mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-21 17:25:36 +00:00
a006adc946
Automatic update from web-platform-tests Feature Policy JS API Update: policy => featurePolicy Bug: 917057 Change-Id: Ifa601a0a9eb3fae9a6d6e9973ad5e6e0b4c5aa2a Reviewed-on: https://chromium-review.googlesource.com/c/1387147 Commit-Queue: Ian Clelland <iclelland@chromium.org> Reviewed-by: Steve Kobes <skobes@chromium.org> Reviewed-by: Avi Drissman <avi@chromium.org> Cr-Commit-Position: refs/heads/master@{#620050} -- wpt-commits: 4c7096bac0c8e8b6254d54eb3b1200c4ad2e93fe wpt-pr: 14723
66 lines
2.7 KiB
HTML
66 lines
2.7 KiB
HTML
<!DOCTYPE html>
|
|
<body>
|
|
<script src=/resources/testharness.js></script>
|
|
<script src=/resources/testharnessreport.js></script>
|
|
<script src=/feature-policy/resources/featurepolicy.js></script>
|
|
<!-- Feature-Policy: fullscreen cross_origin https://www.example.com; -->
|
|
<script>
|
|
'use strict';
|
|
var same_origin = 'https://{{domains[]}}:{{ports[https][0]}}';
|
|
var cross_origin = 'https://{{domains[www]}}:{{ports[https][0]}}';
|
|
var same_origin_src = '/feature-policy/resources/feature-policy-allowedfeatures.html';
|
|
var cross_origin_src = cross_origin + same_origin_src;
|
|
var header_policy = 'Feature-Policy: fullscreen \'self\' ' + cross_origin +
|
|
' https://www.example.com;';
|
|
|
|
// Test that fullscreen's allowlist is [same_origin, cross_origin, 'https://www.example.com']
|
|
test(function() {
|
|
assert_array_equals(
|
|
document.featurePolicy.getAllowlistForFeature('fullscreen'),
|
|
[cross_origin, 'https://www.example.com'].sort());
|
|
}, header_policy + ' -- test allowlist is [cross_origin, https://www.example.com]');
|
|
|
|
// Test that fullscreen is disallowed on same_origin, allowed on some cross_origin subframes.
|
|
test_disallowed_feature_for_subframe(
|
|
header_policy + ' -- test fullscreen is allowed on same-origin subframe',
|
|
'fullscreen',
|
|
same_origin_src);
|
|
test_allowed_feature_for_subframe(
|
|
header_policy + ' -- test fullscreen is allowed on cross-origin ' + cross_origin_src + ' subframe',
|
|
'fullscreen',
|
|
cross_origin_src);
|
|
var cross_origin_src1 = 'https://{{domains[www1]}}:{{ports[https][0]}}' + same_origin_src;
|
|
test_disallowed_feature_for_subframe(
|
|
header_policy + ' -- test fullscreen is disallowed on cross-origin ' + cross_origin_src1 + ' subframe',
|
|
'fullscreen',
|
|
cross_origin_src1);
|
|
|
|
// dynamically update sub frame's container policy
|
|
var disallow = "fullscreen 'none';"
|
|
test_disallowed_feature_for_subframe(
|
|
header_policy + ', iframe.allow = ' + disallow + ' -- test fullscreen is disallowed on same-origin subframe',
|
|
'fullscreen',
|
|
same_origin_src,
|
|
disallow);
|
|
|
|
test_disallowed_feature_for_subframe(
|
|
header_policy + 'iframe.allow = ' + disallow + ' -- test fullscreen is allowed on specific cross-origin subframe',
|
|
'fullscreen',
|
|
cross_origin_src,
|
|
disallow);
|
|
|
|
var allow = "fullscreen " + cross_origin;
|
|
test_disallowed_feature_for_subframe(
|
|
header_policy + ', iframe.allow = ' + allow + ' -- test fullscreen is disallowed on same-origin subframe',
|
|
'fullscreen',
|
|
same_origin_src,
|
|
allow);
|
|
|
|
test_allowed_feature_for_subframe(
|
|
header_policy + 'iframe.allow = ' + allow + ' -- test fullscreen is allowed on specific cross-origin subframe',
|
|
'fullscreen',
|
|
cross_origin_src,
|
|
allow);
|
|
</script>
|
|
</body>
|