| <!DOCTYPE html> |
| <!-- |
| This test verifies that Fetch Metadata headers are not exposed to Service |
| Workers via the request's `headers` accessor. |
| --> |
| <meta charset="utf-8"/> |
| <script src=/resources/testharness.js></script> |
| <script src=/resources/testharnessreport.js></script> |
| <script src=/fetch/metadata/resources/helper.js></script> |
| <script src=/service-workers/service-worker/resources/test-helpers.sub.js></script> |
| <script src=/common/utils.js></script> |
| <script> |
| const SCOPE = 'resources/serviceworker-accessors-frame.html'; |
| const SCRIPT = 'resources/serviceworker-accessors.sw.js'; |
| |
| function assert_headers_not_seen_in_service_worker(frame) { |
| return new Promise((resolve, reject) => { |
| frame.contentWindow.fetch(SCOPE, {mode:'no-cors'}); |
| frame.contentWindow.navigator.serviceWorker.addEventListener('message', e => { |
| assert_header_equals(e.data, { |
| "dest": null, |
| "mode": null, |
| "site": null, |
| "user": null |
| }); |
| resolve(); |
| }); |
| }); |
| } |
| |
| promise_test(async function(t) { |
| const reg = await service_worker_unregister_and_register(t, SCRIPT, SCOPE); |
| |
| t.add_cleanup(async () => { |
| if (reg) |
| await reg.unregister(); |
| }); |
| |
| await wait_for_state(t, reg.installing, 'activated'); |
| |
| const frame = await with_iframe(SCOPE); |
| t.add_cleanup(async () => { |
| if (frame) |
| frame.remove(); |
| }); |
| |
| // Trigger a fetch that will go through the service worker, and validate |
| // the visible headers. |
| await assert_headers_not_seen_in_service_worker(frame); |
| }, 'Sec-Fetch headers in Service Worker fetch handler.'); |
| </script> |