File: coop-sandbox.https.html

package info (click to toggle)
thunderbird 1%3A144.0.1-1
  • links: PTS, VCS
  • area: main
  • in suites: experimental
  • size: 4,725,312 kB
  • sloc: cpp: 7,869,225; javascript: 5,974,276; ansic: 3,946,747; python: 1,421,062; xml: 654,642; asm: 474,045; java: 183,117; sh: 110,973; makefile: 20,398; perl: 14,362; objc: 13,086; yacc: 4,583; pascal: 3,448; lex: 1,720; ruby: 999; exp: 762; sql: 731; awk: 580; php: 436; lisp: 430; sed: 69; csh: 10
file content (59 lines) | stat: -rw-r--r-- 2,456 bytes parent folder | download | duplicates (25) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
 
<!doctype html>
<title>Sandboxed Cross-Origin-Opener-Policy popup should result in a network error</title>
<script src=/resources/testharness.js></script>
<script src=/resources/testharnessreport.js></script>
<script src="/common/utils.js"></script> <!-- Use token() to allow running tests in parallel -->
<div id=log>
<script>
[
  "allow-popups allow-scripts allow-same-origin",
  "allow-popups allow-scripts",
].forEach(sandboxValue => {
  async_test(t => {
    const frame = document.createElement("iframe");
    const channel = new BroadcastChannel(token());
    channel.onmessage = t.unreached_func("A COOP popup was created from a sandboxed frame");
    t.add_cleanup(() => frame.remove());
    frame.sandbox = sandboxValue;
    frame.srcdoc = `<script>
  const popup = window.open("resources/coop-coep.py?coop=same-origin&coep=&channel=${channel.name}");
  <\/script>`;
    document.body.append(frame);
    addEventListener('load', t.step_func(() => {
      // This uses a timeout to give some time for incorrect implementations to broadcast. A
      // theoretical testdriver.js API for browsing contexts could be used to speed this up.
      t.step_timeout(() => {
        t.done()
      }, 1500);
    }));
  }, `<iframe sandbox="${sandboxValue}"> ${document.title}`);
});

// Verify that the popup does not have sandboxing flags set
async_test(t => {
  const frame = document.createElement("iframe");
  const channel = new BroadcastChannel(token());
  channel.onmessage = t.step_func_done();
  t.add_cleanup(() => frame.remove());
  frame.sandbox = "allow-popups allow-scripts allow-popups-to-escape-sandbox";
  frame.srcdoc = `<script>
window.open("resources/coop-coep.py?coop=same-origin&coep=&channel=${channel.name}");
<\/script>`;
  document.body.append(frame);
}, `<iframe sandbox="allow-popups allow-scripts allow-popups-to-escape-sandbox"> ${document.title}`);

async_test(t => {
  const frame = document.createElement("iframe");
  const channel = new BroadcastChannel(token());
  frame.sandbox = "allow-scripts allow-same-origin";
  frame.name = `iframe-${channel.name}`;
  frame.src = `resources/coop-coep.py?coop=same-origin&coep=&channel=${channel.name}`;
  channel.onmessage = t.step_func( event => {
    const payload = event.data;
    assert_equals(payload.name, frame.name, "name");
    t.done();
  });
  t.add_cleanup(() => frame.remove());
  document.body.append(frame);
}, `Iframe with sandbox and COOP must load.`);
</script>