LayoutTests/http/wpt/fetch/blob-of-opaque-origin-iframe.html - WebKit - Git at Google

 <!doctype html>
 <html>
     <head>
         <meta charset="utf-8">
         <title>Blobs and opaque origins, iframe</title>
         <script src="/resources/testharness.js"></script>
         <script src="/resources/testharnessreport.js"></script>
     </head>
     <body>
 <script>
 function with_iframe(url) {
   return new Promise(function(resolve) {
       var frame = document.createElement('iframe');
       frame.srcdoc = url;
       frame.onload = function() { resolve(frame); };
       document.body.appendChild(frame);
     });
 }

 promise_test(async (t) => {
     const frame = await with_iframe('<'+ 'script>' +
         'onload = () => {' +
         '    const blob = new Blob(["<" + "script>parent.postMessage(self.isSecureContext)</" + "script>"], { type : "text/html" });' +
         '    const frame = document.createElement("iframe");' +
         '    frame.src = URL.createObjectURL(blob);' +
         '    document.body.appendChild(frame);' +
         '    onmessage = (e) => parent.postMessage(e.data);' +
         '}' +
         '</' + 'script>');
     const result = await new Promise(resolve => window.onmessage = (e) => resolve(e.data));
     frame.remove();
     test(() => {
         assert_true(result);
     }, "Check iframe secure context from a blob created in opaque origin but secure context");
 }, "Load opaque origin blobs for iframe");
 </script>
     </body>
 </html>
	<!doctype html>
	<html>
	<head>
	<meta charset="utf-8">
	<title>Blobs and opaque origins, iframe</title>
	<script src="/resources/testharness.js"></script>
	<script src="/resources/testharnessreport.js"></script>
	</head>
	<body>
	<script>
	function with_iframe(url) {
	return new Promise(function(resolve) {
	var frame = document.createElement('iframe');
	frame.srcdoc = url;
	frame.onload = function() { resolve(frame); };
	document.body.appendChild(frame);
	});
	}

	promise_test(async (t) => {
	const frame = await with_iframe('<'+ 'script>' +
	'onload = () => {' +
	' const blob = new Blob(["<" + "script>parent.postMessage(self.isSecureContext)</" + "script>"], { type : "text/html" });' +
	' const frame = document.createElement("iframe");' +
	' frame.src = URL.createObjectURL(blob);' +
	' document.body.appendChild(frame);' +
	' onmessage = (e) => parent.postMessage(e.data);' +
	'}' +
	'</' + 'script>');
	const result = await new Promise(resolve => window.onmessage = (e) => resolve(e.data));
	frame.remove();
	test(() => {
	assert_true(result);
	}, "Check iframe secure context from a blob created in opaque origin but secure context");
	}, "Load opaque origin blobs for iframe");
	</script>
	</body>
	</html>