1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
|
<!DOCTYPE html>
<title>Test default permission policy features gating ()</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/common/utils.js"></script>
<script src="/common/dispatcher/dispatcher.js"></script>
<script src="resources/utils.js"></script>
<script src="/common/get-host-info.sub.js"></script>
<script src="resources/default-enabled-features-helper.js"></script>
<body>
<script>
// Note: Shared storage will refuse to run selectURL() on this page because its
// permissions policy is disabled. Therefore, we can only test the FLEDGE case.
promise_test(async(t) => {
await runDefaultEnabledFeaturesTest(t, false, get_host_info().ORIGIN);
}, 'Same-origin fenced frame does not load when feature policies are none');
promise_test(async(t) => {
await runDefaultEnabledFeaturesTest(t, false, get_host_info().REMOTE_ORIGIN);
}, 'Cross-origin fenced frame does not load when feature policies are none');
promise_test(async(t) => {
const fencedframe = await attachFencedFrameContext({
origin: get_host_info().REMOTE_ORIGIN});
await fencedframe.execute(async () => {
assert_false(
document.featurePolicy.allowsFeature('shared-storage'),
"Shared storage should be disallowed in the fenced frame.");
assert_false(
document.featurePolicy.allowsFeature('private-aggregation'),
"Private aggregation should be disallowed in the fenced frame.");
assert_false(
document.featurePolicy.allowsFeature('attribution-reporting'),
"Attribution reporting should be disallowed in the fenced frame.");
assert_false(
document.featurePolicy.allowsFeature('sync-xhr'),
"USB access should be disallowed in the fenced frame.");
}, []);
}, 'Flexible permissions fenced frames can have permissions restricted from ' +
'parent.');
</script>
</body>
</html>
|
