-
Notifications
You must be signed in to change notification settings - Fork 3.1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Write some simple tests to look at about:blank partitioning
Change-Id: I48083f5c84bc22e5f6c34d08fee9b0a1784ac4f5 Co-Authored-By: Mike Taylor <miketaylr@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3254685 Reviewed-by: Stephen Chenney <schenney@chromium.org> Commit-Queue: Mike Taylor <miketaylr@chromium.org> Auto-Submit: Mike Taylor <miketaylr@chromium.org> Cr-Commit-Position: refs/heads/main@{#984586}
- Loading branch information
1 parent
2a8b666
commit b5a7a7a
Showing
5 changed files
with
133 additions
and
1 deletion.
There are no files selected for viewing
75 changes: 75 additions & 0 deletions
75
webstorage/localstorage-about-blank-3P-iframe-opens-3P-window.partitioned.tentative.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,75 @@ | ||
<!doctype html> | ||
<meta charset=utf-8> | ||
<title>localStorage: about:blank partitioning</title> | ||
<meta name=help href="https://privacycg.github.io/storage-partitioning/"> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
<script src="/common/get-host-info.sub.js"></script> | ||
<script src="/webstorage/resources/partitioning-utils.js"></script> | ||
<body> | ||
<script> | ||
const path = | ||
"webstorage/resources/localstorage-about-blank-partitioned-win-open.html"; | ||
const crossSiteURL = `${get_host_info().HTTP_NOTSAMESITE_ORIGIN}/${path}`; | ||
const sameSiteURL = `${get_host_info().HTTP_ORIGIN}/${path}`; | ||
let firstPartyID = getOrCreateID("userID3"); | ||
let crossSiteIframeID; | ||
let sameSiteIframeID; | ||
let crossSiteIframe; | ||
let crossSiteIframeAboutBlankID; | ||
let frameMessageCount = 0; | ||
|
||
promise_test(async t => { | ||
localStorage.clear(); | ||
|
||
// Step 1. Add a cross-site iframe | ||
return addIframePromise(crossSiteURL).then(async crossSiteIframe => { | ||
return new Promise(resolve => { | ||
window.addEventListener("message", async e => { | ||
const payload = { | ||
command: "open about:blank window" | ||
} | ||
|
||
if (e.data.message === "window loaded") { | ||
// Step 2. cross-site iframe is loaded, capture reference to its ID | ||
crossSiteIframeID = e.data.userID; | ||
// Step 3. Ask the cross-site iframe to create an about:blank window | ||
crossSiteIframe.contentWindow.postMessage(payload, e.origin); | ||
} | ||
|
||
if (e.data.message === "about:blank frame ID") { | ||
// Step 4. capture reference to 3P iframe's about:blank window ID | ||
crossSiteIframeAboutBlankID = e.data.userID; | ||
crossSiteIframe.contentWindow.postMessage( | ||
{command: "close about:blank window"}, "*"); | ||
} | ||
|
||
if (e.data.message === "about:blank window closed") { | ||
resolve({crossSiteIframeID, crossSiteIframeAboutBlankID}); | ||
} | ||
}); | ||
}).then(ids => { | ||
const { | ||
crossSiteIframeID, | ||
crossSiteIframeAboutBlankID | ||
} = ids; | ||
// Step 5. Assert some things | ||
for (let id in ids) { | ||
assert_true(id !== undefined, "id is not undefined"); | ||
} | ||
// Note: we use assert_true, rather than assert_equals becuase we're | ||
// setting random numbers as IDs - this would mean expectations | ||
// files wouldn't work as intended. | ||
assert_true(crossSiteIframeAboutBlankID !== crossSiteIframeID, | ||
"about:blank window opened by 3P iframe does not inherit 3P iframe's StorageKey"); | ||
assert_true(firstPartyID !== crossSiteIframeAboutBlankID, | ||
"about:blank window open by 3P iframe does not inherit 1P StorageKey"); | ||
|
||
localStorage.clear(); | ||
}) | ||
}); | ||
|
||
|
||
}, "StorageKey: test 3P about:blank window opened from a 3P iframe"); | ||
</script> | ||
</body> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
37 changes: 37 additions & 0 deletions
37
webstorage/resources/localstorage-about-blank-partitioned-win-open.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
<!doctype html> | ||
<meta charset="utf-8"> | ||
<script src="./partitioning-utils.js"></script> | ||
<script> | ||
window.addEventListener("load", () => { | ||
localStorage.clear(); | ||
|
||
const userID = getOrCreateID("userID4"); | ||
const payload = { | ||
message: "window loaded", | ||
userID, | ||
} | ||
|
||
let win = window.opener ? window.opener : window.parent; | ||
win.postMessage(payload, "*"); | ||
}); | ||
|
||
window.addEventListener("message", e => { | ||
let win = window.opener ? parent.window.opener : window.parent; | ||
|
||
if (e.data.command == "open about:blank window") { | ||
window.blankWindow = window.open("about:blank"); | ||
const payload = { | ||
message: "about:blank frame ID", | ||
userID: window.blankWindow?.localStorage["userID4"], | ||
} | ||
|
||
let win = window.opener ? parent.window.opener : window.parent; | ||
win.postMessage(payload, "*"); | ||
} | ||
|
||
if (e.data.command == "close about:blank window") { | ||
window.blankWindow.close(); | ||
win.postMessage({message: "about:blank window closed"}, "*"); | ||
} | ||
}); | ||
</script> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
function getOrCreateID(key) { | ||
if (!localStorage.getItem(key)) { | ||
const newID = +new Date() + "-" + Math.random(); | ||
localStorage.setItem(key, newID); | ||
} | ||
return localStorage.getItem(key); | ||
} | ||
|
||
function addIframePromise(url) { | ||
return new Promise(resolve => { | ||
const iframe = document.createElement("iframe"); | ||
iframe.style.display = "none"; | ||
iframe.src = url; | ||
iframe.addEventListener("load", (e) => { | ||
resolve(iframe); | ||
}, {once: true}); | ||
|
||
document.body.appendChild(iframe); | ||
}); | ||
} |