| <!DOCTYPE html> |
| <script src="/resources/testharness.js"></script> |
| <script src="/resources/testharnessreport.js"></script> |
| <script> |
| assert_implements('PasswordCredential' in window, "`PasswordCredential` is supported."); |
| |
| // Ensure that the check is "same origin", not "same origin-domain". |
| document.domain = window.location.hostname; |
| |
| function create_iframe_test(origin, expectation) { |
| return function (t) { |
| window.addEventListener("load", _ => { |
| var iframe = document.createElement("iframe"); |
| iframe.src = origin + "/credential-management/support/passwordcredential-get.html"; |
| window.addEventListener("message", t.step_func(e => { |
| if (e.source == iframe.contentWindow) { |
| if (expectation == "blocked") { |
| assert_equals(e.data.exception, "NotAllowedError"); |
| } else { |
| if (e.data.exception) |
| assert_not_equals(e.data.exception, "NotAllowedError"); |
| } |
| t.done(); |
| } |
| })); |
| document.body.appendChild(iframe); |
| }); |
| }; |
| } |
| |
| function create_nested_iframe_test(outerOrigin, innerOrigin, expectation) { |
| return function (t) { |
| window.addEventListener("load", _ => { |
| var iframe = document.createElement("iframe"); |
| iframe.src = outerOrigin + "/credential-management/support/echoing-nester.html?origin=" + innerOrigin + "&file=passwordcredential-get.html"; |
| window.addEventListener("message", t.step_func(e => { |
| if (e.source == iframe.contentWindow) { |
| if (expectation == "blocked") { |
| assert_equals(e.data.exception, "NotAllowedError"); |
| } else { |
| assert_equals(e.data.exception, null); |
| } |
| t.done(); |
| } |
| })); |
| document.body.appendChild(iframe); |
| }); |
| }; |
| } |
| |
| const SAME_ORIGIN = window.origin; |
| const CROSS_ORIGIN = "https://{{domains[élève]}}:{{ports[https][0]}}"; |
| |
| async_test( |
| create_iframe_test(SAME_ORIGIN, "allowed"), |
| "Same-origin IFrame does not throw."); |
| async_test( |
| create_iframe_test(CROSS_ORIGIN, "blocked"), |
| "Cross-origin IFrame throws 'NotAllowedError'."); |
| |
| async_test( |
| create_nested_iframe_test(SAME_ORIGIN, SAME_ORIGIN, "allowed"), |
| "Same-origin IFrame in same-origin IFrame does not throw."); |
| |
| async_test( |
| create_nested_iframe_test(SAME_ORIGIN, CROSS_ORIGIN, "blocked"), |
| "Same-origin IFrame in same-origin IFrame throws 'NotAllowedError'."); |
| |
| async_test( |
| create_nested_iframe_test(CROSS_ORIGIN, SAME_ORIGIN, "blocked"), |
| "Cross-origin IFrame in same-origin IFrame throws 'NotAllowedError'."); |
| |
| async_test( |
| create_nested_iframe_test(CROSS_ORIGIN, CROSS_ORIGIN, "blocked"), |
| "Cross-origin IFrame in same-cross-origin throws 'NotAllowedError'."); |
| </script> |