Cred Man: Add fully active checks

credential-management/non-fully-active.https.html

@@ -0,0 +1,55 @@
+<!DOCTYPE html>
+<meta charset="utf-8" />
+<title>Credential Management API Test: non-fully active document</title>
+<link
+  rel="help"
+  href="https://github.com/w3c/webappsec-credential-management"
+/>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/resources/testdriver.js"></script>
+<script src="/resources/testdriver-vendor.js"></script>
+<body></body>
+<script>
+  promise_test(async (t) => {
+    // Create the iframe, wait for it to load...
+    const iframe = document.createElement("iframe");
+
+    // ...wait for the iframe to load...
+    await new Promise((resolve) => {
+      iframe.addEventListener("load", resolve, { once: true });
+      iframe.src = "resources/iframe.html";
+      document.body.appendChild(iframe);
+    });
+
+    // Steal credentials container.
+    const { credentials } = iframe.contentWindow.navigator;
+
+    // No longer fully active.
+    iframe.remove();
+
+    // Try to get credentials while not fully active...
+    await promise_rejects_dom(
+      t,
+      "NotAllowedError",
+      credentials.get({ password: true }),
+      "Expected NotAllowedError for get() on non-fully-active document"
+    );
+
+    // Try to create credentials while not fully active...
+    await promise_rejects_dom(
+      t,
+      "NotAllowedError",
+      credentials.create({ password: true }),
+      "Expected NotAllowedError for create() on non-fully-active document"
+    );
+
+    // Try to prevent silent access while not fully active...
+    await promise_rejects_dom(
+      t,
+      "NotAllowedError",
+      credentials.preventSilentAccess(),
+      "Expected NotAllowedError for preventSilentAccess() on non-fully-active document"
+    );
+  }, "non-fully active document behavior for CredentialsContainer");
+</script>