mirror of
https://github.com/servo/servo
synced 2026-05-12 18:06:32 +02:00
38 lines
1.5 KiB
HTML
38 lines
1.5 KiB
HTML
<!DOCTYPE html>
|
|
<head>
|
|
<title>TestDriver - Set Storage Access Command Tests</title>
|
|
<script src="/cookies/resources/cookie-helper.sub.js"></script>
|
|
<script src="/resources/testharness.js"></script>
|
|
<script src="/resources/testharnessreport.js"></script>
|
|
<script src="/resources/testdriver.js"></script>
|
|
<script src="/resources/testdriver-vendor.js"></script>
|
|
<script src="helpers.js"></script>
|
|
</head>
|
|
<body>
|
|
<script>
|
|
"use strict";
|
|
|
|
// Use a different domain so that the cookie is cross-site.
|
|
const wwwAlt = "https://{{hosts[alt][www]}}:{{ports[https][0]}}";
|
|
|
|
promise_test(async t => {
|
|
t.add_cleanup(async () => {
|
|
await test_driver.delete_all_cookies();
|
|
await MaybeSetStorageAccess(wwwAlt + "/", "*", "allowed");
|
|
});
|
|
|
|
const responder_html = `${wwwAlt}/storage-access-api/resources/script-with-cookie-header.py?script=embedded_responder.js`;
|
|
const frame = await CreateFrame(responder_html);
|
|
|
|
await fetch(`${wwwAlt}/cookies/resources/set.py?cookie=monster;Secure;SameSite=None;Path=/`,
|
|
{ mode: "no-cors", credentials: "include" }).then((resp) => resp.text());
|
|
|
|
assert_true(cookieStringHasCookie("cookie", "monster", await GetJSCookiesFromFrame(frame)), "frame should have access via document.cookie.");
|
|
|
|
await MaybeSetStorageAccess(wwwAlt + "/", "*", "blocked");
|
|
|
|
assert_false(cookieStringHasCookie("cookie", "monster", await GetJSCookiesFromFrame(frame)), "frame should not have access via document.cookie.");
|
|
});
|
|
</script>
|
|
</body>
|