: Mike Taylor <miketaylr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#984586}
diff --git a/webstorage/localstorage-about-blank-3P-iframe-opens-3P-window.partitioned.tentative.html b/webstorage/localstorage-about-blank-3P-iframe-opens-3P-window.partitioned.tentative.html
new file mode 100644
index 0000000..de94fb2
--- /dev/null
+++ b/webstorage/localstorage-about-blank-3P-iframe-opens-3P-window.partitioned.tentative.html
@@ -0,0 +1,75 @@
+<!doctype html>
+<meta charset=utf-8>
+<title>localStorage: about:blank partitioning</title>
+<meta name=help href="https://privacycg.github.io/storage-partitioning/">
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="/webstorage/resources/partitioning-utils.js"></script>
+<body>
+<script>
+const path =
+ "webstorage/resources/localstorage-about-blank-partitioned-win-open.html";
+const crossSiteURL = `${get_host_info().HTTP_NOTSAMESITE_ORIGIN}/${path}`;
+const sameSiteURL = `${get_host_info().HTTP_ORIGIN}/${path}`;
+let firstPartyID = getOrCreateID("userID3");
+let crossSiteIframeID;
+let sameSiteIframeID;
+let crossSiteIframe;
+let crossSiteIframeAboutBlankID;
+let frameMessageCount = 0;
+
+promise_test(async t => {
+ localStorage.clear();
+
+ // Step 1. Add a cross-site iframe
+ return addIframePromise(crossSiteURL).then(async crossSiteIframe => {
+ return new Promise(resolve => {
+ window.addEventListener("message", async e => {
+ const payload = {
+ command: "open about:blank window"
+ }
+
+ if (e.data.message === "window loaded") {
+ // Step 2. cross-site iframe is loaded, capture reference to its ID
+ crossSiteIframeID = e.data.userID;
+ // Step 3. Ask the cross-site iframe to create an about:blank window
+ crossSiteIframe.contentWindow.postMessage(payload, e.origin);
+ }
+
+ if (e.data.message === "about:blank frame ID") {
+ // Step 4. capture reference to 3P iframe's about:blank window ID
+ crossSiteIframeAboutBlankID = e.data.userID;
+ crossSiteIframe.contentWindow.postMessage(
+ {command: "close about:blank window"}, "*");
+ }
+
+ if (e.data.message === "about:blank window closed") {
+ resolve({crossSiteIframeID, crossSiteIframeAboutBlankID});
+ }
+ });
+ }).then(ids => {
+ const {
+ crossSiteIframeID,
+ crossSiteIframeAboutBlankID
+ } = ids;
+ // Step 5. Assert some things
+ for (let id in ids) {
+ assert_true(id !== undefined, "id is not undefined");
+ }
+ // Note: we use assert_true, rather than assert_equals becuase we're
+ // setting random numbers as IDs - this would mean expectations
+ // files wouldn't work as intended.
+ assert_true(crossSiteIframeAboutBlankID !== crossSiteIframeID,
+ "about:blank window opened by 3P iframe does not inherit 3P iframe's StorageKey");
+ assert_true(firstPartyID !== crossSiteIframeAboutBlankID,
+ "about:blank window open by 3P iframe does not inherit 1P StorageKey");
+
+ localStorage.clear();
+ })
+ });
+
+
+}, "StorageKey: test 3P about:blank window opened from a 3P iframe");
+</script>
+</body>
diff --git a/webstorage/localstorage-basic-partitioned.tentative.sub.html b/webstorage/localstorage-basic-partitioned.tentative.sub.html
index 39209ea..7ed49b1 100644
--- a/webstorage/localstorage-basic-partitioned.tentative.sub.html
+++ b/webstorage/localstorage-basic-partitioned.tentative.sub.html
@@ -4,7 +4,7 @@
<meta name=help href="https://privacycg.github.io/storage-partitioning/">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
-<iframe id="shared-iframe" src="http://{{host}}:{{ports[http][0]}}/webstorage/resources/localstorage-basic-partitioned-iframe.html"></iframe>
+<iframe id="shared-iframe" src="http://{{host}}:{{ports[http][0]}}/webstorage/resources/localstorage-about-blank-partitioned-iframe.html"></iframe>
<body>
<script>
// Here's the set-up for this test:
diff --git a/webstorage/resources/localstorage-basic-partitioned-iframe.html b/webstorage/resources/localstorage-about-blank-partitioned-iframe.html
similarity index 100%
rename from webstorage/resources/localstorage-basic-partitioned-iframe.html
rename to webstorage/resources/localstorage-about-blank-partitioned-iframe.html
diff --git a/webstorage/resources/localstorage-about-blank-partitioned-win-open.html b/webstorage/resources/localstorage-about-blank-partitioned-win-open.html
new file mode 100644
index 0000000..90d3a43
--- /dev/null
+++ b/webstorage/resources/localstorage-about-blank-partitioned-win-open.html
@@ -0,0 +1,37 @@
+<!doctype html>
+<meta charset="utf-8">
+<script src="./partitioning-utils.js"></script>
+<script>
+window.addEventListener("load", () => {
+ localStorage.clear();
+
+ const userID = getOrCreateID("userID4");
+ const payload = {
+ message: "window loaded",
+ userID,
+ }
+
+ let win = window.opener ? window.opener : window.parent;
+ win.postMessage(payload, "*");
+});
+
+window.addEventListener("message", e => {
+ let win = window.opener ? parent.window.opener : window.parent;
+
+ if (e.data.command == "open about:blank window") {
+ window.blankWindow = window.open("about:blank");
+ const payload = {
+ message: "about:blank frame ID",
+ userID: window.blankWindow?.localStorage["userID4"],
+ }
+
+ let win = window.opener ? parent.window.opener : window.parent;
+ win.postMessage(payload, "*");
+ }
+
+ if (e.data.command == "close about:blank window") {
+ window.blankWindow.close();
+ win.postMessage({message: "about:blank window closed"}, "*");
+ }
+});
+</script>
diff --git a/webstorage/resources/partitioning-utils.js b/webstorage/resources/partitioning-utils.js
new file mode 100644
index 0000000..9d9e0b8
--- /dev/null
+++ b/webstorage/resources/partitioning-utils.js
@@ -0,0 +1,20 @@
+function getOrCreateID(key) {
+ if (!localStorage.getItem(key)) {
+ const newID = +new Date() + "-" + Math.random();
+ localStorage.setItem(key, newID);
+ }
+ return localStorage.getItem(key);
+}
+
+function addIframePromise(url) {
+ return new Promise(resolve => {
+ const iframe = document.createElement("iframe");
+ iframe.style.display = "none";
+ iframe.src = url;
+ iframe.addEventListener("load", (e) => {
+ resolve(iframe);
+ }, {once: true});
+
+ document.body.appendChild(iframe);
+ });
+}