blob: cb585ffc2db5b2e2c37ee627c805ad6a67d4e8f5 [file] [log] [blame]
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<script src="/js-test-resources/js-test.js"></script>
<script src="../resources/util.js"></script>
</head>
<body>
<script>
description("Tests that app-bound domains are exempt from third-party cookie blocking between themselves.");
jsTestIsAsync = true;
const firstPartyOrigin = "http://127.0.0.1:8000";
const thirdPartyOrigin = "http://localhost:8000";
const thirdPartyResourceUrl = thirdPartyOrigin + "/resourceLoadStatistics/resources";
const firstPartyCookieName = "firstPartyCookie";
const subPathToSetFirstPartyCookie = "/set-cookie.php?name=" + firstPartyCookieName + "&value=value";
const partitionedCookieName = "partitionedCookie";
const subPathToSetPartitionedCookie = "/set-cookie.php?name=" + partitionedCookieName + "&value=value";
const returnUrl = firstPartyOrigin + "/resourceLoadStatistics/exemptDomains/app-bound-domains-exempt-from-cookie-blocking-between-each-other.html";
const subPathToGetCookies = "/get-cookies.php?name1=" + firstPartyCookieName + "&name2=" + partitionedCookieName;
const redirectChainUrl = thirdPartyResourceUrl + "/redirect.php?redirectTo=" + thirdPartyResourceUrl + subPathToGetCookies;
function openIframe(url, onLoadHandler) {
const element = document.createElement("iframe");
element.src = url;
if (onLoadHandler) {
element.onload = onLoadHandler;
}
document.body.appendChild(element);
}
function runTest() {
switch (document.location.hash) {
case "#step1":
// Set first-party cookie for localhost.
document.location.href = thirdPartyResourceUrl + subPathToSetFirstPartyCookie + "#" + returnUrl + "#step2";
break;
case "#step2":
// Check that the cookie doesn't get sent for localhost under 127.0.0.1 since only localhost is configured as an app-bound domain.
document.location.hash = "step3";
testRunner.setAppBoundDomains([ thirdPartyOrigin ], function() {
openIframe(thirdPartyResourceUrl + subPathToGetCookies + "&message=Should not receive cookie.", function() {
runTest();
});
});
break;
case "#step3":
// Check that the cookie doesn't get sent for localhost under 127.0.0.1 since only 127.0.0.1 is configured as an app-bound domain.
document.location.hash = "step4";
testRunner.setAppBoundDomains([ firstPartyOrigin ], function() {
openIframe(thirdPartyResourceUrl + subPathToGetCookies + "&message=Should not receive cookie.", function() {
runTest();
});
});
break;
case "#step4":
// Check that the cookie gets sent for localhost under 127.0.0.1 since they are now both configured as app-bound domains.
document.location.hash = "step5";
testRunner.setAppBoundDomains([ firstPartyOrigin, thirdPartyOrigin ], function() {
openIframe(thirdPartyResourceUrl + subPathToGetCookies + "&message=Should receive cookie.", runTest);
});
break;
case "#step5":
testRunner.setStatisticsShouldBlockThirdPartyCookies(false, function() {
setEnableFeature(false, finishJSTest);
});
break;
}
}
if (document.location.hash === "") {
setEnableFeature(true, function () {
testRunner.dumpChildFramesAsText();
document.location.hash = "step1";
runTest();
});
} else {
runTest();
}
</script>
</body>
</html>