blob: 647284971eb3994437e1157127659134e60f682e [file] [log] [blame]
<!DOCTYPE html>
<html>
<head>
<script src="/js-test-resources/js-test.js"></script>
<script src="/js-test-resources/ui-helper.js"></script>
<script src="/resourceLoadStatistics/resources/util.js"></script>
<script>
description("Tests that a cross-origin iframe from a prevalent domain that is granted storage access and then is detached from the DOM does not have storage access.");
jsTestIsAsync = true;
window.addEventListener("message", receiveMessage, false);
function finishTest() {
// Reset access scope.
internals.settings.setStorageAccessAPIPerPageScopeEnabled(true);
setEnableFeature(false, finishJSTest);
}
const iframeID = "TheIframeThatRequestsStorageAccess";
function askIfIframeStillHasStorageAccess() {
testRunner.getAllStorageAccessEntries(function (arrayOfDomains) {
var passed = true;
for (var i = 0; i < arrayOfDomains.length; ++i) {
if (arrayOfDomains[i] === "localhost") {
passed = false;
break;
}
}
if (passed)
testPassed("There is no storage access entry for localhost after iframe detach.");
else
testFailed("There is still a storage access entry for localhost after iframe detach.");
finishTest();
});
}
function detachIframeAndCheckWhetherItStillHasStorageAccess() {
testRunner.getAllStorageAccessEntries(function (arrayOfDomains) {
var passed = false;
for (var i = 0; i < arrayOfDomains.length; ++i) {
if (arrayOfDomains[i] === "localhost") {
passed = true;
break;
}
}
if (passed)
testPassed("There is a storage access entry for localhost.");
else
testFailed("There is no storage access entry for localhost.");
var theIframe = document.getElementById(iframeID);
theIframe.onload = askIfIframeStillHasStorageAccess;
document.getElementsByTagName('body')[0].appendChild(theIframe);
});
}
function receiveMessage(event) {
if (event.origin === "http://localhost:8000") {
if (event.data.indexOf("PASS") !== -1) {
testPassed(event.data.replace("PASS ", ""));
detachIframeAndCheckWhetherItStillHasStorageAccess();
} else {
testFailed(event.data);
finishTest();
}
} else {
testFailed("Received a message from an unexpected origin: " + event.origin);
finishTest();
}
}
function activateElement(elementId) {
var element = document.getElementById(elementId);
var centerX = element.offsetLeft + element.offsetWidth / 2;
var centerY = element.offsetTop + element.offsetHeight / 2;
UIHelper.activateAt(centerX, centerY).then(
function () { },
function () {
testFailed("Promise rejected.");
finishTest();
}
);
}
function runTest() {
if (document.location.hash !== "#elementActivated") {
document.location.hash = "elementActivated";
activateElement(iframeID);
}
}
const hostUnderTest = "localhost:8000";
const statisticsUrl = "http://" + hostUnderTest;
if (document.location.hash !== "#firstPartyCookieSet" && document.location.hash !== "#elementActivated") {
setEnableFeature(true, function() {
document.location.href = statisticsUrl + "/storageAccess/resources/set-cookie.py?name=firstPartyCookie&value=value#http://127.0.0.1:8000/storageAccess/request-and-grant-access-then-detach-should-not-have-access.html#firstPartyCookieSet";
});
} else {
// Set per-frame access since clearing access on detaching the iframe requires per-frame access.
internals.settings.setStorageAccessAPIPerPageScopeEnabled(false);
testRunner.setStatisticsPrevalentResource(statisticsUrl, true, function() {
if (!testRunner.isStatisticsPrevalentResource(statisticsUrl))
testFailed("Host did not get set as prevalent resource.");
testRunner.setStatisticsHasHadUserInteraction(statisticsUrl, true, function() {
if (!testRunner.isStatisticsHasHadUserInteraction(statisticsUrl))
testFailed("Host did not get logged for user interaction.");
testRunner.statisticsUpdateCookieBlocking(function() {
let iframeElement = document.createElement("iframe");
iframeElement.setAttribute("sandbox", "allow-storage-access-by-user-activation allow-scripts allow-same-origin allow-modals");
iframeElement.onload = runTest;
iframeElement.id = "TheIframeThatRequestsStorageAccess";
iframeElement.src = "http://localhost:8000/storageAccess/resources/request-storage-access-iframe.html#userShouldGrantAccess,userShouldBeConsulted,policyShouldGrantAccess";
document.body.appendChild(iframeElement);
});
});
});
}
</script>
</head>
<body>
</body>
</html>