-
Notifications
You must be signed in to change notification settings - Fork 3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[html] Add tests for parsing COOP values
- Loading branch information
1 parent
455a12e
commit bb1376b
Showing
2 changed files
with
60 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
<!doctype html> | ||
<meta charset=utf-8> | ||
<script src=/resources/testharness.js></script> | ||
<script src=/resources/testharnessreport.js></script> | ||
<script src="/common/get-host-info.sub.js"></script> | ||
<script src="resources/common.js"></script> | ||
|
||
<div id=log></div> | ||
<script> | ||
|
||
let tests = [ | ||
// popup Origin, popup COOP, expect opener | ||
|
||
// None of the following should be recognized as "same-site" (hence the | ||
// "expected opener" value of `true`). | ||
[SAME_ORIGIN, "same-site;", true], | ||
[SAME_ORIGIN, "same-site\0", true], | ||
[SAME_ORIGIN, "Same-site", true], | ||
[SAME_ORIGIN, "same-site same-site", true], | ||
[SAME_ORIGIN, "same-site;same-site", true], | ||
|
||
// All of the following should be recognized as "same-site" (hence the | ||
// "expected opener" value of `false`). | ||
[SAME_ORIGIN, " \tsame-site", false], | ||
[SAME_ORIGIN, "same-site\t ", false], | ||
]; | ||
|
||
run_coop_tests("unspecified", tests); | ||
|
||
async_test((t) => { | ||
const channelName = `none_to_${SAME_ORIGIN.name}_duplicated-header`; | ||
const url = `${SAME_ORIGIN.origin}/html/cross-origin-opener-policy/resources/coop-same-site-repeated.asis?channel=${channelName}`; | ||
|
||
url_test(t, url, channelName, true); | ||
}, `unspecified document opening popup to ${SAME_ORIGIN.origin} with repeated COOP header`); | ||
</script> |
24 changes: 24 additions & 0 deletions
24
html/cross-origin-opener-policy/resources/coop-same-site-repeated.asis
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
HTTP/1.1 200 OK | ||
Cross-Origin-Opener-Policy: same-site | ||
Cross-Origin-Opener-Policy: same-site | ||
Server: BaseHTTP/0.3 Python/2.7.15+ | ||
Date: Wed, 18 Dec 2019 00:47:08 GMT | ||
|
||
<!doctype html> | ||
<meta charset=utf-8> | ||
<script src="/common/get-host-info.sub.js"></script> | ||
<iframe></iframe> | ||
<script> | ||
const navigate = new URL(location).searchParams.get("navigate"); | ||
if (navigate !== null) { | ||
self.location = navigate; | ||
} else { | ||
const iframe = document.querySelector("iframe"); | ||
iframe.onload = () => { | ||
const payload = { name: self.name, opener: !!self.opener }; | ||
iframe.contentWindow.postMessage(payload, "*"); | ||
}; | ||
const channelName = new URL(location).searchParams.get("channel"); | ||
iframe.src = `${get_host_info().HTTPS_ORIGIN}/html/cross-origin-opener-policy/resources/postback.html?channel=${channelName}`; | ||
} | ||
</script> |
bb1376b
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Use
same-origin
instead ofsame-site
since the latter should not be supported.bb1376b
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As far as I can tell, it's possible to get duplicated headers with a
.headers
file. I think that is nicer than.asis
.