| <!DOCTYPE html> |
| <script src="/resources/testharness.js"></script> |
| <script src="/resources/testharnessreport.js"></script> |
| <body> |
| <script> |
| async_test(t => { |
| var i = document.createElement('img'); |
| i.onerror = t.step_func_done(); |
| i.onload = t.unreached_func("'onload' should not fire."); |
| i.src = "http://user:pass@{{domains[www]}}:{{ports[http][0]}}/images/red.png"; |
| }, "Embedded credentials are treated as network errors."); |
| |
| async_test(t => { |
| var i = document.createElement('iframe'); |
| i.src = "./support/embedded-credential-window.sub.html"; |
| i.onload = t.step_func(_ => { |
| var c = new MessageChannel(); |
| c.port1.onmessage = t.step_func_done(e => { |
| assert_equals(e.data, "Error", "The image should not load."); |
| i.remove(); |
| }); |
| i.contentWindow.postMessage("Hi!", "*", [c.port2]); |
| }); |
| document.body.appendChild(i); |
| }, "Embedded credentials are treated as network errors in frames."); |
| |
| async_test(t => { |
| var w = window.open("./support/embedded-credential-window.sub.html"); |
| window.addEventListener("message", t.step_func(message => { |
| if (message.source != w) |
| return; |
| |
| var c = new MessageChannel(); |
| c.port1.onmessage = t.step_func_done(e => { |
| w.close(); |
| assert_equals(e.data, "Error", "The image should not load."); |
| }); |
| w.postMessage("absolute", "*", [c.port2]); |
| })); |
| }, "Embedded credentials are treated as network errors in new windows."); |
| |
| async_test(t => { |
| var w = window.open(); |
| w.location.href = "http://user:pass@{{domains[www]}}:{{ports[http][0]}}/fetch/security/support/embedded-credential-window.sub.html"; |
| window.addEventListener("message", t.step_func(message => { |
| if (message.source != w) |
| return; |
| |
| var c = new MessageChannel(); |
| c.port1.onmessage = t.step_func_done(e => { |
| w.close(); |
| assert_equals(e.data, "Load", "The image should load."); |
| }); |
| w.postMessage("relative", "*", [c.port2]); |
| })); |
| }, "Embedded credentials matching the top-level are not treated as network errors for relative URLs."); |
| |
| async_test(t => { |
| var w = window.open(); |
| w.location.href = "http://user:pass@{{domains[www]}}:{{ports[http][0]}}/fetch/security/support/embedded-credential-window.sub.html"; |
| window.addEventListener("message", t.step_func(message => { |
| if (message.source != w) |
| return; |
| |
| var c = new MessageChannel(); |
| c.port1.onmessage = t.step_func_done(e => { |
| w.close(); |
| assert_equals(e.data, "Load", "The image should load."); |
| }); |
| w.postMessage("same-origin-matching", "*", [c.port2]); |
| })); |
| }, "Embedded credentials matching the top-level are not treated as network errors for same-origin URLs."); |
| |
| async_test(t => { |
| var w = window.open(); |
| w.location.href = "http://user:pass@{{domains[www]}}:{{ports[http][0]}}/fetch/security/support/embedded-credential-window.sub.html"; |
| window.addEventListener("message", t.step_func(message => { |
| if (message.source != w) |
| return; |
| |
| var c = new MessageChannel(); |
| c.port1.onmessage = t.step_func_done(e => { |
| w.close(); |
| assert_equals(e.data, "Error", "The image should load."); |
| }); |
| w.postMessage("cross-origin-matching", "*", [c.port2]); |
| })); |
| }, "Embedded credentials matching the top-level are treated as network errors for cross-origin URLs."); |
| </script> |