location-properties-smoke-test.window.js

mozilla-central/testing/web-platform/tests/html/browsers/origin/cross-origin-objects/location-properties-smoke-test.window.js (file symbol)

Enable keyboard shortcuts

Source code

File a bug in Core :: DOM: Core & HTML

Revision control

Copy as Markdown

Other Tools

Test Info:

This WPT test may be referenced by the following Test IDs:
- /html/browsers/origin/cross-origin-objects/location-properties-smoke-test.window.html?assign - WPT Dashboard Interop Dashboard
- /html/browsers/origin/cross-origin-objects/location-properties-smoke-test.window.html?customproperty - WPT Dashboard Interop Dashboard
- /html/browsers/origin/cross-origin-objects/location-properties-smoke-test.window.html?hash - WPT Dashboard Interop Dashboard
- /html/browsers/origin/cross-origin-objects/location-properties-smoke-test.window.html?host - WPT Dashboard Interop Dashboard
- /html/browsers/origin/cross-origin-objects/location-properties-smoke-test.window.html?hostname - WPT Dashboard Interop Dashboard
- /html/browsers/origin/cross-origin-objects/location-properties-smoke-test.window.html?pathname - WPT Dashboard Interop Dashboard
- /html/browsers/origin/cross-origin-objects/location-properties-smoke-test.window.html?port - WPT Dashboard Interop Dashboard
- /html/browsers/origin/cross-origin-objects/location-properties-smoke-test.window.html?protocol - WPT Dashboard Interop Dashboard
- /html/browsers/origin/cross-origin-objects/location-properties-smoke-test.window.html?reload - WPT Dashboard Interop Dashboard
- /html/browsers/origin/cross-origin-objects/location-properties-smoke-test.window.html?search - WPT Dashboard Interop Dashboard
- /html/browsers/origin/cross-origin-objects/location-properties-smoke-test.window.html?toString - WPT Dashboard Interop Dashboard
- /html/browsers/origin/cross-origin-objects/location-properties-smoke-test.window.html?valueOf - WPT Dashboard Interop Dashboard

// META: variant=?assign

// META: variant=?customproperty

// META: variant=?hash

// META: variant=?host

// META: variant=?hostname

// META: variant=?pathname

// META: variant=?port

// META: variant=?protocol

// META: variant=?reload

// META: variant=?search

// META: variant=?toString

// META: variant=?valueOf

// META: script=/common/get-host-info.sub.js

// META: script=/common/utils.js

// META: script=/common/dispatcher/dispatcher.js

const property = window.location.search.substr(1);

promise_test(async t => {

  const iframeContext = new RemoteContext(token());

  const iframe = document.createElement("iframe");

  iframe.src = get_host_info().REMOTE_ORIGIN +

    "/common/dispatcher/remote-executor.html?uuid=" + iframeContext.context_id;

  document.body.appendChild(iframe);

  // Wait for the cross-origin document to be loaded inside the iframe.

  assert_equals(

    await iframeContext.execute_script(() => "Document loaded") ,

    "Document loaded"

);

  assert_throws_dom("SecurityError", () => {

    const unused = iframe.contentWindow.location[property];

  }, "Cross origin get of a location property should throw a security error");

  assert_throws_dom("SecurityError", () => {

    iframe.contentWindow.location[property] = "Random string";

  }, "Cross origin set of a location property should throw a security error");

  // Verify that the property was indeed not modified.

  assert_not_equals(

    await iframeContext.execute_script(property => location[property],

                                       [property]),

    "Random string",

);

  assert_throws_dom("SecurityError", () => {

    const unused = Object.getOwnPropertyDescriptor(

      iframe.contentWindow.location, property);

  }, "Cross origin get of descriptors should throw a security error");

}, `Verifying that cross-origin access of '${property}' is restricted`);