| <!DOCTYPE html> |
| <script src=/resources/testharness.js></script> |
| <script src=/resources/testharnessreport.js></script> |
| <script src=/fetch/sec-metadata/resources/helper.js></script> |
| <body> |
| <script> |
| async_test(t => { |
| let i = document.createElement('iframe'); |
| i.src = "http://{{host}}:{{ports[http][0]}}/fetch/sec-metadata/resources/post-to-owner.py"; |
| window.addEventListener('message', t.step_func(e => { |
| if (e.source != i.contentWindow) |
| return; |
| |
| assert_header_equals(e.data, { |
| "dest": "", |
| "site": "", |
| "user": "", |
| "mode": "", |
| }); |
| t.done(); |
| })); |
| |
| document.body.appendChild(i); |
| }, "Non-secure same-origin iframe => No headers"); |
| |
| async_test(t => { |
| let i = document.createElement('iframe'); |
| i.src = "http://{{hosts[][www]}}:{{ports[http][0]}}/fetch/sec-metadata/resources/post-to-owner.py"; |
| window.addEventListener('message', t.step_func(e => { |
| if (e.source != i.contentWindow) |
| return; |
| |
| assert_header_equals(e.data, { |
| "dest": "", |
| "site": "", |
| "user": "", |
| "mode": "", |
| }); |
| t.done(); |
| })); |
| |
| document.body.appendChild(i); |
| }, "Non-secure same-site iframe => No headers"); |
| |
| async_test(t => { |
| let i = document.createElement('iframe'); |
| i.src = "http://{{hosts[alt][www]}}:{{ports[http][0]}}/fetch/sec-metadata/resources/post-to-owner.py"; |
| window.addEventListener('message', t.step_func(e => { |
| if (e.source != i.contentWindow) |
| return; |
| |
| assert_header_equals(e.data, { |
| "dest": "", |
| "site": "", |
| "user": "", |
| "mode": "", |
| }); |
| t.done(); |
| })); |
| |
| document.body.appendChild(i); |
| }, "Non-secure cross-site iframe => No headers."); |
| </script> |