test_notification_crossorigin_iframe.html

Enable keyboard shortcuts

<!DOCTYPE HTML>

<html>

<!--

Tests that Notification permissions are denied in cross-origin iframes.

https://bugzilla.mozilla.org/show_bug.cgi?id=1560741

-->

<head>

  <title>Notification permission in cross-origin iframes</title>

  <script src="/tests/SimpleTest/SimpleTest.js"></script>

  <script src="GleanTest.js"></script>

  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />

</head>

<body>

  <p id="display"></p>

  <div id="content" style="display: none">

  </div>

  <pre id="test">

  <script class="testbody" type="text/javascript">

  SimpleTest.waitForExplicitFinish();

  const kBlankURL = "https://example.org/tests/dom/notification/test/mochitest/blank.html";

  (async function runTest() {

    let iframe = document.createElement("iframe");

    iframe.src = kBlankURL;

    document.body.appendChild(iframe);

    await new Promise(resolve => {

      iframe.onload = resolve;

});

    await SpecialPowers.spawn(iframe, [], async () => {

      await SpecialPowers.pushPermissions([

          type: "desktop-notification",

          allow: SpecialPowers.Services.perms.ALLOW_ACTION,

          context: content.document,

},

]);

});

    await GleanTest.testResetFOG();

    let checkRequest = async (expectedResponse, msg) => {

      let response = await this.content.Notification.requestPermission();

      Assert.equal(response, expectedResponse, msg);

};

    await SpecialPowers.spawn(iframe,

                              ["denied", "Denied permission in cross-origin iframe"],

                              checkRequest);

    const requestCount = await GleanTest.webNotification.requestPermissionOrigin.third_party.testGetValue();

    is(requestCount, 1, "Notification third party request permission counter should increment once.");

    let checkPermission = async (expectedPermission, msg) => {

      let permission = this.content.Notification.permission;

      Assert.equal(permission, expectedPermission, msg);

};

    await SpecialPowers.spawn(iframe,

                              ["denied", "Permission is denied in cross-origin iframe"],

                              checkPermission);

    const permissionCount = await GleanTest.webNotification.permissionOrigin.third_party.testGetValue();

    is(permissionCount, 1, "Notification third party permission read counter should increment once.");

    let checkConstruct = async (expectedShown, msg) => {

      const shown = await new Promise(r => {

        const n = new this.content.Notification("cross origin");

        n.onshow = () => r(true);

        n.onerror = () => r(false);

});

      Assert.equal(shown, expectedShown, msg);

};

    await SpecialPowers.spawn(iframe,

                              [false, "Notification constructor should error in cross-origin iframe"],

                              checkConstruct);

    const showCount = await GleanTest.webNotification.showOrigin.third_party.testGetValue();

    is(showCount, 1, "Notification third party show attempt counter should increment once.");

    await SpecialPowers.pushPrefEnv({"set": [["dom.webnotifications.allowcrossoriginiframe", true]]});

    await SpecialPowers.spawn(iframe,

                              ["granted", "Granted permission in cross-origin iframe with pref set"],

                              checkRequest);

    await SpecialPowers.spawn(iframe,

                              ["granted", "Permission is granted in cross-origin iframe with pref set"],

                              checkPermission);

    SimpleTest.finish();

  })();

  </script>

  </pre>

</body>

</html>