-
Notifications
You must be signed in to change notification settings - Fork 3.1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add one WPT test about <video>. A few parameters can vary: - Initiator is COEP:none or COEP:credentialless - <video> src is same-origin or cross-origin. - <video>'s crossOrigin is (undefined), "anonymous", "use-credentials" Bug:1175099 Change-Id: Ie16f0ec524a40ab9afb52dad77f79a38db9c865e
- Loading branch information
1 parent
8602e9c
commit 629e8b6
Showing
1 changed file
with
114 additions
and
0 deletions.
There are no files selected for viewing
114 changes: 114 additions & 0 deletions
114
html/cross-origin-embedder-policy/credentialless/video.tentative.https.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,114 @@ | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
<script src="/common/get-host-info.sub.js"></script> | ||
<script src="/common/utils.js"></script> | ||
<script src="./resources/common.js"></script> | ||
<script src="./resources/dispatcher.js"></script> | ||
|
||
<script> | ||
|
||
promise_test_parallel(async test => { | ||
const same_origin = get_host_info().HTTPS_ORIGIN; | ||
const cross_origin = get_host_info().HTTPS_REMOTE_ORIGIN; | ||
const cookie_key = "coep_credentialless_image"; | ||
const cookie_same_origin = "same_origin"; | ||
const cookie_cross_origin = "cross_origin"; | ||
|
||
// Set cookie on same_origin. | ||
document.cookie = `${cookie_key}=${cookie_same_origin}`; | ||
|
||
// Set cookie on cross_origin. | ||
{ | ||
const w_token = token(); | ||
const w_url = cross_origin + executor_path + `&uuid=${w_token}`; | ||
const w = window.open(w_url); | ||
|
||
const reply_token = token(); | ||
send(w_token, ` | ||
document.cookie = "${cookie_key}=${cookie_cross_origin}"; | ||
send("${reply_token}", "done"); | ||
`); | ||
assert_equals(await receive(reply_token), "done"); | ||
w.close(); | ||
} | ||
|
||
// One window with COEP:none. (control) | ||
const w_control_token = token(); | ||
const w_control_url = same_origin + executor_path + | ||
coep_none + `&uuid=${w_control_token}` | ||
const w_control = window.open(w_control_url); | ||
|
||
// One window with COEP:credentialless. (experiment) | ||
const w_credentialless_token = token(); | ||
const w_credentialless_url = same_origin + executor_path + | ||
coep_credentialless + `&uuid=${w_credentialless_token}`; | ||
const w_credentialless = window.open(w_credentialless_url); | ||
|
||
let videoTest = function( | ||
description, origin, mode, | ||
expected_cookies_control, | ||
expected_cookies_credentialless) | ||
{ | ||
promise_test_parallel(async test => { | ||
const token_1 = token(); | ||
const token_2 = token(); | ||
|
||
send(w_control_token, ` | ||
let video = document.createElement("video"); | ||
video.src = "${showRequestHeaders(origin, token_1)}"; | ||
video.autoplay = true; | ||
${mode} | ||
document.body.appendChild(video); | ||
`); | ||
send(w_credentialless_token, ` | ||
let video = document.createElement("video"); | ||
video.src = "${showRequestHeaders(origin, token_2)}"; | ||
video.autoplay = true; | ||
${mode} | ||
document.body.appendChild(video); | ||
`); | ||
|
||
const headers_control = JSON.parse(await receive(token_1)); | ||
const headers_credentialless = JSON.parse(await receive(token_2)); | ||
|
||
assert_equals(parseCookies(headers_control)[cookie_key], | ||
expected_cookies_control, | ||
"coep:none => "); | ||
assert_equals(parseCookies(headers_credentialless)[cookie_key], | ||
expected_cookies_credentialless, | ||
"coep:credentialless => "); | ||
}, `video ${description}`) | ||
}; | ||
|
||
// Same-origin request always contains Cookies: | ||
videoTest("same-origin + undefined", | ||
same_origin, '', | ||
cookie_same_origin, | ||
cookie_same_origin); | ||
videoTest("same-origin + anonymous", | ||
same_origin, 'video.crossOrigin="anonymous"', | ||
cookie_same_origin, | ||
cookie_same_origin); | ||
videoTest("same-origin + use-credentials", | ||
same_origin, 'video.crossOrigin="use-credentials"', | ||
cookie_same_origin, | ||
cookie_same_origin); | ||
|
||
// Cross-origin request contains cookies in the following cases: | ||
// - COEP:credentialless is not set. | ||
// - video.crossOrigin is `use-credentials`. | ||
videoTest("cross-origin + undefined", | ||
cross_origin, '', | ||
cookie_cross_origin, | ||
undefined); | ||
videoTest("cross-origin + anonymous", | ||
cross_origin, 'video.crossOrigin="anonymous"', | ||
undefined, | ||
undefined); | ||
videoTest("cross-origin + use-credentials", | ||
cross_origin, 'video.crossOrigin="use-credentials"', | ||
cookie_cross_origin, | ||
cookie_cross_origin); | ||
}, "Main"); | ||
|
||
</script> |