| <script> |
| 'use strict'; |
| |
| window.onload = function() { |
| // When the trust-token-redemption permissions policy is enabled, redemption |
| // and signing ("send-redemption-record") should both be available; when it's disabled, |
| // they should both be unavailable. Send the number of available operations |
| // upstream in order to enforce this in assertions. |
| let num_enabled = 4; |
| try { |
| new Request("https://issuer.example/", { |
| trustToken: { |
| type: "token-redemption" |
| } |
| }); |
| } catch (e) { |
| num_enabled--; |
| } |
| try { |
| new Request("https://destination.example/", { |
| trustToken: { |
| type: "send-redemption-record", |
| issuers: ["https://issuer.example/"] |
| } |
| }); |
| } catch (e) { |
| num_enabled--; |
| } |
| |
| try { |
| const xhr = new XMLHttpRequest(); |
| xhr.open("GET", "https://issuer.example/"); |
| xhr.setTrustToken({ |
| type: "token-redemption" |
| }); |
| } catch (e) { |
| num_enabled--; |
| } |
| |
| try { |
| const xhr = new XMLHttpRequest(); |
| xhr.open("GET", "https://destination.example/"); |
| xhr.setTrustToken({ |
| type: "send-redemption-record", |
| issuers: ["https://issuer.example/"] |
| }); |
| } catch (e) { |
| num_enabled--; |
| } |
| |
| parent.postMessage({ |
| num_operations_enabled: num_enabled |
| }, '*'); |
| } |
| </script> |