eliott/ladybird
1
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird synced 2026-04-27 02:05:07 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
cfe7ddc80588bbca526bd2ba9433ba6fb40d7e4e
ladybird/Tests/LibWeb/Text/input/wpt-import/fullscreen/api/navigate-iframe.sub.html
Luke Wilde 8017f8a7ed Tests/LibWeb: Import Fullscreen WPT tests
2026-02-23 18:44:26 +00:00

69 lines
2.7 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<!DOCTYPE html>
<html lang="en">
<head>
<title>Document#fullscreenEnabled</title>
<meta charset="UTF-8" />
<script src="../../resources/testharness.js"></script>
<script src="../../resources/testharnessreport.js"></script>
</head>
<body>
<div id="log"></div>
<script>
/*
* According to the spec the `default origin` for an iframe is its `declared
* origin`, meaning, the src attribute:
* https://w3c.github.io/webappsec-permissions-policy/#declared-origin
* The `default allowlist` for 'fullscreen' is "'self'":
* https://fullscreen.spec.whatwg.org/#permissions-policy-integration
* And 'self' means:
* 'self'
* The feature is allowed in documents in top-level traversables by default,
* as well as those in child navigables whose document is same origin with
* its parents document, when allowed in that Document. It is disallowed
* by default in child navigables whose document is cross-origin with its
* parents document.
* (https://w3c.github.io/webappsec-permissions-policy/#default-allowlists)
* Therefore a navigated iframe must not have fullscreen permissions unless
* the new origin matches the origin in the src attribute and is same-origin
* with the embedding page.
*/
var expectations = {
"same_to_cross": {allowlist: "", iframe_src: "same", iframe_dest: "cross", target_result: false},
"cross_to_same": {allowlist: "", iframe_src: "cross", iframe_dest: "same", target_result: false},
"same_to_same": {allowlist: "", iframe_src: "same", iframe_dest: "same", target_result: true},
"cross_to_cross": {allowlist: "", iframe_src: "cross", iframe_dest: "cross", target_result: false},
"allowed_cross_to_same": {allowlist: "'self' http://not-wpt.live:80",
iframe_src: "cross", iframe_dest: "same", target_result: true},
};
for (const [test, {allowlist, iframe_src, iframe_dest, target_result}] of Object.entries(expectations)) {
promise_test(async () => {
let iframe = document.createElement("iframe");
if (allowlist !== "") {
iframe.allow = `fullscreen ${allowlist}`;
}
document.body.appendChild(iframe);
iframe.addEventListener("load", () => {
iframe.contentWindow.postMessage({dest: iframe_dest}, "*");
});
let hostname = iframe_src === "same" ? "wpt.live" : "not-wpt.live";
iframe.src = `http://${hostname}:80/fullscreen/api/resources/navigate.sub.html`;
window.addEventListener('message', e => {
if (e.data.report?.api == "fullscreen") {
resolve(e.data.report);
}
});
const { promise, resolve } = Promise.withResolvers();
const report = await promise;
assert_equals(report.enabled, target_result);
}, test);
}
</script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink