LayoutTests/http/tests/cookies/same-site/fetch-in-cross-origin-page.html - WebKit - Git at Google

 <!DOCTYPE html>
 <html>
 <head>
 <script src="/js-test-resources/js-test.js"></script>
 <script src="../resources/cookie-utilities.js"></script>
 <body>
 <script>
 window.jsTestIsAsync = true;

 description("Tests that Same-Site cookies for 127.0.0.1 are not sent with a request initiated from a page with a different origin.");

 async function runTest()
 {
     if (document.location.hostname === "127.0.0.1") {
         await resetCookies();
         await setCookie("strict", "1", {"SameSite": "Strict", "Max-Age": 100, "path": "/"});
         await setCookie("implicit-strict", "1", {"SameSite": null, "Max-Age": 100, "path": "/"});
         await setCookie("strict-because-invalid-SameSite-value", "1", {"SameSite": "invalid", "Max-Age": 100, "path": "/"});
         await setCookie("lax", "1", {"SameSite": "Lax", "Max-Age": 100, "path": "/"});
         window.location.hostname = "localhost";
     } else {
         // localhost
         setBaseURLWhenFetchingCookies("http://127.0.0.1:8000");

         debug("Cookies sent with HTTP request:");
         await shouldNotHaveCookie("strict");
         await shouldNotHaveCookie("implicit-strict");
         await shouldNotHaveCookie("strict-because-invalid-SameSite-value");
         await shouldNotHaveCookie("lax");

         debug("<br>Cookies visible in DOM:");
         shouldNotHaveDOMCookie("strict");
         shouldNotHaveDOMCookie("implicit-strict");
         shouldNotHaveDOMCookie("strict-because-invalid-SameSite-value");
         shouldNotHaveDOMCookie("lax");

         await resetCookies();
         finishJSTest();
     }
 }

 runTest();
 </script>
 </body>
 </html>
	<!DOCTYPE html>
	<html>
	<head>
	<script src="/js-test-resources/js-test.js"></script>
	<script src="../resources/cookie-utilities.js"></script>
	<body>
	<script>
	window.jsTestIsAsync = true;

	description("Tests that Same-Site cookies for 127.0.0.1 are not sent with a request initiated from a page with a different origin.");

	async function runTest()
	{
	if (document.location.hostname === "127.0.0.1") {
	await resetCookies();
	await setCookie("strict", "1", {"SameSite": "Strict", "Max-Age": 100, "path": "/"});
	await setCookie("implicit-strict", "1", {"SameSite": null, "Max-Age": 100, "path": "/"});
	await setCookie("strict-because-invalid-SameSite-value", "1", {"SameSite": "invalid", "Max-Age": 100, "path": "/"});
	await setCookie("lax", "1", {"SameSite": "Lax", "Max-Age": 100, "path": "/"});
	window.location.hostname = "localhost";
	} else {
	// localhost
	setBaseURLWhenFetchingCookies("http://127.0.0.1:8000");

	debug("Cookies sent with HTTP request:");
	await shouldNotHaveCookie("strict");
	await shouldNotHaveCookie("implicit-strict");
	await shouldNotHaveCookie("strict-because-invalid-SameSite-value");
	await shouldNotHaveCookie("lax");

	debug("<br>Cookies visible in DOM:");
	shouldNotHaveDOMCookie("strict");
	shouldNotHaveDOMCookie("implicit-strict");
	shouldNotHaveDOMCookie("strict-because-invalid-SameSite-value");
	shouldNotHaveDOMCookie("lax");

	await resetCookies();
	finishJSTest();
	}
	}

	runTest();
	</script>
	</body>
	</html>